Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
File:                     MCbiQi-nIkVOYIMX0hhitmqjfTM.mft (raw, json)
Hash identifier:          fc0VoAgsGAN11IUy07Acm3LwsctOLDVexgYe74zRpqM=
Subject key identifier:   27:E5:AB:03:C6:EC:39:B4:13:C3:CC:79:2E:86:FC:B3:B0:60:6C:BB
Authority key identifier: 30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33
Certificate issuer:       /CN=3026e2422fa722454e608317d21862b66aa37d33
Certificate serial:       019D329A59564960DB01B14C01E3160580DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
Manifest number:          17DC
Signing time:             Sat 28 Mar 2026 04:01:09 +0000
Manifest this update:     Sat 28 Mar 2026 04:01:09 +0000
Manifest next update:     Sun 29 Mar 2026 04:01:09 +0000
Files and hashes:         1: MCbiQi-nIkVOYIMX0hhitmqjfTM.crl (hash: hheC4c/Nq39s1bswBcwyQqqSw6qI5T8eHKiAAUSh+1k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:32:9a:59:56:49:60:db:01:b1:4c:01:e3:16:05:80:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3026e2422fa722454e608317d21862b66aa37d33
        Validity
            Not Before: Mar 28 04:01:09 2026 GMT
            Not After : Mar 29 04:01:09 2026 GMT
        Subject: CN=27e5ab03c6ec39b413c3cc792e86fcb3b0606cbb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:c9:b8:8a:80:37:2e:98:a9:2b:ec:3b:a7:4a:
                    27:9f:6c:10:b1:27:e7:76:49:e6:4e:ca:5e:d3:d6:
                    d4:cd:34:69:30:c0:d9:99:27:0a:a8:10:48:5c:1c:
                    d1:28:ac:ab:03:8e:07:f2:a3:16:ee:59:65:46:ae:
                    54:21:4d:ce:ca:22:2c:b6:fa:f4:14:97:41:4f:69:
                    3c:88:b6:e7:41:84:b5:97:98:c9:b7:8d:ec:b2:82:
                    3b:20:d6:ab:dc:1a:e3:6e:e9:01:28:ef:e1:97:0c:
                    d8:c2:1f:33:9c:bc:0c:0a:96:48:c4:aa:90:94:4b:
                    47:98:43:ea:9e:e2:e0:7d:94:7d:cc:f2:96:66:cf:
                    64:6b:b1:1f:1b:02:61:9d:c9:ed:15:8e:24:c0:6a:
                    bc:5a:3e:9e:1e:3e:c3:8e:a3:e1:e7:91:90:da:eb:
                    de:7d:8d:26:b4:73:80:92:c6:91:3b:4c:e7:0a:6d:
                    2f:b2:53:b8:02:81:a5:5c:d7:43:22:65:ef:80:c8:
                    5e:d2:5b:5f:0a:8a:be:7d:38:c7:9c:a1:33:46:f1:
                    c8:22:54:8b:45:fd:d2:dc:11:ab:c3:63:ad:54:a7:
                    00:ad:77:c9:a6:c1:d3:c3:06:ae:8b:c6:54:48:d9:
                    17:14:a0:b3:c9:89:bf:df:77:fb:62:ef:3d:0c:d2:
                    be:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:E5:AB:03:C6:EC:39:B4:13:C3:CC:79:2E:86:FC:B3:B0:60:6C:BB
            X509v3 Authority Key Identifier:
                keyid:30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:46:73:25:86:9d:f7:02:63:34:4e:ea:64:65:58:4e:f2:f3:
         24:8f:5c:27:a0:9b:b9:03:18:fa:b7:52:8c:61:2a:d3:a5:5c:
         0e:19:0d:76:a9:f6:73:73:36:d8:42:ce:0b:d3:54:18:0d:a7:
         37:b5:99:2f:bc:59:d6:81:bc:88:0b:38:0c:3f:47:51:fd:71:
         96:a9:38:b5:e4:03:99:08:e1:a5:36:c3:cf:79:a3:08:a2:e6:
         58:29:0d:fc:43:63:80:08:4c:f1:b9:87:66:5f:4d:ed:d5:7a:
         46:7e:16:fe:ee:a5:40:1a:9e:db:47:1a:55:0f:e2:87:fe:c7:
         01:04:f8:bd:a5:48:f1:4d:1a:56:31:3b:e7:7e:44:2f:cb:11:
         1b:5a:78:d1:01:b4:da:f0:df:4c:4c:3e:db:d4:b2:85:c2:b9:
         1e:53:a0:86:7c:b5:6b:54:2f:77:4c:47:de:85:70:0c:40:f7:
         00:29:77:1b:71:c4:5b:87:5a:ad:15:8d:6a:b3:2d:78:e8:bb:
         36:87:01:32:bb:51:02:85:6d:20:a1:c0:4b:00:e4:39:ff:1f:
         a8:cb:f9:64:e3:72:a4:83:81:84:3b:b8:8e:60:46:6d:eb:93:
         50:d5:64:52:09:e4:5d:80:c1:ae:c3:da:2d:ca:2a:04:44:91:
         3e:3a:c2:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ymllWSWDbAbFMAeMWBYDdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjZlMjQyMmZhNzIyNDU0ZTYwODMxN2QyMTg2MmI2NmFh
MzdkMzMwHhcNMjYwMzI4MDQwMTA5WhcNMjYwMzI5MDQwMTA5WjAzMTEwLwYDVQQD
EygyN2U1YWIwM2M2ZWMzOWI0MTNjM2NjNzkyZTg2ZmNiM2IwNjA2Y2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMm4ioA3LpipK+w7p0onn2wQsSfn
dknmTspe09bUzTRpMMDZmScKqBBIXBzRKKyrA44H8qMW7lllRq5UIU3OyiIstvr0
FJdBT2k8iLbnQYS1l5jJt43ssoI7INar3BrjbukBKO/hlwzYwh8znLwMCpZIxKqQ
lEtHmEPqnuLgfZR9zPKWZs9ka7EfGwJhncntFY4kwGq8Wj6eHj7DjqPh55GQ2uve
fY0mtHOAksaRO0znCm0vslO4AoGlXNdDImXvgMhe0ltfCoq+fTjHnKEzRvHIIlSL
Rf3S3BGrw2OtVKcArXfJpsHTwwaui8ZUSNkXFKCzyYm/33f7Yu89DNK+PwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCflqwPG7Dm0E8PMeS6G/LOwYGy7MB8GA1UdIwQY
MBaAFDAm4kIvpyJFTmCDF9IYYrZqo30zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2Ut
YTFlZTQ0MGZmZTNlLzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2UtYTFlZTQ0MGZmZTNl
LzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT0ZzJYad
9wJjNE7qZGVYTvLzJI9cJ6CbuQMY+rdSjGEq06VcDhkNdqn2c3M22ELOC9NUGA2n
N7WZL7xZ1oG8iAs4DD9HUf1xlqk4teQDmQjhpTbDz3mjCKLmWCkN/ENjgAhM8bmH
Zl9N7dV6Rn4W/u6lQBqe20caVQ/ih/7HAQT4vaVI8U0aVjE7535EL8sRG1p40QG0
2vDfTEw+29SyhcK5HlOghny1a1Qvd0xH3oVwDED3ACl3G3HEW4darRWNarMteOi7
NocBMrtRAoVtIKHASwDkOf8fqMv5ZONypIOBhDu4jmBGbeuTUNVkUgnkXYDBrsPa
LcoqBESRPjrCrA==
-----END CERTIFICATE-----