Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/6e02a9-08ad-4743-b538-f3029c39b66e/1/u-BbYYon9sEO-Zm8ltmqDL0UraU.mft
File:                     u-BbYYon9sEO-Zm8ltmqDL0UraU.mft (raw, json)
Hash identifier:          aYDS7W0MopEXDjLHNsbHm6eaBrtyop5aTwttekOAzEc=
Subject key identifier:   A4:A2:07:A7:F0:F4:BE:FD:A3:72:A2:44:17:AF:7E:32:A4:FA:78:C3
Authority key identifier: BB:E0:5B:61:8A:27:F6:C1:0E:F9:99:BC:96:D9:AA:0C:BD:14:AD:A5
Certificate issuer:       /CN=bbe05b618a27f6c10ef999bc96d9aa0cbd14ada5
Certificate serial:       019D27DF4EAF074CE9F0A4FEA4623CDFA3C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u-BbYYon9sEO-Zm8ltmqDL0UraU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/6e02a9-08ad-4743-b538-f3029c39b66e/1/u-BbYYon9sEO-Zm8ltmqDL0UraU.mft
Manifest number:          0408
Signing time:             Thu 26 Mar 2026 02:00:39 +0000
Manifest this update:     Thu 26 Mar 2026 02:00:39 +0000
Manifest next update:     Fri 27 Mar 2026 02:00:39 +0000
Files and hashes:         1: u-BbYYon9sEO-Zm8ltmqDL0UraU.crl (hash: a6rdEBRqHjO9klArw06dWJf1TaDOFDskweh5Xg7/mG0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/6e02a9-08ad-4743-b538-f3029c39b66e/1/u-BbYYon9sEO-Zm8ltmqDL0UraU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/6e02a9-08ad-4743-b538-f3029c39b66e/1/u-BbYYon9sEO-Zm8ltmqDL0UraU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/u-BbYYon9sEO-Zm8ltmqDL0UraU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:df:4e:af:07:4c:e9:f0:a4:fe:a4:62:3c:df:a3:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bbe05b618a27f6c10ef999bc96d9aa0cbd14ada5
        Validity
            Not Before: Mar 26 02:00:39 2026 GMT
            Not After : Mar 27 02:00:39 2026 GMT
        Subject: CN=a4a207a7f0f4befda372a24417af7e32a4fa78c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:ff:40:5e:1b:d1:f6:a5:ae:c7:84:6f:d5:60:
                    b6:73:a0:c0:22:bf:6a:f8:de:f4:d7:3c:2f:01:01:
                    ea:d1:8a:04:7e:62:12:25:e0:61:af:d8:17:d7:41:
                    15:69:b3:36:4c:91:99:5f:cf:6b:6c:79:b5:c9:a4:
                    9f:dc:d5:45:37:9c:31:09:7d:09:5f:7e:cf:38:4d:
                    91:b0:24:21:74:16:49:f5:b0:db:97:5f:18:7a:14:
                    74:4b:99:16:61:00:ba:2e:30:8b:dc:01:98:d3:c7:
                    d6:69:2d:07:2e:45:6d:07:a8:2d:96:28:1c:20:1d:
                    0a:3f:a0:06:3c:fe:a8:23:f3:97:39:45:fc:b1:79:
                    82:cd:39:26:8a:fb:36:f7:e1:bf:d2:0d:05:21:88:
                    fe:85:8e:ea:ce:66:4d:03:7f:0d:b5:ac:b2:f0:1e:
                    c5:fa:19:11:e8:47:aa:f9:e1:2b:83:2e:ed:7d:88:
                    e8:11:d2:fc:ac:2d:74:2a:1e:4b:cc:32:b8:fd:d1:
                    86:d9:4a:2d:1a:05:54:be:cd:9b:e9:4c:37:fb:36:
                    4e:cf:81:ad:27:65:e6:59:1c:31:fb:1a:1a:de:3c:
                    03:cd:17:a5:44:c3:e0:20:69:bd:fd:92:a8:5a:02:
                    df:cd:5f:1d:42:ef:7e:46:a3:37:d5:ba:4c:11:15:
                    b6:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:A2:07:A7:F0:F4:BE:FD:A3:72:A2:44:17:AF:7E:32:A4:FA:78:C3
            X509v3 Authority Key Identifier:
                keyid:BB:E0:5B:61:8A:27:F6:C1:0E:F9:99:BC:96:D9:AA:0C:BD:14:AD:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u-BbYYon9sEO-Zm8ltmqDL0UraU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/6e02a9-08ad-4743-b538-f3029c39b66e/1/u-BbYYon9sEO-Zm8ltmqDL0UraU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/6e02a9-08ad-4743-b538-f3029c39b66e/1/u-BbYYon9sEO-Zm8ltmqDL0UraU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:03:0c:2e:53:9b:ff:7e:29:c1:c5:c7:6e:a4:53:50:05:ec:
         fa:36:ec:83:f7:36:9b:66:ec:66:47:49:77:ff:6b:71:44:6d:
         d4:0d:46:26:fb:e2:1c:3c:1d:dc:54:bf:9b:ea:4b:1c:05:12:
         14:84:4c:26:0b:9d:e6:c8:76:c0:47:56:6c:c7:27:36:66:cc:
         37:cb:5b:ae:2f:88:da:c8:73:4b:7b:bf:2f:f7:f3:2c:b5:5b:
         41:95:2b:3d:c5:45:9b:f6:0a:b3:e8:b9:7c:e7:92:e6:9b:b9:
         be:58:e6:6b:72:74:05:f5:a0:f7:94:ce:7b:c5:59:47:e8:bc:
         c0:ed:9f:d1:d1:7f:b0:5a:06:1b:1a:8e:84:16:fb:b4:db:d0:
         ad:a0:da:6c:d2:d3:50:a2:b1:4a:61:94:44:03:c9:9a:6f:dd:
         84:fa:3d:10:d1:ef:e8:06:8a:fd:48:2b:81:5a:ba:67:59:6b:
         a4:0d:6b:69:9e:f0:2d:e7:24:3a:f9:38:88:7a:77:76:3e:ee:
         93:99:32:c2:62:6c:41:c0:ac:c0:d9:9e:34:8f:95:f6:92:f0:
         88:72:ce:56:8e:3a:e0:27:18:d8:a0:5c:22:2f:b0:54:f7:1f:
         01:63:3a:56:e1:a7:28:81:a9:a6:f2:37:a3:80:03:ce:3a:18:
         ac:50:6b:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n306vB0zp8KT+pGI836PEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZTA1YjYxOGEyN2Y2YzEwZWY5OTliYzk2ZDlhYTBjYmQx
NGFkYTUwHhcNMjYwMzI2MDIwMDM5WhcNMjYwMzI3MDIwMDM5WjAzMTEwLwYDVQQD
EyhhNGEyMDdhN2YwZjRiZWZkYTM3MmEyNDQxN2FmN2UzMmE0ZmE3OGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiP9AXhvR9qWux4Rv1WC2c6DAIr9q
+N701zwvAQHq0YoEfmISJeBhr9gX10EVabM2TJGZX89rbHm1yaSf3NVFN5wxCX0J
X37POE2RsCQhdBZJ9bDbl18YehR0S5kWYQC6LjCL3AGY08fWaS0HLkVtB6gtligc
IB0KP6AGPP6oI/OXOUX8sXmCzTkmivs29+G/0g0FIYj+hY7qzmZNA38Ntayy8B7F
+hkR6Eeq+eErgy7tfYjoEdL8rC10Kh5LzDK4/dGG2UotGgVUvs2b6Uw3+zZOz4Gt
J2XmWRwx+xoa3jwDzRelRMPgIGm9/ZKoWgLfzV8dQu9+RqM31bpMERW2/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKSiB6fw9L79o3KiRBevfjKk+njDMB8GA1UdIwQY
MBaAFLvgW2GKJ/bBDvmZvJbZqgy9FK2lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdS1CYllZb245c0VPLVptOGx0bXFETDBVcmFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS82ZTAyYTktMDhhZC00NzQzLWI1Mzgt
ZjMwMjljMzliNjZlLzEvdS1CYllZb245c0VPLVptOGx0bXFETDBVcmFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS82ZTAyYTktMDhhZC00NzQzLWI1MzgtZjMwMjljMzliNjZl
LzEvdS1CYllZb245c0VPLVptOGx0bXFETDBVcmFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKAMMLlOb
/34pwcXHbqRTUAXs+jbsg/c2m2bsZkdJd/9rcURt1A1GJvviHDwd3FS/m+pLHAUS
FIRMJgud5sh2wEdWbMcnNmbMN8tbri+I2shzS3u/L/fzLLVbQZUrPcVFm/YKs+i5
fOeS5pu5vljma3J0BfWg95TOe8VZR+i8wO2f0dF/sFoGGxqOhBb7tNvQraDabNLT
UKKxSmGURAPJmm/dhPo9ENHv6AaK/UgrgVq6Z1lrpA1raZ7wLeckOvk4iHp3dj7u
k5kywmJsQcCswNmeNI+V9pLwiHLOVo464CcY2KBcIi+wVPcfAWM6VuGnKIGppvI3
o4ADzjoYrFBr6w==
-----END CERTIFICATE-----