Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
File:                     b20hysOH8-N4uiOkynfeyTA7qS0.mft (raw, json)
Hash identifier:          B+pZ/xrYpJETvUhEc91FmflDhZbSBN7K/GiMwCgmHNY=
Subject key identifier:   0B:DE:87:3F:29:64:99:81:A3:50:CE:91:89:92:5D:56:F4:DA:49:D1
Authority key identifier: 6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D
Certificate issuer:       /CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
Certificate serial:       019D27A88F5AA7F933E006989A55B3D6902E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
Manifest number:          1882
Signing time:             Thu 26 Mar 2026 01:00:51 +0000
Manifest this update:     Thu 26 Mar 2026 01:00:51 +0000
Manifest next update:     Fri 27 Mar 2026 01:00:51 +0000
Files and hashes:         1: b20hysOH8-N4uiOkynfeyTA7qS0.crl (hash: 5CeYxdG/Ai9HEVqyePDzpjsH43wLSazqUj4zrm0mItI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:a8:8f:5a:a7:f9:33:e0:06:98:9a:55:b3:d6:90:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
        Validity
            Not Before: Mar 26 01:00:51 2026 GMT
            Not After : Mar 27 01:00:51 2026 GMT
        Subject: CN=0bde873f29649981a350ce9189925d56f4da49d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:c5:4e:0c:5b:ae:40:9f:53:17:90:7f:59:4f:
                    35:2b:6b:68:3c:f6:4b:fc:1c:72:5b:b3:6c:c7:0d:
                    27:2b:f4:43:5d:48:a1:d5:47:6d:f7:6c:af:c1:74:
                    ac:b2:56:b5:8f:64:fe:2b:37:04:8a:d8:df:14:55:
                    10:6c:b3:ef:30:86:e1:21:66:d3:a2:f9:ca:2a:f6:
                    3b:e0:f6:8f:de:64:6c:b5:77:a0:6b:b0:d5:a9:e4:
                    57:10:f6:bf:40:b2:c8:c6:f2:3a:20:5d:6d:ae:ec:
                    f9:40:c0:17:aa:e7:fb:b4:f7:86:62:96:a9:58:38:
                    18:2e:6c:32:5a:99:93:2d:fb:1f:83:cd:34:07:5b:
                    bf:c6:82:b7:53:fb:11:3f:11:b6:52:38:dc:85:65:
                    4e:9d:1a:23:42:bd:88:2d:fe:3e:23:75:97:2d:9d:
                    41:ce:9d:3e:ae:8f:91:80:bb:8a:25:18:8b:9e:ee:
                    61:44:9a:9f:6c:fb:5b:4c:24:2e:ca:b3:b2:19:f1:
                    67:f9:3d:e7:bd:50:ad:74:d3:b8:a6:c5:2e:15:97:
                    a1:b9:23:c0:27:49:66:44:e4:bb:94:f4:1f:aa:8d:
                    eb:44:a8:d4:e7:50:95:0c:78:0f:dd:b7:3b:25:cc:
                    79:1c:5f:1f:f8:a4:0e:60:4e:23:4c:94:4a:1e:ff:
                    dc:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:DE:87:3F:29:64:99:81:A3:50:CE:91:89:92:5D:56:F4:DA:49:D1
            X509v3 Authority Key Identifier:
                keyid:6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:1d:83:87:db:23:e4:3d:86:02:6f:d7:42:dc:16:88:dd:a9:
         67:11:ce:c2:eb:9e:91:19:ee:c8:e7:13:f9:99:8b:14:ee:f1:
         2b:32:ab:db:f5:cb:ea:a9:51:16:88:9d:17:b2:e1:2c:73:c2:
         5a:8a:8b:0f:09:d5:ac:0d:24:34:96:b2:94:f6:40:89:ff:2f:
         23:9f:3f:51:1d:33:72:c1:3f:c7:0c:88:ad:91:0b:63:be:00:
         1d:a8:cf:cc:1a:62:63:59:fa:bf:b4:bb:f3:37:97:28:9a:d6:
         d7:c1:6d:a0:a6:31:e6:bc:12:a3:e9:bc:93:2e:2e:2d:7a:1f:
         a7:3f:1a:d5:5f:b9:17:80:8a:99:73:ef:6e:15:73:fc:8b:40:
         7e:30:b7:ce:d5:da:39:4a:6b:bb:fb:a6:18:25:3e:5e:e1:9d:
         4a:93:ca:18:f1:d4:fe:c0:e5:a4:64:45:97:09:3d:ce:af:1e:
         de:f7:8e:6c:7c:d7:26:49:8e:c9:d4:f4:1f:be:51:68:76:d7:
         07:f2:cf:8d:f4:0d:a7:b5:e3:6b:21:92:a8:c1:60:3e:66:55:
         51:e8:c8:79:48:e0:89:c4:58:5e:4f:f0:fd:16:6c:43:79:be:
         4a:23:8d:f4:a6:2f:99:f2:c3:ea:c3:57:2a:e5:70:be:57:47:
         ba:b7:8a:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqI9ap/kz4AaYmlWz1pAuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNmQyMWNhYzM4N2YzZTM3OGJhMjNhNGNhNzdkZWM5MzAz
YmE5MmQwHhcNMjYwMzI2MDEwMDUxWhcNMjYwMzI3MDEwMDUxWjAzMTEwLwYDVQQD
EygwYmRlODczZjI5NjQ5OTgxYTM1MGNlOTE4OTkyNWQ1NmY0ZGE0OWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8VODFuuQJ9TF5B/WU81K2toPPZL
/BxyW7Nsxw0nK/RDXUih1Udt92yvwXSssla1j2T+KzcEitjfFFUQbLPvMIbhIWbT
ovnKKvY74PaP3mRstXega7DVqeRXEPa/QLLIxvI6IF1truz5QMAXquf7tPeGYpap
WDgYLmwyWpmTLfsfg800B1u/xoK3U/sRPxG2UjjchWVOnRojQr2ILf4+I3WXLZ1B
zp0+ro+RgLuKJRiLnu5hRJqfbPtbTCQuyrOyGfFn+T3nvVCtdNO4psUuFZehuSPA
J0lmROS7lPQfqo3rRKjU51CVDHgP3bc7Jcx5HF8f+KQOYE4jTJRKHv/c7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAvehz8pZJmBo1DOkYmSXVb02knRMB8GA1UdIwQY
MBaAFG9tIcrDh/PjeLojpMp33skwO6ktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2Mt
MWFlYmNhNGI2ZGI4LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2MtMWFlYmNhNGI2ZGI4
LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkx2Dh9sj
5D2GAm/XQtwWiN2pZxHOwuuekRnuyOcT+ZmLFO7xKzKr2/XL6qlRFoidF7LhLHPC
WoqLDwnVrA0kNJaylPZAif8vI58/UR0zcsE/xwyIrZELY74AHajPzBpiY1n6v7S7
8zeXKJrW18FtoKYx5rwSo+m8ky4uLXofpz8a1V+5F4CKmXPvbhVz/ItAfjC3ztXa
OUpru/umGCU+XuGdSpPKGPHU/sDlpGRFlwk9zq8e3veObHzXJkmOydT0H75RaHbX
B/LPjfQNp7XjayGSqMFgPmZVUejIeUjgicRYXk/w/RZsQ3m+SiON9KYvmfLD6sNX
KuVwvldHureK2Q==
-----END CERTIFICATE-----