Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1a530f-efe3-4d8b-903a-a7136a145f1c/1/a1xW3Y1JexBoE6IloYFxST7jKoU.mft
File:                     a1xW3Y1JexBoE6IloYFxST7jKoU.mft (raw, json)
Hash identifier:          KWV2TSm3y+7iS/lowdXBCXUEIXka1dxCllzOC6A9De4=
Subject key identifier:   B0:71:BA:51:7E:B2:2D:7E:7B:55:D0:4F:77:B1:5E:40:DF:89:56:CF
Authority key identifier: 6B:5C:56:DD:8D:49:7B:10:68:13:A2:25:A1:81:71:49:3E:E3:2A:85
Certificate issuer:       /CN=6b5c56dd8d497b106813a225a18171493ee32a85
Certificate serial:       019D2816C74C784BA35F9CBD9B29483D150B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a1xW3Y1JexBoE6IloYFxST7jKoU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/1a530f-efe3-4d8b-903a-a7136a145f1c/1/a1xW3Y1JexBoE6IloYFxST7jKoU.mft
Manifest number:          02C7
Signing time:             Thu 26 Mar 2026 03:01:14 +0000
Manifest this update:     Thu 26 Mar 2026 03:01:14 +0000
Manifest next update:     Fri 27 Mar 2026 03:01:14 +0000
Files and hashes:         1: a1xW3Y1JexBoE6IloYFxST7jKoU.crl (hash: Q7IgqhTfcZf9vbB5uR2z8YeyiLbhDI79sbiRAQuqWiw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/1a530f-efe3-4d8b-903a-a7136a145f1c/1/a1xW3Y1JexBoE6IloYFxST7jKoU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/1a530f-efe3-4d8b-903a-a7136a145f1c/1/a1xW3Y1JexBoE6IloYFxST7jKoU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a1xW3Y1JexBoE6IloYFxST7jKoU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:16:c7:4c:78:4b:a3:5f:9c:bd:9b:29:48:3d:15:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b5c56dd8d497b106813a225a18171493ee32a85
        Validity
            Not Before: Mar 26 03:01:14 2026 GMT
            Not After : Mar 27 03:01:14 2026 GMT
        Subject: CN=b071ba517eb22d7e7b55d04f77b15e40df8956cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:71:82:e4:7a:90:ea:44:9b:89:9d:44:6e:f0:
                    f4:82:15:50:f3:53:8c:44:96:e3:c8:f7:79:48:3c:
                    03:5c:3e:a0:a5:71:d0:4f:49:3b:e4:ec:0c:16:b4:
                    e5:c4:3a:db:17:ed:a3:1d:e8:ff:75:04:4c:8b:dc:
                    07:c1:d9:1c:54:92:fb:9b:ac:f9:98:6f:87:f3:9d:
                    94:f6:52:5c:cc:a8:9d:e9:de:8a:2e:97:28:19:33:
                    a9:9c:c9:ba:e2:06:20:ad:6e:21:66:6d:b1:35:76:
                    d0:17:ae:e5:7b:b6:05:19:1b:d3:f0:71:f1:34:e0:
                    7b:6f:4d:e5:79:3a:aa:45:b3:2e:33:80:c2:3f:a2:
                    ed:be:d4:c2:4a:d9:71:87:05:f1:04:f9:4c:7b:fa:
                    d7:60:3e:52:2b:bb:14:76:3b:25:e1:47:14:f2:34:
                    66:6f:d0:c0:32:d0:bb:3b:07:e9:85:27:1b:40:26:
                    25:ab:cc:3d:b5:59:98:67:c3:5c:0b:a6:35:4e:93:
                    0b:8c:d5:b4:4f:f8:c2:3d:33:a8:40:23:43:0a:52:
                    ef:50:0d:e4:aa:ba:17:d7:57:d4:2f:bf:ea:96:bc:
                    9d:2f:75:bf:b3:4c:e3:8f:8c:00:f9:91:62:06:49:
                    f9:99:a6:be:5f:58:b0:af:35:7f:2c:b5:aa:ca:16:
                    63:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:71:BA:51:7E:B2:2D:7E:7B:55:D0:4F:77:B1:5E:40:DF:89:56:CF
            X509v3 Authority Key Identifier:
                keyid:6B:5C:56:DD:8D:49:7B:10:68:13:A2:25:A1:81:71:49:3E:E3:2A:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1xW3Y1JexBoE6IloYFxST7jKoU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1a530f-efe3-4d8b-903a-a7136a145f1c/1/a1xW3Y1JexBoE6IloYFxST7jKoU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1a530f-efe3-4d8b-903a-a7136a145f1c/1/a1xW3Y1JexBoE6IloYFxST7jKoU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cf:e2:3e:8c:b7:1d:fe:b5:ab:65:a8:c5:74:c0:c9:b1:c2:97:
         a3:ff:aa:8d:c6:bc:aa:45:c9:82:d9:7a:2a:22:89:97:45:f4:
         a0:3e:c1:db:4d:cd:5d:c8:2f:22:d9:e1:8d:1b:61:ef:27:26:
         2f:c8:33:e1:e6:c0:80:0d:67:26:11:a8:77:33:50:de:f8:de:
         c0:85:18:0f:02:eb:1e:50:13:be:0a:0c:f9:86:fa:85:45:47:
         59:3b:c0:bb:1a:1f:13:99:e7:14:6f:69:2e:27:2b:64:04:e4:
         69:90:31:82:04:03:46:1f:ad:3e:a2:3d:a4:e5:ff:c6:72:ac:
         b4:0d:00:27:87:86:a6:87:ad:b1:79:15:6a:02:6d:a2:67:e3:
         54:57:98:cc:bb:98:41:6e:34:a8:3c:1f:93:92:77:85:ca:52:
         f2:4f:74:a4:03:95:77:7f:94:de:b6:3e:1c:70:42:b7:fd:1c:
         67:8c:84:ca:00:22:8b:7d:9a:5b:be:fe:42:d2:3b:36:09:ae:
         7c:1c:fe:7a:f5:ea:91:3e:5f:23:80:9b:43:3e:5f:27:64:c5:
         41:43:89:23:63:87:1d:69:4f:5e:df:14:57:98:78:5b:93:c4:
         05:f7:9f:14:03:52:8f:57:95:ee:ac:bb:4c:45:13:ad:df:13:
         1f:2f:75:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFsdMeEujX5y9mylIPRULMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWM1NmRkOGQ0OTdiMTA2ODEzYTIyNWExODE3MTQ5M2Vl
MzJhODUwHhcNMjYwMzI2MDMwMTE0WhcNMjYwMzI3MDMwMTE0WjAzMTEwLwYDVQQD
EyhiMDcxYmE1MTdlYjIyZDdlN2I1NWQwNGY3N2IxNWU0MGRmODk1NmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHGC5HqQ6kSbiZ1EbvD0ghVQ81OM
RJbjyPd5SDwDXD6gpXHQT0k75OwMFrTlxDrbF+2jHej/dQRMi9wHwdkcVJL7m6z5
mG+H852U9lJczKid6d6KLpcoGTOpnMm64gYgrW4hZm2xNXbQF67le7YFGRvT8HHx
NOB7b03leTqqRbMuM4DCP6LtvtTCStlxhwXxBPlMe/rXYD5SK7sUdjsl4UcU8jRm
b9DAMtC7OwfphScbQCYlq8w9tVmYZ8NcC6Y1TpMLjNW0T/jCPTOoQCNDClLvUA3k
qroX11fUL7/qlrydL3W/s0zjj4wA+ZFiBkn5maa+X1iwrzV/LLWqyhZjrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLBxulF+si1+e1XQT3exXkDfiVbPMB8GA1UdIwQY
MBaAFGtcVt2NSXsQaBOiJaGBcUk+4yqFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTF4VzNZMUpleEJvRTZJbG9ZRnhTVDdqS29VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xYTUzMGYtZWZlMy00ZDhiLTkwM2Et
YTcxMzZhMTQ1ZjFjLzEvYTF4VzNZMUpleEJvRTZJbG9ZRnhTVDdqS29VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xYTUzMGYtZWZlMy00ZDhiLTkwM2EtYTcxMzZhMTQ1ZjFj
LzEvYTF4VzNZMUpleEJvRTZJbG9ZRnhTVDdqS29VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAz+I+jLcd
/rWrZajFdMDJscKXo/+qjca8qkXJgtl6KiKJl0X0oD7B203NXcgvItnhjRth7ycm
L8gz4ebAgA1nJhGodzNQ3vjewIUYDwLrHlATvgoM+Yb6hUVHWTvAuxofE5nnFG9p
LicrZATkaZAxggQDRh+tPqI9pOX/xnKstA0AJ4eGpoetsXkVagJtomfjVFeYzLuY
QW40qDwfk5J3hcpS8k90pAOVd3+U3rY+HHBCt/0cZ4yEygAii32aW77+QtI7Ngmu
fBz+evXqkT5fI4CbQz5fJ2TFQUOJI2OHHWlPXt8UV5h4W5PEBfefFANSj1eV7qy7
TEUTrd8THy91jA==
-----END CERTIFICATE-----