Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft
File:                     bHwktnELOtfXKCoMlH9rlTHVjsU.mft (raw, json)
Hash identifier:          f8GFWbTrynmhiYM/AgLwGyloqyeLTDxMNU/hFZGrNpQ=
Subject key identifier:   2A:FB:1F:98:E0:67:9A:EA:B9:A0:34:E3:57:63:5E:C0:99:1C:A6:0D
Authority key identifier: 6C:7C:24:B6:71:0B:3A:D7:D7:28:2A:0C:94:7F:6B:95:31:D5:8E:C5
Certificate issuer:       /CN=6c7c24b6710b3ad7d7282a0c947f6b9531d58ec5
Certificate serial:       019D2772AB4762A85D085CD81F577650E66E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bHwktnELOtfXKCoMlH9rlTHVjsU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft
Manifest number:          1882
Signing time:             Thu 26 Mar 2026 00:01:59 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:59 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:59 +0000
Files and hashes:         1: bHwktnELOtfXKCoMlH9rlTHVjsU.crl (hash: qiK0/zQaqaV361pYha/Hlh93mwlRXeJax7+RGzb3F9w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bHwktnELOtfXKCoMlH9rlTHVjsU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:ab:47:62:a8:5d:08:5c:d8:1f:57:76:50:e6:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c7c24b6710b3ad7d7282a0c947f6b9531d58ec5
        Validity
            Not Before: Mar 26 00:01:59 2026 GMT
            Not After : Mar 27 00:01:59 2026 GMT
        Subject: CN=2afb1f98e0679aeab9a034e357635ec0991ca60d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:ac:e6:7f:53:d8:7f:4d:db:3a:3f:cb:83:ac:
                    ab:8a:de:77:de:39:0c:fa:c8:c4:00:79:a7:ac:4f:
                    f6:92:b1:29:74:57:03:fc:05:98:04:f3:43:46:ec:
                    8e:e5:a6:fb:f2:7e:7b:4d:69:4b:87:b7:2f:ba:e6:
                    77:3b:7c:0a:8a:72:67:5b:b1:80:14:e9:67:77:9f:
                    74:aa:21:3a:d7:c4:c9:51:05:a6:e8:0b:72:65:58:
                    ab:95:8f:4f:17:fd:f7:7b:74:ac:2b:7d:4f:ca:00:
                    79:be:d4:dd:a9:76:90:cf:7a:5f:7d:d9:df:45:2e:
                    b5:aa:f4:ea:5f:4f:25:bc:9e:e8:eb:5d:22:c9:8a:
                    e3:c6:81:bc:c6:9a:79:16:3d:e0:1f:55:58:82:d3:
                    0a:05:e1:05:f9:ee:9f:85:1d:f2:05:f5:c4:e8:30:
                    51:49:2e:c7:7d:2a:65:cf:0f:7e:b1:be:39:d9:1c:
                    d1:da:4f:1f:f0:35:3a:77:40:79:8d:26:df:b2:3a:
                    53:00:9b:27:de:b0:08:36:86:83:a8:f8:d3:c3:ae:
                    76:91:4b:50:47:e7:cb:4f:9e:9e:13:e5:db:c6:54:
                    59:d4:c1:4c:08:05:69:9e:5e:17:90:87:4d:36:48:
                    da:99:8c:62:f9:f6:02:bf:a0:8d:0e:90:9a:1f:02:
                    03:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:FB:1F:98:E0:67:9A:EA:B9:A0:34:E3:57:63:5E:C0:99:1C:A6:0D
            X509v3 Authority Key Identifier:
                keyid:6C:7C:24:B6:71:0B:3A:D7:D7:28:2A:0C:94:7F:6B:95:31:D5:8E:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHwktnELOtfXKCoMlH9rlTHVjsU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/9fa815-b5fc-4387-8771-18f0a50c8e26/1/bHwktnELOtfXKCoMlH9rlTHVjsU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:6c:d9:0c:93:23:2a:63:10:f1:1e:a8:87:ec:cb:d6:65:a7:
         b1:9f:25:17:22:91:32:8f:1a:2f:20:5e:70:3c:d1:2e:d4:fa:
         09:7c:7a:cb:86:c2:49:58:16:a4:bc:b7:22:96:9e:13:bd:4a:
         ed:ab:44:5b:e2:0e:58:ee:3f:0c:ee:51:c0:0f:55:74:67:2f:
         4d:e7:53:4c:be:34:fa:11:5b:09:f8:88:03:1e:7c:ab:f1:b1:
         06:ba:49:2d:95:49:19:62:07:89:ba:31:a2:9e:5d:e4:e4:0d:
         51:ea:ae:71:31:23:06:99:dc:8a:53:77:a4:df:9f:15:67:21:
         17:29:93:81:a5:63:55:74:97:30:f7:4e:08:2a:34:66:8a:92:
         df:75:6f:4e:7b:87:87:b1:c0:02:46:c8:2d:9f:b4:30:a2:01:
         cc:a4:95:51:44:0a:a1:78:30:b1:dc:73:d6:9a:a8:fc:77:f1:
         44:aa:16:81:86:6c:20:c7:34:ea:c7:3e:69:83:49:a2:7c:f7:
         b1:22:45:1e:93:34:4b:d3:05:f6:1b:f2:38:2c:70:d2:10:02:
         ac:d5:68:e1:00:fc:5c:75:9a:61:c6:88:1f:c1:1d:d6:17:77:
         b1:c2:4f:87:de:c3:10:3d:f2:7d:25:00:d7:c4:d4:f5:67:ed:
         31:79:cb:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncqtHYqhdCFzYH1d2UOZuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjN2MyNGI2NzEwYjNhZDdkNzI4MmEwYzk0N2Y2Yjk1MzFk
NThlYzUwHhcNMjYwMzI2MDAwMTU5WhcNMjYwMzI3MDAwMTU5WjAzMTEwLwYDVQQD
EygyYWZiMWY5OGUwNjc5YWVhYjlhMDM0ZTM1NzYzNWVjMDk5MWNhNjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6zmf1PYf03bOj/Lg6yrit533jkM
+sjEAHmnrE/2krEpdFcD/AWYBPNDRuyO5ab78n57TWlLh7cvuuZ3O3wKinJnW7GA
FOlnd590qiE618TJUQWm6AtyZVirlY9PF/33e3SsK31PygB5vtTdqXaQz3pffdnf
RS61qvTqX08lvJ7o610iyYrjxoG8xpp5Fj3gH1VYgtMKBeEF+e6fhR3yBfXE6DBR
SS7HfSplzw9+sb452RzR2k8f8DU6d0B5jSbfsjpTAJsn3rAINoaDqPjTw652kUtQ
R+fLT56eE+XbxlRZ1MFMCAVpnl4XkIdNNkjamYxi+fYCv6CNDpCaHwIDHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCr7H5jgZ5rquaA041djXsCZHKYNMB8GA1UdIwQY
MBaAFGx8JLZxCzrX1ygqDJR/a5Ux1Y7FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkh3a3RuRUxPdGZYS0NvTWxIOXJsVEhWanNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi85ZmE4MTUtYjVmYy00Mzg3LTg3NzEt
MThmMGE1MGM4ZTI2LzEvYkh3a3RuRUxPdGZYS0NvTWxIOXJsVEhWanNVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi85ZmE4MTUtYjVmYy00Mzg3LTg3NzEtMThmMGE1MGM4ZTI2
LzEvYkh3a3RuRUxPdGZYS0NvTWxIOXJsVEhWanNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF2zZDJMj
KmMQ8R6oh+zL1mWnsZ8lFyKRMo8aLyBecDzRLtT6CXx6y4bCSVgWpLy3IpaeE71K
7atEW+IOWO4/DO5RwA9VdGcvTedTTL40+hFbCfiIAx58q/GxBrpJLZVJGWIHibox
op5d5OQNUequcTEjBpncilN3pN+fFWchFymTgaVjVXSXMPdOCCo0ZoqS33VvTnuH
h7HAAkbILZ+0MKIBzKSVUUQKoXgwsdxz1pqo/HfxRKoWgYZsIMc06sc+aYNJonz3
sSJFHpM0S9MF9hvyOCxw0hACrNVo4QD8XHWaYcaIH8Ed1hd3scJPh97DED3yfSUA
18TU9WftMXnLKw==
-----END CERTIFICATE-----