Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft
File:                     CIAqhiH4eCf9WXI85my1nDj5HyE.mft (raw, json)
Hash identifier:          MmNF/fEVRvn+S3TNsL/LWNBU7jp4PsTGAtulWRPG454=
Subject key identifier:   10:2E:65:13:F3:11:C7:98:37:F3:2E:F4:B4:D3:23:D8:8A:FD:B8:C2
Authority key identifier: 08:80:2A:86:21:F8:78:27:FD:59:72:3C:E6:6C:B5:9C:38:F9:1F:21
Certificate issuer:       /CN=08802a8621f87827fd59723ce66cb59c38f91f21
Certificate serial:       019D2961AF01852903B4AF59ED6FA7CFFCC9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CIAqhiH4eCf9WXI85my1nDj5HyE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft
Manifest number:          0BDF
Signing time:             Thu 26 Mar 2026 09:02:40 +0000
Manifest this update:     Thu 26 Mar 2026 09:02:40 +0000
Manifest next update:     Fri 27 Mar 2026 09:02:40 +0000
Files and hashes:         1: CIAqhiH4eCf9WXI85my1nDj5HyE.crl (hash: PearSn6G+CkwCtVUj9W0KNzU7+3EJFw9SNrMW2tsNA0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CIAqhiH4eCf9WXI85my1nDj5HyE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:61:af:01:85:29:03:b4:af:59:ed:6f:a7:cf:fc:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08802a8621f87827fd59723ce66cb59c38f91f21
        Validity
            Not Before: Mar 26 09:02:40 2026 GMT
            Not After : Mar 27 09:02:40 2026 GMT
        Subject: CN=102e6513f311c79837f32ef4b4d323d88afdb8c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:2e:77:1b:f4:15:e0:e7:b6:50:e2:fb:0f:4e:
                    56:22:07:c8:b0:55:49:f0:10:5c:10:ae:b0:09:89:
                    ad:23:6e:0c:0b:70:10:3c:9f:bf:0f:b6:dd:eb:00:
                    03:31:4f:e8:0b:39:f4:5b:cc:9c:01:5a:34:41:9c:
                    20:33:10:cb:88:db:b9:5e:6e:73:70:76:f7:2e:13:
                    3c:8a:df:f4:0a:94:9b:83:34:ff:b4:12:4c:09:2c:
                    d2:e5:53:6b:f3:13:ba:f3:0d:c7:a1:34:56:4d:f3:
                    cc:6c:2d:2d:4f:af:1c:7b:0a:82:c5:f0:b0:70:c3:
                    ef:8b:65:fc:bc:50:77:a3:c1:dc:10:c9:5e:34:73:
                    ab:92:16:0e:20:d4:83:2e:9c:16:6b:b4:62:db:d3:
                    cf:7b:7b:b4:76:8f:bf:e0:6d:3f:7b:2f:d7:46:e1:
                    a5:95:56:5f:57:e7:85:16:55:d0:d7:82:62:88:86:
                    37:fb:8c:5d:3c:6b:05:00:44:7f:3b:10:6e:70:41:
                    58:61:65:6b:2e:5e:bc:bd:95:b5:a0:b9:38:0d:24:
                    8c:02:df:b1:12:23:21:9c:ba:46:af:b8:a4:fd:20:
                    6a:95:36:c3:7f:78:ec:82:f8:18:ee:f8:75:48:28:
                    e2:b4:75:41:b1:1f:8e:13:de:f3:3d:b9:44:fb:36:
                    36:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:2E:65:13:F3:11:C7:98:37:F3:2E:F4:B4:D3:23:D8:8A:FD:B8:C2
            X509v3 Authority Key Identifier:
                keyid:08:80:2A:86:21:F8:78:27:FD:59:72:3C:E6:6C:B5:9C:38:F9:1F:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIAqhiH4eCf9WXI85my1nDj5HyE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:4d:26:02:35:12:24:06:96:e3:c1:1b:bc:ff:eb:c2:b9:32:
         8a:3b:4a:59:14:ec:9c:d0:2e:ee:98:f1:c9:23:fd:4c:f2:b2:
         37:ff:7e:c5:79:46:b9:76:30:4f:2d:8e:20:83:ee:61:73:42:
         11:33:23:4f:f1:14:db:07:cf:f6:5e:3a:76:06:7f:66:50:07:
         eb:a4:09:e8:c1:33:77:16:0f:a5:b8:29:51:89:58:9b:0b:e8:
         05:dd:5b:65:c6:7f:29:c3:5b:c2:54:d2:86:17:5a:24:88:94:
         b8:c7:73:5f:1c:97:52:79:cf:eb:74:4d:7e:ba:9b:1b:82:34:
         0e:c8:44:93:52:60:3a:96:5f:b6:38:8e:36:14:c2:27:87:a7:
         ce:77:84:69:f2:e2:2f:8c:ac:4b:a7:fd:45:da:1c:f0:fb:75:
         61:bb:c1:5f:de:47:b1:ca:91:1d:b9:62:4b:c1:ff:7b:c6:18:
         73:6b:e8:31:fd:86:e0:6d:a7:96:86:18:ef:f2:2c:6e:1a:5e:
         21:f8:c1:b8:32:60:14:ed:9c:0f:fb:87:f9:2e:b9:99:a3:52:
         3d:45:96:43:10:32:20:27:51:ae:79:45:fd:16:07:0e:ec:e4:
         e3:9e:76:4c:43:43:09:b2:ab:2f:1e:37:75:41:6f:79:c2:c3:
         db:43:3c:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYa8BhSkDtK9Z7W+nz/zJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODAyYTg2MjFmODc4MjdmZDU5NzIzY2U2NmNiNTljMzhm
OTFmMjEwHhcNMjYwMzI2MDkwMjQwWhcNMjYwMzI3MDkwMjQwWjAzMTEwLwYDVQQD
EygxMDJlNjUxM2YzMTFjNzk4MzdmMzJlZjRiNGQzMjNkODhhZmRiOGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+C53G/QV4Oe2UOL7D05WIgfIsFVJ
8BBcEK6wCYmtI24MC3AQPJ+/D7bd6wADMU/oCzn0W8ycAVo0QZwgMxDLiNu5Xm5z
cHb3LhM8it/0CpSbgzT/tBJMCSzS5VNr8xO68w3HoTRWTfPMbC0tT68cewqCxfCw
cMPvi2X8vFB3o8HcEMleNHOrkhYOINSDLpwWa7Ri29PPe3u0do+/4G0/ey/XRuGl
lVZfV+eFFlXQ14JiiIY3+4xdPGsFAER/OxBucEFYYWVrLl68vZW1oLk4DSSMAt+x
EiMhnLpGr7ik/SBqlTbDf3jsgvgY7vh1SCjitHVBsR+OE97zPblE+zY2EwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBAuZRPzEceYN/Mu9LTTI9iK/bjCMB8GA1UdIwQY
MBaAFAiAKoYh+Hgn/VlyPOZstZw4+R8hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lBcWhpSDRlQ2Y5V1hJODVteTFuRGo1SHlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82YmMwZjEtZDFlYS00OTAwLTk4Y2Et
ZjE2Zjk5NGVjZjQzLzEvQ0lBcWhpSDRlQ2Y5V1hJODVteTFuRGo1SHlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82YmMwZjEtZDFlYS00OTAwLTk4Y2EtZjE2Zjk5NGVjZjQz
LzEvQ0lBcWhpSDRlQ2Y5V1hJODVteTFuRGo1SHlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdE0mAjUS
JAaW48EbvP/rwrkyijtKWRTsnNAu7pjxySP9TPKyN/9+xXlGuXYwTy2OIIPuYXNC
ETMjT/EU2wfP9l46dgZ/ZlAH66QJ6MEzdxYPpbgpUYlYmwvoBd1bZcZ/KcNbwlTS
hhdaJIiUuMdzXxyXUnnP63RNfrqbG4I0DshEk1JgOpZftjiONhTCJ4enzneEafLi
L4ysS6f9Rdoc8Pt1YbvBX95HscqRHbliS8H/e8YYc2voMf2G4G2nloYY7/Isbhpe
IfjBuDJgFO2cD/uH+S65maNSPUWWQxAyICdRrnlF/RYHDuzk4552TENDCbKrLx43
dUFvecLD20M8OA==
-----END CERTIFICATE-----