Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/b195e7-b804-4594-965e-3fd14b936eb4/1/_sQT3TZn54GV5SaKooWupRa8sZk.mft
File:                     _sQT3TZn54GV5SaKooWupRa8sZk.mft (raw, json)
Hash identifier:          qCWwDlzEOgG3AwzDTY/5w71xDCILB1HMmIhvB3aDHww=
Subject key identifier:   FF:00:C2:83:EA:40:5A:2A:92:79:0A:28:2A:4E:16:E3:AF:8F:5C:45
Authority key identifier: FE:C4:13:DD:36:67:E7:81:95:E5:26:8A:A2:85:AE:A5:16:BC:B1:99
Certificate issuer:       /CN=fec413dd3667e78195e5268aa285aea516bcb199
Certificate serial:       019D284DD0135FC13A0F3B6E124499E771C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_sQT3TZn54GV5SaKooWupRa8sZk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/b195e7-b804-4594-965e-3fd14b936eb4/1/_sQT3TZn54GV5SaKooWupRa8sZk.mft
Manifest number:          15B0
Signing time:             Thu 26 Mar 2026 04:01:21 +0000
Manifest this update:     Thu 26 Mar 2026 04:01:21 +0000
Manifest next update:     Fri 27 Mar 2026 04:01:21 +0000
Files and hashes:         1: _sQT3TZn54GV5SaKooWupRa8sZk.crl (hash: SVBjJNgRwX8H36B2ELRf1JYypd8FoI1ao4KgNd5KZd8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/b195e7-b804-4594-965e-3fd14b936eb4/1/_sQT3TZn54GV5SaKooWupRa8sZk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/b195e7-b804-4594-965e-3fd14b936eb4/1/_sQT3TZn54GV5SaKooWupRa8sZk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_sQT3TZn54GV5SaKooWupRa8sZk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4d:d0:13:5f:c1:3a:0f:3b:6e:12:44:99:e7:71:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fec413dd3667e78195e5268aa285aea516bcb199
        Validity
            Not Before: Mar 26 04:01:21 2026 GMT
            Not After : Mar 27 04:01:21 2026 GMT
        Subject: CN=ff00c283ea405a2a92790a282a4e16e3af8f5c45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:71:6a:f4:e5:8d:3c:59:b3:6b:97:2a:88:ca:
                    32:56:46:d8:ca:d6:9a:b9:d5:e1:69:61:c2:3e:51:
                    ea:1e:48:1c:73:46:85:ff:2d:48:b9:ab:4b:a5:cb:
                    de:17:6d:62:04:4a:62:00:cc:e4:32:60:46:e8:fc:
                    23:a5:a1:5d:23:79:85:28:78:0b:cc:95:2a:74:3a:
                    85:7d:18:5f:eb:ca:34:b2:19:2b:ef:71:7f:3b:7b:
                    61:e2:04:e1:58:66:97:09:33:7a:f1:75:ff:b7:4d:
                    1b:cd:bb:8b:79:af:52:03:6a:da:b9:77:52:29:02:
                    26:d8:90:20:ed:e4:92:dc:4e:3b:b2:c6:bf:ac:43:
                    9d:3a:b4:87:75:d1:0d:d7:cc:0d:85:87:c6:ce:d0:
                    55:6f:65:db:d6:a3:fb:c3:45:a3:29:f6:79:27:55:
                    43:2e:b1:06:a6:32:0e:1a:15:4e:79:c2:9d:a8:3b:
                    34:b9:f6:c4:85:1e:17:df:ae:d0:e6:0a:43:25:aa:
                    4c:78:dc:40:6c:f7:1a:ff:84:ab:b9:68:84:b0:82:
                    cd:c1:53:d9:2d:81:5f:df:0a:e8:51:52:2d:66:99:
                    2c:c6:e4:a3:d2:93:31:b9:ce:1f:bc:2c:7d:71:32:
                    c2:6c:46:71:46:a7:83:2f:57:b6:45:06:32:6a:81:
                    4b:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:00:C2:83:EA:40:5A:2A:92:79:0A:28:2A:4E:16:E3:AF:8F:5C:45
            X509v3 Authority Key Identifier:
                keyid:FE:C4:13:DD:36:67:E7:81:95:E5:26:8A:A2:85:AE:A5:16:BC:B1:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_sQT3TZn54GV5SaKooWupRa8sZk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/b195e7-b804-4594-965e-3fd14b936eb4/1/_sQT3TZn54GV5SaKooWupRa8sZk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/b195e7-b804-4594-965e-3fd14b936eb4/1/_sQT3TZn54GV5SaKooWupRa8sZk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:d9:68:63:3f:a8:54:41:8c:86:86:ef:52:37:f1:e5:bd:1c:
         ca:d1:29:3d:f3:f8:6a:9d:66:b0:2e:65:dc:85:09:a7:49:71:
         15:db:d3:85:61:23:62:96:e9:84:dd:a2:30:fe:2c:5d:3f:a5:
         ff:ed:54:4e:b2:d6:ca:3b:bc:38:2f:0a:80:40:fd:8b:67:c0:
         da:30:38:68:eb:36:37:87:66:ec:6b:a5:c8:95:88:2e:8f:50:
         7d:57:7a:4f:a0:22:f7:a1:4f:fd:a6:41:ea:94:d7:07:ec:53:
         ec:ea:f6:89:f9:fb:f5:af:3d:2e:ae:8b:7b:a5:31:98:c2:26:
         34:17:ce:98:60:b0:ad:da:14:6f:fd:d9:2d:e0:94:97:ed:23:
         5d:f1:f0:22:1d:ab:ef:50:c8:80:00:49:d2:b4:96:eb:91:74:
         d0:29:60:80:60:fb:85:65:a9:d2:50:be:e1:42:0e:0b:bd:0a:
         4e:6d:5b:0e:33:a2:d2:11:24:d7:df:1b:cd:2d:25:0c:96:7c:
         7f:10:9d:46:16:6c:b1:4c:55:4c:02:19:8e:0e:6c:31:a9:79:
         ba:c8:6a:eb:9b:c7:07:b3:66:87:ad:87:84:3c:ac:94:13:f4:
         5e:4b:e3:dc:2c:b8:7f:26:b7:34:d5:3d:02:8f:74:c0:a3:85:
         c7:2d:e8:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTdATX8E6DztuEkSZ53HAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYzQxM2RkMzY2N2U3ODE5NWU1MjY4YWEyODVhZWE1MTZi
Y2IxOTkwHhcNMjYwMzI2MDQwMTIxWhcNMjYwMzI3MDQwMTIxWjAzMTEwLwYDVQQD
EyhmZjAwYzI4M2VhNDA1YTJhOTI3OTBhMjgyYTRlMTZlM2FmOGY1YzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXFq9OWNPFmza5cqiMoyVkbYytaa
udXhaWHCPlHqHkgcc0aF/y1IuatLpcveF21iBEpiAMzkMmBG6PwjpaFdI3mFKHgL
zJUqdDqFfRhf68o0shkr73F/O3th4gThWGaXCTN68XX/t00bzbuLea9SA2rauXdS
KQIm2JAg7eSS3E47ssa/rEOdOrSHddEN18wNhYfGztBVb2Xb1qP7w0WjKfZ5J1VD
LrEGpjIOGhVOecKdqDs0ufbEhR4X367Q5gpDJapMeNxAbPca/4SruWiEsILNwVPZ
LYFf3wroUVItZpksxuSj0pMxuc4fvCx9cTLCbEZxRqeDL1e2RQYyaoFLcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP8AwoPqQFoqknkKKCpOFuOvj1xFMB8GA1UdIwQY
MBaAFP7EE902Z+eBleUmiqKFrqUWvLGZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3NRVDNUWm41NEdWNVNhS29vV3VwUmE4c1prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9iMTk1ZTctYjgwNC00NTk0LTk2NWUt
M2ZkMTRiOTM2ZWI0LzEvX3NRVDNUWm41NEdWNVNhS29vV3VwUmE4c1prLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9iMTk1ZTctYjgwNC00NTk0LTk2NWUtM2ZkMTRiOTM2ZWI0
LzEvX3NRVDNUWm41NEdWNVNhS29vV3VwUmE4c1prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl9loYz+o
VEGMhobvUjfx5b0cytEpPfP4ap1msC5l3IUJp0lxFdvThWEjYpbphN2iMP4sXT+l
/+1UTrLWyju8OC8KgED9i2fA2jA4aOs2N4dm7GulyJWILo9QfVd6T6Ai96FP/aZB
6pTXB+xT7Or2ifn79a89Lq6Le6UxmMImNBfOmGCwrdoUb/3ZLeCUl+0jXfHwIh2r
71DIgABJ0rSW65F00ClggGD7hWWp0lC+4UIOC70KTm1bDjOi0hEk198bzS0lDJZ8
fxCdRhZssUxVTAIZjg5sMal5ushq65vHB7Nmh62HhDyslBP0Xkvj3Cy4fya3NNU9
Ao90wKOFxy3oPw==
-----END CERTIFICATE-----