Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft
File:                     iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft (raw, json)
Hash identifier:          DDRWM2aCBJb5PHAoCWYXjFOT88QRnDcmtrlsUpPorZc=
Subject key identifier:   0E:AE:1F:8B:69:87:21:D9:B6:12:14:57:ED:D3:66:03:C7:0C:4F:10
Authority key identifier: 89:36:DF:4A:C2:F4:67:EA:66:C1:19:7A:86:29:D3:F6:4B:B5:63:F0
Certificate issuer:       /CN=8936df4ac2f467ea66c1197a8629d3f64bb563f0
Certificate serial:       019D2703AB45AA8920F5AEA30FFDEC9FA3BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft
Manifest number:          14CB
Signing time:             Wed 25 Mar 2026 22:00:44 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:44 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:44 +0000
Files and hashes:         1: iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl (hash: FAUYYm0zVXvwJkgNzls99JCHk040RgB42+BFqg4Rj3Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:ab:45:aa:89:20:f5:ae:a3:0f:fd:ec:9f:a3:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8936df4ac2f467ea66c1197a8629d3f64bb563f0
        Validity
            Not Before: Mar 25 22:00:44 2026 GMT
            Not After : Mar 26 22:00:44 2026 GMT
        Subject: CN=0eae1f8b698721d9b6121457edd36603c70c4f10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:3f:60:63:54:39:c2:3f:4a:ad:f1:ec:03:92:
                    55:64:28:47:38:76:02:d0:13:04:80:cd:cc:90:46:
                    d0:29:89:cd:e6:a8:3a:81:de:83:a7:84:db:ba:34:
                    4d:cf:d7:70:ac:ed:fc:1d:b7:43:34:64:a3:31:99:
                    84:f3:30:16:22:eb:c3:1a:c7:db:28:f8:63:a7:dc:
                    6b:ed:e5:28:dd:8c:0f:b7:93:1c:36:55:5d:e3:48:
                    85:85:5e:2a:1a:91:17:80:72:63:b1:f6:ae:b2:97:
                    66:86:29:ad:cb:1f:db:1b:68:35:27:98:56:13:eb:
                    2f:fa:43:e4:8c:4b:07:3a:ee:7c:af:4f:98:50:45:
                    6e:07:52:db:7d:b4:cb:1e:ea:b0:77:8c:c2:b6:9e:
                    02:ee:8e:23:2e:6e:a7:7f:d5:52:09:b5:49:38:1b:
                    a6:79:e8:16:76:49:8e:19:6f:5d:18:62:d7:d6:2a:
                    62:7d:c6:b6:22:21:cd:93:88:e0:f3:d9:b7:ab:83:
                    d5:12:a2:5b:d7:1f:2b:e7:ef:f9:76:a9:a5:dc:c3:
                    f8:29:db:8d:4e:59:73:27:89:fe:40:9d:f6:1e:b9:
                    cc:ec:1b:ae:d7:47:03:0f:46:bd:3c:13:63:52:80:
                    bc:1d:87:d1:0e:29:07:2b:0f:73:e0:8e:23:3e:10:
                    45:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:AE:1F:8B:69:87:21:D9:B6:12:14:57:ED:D3:66:03:C7:0C:4F:10
            X509v3 Authority Key Identifier:
                keyid:89:36:DF:4A:C2:F4:67:EA:66:C1:19:7A:86:29:D3:F6:4B:B5:63:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/7895f8-ac31-4798-8404-4e278dd48a3f/1/iTbfSsL0Z-pmwRl6hinT9ku1Y_A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:9f:d5:f5:8b:8d:fe:0b:2a:b1:1e:be:65:2b:14:35:fb:65:
         7a:a6:71:7b:c8:81:13:14:ca:81:e6:7d:38:47:f5:9d:0c:70:
         07:9e:ad:2a:b9:01:37:09:94:b1:3a:da:43:4b:92:ae:56:72:
         06:4a:29:35:9e:50:ba:cf:58:47:0f:3b:e1:67:22:22:22:56:
         6b:77:77:b8:71:a6:75:ce:02:02:db:d4:78:91:0b:71:36:8a:
         54:bd:b6:78:66:d4:22:de:16:bd:ed:66:c5:6f:ed:09:08:ca:
         2a:98:5f:97:9d:f5:03:83:47:69:07:06:68:90:92:e5:80:60:
         4a:82:3d:4c:a1:01:38:ee:09:42:29:a2:0a:94:61:16:b6:44:
         c0:ef:62:9b:c9:28:8b:f9:79:ed:f1:97:10:76:e7:3e:03:62:
         dc:c6:0a:e5:4a:88:4b:6a:b8:ef:a1:b4:e3:4a:63:a3:65:34:
         ec:d0:9c:50:15:23:46:ce:7d:f2:ce:ff:11:6c:09:ad:98:ac:
         44:0b:f2:a9:9b:22:9b:93:e7:92:0f:08:bb:ff:a0:8d:6b:93:
         60:d4:6c:10:b5:50:e9:e9:f2:3e:84:4c:f8:97:aa:22:e7:78:
         dd:8b:88:c8:b3:e5:b5:33:0e:d5:56:25:0a:ad:4f:7a:7f:9b:
         e2:fb:52:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA6tFqokg9a6jD/3sn6O+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MzZkZjRhYzJmNDY3ZWE2NmMxMTk3YTg2MjlkM2Y2NGJi
NTYzZjAwHhcNMjYwMzI1MjIwMDQ0WhcNMjYwMzI2MjIwMDQ0WjAzMTEwLwYDVQQD
EygwZWFlMWY4YjY5ODcyMWQ5YjYxMjE0NTdlZGQzNjYwM2M3MGM0ZjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArT9gY1Q5wj9KrfHsA5JVZChHOHYC
0BMEgM3MkEbQKYnN5qg6gd6Dp4TbujRNz9dwrO38HbdDNGSjMZmE8zAWIuvDGsfb
KPhjp9xr7eUo3YwPt5McNlVd40iFhV4qGpEXgHJjsfauspdmhimtyx/bG2g1J5hW
E+sv+kPkjEsHOu58r0+YUEVuB1LbfbTLHuqwd4zCtp4C7o4jLm6nf9VSCbVJOBum
eegWdkmOGW9dGGLX1ipifca2IiHNk4jg89m3q4PVEqJb1x8r5+/5dqml3MP4KduN
TllzJ4n+QJ32HrnM7Buu10cDD0a9PBNjUoC8HYfRDikHKw9z4I4jPhBFXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA6uH4tphyHZthIUV+3TZgPHDE8QMB8GA1UdIwQY
MBaAFIk230rC9GfqZsEZeoYp0/ZLtWPwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi83ODk1ZjgtYWMzMS00Nzk4LTg0MDQt
NGUyNzhkZDQ4YTNmLzEvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi83ODk1ZjgtYWMzMS00Nzk4LTg0MDQtNGUyNzhkZDQ4YTNm
LzEvaVRiZlNzTDBaLXBtd1JsNmhpblQ5a3UxWV9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ5/V9YuN
/gsqsR6+ZSsUNftleqZxe8iBExTKgeZ9OEf1nQxwB56tKrkBNwmUsTraQ0uSrlZy
BkopNZ5Qus9YRw874WciIiJWa3d3uHGmdc4CAtvUeJELcTaKVL22eGbUIt4Wve1m
xW/tCQjKKphfl531A4NHaQcGaJCS5YBgSoI9TKEBOO4JQimiCpRhFrZEwO9im8ko
i/l57fGXEHbnPgNi3MYK5UqIS2q476G040pjo2U07NCcUBUjRs598s7/EWwJrZis
RAvyqZsim5Pnkg8Iu/+gjWuTYNRsELVQ6enyPoRM+JeqIud43YuIyLPltTMO1VYl
Cq1Pen+b4vtSDQ==
-----END CERTIFICATE-----