Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft
File:                     MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft (raw, json)
Hash identifier:          IDDQFc7CH8ZG/8nZUu0X3XlOv7wsdC53AIxuf2K6HUQ=
Subject key identifier:   F2:9A:5B:32:86:E7:AB:27:E1:0B:59:13:84:62:DB:4D:5D:4C:42:B9
Authority key identifier: 32:50:52:B7:A6:78:FA:A0:97:DC:BE:65:47:17:0C:91:52:B4:6C:F1
Certificate issuer:       /CN=325052b7a678faa097dcbe6547170c9152b46cf1
Certificate serial:       019D2771DF4859D36C6AEBF8231FA49181F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft
Manifest number:          1815
Signing time:             Thu 26 Mar 2026 00:01:07 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:07 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:07 +0000
Files and hashes:         1: MlBSt6Z4-qCX3L5lRxcMkVK0bPE.crl (hash: 1sj8t0hU5BcWrirosxqadN+y9RJ0q7hohIVEXPSYpu0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:71:df:48:59:d3:6c:6a:eb:f8:23:1f:a4:91:81:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=325052b7a678faa097dcbe6547170c9152b46cf1
        Validity
            Not Before: Mar 26 00:01:07 2026 GMT
            Not After : Mar 27 00:01:07 2026 GMT
        Subject: CN=f29a5b3286e7ab27e10b59138462db4d5d4c42b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:08:fa:9c:f1:04:cd:92:5f:8c:98:1b:5a:c1:
                    c8:97:fa:e4:7a:ae:74:95:6b:32:53:28:67:a3:8d:
                    46:2b:2e:47:69:07:94:47:9f:19:9c:37:95:86:68:
                    51:69:96:b0:95:fa:55:89:3a:6c:63:52:e7:bd:6b:
                    02:69:df:85:03:9f:73:ce:b2:43:64:61:7f:86:e6:
                    1a:5e:6d:70:80:1d:94:1d:1f:2c:1b:5e:5d:e6:44:
                    1f:a3:48:96:47:4e:46:c5:2b:5f:78:67:a4:ee:3c:
                    7b:0c:a2:6f:ff:4c:4a:96:c7:dd:0b:ca:af:0b:6e:
                    de:d4:de:ea:58:9e:5d:a8:98:5d:10:f6:18:3b:48:
                    2e:06:59:93:5e:68:6b:cf:33:95:e6:44:49:1c:1b:
                    31:ed:bf:23:94:92:e2:51:42:79:b8:f4:7c:6f:fe:
                    92:0a:f9:d7:b3:44:f8:b0:9a:7d:55:7b:14:8c:ba:
                    66:be:82:ac:7a:03:b1:1f:7a:0c:78:13:bc:0b:36:
                    6d:27:43:c3:98:0f:8b:ac:8f:da:25:c7:90:06:4c:
                    e1:6d:4e:ea:bb:ce:40:2d:d8:4a:71:56:48:de:fe:
                    59:44:b8:e3:97:54:25:fb:34:54:e3:db:82:38:fc:
                    e0:56:9e:de:17:7c:57:b4:b5:88:ef:37:51:4e:19:
                    44:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:9A:5B:32:86:E7:AB:27:E1:0B:59:13:84:62:DB:4D:5D:4C:42:B9
            X509v3 Authority Key Identifier:
                keyid:32:50:52:B7:A6:78:FA:A0:97:DC:BE:65:47:17:0C:91:52:B4:6C:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:bb:b0:e6:1b:18:e5:b6:34:77:b8:87:5b:32:32:52:e7:c8:
         52:01:9d:1c:d8:4a:42:73:9c:f3:f5:a0:2e:be:c7:5a:75:2c:
         89:7e:be:73:b1:8d:ad:0c:69:d8:2c:88:b3:73:43:3b:fa:4b:
         38:03:09:9f:9f:6d:32:bd:d4:ec:16:fc:6c:58:85:fb:7f:aa:
         cf:ba:70:7b:69:db:6c:fa:bb:2e:7e:f4:80:ec:c1:b0:44:a2:
         90:fb:a8:bf:10:2f:cf:1e:13:bf:ef:08:6c:b7:14:3f:58:94:
         36:b6:0f:69:8e:fc:fa:78:f0:c1:78:7b:5a:b8:88:6e:7f:16:
         94:7a:07:51:b4:89:aa:f2:9f:94:f7:c6:9e:91:6d:57:a2:9a:
         13:e0:e9:60:50:07:97:b8:74:9f:39:dd:e1:a8:72:5e:ea:d7:
         7a:5c:71:c0:07:f8:aa:a8:36:81:d3:a7:10:3c:b6:3a:b9:43:
         48:32:3d:9f:54:67:c9:28:6b:d2:cf:04:30:12:50:32:c7:c1:
         50:7e:cc:84:15:b2:72:14:07:27:e6:e4:14:bc:24:f0:ba:63:
         e0:5b:ae:e2:46:8c:06:c1:54:1d:66:14:16:38:5c:d3:d9:81:
         2b:f1:ba:e4:f0:7c:c3:5b:22:5e:99:5a:58:07:11:87:36:13:
         24:96:d1:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncd9IWdNsauv4Ix+kkYHwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTA1MmI3YTY3OGZhYTA5N2RjYmU2NTQ3MTcwYzkxNTJi
NDZjZjEwHhcNMjYwMzI2MDAwMTA3WhcNMjYwMzI3MDAwMTA3WjAzMTEwLwYDVQQD
EyhmMjlhNWIzMjg2ZTdhYjI3ZTEwYjU5MTM4NDYyZGI0ZDVkNGM0MmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAj6nPEEzZJfjJgbWsHIl/rkeq50
lWsyUyhno41GKy5HaQeUR58ZnDeVhmhRaZawlfpViTpsY1LnvWsCad+FA59zzrJD
ZGF/huYaXm1wgB2UHR8sG15d5kQfo0iWR05GxStfeGek7jx7DKJv/0xKlsfdC8qv
C27e1N7qWJ5dqJhdEPYYO0guBlmTXmhrzzOV5kRJHBsx7b8jlJLiUUJ5uPR8b/6S
CvnXs0T4sJp9VXsUjLpmvoKsegOxH3oMeBO8CzZtJ0PDmA+LrI/aJceQBkzhbU7q
u85ALdhKcVZI3v5ZRLjjl1Ql+zRU49uCOPzgVp7eF3xXtLWI7zdRThlEUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPKaWzKG56sn4QtZE4Ri201dTEK5MB8GA1UdIwQY
MBaAFDJQUremePqgl9y+ZUcXDJFStGzxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxCU3Q2WjQtcUNYM0w1bFJ4Y01rVkswYlBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yZmQwMjMtZTY0Ni00MDZhLTg0YTUt
YmI2OTQ1YTE2ZmU3LzEvTWxCU3Q2WjQtcUNYM0w1bFJ4Y01rVkswYlBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8yZmQwMjMtZTY0Ni00MDZhLTg0YTUtYmI2OTQ1YTE2ZmU3
LzEvTWxCU3Q2WjQtcUNYM0w1bFJ4Y01rVkswYlBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAULuw5hsY
5bY0d7iHWzIyUufIUgGdHNhKQnOc8/WgLr7HWnUsiX6+c7GNrQxp2CyIs3NDO/pL
OAMJn59tMr3U7Bb8bFiF+3+qz7pwe2nbbPq7Ln70gOzBsESikPuovxAvzx4Tv+8I
bLcUP1iUNrYPaY78+njwwXh7WriIbn8WlHoHUbSJqvKflPfGnpFtV6KaE+DpYFAH
l7h0nznd4ahyXurXelxxwAf4qqg2gdOnEDy2OrlDSDI9n1RnyShr0s8EMBJQMsfB
UH7MhBWychQHJ+bkFLwk8Lpj4Fuu4kaMBsFUHWYUFjhc09mBK/G65PB8w1siXpla
WAcRhzYTJJbR+A==
-----END CERTIFICATE-----