Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft
File:                     FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft (raw, json)
Hash identifier:          QDVCgWj+GvePy5i9HLjevzeo2B1tk5DUbxSn9abHw1M=
Subject key identifier:   73:CC:C9:2E:DD:4D:13:15:54:BB:65:B4:18:3C:7D:C9:2C:86:4A:4A
Authority key identifier: 14:C7:35:25:9F:DB:7B:83:F2:77:AD:F1:2D:08:CC:98:B5:A6:10:0A
Certificate issuer:       /CN=14c735259fdb7b83f277adf12d08cc98b5a6100a
Certificate serial:       019D2704C97A902FA4CFD9442A3B62151A80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FMc1JZ_be4Pyd63xLQjMmLWmEAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft
Manifest number:          0BA7
Signing time:             Wed 25 Mar 2026 22:01:58 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:58 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:58 +0000
Files and hashes:         1: FMc1JZ_be4Pyd63xLQjMmLWmEAo.crl (hash: AKmt9EHr84OvLeFfJ9wJ+VEEDyu9noeSZx2JSiFPxlw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FMc1JZ_be4Pyd63xLQjMmLWmEAo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:c9:7a:90:2f:a4:cf:d9:44:2a:3b:62:15:1a:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14c735259fdb7b83f277adf12d08cc98b5a6100a
        Validity
            Not Before: Mar 25 22:01:58 2026 GMT
            Not After : Mar 26 22:01:58 2026 GMT
        Subject: CN=73ccc92edd4d131554bb65b4183c7dc92c864a4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:77:08:54:5f:4b:9a:bb:a1:02:e6:14:2c:6d:
                    6c:3e:e0:98:50:80:3d:5e:a8:e9:59:00:ca:92:eb:
                    85:ca:cf:0d:b9:5f:ab:02:ba:5b:ca:89:09:82:8c:
                    aa:db:d0:b0:93:81:f4:88:6d:f0:42:be:cf:42:26:
                    16:f6:af:c4:9e:4f:82:1d:8c:06:bb:03:80:f7:01:
                    1a:95:c9:f0:11:84:f9:b4:59:14:ca:ac:4b:83:43:
                    de:5d:f4:32:63:80:fc:4b:f7:45:08:10:27:d7:ff:
                    11:a0:28:e0:5b:4d:2c:c1:91:29:a0:2f:e1:55:af:
                    26:b8:81:a2:c6:54:e4:6d:9e:2c:4f:17:06:9c:5c:
                    68:71:92:ed:e8:d1:af:79:c2:34:85:1f:9e:59:28:
                    93:2b:5e:38:81:92:01:5a:1c:b0:20:d3:27:39:0d:
                    86:c8:fe:be:d6:ae:13:84:8c:59:7d:70:b0:20:5c:
                    68:4e:b6:b7:3f:40:21:d7:ce:5e:7d:58:42:df:24:
                    7a:81:48:2f:bf:74:d3:c6:7f:b8:bc:43:05:97:5f:
                    ae:ba:d4:91:4f:d5:9f:7b:fe:c2:ba:3c:5b:c9:d9:
                    d9:1a:ea:9f:20:38:3b:25:f6:31:ba:3b:61:c9:f8:
                    11:fd:8e:af:b9:17:d1:b6:b4:4d:58:dd:be:87:17:
                    75:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:CC:C9:2E:DD:4D:13:15:54:BB:65:B4:18:3C:7D:C9:2C:86:4A:4A
            X509v3 Authority Key Identifier:
                keyid:14:C7:35:25:9F:DB:7B:83:F2:77:AD:F1:2D:08:CC:98:B5:A6:10:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FMc1JZ_be4Pyd63xLQjMmLWmEAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:c5:d4:00:8c:df:8e:9f:8f:f6:5a:f2:bd:23:42:6f:1b:e4:
         3d:e8:10:4b:ab:4e:7a:d1:04:63:c0:28:84:51:9e:b2:f7:c1:
         cb:32:c0:11:86:38:12:e2:c6:af:62:00:17:3f:3b:82:25:0d:
         7b:a8:15:dc:61:19:7d:aa:20:0f:a3:ae:0b:7a:28:56:90:84:
         b5:e2:85:dd:51:5a:c5:b6:92:88:13:75:5e:cf:06:e7:72:59:
         94:94:d0:68:29:ce:ac:02:84:f3:27:39:71:27:cd:ca:e7:e2:
         8e:19:21:29:65:13:eb:6d:dc:84:c4:05:c4:f5:31:9a:a4:93:
         5c:f6:53:d8:e9:84:1d:50:fc:58:3f:72:32:50:5e:e1:d7:63:
         89:15:16:49:ed:e3:2c:9a:ba:d0:9e:83:f1:02:53:16:3d:c9:
         9c:c1:e2:e6:49:7b:52:aa:3d:9a:3c:1f:e8:0a:a9:65:10:fb:
         d5:bb:65:a6:b8:49:ea:81:c5:d3:e0:c8:45:c8:46:09:7c:11:
         fa:03:9b:9d:12:8d:2f:cc:8a:0f:58:1c:e3:7d:d3:a3:63:cd:
         29:b2:a7:e3:99:de:ea:fe:d1:9e:ed:27:16:42:fc:b0:36:82:
         27:b2:cd:8a:c9:d0:d2:25:40:dd:b9:7a:66:eb:ea:b4:50:4a:
         94:33:9d:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBMl6kC+kz9lEKjtiFRqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YzczNTI1OWZkYjdiODNmMjc3YWRmMTJkMDhjYzk4YjVh
NjEwMGEwHhcNMjYwMzI1MjIwMTU4WhcNMjYwMzI2MjIwMTU4WjAzMTEwLwYDVQQD
Eyg3M2NjYzkyZWRkNGQxMzE1NTRiYjY1YjQxODNjN2RjOTJjODY0YTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXcIVF9LmruhAuYULG1sPuCYUIA9
XqjpWQDKkuuFys8NuV+rArpbyokJgoyq29Cwk4H0iG3wQr7PQiYW9q/Enk+CHYwG
uwOA9wEalcnwEYT5tFkUyqxLg0PeXfQyY4D8S/dFCBAn1/8RoCjgW00swZEpoC/h
Va8muIGixlTkbZ4sTxcGnFxocZLt6NGvecI0hR+eWSiTK144gZIBWhywINMnOQ2G
yP6+1q4ThIxZfXCwIFxoTra3P0Ah185efVhC3yR6gUgvv3TTxn+4vEMFl1+uutSR
T9Wfe/7CujxbydnZGuqfIDg7JfYxujthyfgR/Y6vuRfRtrRNWN2+hxd1mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHPMyS7dTRMVVLtltBg8fckshkpKMB8GA1UdIwQY
MBaAFBTHNSWf23uD8net8S0IzJi1phAKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk1jMUpaX2JlNFB5ZDYzeExRak1tTFdtRUFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9kZTJiMTYtZmEyYi00YTExLTk1YWIt
ZGJlYWY3ODQ4MTdhLzEvRk1jMUpaX2JlNFB5ZDYzeExRak1tTFdtRUFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9kZTJiMTYtZmEyYi00YTExLTk1YWItZGJlYWY3ODQ4MTdh
LzEvRk1jMUpaX2JlNFB5ZDYzeExRak1tTFdtRUFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlcXUAIzf
jp+P9lryvSNCbxvkPegQS6tOetEEY8AohFGesvfByzLAEYY4EuLGr2IAFz87giUN
e6gV3GEZfaogD6OuC3ooVpCEteKF3VFaxbaSiBN1Xs8G53JZlJTQaCnOrAKE8yc5
cSfNyufijhkhKWUT623chMQFxPUxmqSTXPZT2OmEHVD8WD9yMlBe4ddjiRUWSe3j
LJq60J6D8QJTFj3JnMHi5kl7Uqo9mjwf6AqpZRD71btlprhJ6oHF0+DIRchGCXwR
+gObnRKNL8yKD1gc433To2PNKbKn45ne6v7Rnu0nFkL8sDaCJ7LNisnQ0iVA3bl6
ZuvqtFBKlDOdNQ==
-----END CERTIFICATE-----