Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
File:                     A2loTGfKqZ_8AYS-rMrw6oipISk.mft (raw, json)
Hash identifier:          W+FzFairk7NJvlX9nOs1g3ETPXTutU6F6QOuLoQj4Z0=
Subject key identifier:   F8:7D:98:EC:6D:85:E8:1E:B0:4E:98:E3:BE:E9:A0:AA:56:4A:4C:E6
Authority key identifier: 03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29
Certificate issuer:       /CN=0369684c67caa99ffc0184beaccaf0ea88a92129
Certificate serial:       019D258399120618551BC0752720F6732B59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
Manifest number:          0B5C
Signing time:             Wed 25 Mar 2026 15:01:14 +0000
Manifest this update:     Wed 25 Mar 2026 15:01:14 +0000
Manifest next update:     Thu 26 Mar 2026 15:01:14 +0000
Files and hashes:         1: A2loTGfKqZ_8AYS-rMrw6oipISk.crl (hash: +HWEVsE3VcJEOmRq+otiglVfP9uVImtveho43fJlVm4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:83:99:12:06:18:55:1b:c0:75:27:20:f6:73:2b:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0369684c67caa99ffc0184beaccaf0ea88a92129
        Validity
            Not Before: Mar 25 15:01:14 2026 GMT
            Not After : Mar 26 15:01:14 2026 GMT
        Subject: CN=f87d98ec6d85e81eb04e98e3bee9a0aa564a4ce6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:41:91:4c:6e:d7:7c:79:0f:c9:b3:1b:38:7c:
                    85:aa:b5:68:08:f0:9c:27:42:1e:84:ae:11:a3:b3:
                    df:20:a1:7f:4c:ba:53:30:4a:8a:75:e5:ff:bc:f0:
                    9a:36:07:3f:6b:d0:8b:6a:e7:a3:b2:c1:38:0c:6f:
                    ea:c7:2f:f4:cf:80:f5:69:f5:4e:5e:93:4b:bb:70:
                    ed:c3:a2:d4:8a:13:cf:3a:87:83:1c:af:1f:94:ca:
                    0b:8a:dd:44:ef:8a:ff:86:70:97:08:76:bb:d2:b6:
                    d4:56:ba:75:18:be:d4:3e:55:8a:23:a8:0a:fc:43:
                    a5:5d:cc:55:9d:33:01:be:23:be:55:68:7f:e8:c8:
                    a6:8a:aa:59:af:ae:6e:37:04:a4:64:6a:92:2e:9e:
                    15:a9:b8:63:f7:3c:ac:ac:a4:18:25:1f:2f:46:e8:
                    34:57:3c:dd:92:68:6b:0f:ad:16:17:95:f1:81:24:
                    b0:b0:2b:61:b5:11:d3:c4:b4:32:03:7e:bc:7f:5f:
                    51:92:d3:f6:be:08:f1:c4:7e:33:cb:b5:01:d2:d4:
                    7c:f7:76:6b:aa:2c:28:8a:63:31:c0:9b:cf:48:b9:
                    c1:5a:dc:b3:9e:5a:12:30:00:a2:c1:88:6c:d4:dd:
                    00:2d:b1:1c:f3:75:cd:55:64:5b:f2:69:1a:f2:5d:
                    c1:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:7D:98:EC:6D:85:E8:1E:B0:4E:98:E3:BE:E9:A0:AA:56:4A:4C:E6
            X509v3 Authority Key Identifier:
                keyid:03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:76:1a:0e:ec:a1:6b:a9:29:ff:90:ac:61:26:4e:16:41:7b:
         8f:94:4e:b6:f3:49:00:15:d7:0f:43:8a:34:98:ed:dd:df:b2:
         15:7c:aa:82:45:71:04:87:8d:56:ff:ed:93:e9:43:d0:77:ad:
         b4:7a:2f:a9:35:b0:e5:f6:f4:d8:88:4e:34:e4:c9:5f:07:70:
         b7:a3:0e:66:f0:36:80:fe:5b:a9:80:62:d6:24:c0:1b:9b:a4:
         e6:c2:75:5e:fe:a1:29:ca:9d:22:23:08:ac:e3:6a:cb:bb:c8:
         b6:42:9c:ac:68:4b:28:ac:34:a8:c1:85:73:cd:12:54:3f:8f:
         d0:cb:fc:9c:bb:0e:12:36:36:dd:97:6f:8f:55:2e:e0:4d:c7:
         af:db:c9:d9:01:9a:d1:fb:e9:2e:8b:d9:c2:33:be:6b:59:13:
         11:0e:3a:a5:76:f9:4e:67:66:df:b7:e4:8b:40:bc:3d:be:b4:
         7e:d3:9d:9a:79:5c:b5:e5:8d:cf:4a:07:2f:2e:d0:a7:26:a8:
         c9:36:22:16:c4:cb:a8:c0:66:bf:16:13:a0:5b:f0:9c:a5:83:
         96:3b:7d:ad:4c:0e:35:63:21:15:21:69:5d:49:83:20:06:19:
         d7:a1:30:75:74:c2:13:08:23:23:7a:dc:d3:1d:59:5c:62:70:
         74:38:c3:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lg5kSBhhVG8B1JyD2cytZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNjk2ODRjNjdjYWE5OWZmYzAxODRiZWFjY2FmMGVhODhh
OTIxMjkwHhcNMjYwMzI1MTUwMTE0WhcNMjYwMzI2MTUwMTE0WjAzMTEwLwYDVQQD
EyhmODdkOThlYzZkODVlODFlYjA0ZTk4ZTNiZWU5YTBhYTU2NGE0Y2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUGRTG7XfHkPybMbOHyFqrVoCPCc
J0IehK4Ro7PfIKF/TLpTMEqKdeX/vPCaNgc/a9CLauejssE4DG/qxy/0z4D1afVO
XpNLu3Dtw6LUihPPOoeDHK8flMoLit1E74r/hnCXCHa70rbUVrp1GL7UPlWKI6gK
/EOlXcxVnTMBviO+VWh/6MimiqpZr65uNwSkZGqSLp4Vqbhj9zysrKQYJR8vRug0
VzzdkmhrD60WF5XxgSSwsCthtRHTxLQyA368f19RktP2vgjxxH4zy7UB0tR893Zr
qiwoimMxwJvPSLnBWtyznloSMACiwYhs1N0ALbEc83XNVWRb8mka8l3BpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPh9mOxthegesE6Y477poKpWSkzmMB8GA1UdIwQY
MBaAFANpaExnyqmf/AGEvqzK8OqIqSEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUt
MTU3NTYyNDk5OTA4LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUtMTU3NTYyNDk5OTA4
LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQHYaDuyh
a6kp/5CsYSZOFkF7j5ROtvNJABXXD0OKNJjt3d+yFXyqgkVxBIeNVv/tk+lD0Het
tHovqTWw5fb02IhONOTJXwdwt6MOZvA2gP5bqYBi1iTAG5uk5sJ1Xv6hKcqdIiMI
rONqy7vItkKcrGhLKKw0qMGFc80SVD+P0Mv8nLsOEjY23Zdvj1Uu4E3Hr9vJ2QGa
0fvpLovZwjO+a1kTEQ46pXb5Tmdm37fki0C8Pb60ftOdmnlcteWNz0oHLy7Qpyao
yTYiFsTLqMBmvxYToFvwnKWDljt9rUwONWMhFSFpXUmDIAYZ16EwdXTCEwgjI3rc
0x1ZXGJwdDjDyg==
-----END CERTIFICATE-----