Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.mft
File:                     2Bytep8KCbPVTabNzedDEvrMbXc.mft (raw, json)
Hash identifier:          rCwPSlVCvPQDj9pQLyCybLFcK/WNdyGN2jN+Q/xnMyA=
Subject key identifier:   41:B2:D8:7D:F8:08:6B:91:F7:43:41:3B:C0:0B:45:A9:98:00:BF:91
Authority key identifier: D8:1C:AD:7A:9F:0A:09:B3:D5:4D:A6:CD:CD:E7:43:12:FA:CC:6D:77
Certificate issuer:       /CN=d81cad7a9f0a09b3d54da6cdcde74312facc6d77
Certificate serial:       019D27721B8426E3B3FF3C1B092DF2514610
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Bytep8KCbPVTabNzedDEvrMbXc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.mft
Manifest number:          0AF0
Signing time:             Thu 26 Mar 2026 00:01:22 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:22 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:22 +0000
Files and hashes:         1: 2Bytep8KCbPVTabNzedDEvrMbXc.crl (hash: a4w7namNAvM/04BJM+JAXPLFk3xicGk3pEtq4Xt7YT4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Bytep8KCbPVTabNzedDEvrMbXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:1b:84:26:e3:b3:ff:3c:1b:09:2d:f2:51:46:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d81cad7a9f0a09b3d54da6cdcde74312facc6d77
        Validity
            Not Before: Mar 26 00:01:22 2026 GMT
            Not After : Mar 27 00:01:22 2026 GMT
        Subject: CN=41b2d87df8086b91f743413bc00b45a99800bf91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:a0:46:17:ce:ca:81:dc:4a:0f:0d:6b:bd:db:
                    88:51:0f:c3:cf:2d:7d:19:2a:59:5d:a3:03:b7:cf:
                    d9:00:01:21:e7:8f:e4:10:26:0f:00:f9:de:52:5a:
                    12:1f:05:a8:9d:67:ac:b3:51:1d:13:5e:09:55:e8:
                    7d:b4:33:7c:57:d9:dd:8c:e2:c4:c6:7a:0d:04:b0:
                    98:55:b4:12:0d:b2:dc:4f:d8:1d:a6:5a:14:86:17:
                    ef:9c:2b:0a:13:2a:0c:a6:38:f4:2c:04:ad:24:5d:
                    d7:b6:ec:fe:89:3b:f1:ce:f9:d3:ac:06:d0:b9:00:
                    07:e9:9f:ef:17:98:ce:d9:e2:fc:c8:66:5e:cc:c7:
                    3a:88:25:1c:6f:61:f3:0d:07:77:6f:cd:97:1f:91:
                    e5:a7:08:2c:6b:df:f0:b7:e9:fa:93:0e:66:cf:04:
                    0a:b1:12:d1:1f:d6:74:95:dc:5c:f9:37:fb:c7:dc:
                    5b:b4:3d:b6:bf:ae:29:51:96:64:3a:2e:86:7f:c1:
                    26:8a:d9:63:55:db:7f:00:ed:82:99:47:3f:4e:93:
                    20:5b:3c:f2:03:b1:07:5e:66:64:ce:0c:ba:05:2f:
                    88:b4:76:1c:5a:7e:86:b2:28:6e:77:1f:38:9e:24:
                    4b:4e:7c:04:25:0a:bb:b4:c7:bd:cd:f3:07:07:a7:
                    7d:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:B2:D8:7D:F8:08:6B:91:F7:43:41:3B:C0:0B:45:A9:98:00:BF:91
            X509v3 Authority Key Identifier:
                keyid:D8:1C:AD:7A:9F:0A:09:B3:D5:4D:A6:CD:CD:E7:43:12:FA:CC:6D:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Bytep8KCbPVTabNzedDEvrMbXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:3b:92:96:b6:15:11:f0:c5:ec:fe:f8:49:c1:aa:da:7b:5d:
         e6:84:d7:95:08:60:d6:65:8f:7a:09:d0:8c:22:4b:77:62:1f:
         2f:24:6a:7c:f3:96:a5:54:3e:0b:d5:31:f5:fb:36:c4:c8:ae:
         2e:b4:4c:39:99:d0:97:df:9b:1e:4f:50:31:08:64:8f:a6:61:
         93:33:07:a2:f6:e6:53:fe:8f:d8:0e:59:b7:4a:ef:1a:b2:c3:
         4b:d5:63:88:c6:8c:13:25:72:ee:80:ff:2e:a6:88:79:6a:6c:
         7d:a0:eb:a8:9c:e8:dd:29:56:37:ec:da:67:c5:7c:dd:2d:55:
         90:ad:88:09:8b:0f:48:64:a7:92:c6:7b:f5:7c:c2:2f:77:27:
         03:53:42:28:ed:d4:aa:d9:51:cc:29:b9:7a:6c:d4:b9:95:04:
         6f:12:21:f7:7d:4f:ee:cd:9a:95:ee:8e:da:ac:69:72:da:19:
         2e:54:12:cb:20:56:a2:d7:8d:98:5d:2a:38:7c:ff:e2:a0:5e:
         10:e6:46:c5:b1:0e:29:d3:ae:7a:ac:6f:60:8b:8a:3f:e8:78:
         c1:e2:03:93:3a:fb:6b:78:c1:dd:c1:9c:a5:2b:5c:72:49:85:
         3e:36:33:0f:47:67:fe:a2:be:62:30:89:71:93:d2:d4:ba:ac:
         7a:37:e0:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nchuEJuOz/zwbCS3yUUYQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MWNhZDdhOWYwYTA5YjNkNTRkYTZjZGNkZTc0MzEyZmFj
YzZkNzcwHhcNMjYwMzI2MDAwMTIyWhcNMjYwMzI3MDAwMTIyWjAzMTEwLwYDVQQD
Eyg0MWIyZDg3ZGY4MDg2YjkxZjc0MzQxM2JjMDBiNDVhOTk4MDBiZjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKBGF87KgdxKDw1rvduIUQ/Dzy19
GSpZXaMDt8/ZAAEh54/kECYPAPneUloSHwWonWess1EdE14JVeh9tDN8V9ndjOLE
xnoNBLCYVbQSDbLcT9gdploUhhfvnCsKEyoMpjj0LAStJF3Xtuz+iTvxzvnTrAbQ
uQAH6Z/vF5jO2eL8yGZezMc6iCUcb2HzDQd3b82XH5Hlpwgsa9/wt+n6kw5mzwQK
sRLRH9Z0ldxc+Tf7x9xbtD22v64pUZZkOi6Gf8EmitljVdt/AO2CmUc/TpMgWzzy
A7EHXmZkzgy6BS+ItHYcWn6Gsihudx84niRLTnwEJQq7tMe9zfMHB6d9AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEGy2H34CGuR90NBO8ALRamYAL+RMB8GA1UdIwQY
MBaAFNgcrXqfCgmz1U2mzc3nQxL6zG13MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJ5dGVwOEtDYlBWVGFiTnplZERFdnJNYlhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS82ZmVmMmYtYTc0OC00Nzk2LTk2YTAt
ZDNlYTcwN2M4ZjE4LzEvMkJ5dGVwOEtDYlBWVGFiTnplZERFdnJNYlhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS82ZmVmMmYtYTc0OC00Nzk2LTk2YTAtZDNlYTcwN2M4ZjE4
LzEvMkJ5dGVwOEtDYlBWVGFiTnplZERFdnJNYlhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACzuSlrYV
EfDF7P74ScGq2ntd5oTXlQhg1mWPegnQjCJLd2IfLyRqfPOWpVQ+C9Ux9fs2xMiu
LrRMOZnQl9+bHk9QMQhkj6ZhkzMHovbmU/6P2A5Zt0rvGrLDS9VjiMaMEyVy7oD/
LqaIeWpsfaDrqJzo3SlWN+zaZ8V83S1VkK2ICYsPSGSnksZ79XzCL3cnA1NCKO3U
qtlRzCm5emzUuZUEbxIh931P7s2ale6O2qxpctoZLlQSyyBWoteNmF0qOHz/4qBe
EOZGxbEOKdOueqxvYIuKP+h4weIDkzr7a3jB3cGcpStcckmFPjYzD0dn/qK+YjCJ
cZPS1LqsejfgiQ==
-----END CERTIFICATE-----