Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
File:                     s1IytLD6jIPU_4wSROhk67yt1os.mft (raw, json)
Hash identifier:          Sfoh4U1oa1ciHnBsNSck5Pgz9ttBNG9DBc/vbKJeHvE=
Subject key identifier:   B7:9B:34:1E:5D:CB:62:ED:E4:24:24:DA:1E:20:70:A4:30:F1:7D:A1
Authority key identifier: B3:52:32:B4:B0:FA:8C:83:D4:FF:8C:12:44:E8:64:EB:BC:AD:D6:8B
Certificate issuer:       /CN=b35232b4b0fa8c83d4ff8c1244e864ebbcadd68b
Certificate serial:       019D2AE10102D815DD2B4746C8D87BE50B3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
Manifest number:          12FF
Signing time:             Thu 26 Mar 2026 16:01:22 +0000
Manifest this update:     Thu 26 Mar 2026 16:01:22 +0000
Manifest next update:     Fri 27 Mar 2026 16:01:22 +0000
Files and hashes:         1: s1IytLD6jIPU_4wSROhk67yt1os.crl (hash: lrC62R+QzzaB1Sx/eG+JPSUK67nAKYZHw1pYjOAGZ2k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e1:01:02:d8:15:dd:2b:47:46:c8:d8:7b:e5:0b:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b35232b4b0fa8c83d4ff8c1244e864ebbcadd68b
        Validity
            Not Before: Mar 26 16:01:22 2026 GMT
            Not After : Mar 27 16:01:22 2026 GMT
        Subject: CN=b79b341e5dcb62ede42424da1e2070a430f17da1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:70:bb:ec:d7:1d:73:36:2d:e0:f9:f7:6c:83:
                    86:52:ad:73:02:7e:e2:99:12:14:4b:a5:0d:78:87:
                    1d:23:9a:e1:64:68:50:8f:48:ed:fb:0d:1d:21:8f:
                    b7:b7:6b:a1:f6:2f:54:69:63:26:83:b7:3c:6c:1b:
                    e1:18:49:28:5e:fd:54:a2:c7:d3:aa:1a:53:f3:f7:
                    fd:37:21:dd:ef:be:a3:42:0b:3f:f5:d8:27:6d:48:
                    7c:98:a6:9c:66:cc:94:e1:0c:89:6f:0b:29:7f:72:
                    58:0d:28:83:ba:03:70:79:9f:a0:dc:4b:24:cf:44:
                    de:71:4b:1f:0d:4b:10:76:f9:0b:88:39:d0:91:a3:
                    f2:e4:af:a9:21:bc:61:a8:88:7a:66:70:ab:e2:07:
                    cb:6a:fa:c9:01:23:dd:90:b7:37:7f:ec:d6:c2:c7:
                    e5:49:4e:26:3a:97:91:73:93:03:bc:58:04:67:fb:
                    f0:f9:69:34:75:7e:d4:58:65:80:f1:00:d9:25:6f:
                    9c:99:4e:92:ff:88:ef:7b:c3:b1:23:21:c4:b7:48:
                    1b:30:ed:cc:b0:a4:79:f9:e4:77:e5:ab:5f:f4:b5:
                    bc:23:a1:f2:ef:da:4f:25:d6:cd:d0:3e:37:30:cf:
                    91:4b:91:62:20:33:f2:11:c8:d0:64:49:69:fe:37:
                    be:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:9B:34:1E:5D:CB:62:ED:E4:24:24:DA:1E:20:70:A4:30:F1:7D:A1
            X509v3 Authority Key Identifier:
                keyid:B3:52:32:B4:B0:FA:8C:83:D4:FF:8C:12:44:E8:64:EB:BC:AD:D6:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:14:d6:96:da:26:71:32:96:6d:41:4c:aa:e5:93:c1:1d:43:
         f6:b3:5e:e0:1b:d8:b4:fb:cf:66:2b:27:12:8f:bc:73:e3:27:
         a0:83:83:e3:85:be:d8:1a:92:1e:16:56:c5:12:47:6d:84:c7:
         a7:e7:20:b8:42:2e:46:36:60:b5:9a:0c:78:09:1c:54:89:43:
         63:fe:f3:cf:3c:41:91:bd:8c:8d:94:6d:15:36:32:25:23:30:
         12:ce:37:69:27:b3:08:34:c7:b2:c9:51:af:02:9c:36:33:bd:
         c8:51:7d:95:72:44:a1:d7:ac:af:a7:da:76:04:3a:8b:12:27:
         c0:1e:d7:b3:3c:29:42:55:24:cf:2a:e4:bc:72:ea:5b:e1:1c:
         44:1e:fa:c3:d7:e2:e9:8e:a2:58:a0:32:28:cb:6d:7b:f7:a1:
         8e:69:db:cf:33:6c:57:94:32:fd:45:2b:73:e5:ec:fc:2c:f8:
         c8:78:63:f7:be:06:85:07:b4:af:14:e5:2b:15:08:2f:e8:cc:
         f8:c6:3d:f2:f1:d5:fb:94:ce:9b:9e:17:3e:1a:99:2c:01:43:
         e9:78:c5:07:69:4f:89:48:66:d4:d5:8e:b5:8f:83:8c:6d:85:
         79:04:f0:84:0f:64:9e:59:0e:8a:5c:f8:68:b0:6c:9a:28:87:
         36:8e:a6:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4QEC2BXdK0dGyNh75Qs8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTIzMmI0YjBmYThjODNkNGZmOGMxMjQ0ZTg2NGViYmNh
ZGQ2OGIwHhcNMjYwMzI2MTYwMTIyWhcNMjYwMzI3MTYwMTIyWjAzMTEwLwYDVQQD
EyhiNzliMzQxZTVkY2I2MmVkZTQyNDI0ZGExZTIwNzBhNDMwZjE3ZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXC77NcdczYt4Pn3bIOGUq1zAn7i
mRIUS6UNeIcdI5rhZGhQj0jt+w0dIY+3t2uh9i9UaWMmg7c8bBvhGEkoXv1UosfT
qhpT8/f9NyHd776jQgs/9dgnbUh8mKacZsyU4QyJbwspf3JYDSiDugNweZ+g3Esk
z0TecUsfDUsQdvkLiDnQkaPy5K+pIbxhqIh6ZnCr4gfLavrJASPdkLc3f+zWwsfl
SU4mOpeRc5MDvFgEZ/vw+Wk0dX7UWGWA8QDZJW+cmU6S/4jve8OxIyHEt0gbMO3M
sKR5+eR35atf9LW8I6Hy79pPJdbN0D43MM+RS5FiIDPyEcjQZElp/je+mwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLebNB5dy2Lt5CQk2h4gcKQw8X2hMB8GA1UdIwQY
MBaAFLNSMrSw+oyD1P+MEkToZOu8rdaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iZDlmZDgtYTM0Ni00NTllLTgzOGEt
YjkxMjJlNTIxMDU4LzEvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iZDlmZDgtYTM0Ni00NTllLTgzOGEtYjkxMjJlNTIxMDU4
LzEvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUhTWltom
cTKWbUFMquWTwR1D9rNe4BvYtPvPZisnEo+8c+MnoIOD44W+2BqSHhZWxRJHbYTH
p+cguEIuRjZgtZoMeAkcVIlDY/7zzzxBkb2MjZRtFTYyJSMwEs43aSezCDTHsslR
rwKcNjO9yFF9lXJEodesr6fadgQ6ixInwB7XszwpQlUkzyrkvHLqW+EcRB76w9fi
6Y6iWKAyKMtte/ehjmnbzzNsV5Qy/UUrc+Xs/Cz4yHhj974GhQe0rxTlKxUIL+jM
+MY98vHV+5TOm54XPhqZLAFD6XjFB2lPiUhm1NWOtY+DjG2FeQTwhA9knlkOilz4
aLBsmiiHNo6m+g==
-----END CERTIFICATE-----