Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/277154-efba-48ed-bb0c-650b70bad7a9/1/bQ1uHM2JDfL16cFF7LpGiZzOs70.mft
File:                     bQ1uHM2JDfL16cFF7LpGiZzOs70.mft (raw, json)
Hash identifier:          uIoWRfGyQOiVYIrzmK2MnzW/WRYOGIWiIHcnfRLh5rw=
Subject key identifier:   E7:3A:83:24:38:FB:EA:E6:29:45:F3:BE:41:3B:21:9A:D8:02:CB:CD
Authority key identifier: 6D:0D:6E:1C:CD:89:0D:F2:F5:E9:C1:45:EC:BA:46:89:9C:CE:B3:BD
Certificate issuer:       /CN=6d0d6e1ccd890df2f5e9c145ecba46899cceb3bd
Certificate serial:       019D2771C2473FD1C5A8E628A90278E5D60A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bQ1uHM2JDfL16cFF7LpGiZzOs70.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/277154-efba-48ed-bb0c-650b70bad7a9/1/bQ1uHM2JDfL16cFF7LpGiZzOs70.mft
Manifest number:          1516
Signing time:             Thu 26 Mar 2026 00:00:59 +0000
Manifest this update:     Thu 26 Mar 2026 00:00:59 +0000
Manifest next update:     Fri 27 Mar 2026 00:00:59 +0000
Files and hashes:         1: bQ1uHM2JDfL16cFF7LpGiZzOs70.crl (hash: YtXhpSqA4P9eVpY39Xh8qhF41QxFe+NYcjzdOu2Kl38=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/277154-efba-48ed-bb0c-650b70bad7a9/1/bQ1uHM2JDfL16cFF7LpGiZzOs70.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/277154-efba-48ed-bb0c-650b70bad7a9/1/bQ1uHM2JDfL16cFF7LpGiZzOs70.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bQ1uHM2JDfL16cFF7LpGiZzOs70.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:71:c2:47:3f:d1:c5:a8:e6:28:a9:02:78:e5:d6:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d0d6e1ccd890df2f5e9c145ecba46899cceb3bd
        Validity
            Not Before: Mar 26 00:00:59 2026 GMT
            Not After : Mar 27 00:00:59 2026 GMT
        Subject: CN=e73a832438fbeae62945f3be413b219ad802cbcd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:37:fc:25:0f:9e:56:2d:dc:c9:cf:25:60:34:
                    ed:ab:4c:10:c6:ba:50:0e:6c:96:07:d0:fd:e0:7e:
                    48:42:dd:cc:c3:eb:fe:7c:b3:c7:b4:5b:0c:48:6b:
                    c4:63:29:1b:46:f5:2a:10:e0:6f:f6:86:c8:cb:00:
                    e2:71:bc:75:81:8f:49:1f:2f:52:89:ca:02:60:05:
                    67:59:dc:60:3e:b0:55:29:9a:69:b4:18:38:cf:61:
                    4d:1a:c0:9b:59:3c:67:10:ae:40:6b:de:96:75:e6:
                    80:4f:02:0d:fb:78:72:2c:94:c6:e3:f8:44:e8:63:
                    c3:9a:44:98:76:33:8d:1e:c4:00:fa:86:6a:40:08:
                    ab:66:84:d1:06:ae:2f:e1:8b:10:2d:c5:48:2b:6a:
                    37:01:f3:05:65:e5:ef:fd:f3:ad:37:1d:71:ec:81:
                    78:07:ee:70:56:19:7d:4d:51:44:88:71:95:6a:76:
                    8d:4e:6f:d1:03:9b:5a:65:4c:95:0a:a8:15:5d:ec:
                    84:f1:50:b6:c0:e1:fb:92:6f:6b:34:a7:41:2c:45:
                    5d:2f:97:2a:7e:dd:5e:4c:8e:a7:84:41:b9:7d:c6:
                    87:90:2b:c3:2d:1d:6b:b3:5e:00:5c:31:14:7d:0a:
                    b1:78:9c:d7:cc:e9:bd:46:7d:cd:ca:68:1b:8c:55:
                    a5:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:3A:83:24:38:FB:EA:E6:29:45:F3:BE:41:3B:21:9A:D8:02:CB:CD
            X509v3 Authority Key Identifier:
                keyid:6D:0D:6E:1C:CD:89:0D:F2:F5:E9:C1:45:EC:BA:46:89:9C:CE:B3:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQ1uHM2JDfL16cFF7LpGiZzOs70.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/277154-efba-48ed-bb0c-650b70bad7a9/1/bQ1uHM2JDfL16cFF7LpGiZzOs70.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/277154-efba-48ed-bb0c-650b70bad7a9/1/bQ1uHM2JDfL16cFF7LpGiZzOs70.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:03:9e:17:7f:61:69:3f:45:09:41:e4:a3:3b:31:de:05:62:
         1a:4f:44:94:b3:e5:64:e3:19:d3:a2:73:46:d4:80:56:11:99:
         00:ba:96:70:93:44:65:bf:11:f0:7e:96:1b:65:f0:6a:07:49:
         6e:2b:4f:14:ea:be:6d:0c:0f:aa:67:c4:56:59:64:e3:f0:71:
         51:be:0b:ca:57:8f:a2:8b:ae:11:2a:ad:d6:24:5f:14:0f:3e:
         64:0e:cc:97:3d:71:cc:94:91:24:af:05:65:ac:7f:f3:ee:4a:
         ed:67:14:50:4e:0d:d0:c6:3b:7b:b9:51:a6:e8:c0:1b:b3:c1:
         33:7a:63:d9:b0:40:03:03:d9:77:f4:a2:33:65:89:63:53:5a:
         49:74:c5:6d:94:5d:c4:36:8c:b3:3e:a5:dd:7a:5a:89:73:2f:
         14:67:b5:76:9b:f5:14:0d:e7:5f:24:3c:e9:bd:65:96:29:8a:
         98:29:37:11:e3:db:b7:31:e5:4e:b6:53:34:ff:69:75:22:90:
         3a:0e:5f:34:10:81:40:7c:ef:80:ed:7b:aa:57:b1:3c:a5:37:
         39:87:ee:c9:44:43:99:ed:1b:e4:0e:db:c6:dc:b4:bf:f8:a3:
         1a:08:3b:5a:2b:08:64:5a:a2:db:fe:19:62:6d:62:e3:a1:6c:
         cb:15:38:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nccJHP9HFqOYoqQJ45dYKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMGQ2ZTFjY2Q4OTBkZjJmNWU5YzE0NWVjYmE0Njg5OWNj
ZWIzYmQwHhcNMjYwMzI2MDAwMDU5WhcNMjYwMzI3MDAwMDU5WjAzMTEwLwYDVQQD
EyhlNzNhODMyNDM4ZmJlYWU2Mjk0NWYzYmU0MTNiMjE5YWQ4MDJjYmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjf8JQ+eVi3cyc8lYDTtq0wQxrpQ
DmyWB9D94H5IQt3Mw+v+fLPHtFsMSGvEYykbRvUqEOBv9obIywDicbx1gY9JHy9S
icoCYAVnWdxgPrBVKZpptBg4z2FNGsCbWTxnEK5Aa96WdeaATwIN+3hyLJTG4/hE
6GPDmkSYdjONHsQA+oZqQAirZoTRBq4v4YsQLcVIK2o3AfMFZeXv/fOtNx1x7IF4
B+5wVhl9TVFEiHGVanaNTm/RA5taZUyVCqgVXeyE8VC2wOH7km9rNKdBLEVdL5cq
ft1eTI6nhEG5fcaHkCvDLR1rs14AXDEUfQqxeJzXzOm9Rn3NymgbjFWlRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOc6gyQ4++rmKUXzvkE7IZrYAsvNMB8GA1UdIwQY
MBaAFG0NbhzNiQ3y9enBRey6RomczrO9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlExdUhNMkpEZkwxNmNGRjdMcEdpWnpPczcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8yNzcxNTQtZWZiYS00OGVkLWJiMGMt
NjUwYjcwYmFkN2E5LzEvYlExdUhNMkpEZkwxNmNGRjdMcEdpWnpPczcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8yNzcxNTQtZWZiYS00OGVkLWJiMGMtNjUwYjcwYmFkN2E5
LzEvYlExdUhNMkpEZkwxNmNGRjdMcEdpWnpPczcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACwOeF39h
aT9FCUHkozsx3gViGk9ElLPlZOMZ06JzRtSAVhGZALqWcJNEZb8R8H6WG2XwagdJ
bitPFOq+bQwPqmfEVllk4/BxUb4LylePoouuESqt1iRfFA8+ZA7Mlz1xzJSRJK8F
Zax/8+5K7WcUUE4N0MY7e7lRpujAG7PBM3pj2bBAAwPZd/SiM2WJY1NaSXTFbZRd
xDaMsz6l3XpaiXMvFGe1dpv1FA3nXyQ86b1llimKmCk3EePbtzHlTrZTNP9pdSKQ
Og5fNBCBQHzvgO17qlexPKU3OYfuyURDme0b5A7bxty0v/ijGgg7WisIZFqi2/4Z
Ym1i46FsyxU4cg==
-----END CERTIFICATE-----