Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/10a99c-1025-4da4-aef1-0251ae65aded/1/scl7vq9wVQohl7zw4nY0NapJcIo.mft
File:                     scl7vq9wVQohl7zw4nY0NapJcIo.mft (raw, json)
Hash identifier:          LmYPoeVKiRaczYNlDvbygsMfsJp0UVJJC59g22bOx2s=
Subject key identifier:   7E:0A:2A:03:65:7B:9A:34:D2:25:B2:26:92:93:E0:B8:9D:A8:35:38
Authority key identifier: B1:C9:7B:BE:AF:70:55:0A:21:97:BC:F0:E2:76:34:35:AA:49:70:8A
Certificate issuer:       /CN=b1c97bbeaf70550a2197bcf0e2763435aa49708a
Certificate serial:       019D28F2889732C4CDF83D0A29DA7DAA93AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/scl7vq9wVQohl7zw4nY0NapJcIo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/10a99c-1025-4da4-aef1-0251ae65aded/1/scl7vq9wVQohl7zw4nY0NapJcIo.mft
Manifest number:          0200
Signing time:             Thu 26 Mar 2026 07:01:16 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:16 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:16 +0000
Files and hashes:         1: scl7vq9wVQohl7zw4nY0NapJcIo.crl (hash: 9aTD6wOwkf3fuLCCCXhsrGwybXJ7SDPKLhqIcFkjPqM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/10a99c-1025-4da4-aef1-0251ae65aded/1/scl7vq9wVQohl7zw4nY0NapJcIo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/10a99c-1025-4da4-aef1-0251ae65aded/1/scl7vq9wVQohl7zw4nY0NapJcIo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/scl7vq9wVQohl7zw4nY0NapJcIo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:88:97:32:c4:cd:f8:3d:0a:29:da:7d:aa:93:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1c97bbeaf70550a2197bcf0e2763435aa49708a
        Validity
            Not Before: Mar 26 07:01:16 2026 GMT
            Not After : Mar 27 07:01:16 2026 GMT
        Subject: CN=7e0a2a03657b9a34d225b2269293e0b89da83538
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:c3:54:85:d1:73:13:02:8d:0e:b7:11:5c:31:
                    01:7f:9d:2b:ca:c6:81:81:a5:1e:e2:86:e6:e1:0e:
                    4f:b2:6d:d1:bf:54:52:39:c7:f3:2b:b4:b8:c9:9f:
                    67:e4:c6:0b:3a:63:64:b6:ca:9d:c5:ae:f6:10:65:
                    c7:b8:6d:65:c1:6f:25:75:d2:fa:97:0b:75:e7:b6:
                    4f:bb:6b:aa:ac:66:6b:da:a5:35:da:7f:95:a5:2b:
                    bb:53:64:80:af:be:22:53:a2:b4:17:7c:79:8d:8c:
                    47:00:03:46:3d:e0:bb:ae:26:e4:2b:73:05:2f:10:
                    62:76:40:8b:8a:a8:d6:79:a2:fe:1b:0f:c0:b3:2b:
                    7e:25:7e:22:46:21:5e:f2:90:18:74:9a:9a:76:ea:
                    66:d6:1a:45:b0:e6:58:3d:b5:aa:be:a5:42:ce:fe:
                    68:d9:ba:ef:28:8c:c9:5c:da:57:e4:0a:a4:b1:e8:
                    c2:c5:c9:cc:a1:9c:a8:13:0d:40:c1:90:ec:dc:d3:
                    05:ec:bb:55:9b:4a:b5:51:1d:40:78:38:8a:3c:16:
                    36:0a:b3:9e:85:fb:bc:c8:81:16:26:dc:a3:3c:b0:
                    60:bf:b2:7f:bf:c5:e1:5e:93:8e:31:0d:1f:7b:47:
                    78:01:af:8c:b8:43:f3:4f:da:45:01:df:f1:fa:da:
                    1e:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:0A:2A:03:65:7B:9A:34:D2:25:B2:26:92:93:E0:B8:9D:A8:35:38
            X509v3 Authority Key Identifier:
                keyid:B1:C9:7B:BE:AF:70:55:0A:21:97:BC:F0:E2:76:34:35:AA:49:70:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/scl7vq9wVQohl7zw4nY0NapJcIo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/10a99c-1025-4da4-aef1-0251ae65aded/1/scl7vq9wVQohl7zw4nY0NapJcIo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/10a99c-1025-4da4-aef1-0251ae65aded/1/scl7vq9wVQohl7zw4nY0NapJcIo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:5a:07:db:d5:7f:f6:97:66:c3:06:f6:16:5d:a4:20:86:cb:
         53:92:c1:7d:9f:0e:30:a9:41:c2:b7:4d:26:87:37:91:f0:26:
         64:2b:fe:90:f1:1e:db:ad:7e:37:4f:38:03:ce:7a:ba:2b:17:
         b3:24:d0:a4:5f:0f:93:7c:35:59:21:06:d2:49:5a:30:be:a9:
         50:9a:45:d4:d0:9c:f8:5b:6b:4e:a3:59:9a:aa:1e:1c:8c:f4:
         b9:cf:3d:41:ec:97:dd:99:5c:83:b5:ad:21:79:6a:40:72:55:
         82:d9:d2:4e:69:41:e9:cb:23:22:e9:bd:59:3e:fa:a4:6e:53:
         e2:c6:cf:f4:b4:b3:87:95:b6:10:90:35:19:b3:3a:ef:04:13:
         d1:58:1d:e9:bb:3b:1f:43:1c:df:a9:ec:d9:fe:11:45:8f:e9:
         62:d1:7a:b7:66:2b:27:75:e6:dc:a8:87:df:9a:50:0e:25:ff:
         a4:09:91:fc:f0:1c:9f:fd:fe:35:35:ba:ff:c2:96:49:8f:d5:
         0d:97:90:c9:8c:be:ef:3b:6a:63:df:28:e7:b7:32:05:2e:35:
         3e:c4:52:66:85:cb:a6:e2:48:a7:d9:92:15:25:ca:6f:2f:db:
         d7:8a:47:fd:c0:87:ff:a1:65:c2:50:f4:25:22:22:93:fe:30:
         02:84:af:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8oiXMsTN+D0KKdp9qpOuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYzk3YmJlYWY3MDU1MGEyMTk3YmNmMGUyNzYzNDM1YWE0
OTcwOGEwHhcNMjYwMzI2MDcwMTE2WhcNMjYwMzI3MDcwMTE2WjAzMTEwLwYDVQQD
Eyg3ZTBhMmEwMzY1N2I5YTM0ZDIyNWIyMjY5MjkzZTBiODlkYTgzNTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sNUhdFzEwKNDrcRXDEBf50rysaB
gaUe4obm4Q5Psm3Rv1RSOcfzK7S4yZ9n5MYLOmNktsqdxa72EGXHuG1lwW8lddL6
lwt157ZPu2uqrGZr2qU12n+VpSu7U2SAr74iU6K0F3x5jYxHAANGPeC7ribkK3MF
LxBidkCLiqjWeaL+Gw/Asyt+JX4iRiFe8pAYdJqadupm1hpFsOZYPbWqvqVCzv5o
2brvKIzJXNpX5AqksejCxcnMoZyoEw1AwZDs3NMF7LtVm0q1UR1AeDiKPBY2CrOe
hfu8yIEWJtyjPLBgv7J/v8XhXpOOMQ0fe0d4Aa+MuEPzT9pFAd/x+toeawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH4KKgNle5o00iWyJpKT4LidqDU4MB8GA1UdIwQY
MBaAFLHJe76vcFUKIZe88OJ2NDWqSXCKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2NsN3ZxOXdWUW9obDd6dzRuWTBOYXBKY0lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xMGE5OWMtMTAyNS00ZGE0LWFlZjEt
MDI1MWFlNjVhZGVkLzEvc2NsN3ZxOXdWUW9obDd6dzRuWTBOYXBKY0lvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xMGE5OWMtMTAyNS00ZGE0LWFlZjEtMDI1MWFlNjVhZGVk
LzEvc2NsN3ZxOXdWUW9obDd6dzRuWTBOYXBKY0lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf1oH29V/
9pdmwwb2Fl2kIIbLU5LBfZ8OMKlBwrdNJoc3kfAmZCv+kPEe261+N084A856uisX
syTQpF8Pk3w1WSEG0klaML6pUJpF1NCc+FtrTqNZmqoeHIz0uc89QeyX3Zlcg7Wt
IXlqQHJVgtnSTmlB6csjIum9WT76pG5T4sbP9LSzh5W2EJA1GbM67wQT0Vgd6bs7
H0Mc36ns2f4RRY/pYtF6t2YrJ3Xm3KiH35pQDiX/pAmR/PAcn/3+NTW6/8KWSY/V
DZeQyYy+7ztqY98o57cyBS41PsRSZoXLpuJIp9mSFSXKby/b14pH/cCH/6FlwlD0
JSIik/4wAoSvjQ==
-----END CERTIFICATE-----