Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
File:                     bP-QsXePU3Q_kng8rxdIouzWaKA.mft (raw, json)
Hash identifier:          ocOSA4+iVNrsOy4yoIpypWC4YiND2cejnue63OnGi8U=
Subject key identifier:   6D:2C:6E:A8:FE:9F:3F:C9:EC:DC:88:4C:76:A2:32:01:C2:A4:63:53
Authority key identifier: 6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0
Certificate issuer:       /CN=6cff90b1778f53743f92783caf1748a2ecd668a0
Certificate serial:       019D37F784B9DEB82C0BBAEF1ADE405EBACC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
Manifest number:          05A3
Signing time:             Sun 29 Mar 2026 05:01:01 +0000
Manifest this update:     Sun 29 Mar 2026 05:01:01 +0000
Manifest next update:     Mon 30 Mar 2026 05:01:01 +0000
Files and hashes:         1: bP-QsXePU3Q_kng8rxdIouzWaKA.crl (hash: jFwWKc8vvbcWB5GUnkxN2HQ2FgXRdVVvoDZFzdDBwuY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 05:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:f7:84:b9:de:b8:2c:0b:ba:ef:1a:de:40:5e:ba:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cff90b1778f53743f92783caf1748a2ecd668a0
        Validity
            Not Before: Mar 29 05:01:01 2026 GMT
            Not After : Mar 30 05:01:01 2026 GMT
        Subject: CN=6d2c6ea8fe9f3fc9ecdc884c76a23201c2a46353
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:3b:00:18:0c:76:e7:69:0b:73:f2:f3:45:bd:
                    1c:dd:34:e2:8b:75:c4:8f:83:5f:b7:0d:70:9e:d4:
                    15:b8:6c:78:1a:1a:71:5f:df:f6:22:75:e8:c8:c4:
                    e9:42:58:22:3c:ff:22:f6:54:39:36:4b:52:35:71:
                    9c:fc:5f:2f:ad:a9:12:2e:94:8d:ed:90:d7:1c:3c:
                    4e:4c:a1:c1:e5:db:b9:34:33:f5:7d:64:b0:69:84:
                    9c:79:09:bd:3d:19:58:f3:77:b4:c6:38:bc:fa:8c:
                    84:02:35:0d:6d:4b:dd:25:38:6e:5f:16:26:96:79:
                    d1:b5:4a:1a:d5:55:74:05:a5:60:e6:06:5d:9f:c3:
                    68:0c:32:91:18:ea:b1:d9:ef:91:ff:32:20:7f:69:
                    a1:20:cc:f2:28:e2:e8:ae:3a:97:1c:20:8b:35:9f:
                    9f:2f:43:e0:63:06:b2:be:7c:22:2a:78:3c:1f:9e:
                    99:ee:a0:2e:6a:7f:b2:66:ca:39:f8:f0:62:6a:87:
                    95:0a:6d:3b:7d:e9:7c:00:4b:72:66:01:c7:cc:27:
                    2a:43:26:4c:48:e3:ac:88:6a:9f:32:c7:93:af:82:
                    54:d3:5d:6c:f1:cb:48:a6:06:ec:ca:7e:56:33:53:
                    29:a5:cf:e8:ca:6f:dc:a5:ad:f2:d3:49:e1:86:54:
                    6c:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:2C:6E:A8:FE:9F:3F:C9:EC:DC:88:4C:76:A2:32:01:C2:A4:63:53
            X509v3 Authority Key Identifier:
                keyid:6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:2b:a9:46:12:b4:aa:b7:d7:b6:e4:bd:51:f6:69:4d:64:ce:
         53:7f:ab:ef:7c:d2:f3:e5:fa:7f:86:50:29:06:5c:fc:55:c9:
         c7:2a:f8:08:b7:23:f4:ff:ec:ca:ff:ba:2d:b4:de:d5:03:c4:
         59:19:39:02:7c:51:36:4a:a6:3a:73:97:4c:a7:1a:b3:95:e1:
         9c:df:e5:46:b7:f7:57:56:52:be:f4:e3:6c:33:c1:d9:38:19:
         91:06:a0:9c:c9:f1:13:f6:c6:93:97:9c:27:61:5f:97:5d:3c:
         59:a9:67:b8:f6:d2:da:4f:ad:59:b6:63:5a:4c:b5:d4:55:41:
         95:fa:9c:6d:12:40:69:fe:ce:ef:e1:19:ac:d6:31:59:83:cf:
         97:be:1c:a5:0b:6e:13:b2:72:5a:b8:00:4e:be:48:d3:a0:99:
         db:22:87:39:8f:ed:b9:63:17:37:55:e8:55:36:17:2c:8f:1c:
         8a:2b:2f:ee:4f:3e:3a:ad:11:4d:12:af:7b:30:39:2d:98:31:
         8d:53:df:70:10:73:f5:e9:68:dd:4f:28:99:c5:85:f3:8c:2e:
         2b:ed:5c:b6:6b:9d:84:92:2e:cb:87:1c:99:c6:d0:f0:c8:fe:
         30:28:13:2c:41:95:e6:ad:23:63:56:04:e3:ba:6a:52:88:91:
         80:1d:f0:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0394S53rgsC7rvGt5AXrrMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZmY5MGIxNzc4ZjUzNzQzZjkyNzgzY2FmMTc0OGEyZWNk
NjY4YTAwHhcNMjYwMzI5MDUwMTAxWhcNMjYwMzMwMDUwMTAxWjAzMTEwLwYDVQQD
Eyg2ZDJjNmVhOGZlOWYzZmM5ZWNkYzg4NGM3NmEyMzIwMWMyYTQ2MzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzsAGAx252kLc/LzRb0c3TTii3XE
j4Nftw1wntQVuGx4GhpxX9/2InXoyMTpQlgiPP8i9lQ5NktSNXGc/F8vrakSLpSN
7ZDXHDxOTKHB5du5NDP1fWSwaYSceQm9PRlY83e0xji8+oyEAjUNbUvdJThuXxYm
lnnRtUoa1VV0BaVg5gZdn8NoDDKRGOqx2e+R/zIgf2mhIMzyKOLorjqXHCCLNZ+f
L0PgYwayvnwiKng8H56Z7qAuan+yZso5+PBiaoeVCm07fel8AEtyZgHHzCcqQyZM
SOOsiGqfMseTr4JU011s8ctIpgbsyn5WM1Mppc/oym/cpa3y00nhhlRsWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG0sbqj+nz/J7NyITHaiMgHCpGNTMB8GA1UdIwQY
MBaAFGz/kLF3j1N0P5J4PK8XSKLs1migMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTIt
N2RlZDRkNjFlOGQyLzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTItN2RlZDRkNjFlOGQy
LzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkSupRhK0
qrfXtuS9UfZpTWTOU3+r73zS8+X6f4ZQKQZc/FXJxyr4CLcj9P/syv+6LbTe1QPE
WRk5AnxRNkqmOnOXTKcas5XhnN/lRrf3V1ZSvvTjbDPB2TgZkQagnMnxE/bGk5ec
J2Ffl108WalnuPbS2k+tWbZjWky11FVBlfqcbRJAaf7O7+EZrNYxWYPPl74cpQtu
E7JyWrgATr5I06CZ2yKHOY/tuWMXN1XoVTYXLI8ciisv7k8+Oq0RTRKvezA5LZgx
jVPfcBBz9elo3U8omcWF84wuK+1ctmudhJIuy4ccmcbQ8Mj+MCgTLEGV5q0jY1YE
47pqUoiRgB3w+g==
-----END CERTIFICATE-----