Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
File:                     urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft (raw, json)
Hash identifier:          XGW0K4qeOa0Z99GK1LvqwKgLXvmBlf7+qx2naod0mpQ=
Subject key identifier:   11:D2:E6:2D:07:69:FC:28:23:0B:6D:E3:DC:A4:11:78:91:4D:A2:05
Authority key identifier: BA:B9:BB:C2:4E:9A:C3:D9:EC:7E:10:BF:95:74:7D:AB:5C:45:DD:2B
Certificate issuer:       /CN=bab9bbc24e9ac3d9ec7e10bf95747dab5c45dd2b
Certificate serial:       019D386563FFA88EA09ABD0AE4A205F8445E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
Manifest number:          0DAC
Signing time:             Sun 29 Mar 2026 07:01:01 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:01 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:01 +0000
Files and hashes:         1: urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl (hash: VSbYWDDhyKKcKC9ubsKkSOyichDuqHVI+Xpe3ozi2As=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:63:ff:a8:8e:a0:9a:bd:0a:e4:a2:05:f8:44:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bab9bbc24e9ac3d9ec7e10bf95747dab5c45dd2b
        Validity
            Not Before: Mar 29 07:01:01 2026 GMT
            Not After : Mar 30 07:01:01 2026 GMT
        Subject: CN=11d2e62d0769fc28230b6de3dca41178914da205
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:c1:31:9c:a8:37:28:87:96:7e:04:36:f4:b0:
                    87:6c:3c:f7:c5:ad:97:db:70:eb:e8:94:af:cd:63:
                    9a:fa:67:14:00:a0:8c:33:ab:35:05:9d:cd:80:19:
                    44:a3:51:b7:ee:0c:5f:44:2c:53:ab:f4:48:7a:40:
                    74:f9:39:87:64:10:2f:66:1b:ed:e4:0d:6d:ec:21:
                    53:ea:77:79:35:13:8b:07:f1:fd:ea:a6:82:58:e6:
                    46:a4:04:44:5e:1e:b1:ca:cc:2b:23:e6:d1:23:ae:
                    7c:b1:68:97:05:c5:bb:53:1c:93:b2:80:8b:e4:e1:
                    ca:8d:1c:a4:4e:2b:24:b4:40:41:5a:a2:59:47:6c:
                    de:d8:a6:6d:eb:1a:1c:25:0e:5b:2b:7e:4f:c1:14:
                    b0:91:3b:66:f8:36:e5:2d:db:22:e6:e3:ce:75:b9:
                    30:fe:9c:3d:d2:b9:f1:02:c8:70:22:b8:7b:cd:f0:
                    11:e5:98:ba:00:e9:bd:03:a0:a5:e3:78:6c:3a:f1:
                    1e:88:35:ee:a1:5b:e4:d9:0c:87:e7:bc:c9:d6:10:
                    68:f5:0b:a1:23:44:33:b7:e5:fe:d3:f7:c5:4e:9b:
                    38:e4:a8:af:bc:2c:72:04:76:57:ca:4d:65:68:a2:
                    61:0f:ca:83:aa:59:6c:d6:01:3b:1e:d1:a4:37:19:
                    45:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:D2:E6:2D:07:69:FC:28:23:0B:6D:E3:DC:A4:11:78:91:4D:A2:05
            X509v3 Authority Key Identifier:
                keyid:BA:B9:BB:C2:4E:9A:C3:D9:EC:7E:10:BF:95:74:7D:AB:5C:45:DD:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:df:e1:78:b8:64:5b:25:ee:e7:1e:4f:db:ef:80:41:ca:56:
         84:73:6f:56:8c:97:10:c1:96:a0:66:b5:8e:9a:39:8e:12:00:
         45:74:49:bb:a3:fa:4d:73:0a:ea:64:c4:d3:c3:a0:62:70:f5:
         85:1c:00:d3:0d:5d:fd:5c:90:42:72:67:fe:b1:ff:f0:65:09:
         99:69:74:81:a1:e1:87:f5:65:f2:68:25:b8:8b:61:ec:85:52:
         6b:33:ff:b8:3d:b7:1a:ff:2d:95:53:0a:95:39:91:e7:ab:47:
         76:a7:48:d0:85:0b:9e:58:73:73:d3:74:cb:37:32:43:dd:4f:
         bf:f5:25:f8:f4:b0:0e:c1:41:93:ad:9d:b8:2b:81:a9:12:ea:
         92:4f:51:a3:ed:4e:a0:5f:67:43:ef:e7:93:ac:e6:ad:f6:37:
         ed:cd:0f:92:2c:bf:81:0b:c4:fd:8b:14:66:5c:1a:3e:06:3a:
         b9:db:ce:e0:96:f7:45:63:f4:48:2b:06:41:79:a5:5b:bf:08:
         6e:b0:63:5e:0b:8a:f2:37:e8:97:b6:57:c6:21:78:06:75:b6:
         79:ea:fa:44:41:b7:19:23:07:59:58:8f:d6:dc:43:f1:62:70:
         7a:e7:0c:b5:d8:7e:e6:7d:b3:09:ff:07:b0:b9:3d:75:ae:f0:
         01:4e:0f:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZWP/qI6gmr0K5KIF+EReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYjliYmMyNGU5YWMzZDllYzdlMTBiZjk1NzQ3ZGFiNWM0
NWRkMmIwHhcNMjYwMzI5MDcwMTAxWhcNMjYwMzMwMDcwMTAxWjAzMTEwLwYDVQQD
EygxMWQyZTYyZDA3NjlmYzI4MjMwYjZkZTNkY2E0MTE3ODkxNGRhMjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8MExnKg3KIeWfgQ29LCHbDz3xa2X
23Dr6JSvzWOa+mcUAKCMM6s1BZ3NgBlEo1G37gxfRCxTq/RIekB0+TmHZBAvZhvt
5A1t7CFT6nd5NROLB/H96qaCWOZGpAREXh6xyswrI+bRI658sWiXBcW7UxyTsoCL
5OHKjRykTisktEBBWqJZR2ze2KZt6xocJQ5bK35PwRSwkTtm+DblLdsi5uPOdbkw
/pw90rnxAshwIrh7zfAR5Zi6AOm9A6Cl43hsOvEeiDXuoVvk2QyH57zJ1hBo9Quh
I0Qzt+X+0/fFTps45KivvCxyBHZXyk1laKJhD8qDqlls1gE7HtGkNxlFTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBHS5i0HafwoIwtt49ykEXiRTaIFMB8GA1UdIwQY
MBaAFLq5u8JOmsPZ7H4Qv5V0fatcRd0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8yODI5ZmEtYzBhMi00YTc4LTkyNjIt
MmViYzY0NDhmNjAyLzEvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8yODI5ZmEtYzBhMi00YTc4LTkyNjItMmViYzY0NDhmNjAy
LzEvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB9/heLhk
WyXu5x5P2++AQcpWhHNvVoyXEMGWoGa1jpo5jhIARXRJu6P6TXMK6mTE08OgYnD1
hRwA0w1d/VyQQnJn/rH/8GUJmWl0gaHhh/Vl8mgluIth7IVSazP/uD23Gv8tlVMK
lTmR56tHdqdI0IULnlhzc9N0yzcyQ91Pv/Ul+PSwDsFBk62duCuBqRLqkk9Ro+1O
oF9nQ+/nk6zmrfY37c0Pkiy/gQvE/YsUZlwaPgY6udvO4Jb3RWP0SCsGQXmlW78I
brBjXguK8jfol7ZXxiF4BnW2eer6REG3GSMHWViP1txD8WJweucMtdh+5n2zCf8H
sLk9da7wAU4PqA==
-----END CERTIFICATE-----