Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
File:                     9bMQ6dROhHDWzYAJWQZssA8pHvo.mft (raw, json)
Hash identifier:          MlvrPo/q7aSL496FovnCrE7D0wkg7qv++qJgNlLGBFg=
Subject key identifier:   40:10:F3:3C:27:21:C5:6A:66:91:6F:87:32:0F:A7:20:EB:97:CF:FC
Authority key identifier: F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA
Certificate issuer:       /CN=f5b310e9d44e8470d6cd800959066cb00f291efa
Certificate serial:       019D386570806879F14712D6127569ACF8C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
Manifest number:          12F3
Signing time:             Sun 29 Mar 2026 07:01:05 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:05 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:05 +0000
Files and hashes:         1: 9bMQ6dROhHDWzYAJWQZssA8pHvo.crl (hash: 46+pqztMohSTQbLTFOjf9QG0//Lvni7z+alLJWGZZ9A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:70:80:68:79:f1:47:12:d6:12:75:69:ac:f8:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5b310e9d44e8470d6cd800959066cb00f291efa
        Validity
            Not Before: Mar 29 07:01:05 2026 GMT
            Not After : Mar 30 07:01:05 2026 GMT
        Subject: CN=4010f33c2721c56a66916f87320fa720eb97cffc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:35:ff:a1:f6:b4:cb:bd:10:42:20:fc:76:b7:
                    16:e5:12:c5:97:72:e0:58:18:30:61:46:1f:f2:c9:
                    29:85:d5:27:ef:26:b3:0b:03:65:78:d9:a3:09:8b:
                    a3:2e:34:3f:07:19:22:88:30:4c:a2:8f:7a:e8:75:
                    78:e7:36:05:9d:4b:43:48:61:2e:91:79:44:a0:a3:
                    eb:06:fb:a2:3b:02:0a:59:61:28:0b:b6:11:3a:5d:
                    66:0f:78:d7:db:07:db:df:38:09:d4:5e:2f:8b:95:
                    91:eb:80:04:4c:c6:89:0e:c6:37:c6:1a:0c:59:df:
                    46:5a:74:8f:50:f5:50:ba:80:d1:5e:10:8f:f0:ef:
                    fd:dc:0f:72:99:ab:40:68:ca:24:bb:ae:e7:80:18:
                    92:87:85:d3:53:0e:45:e0:7f:17:ca:b0:d3:ed:88:
                    d9:7e:7d:79:2d:b5:1c:af:51:df:0b:06:91:6d:dd:
                    cb:93:b0:b1:6d:ad:34:1f:e8:92:a2:ff:b0:a7:0f:
                    bd:4b:4a:d2:98:d1:90:ec:cb:49:dc:33:9a:10:ea:
                    19:fc:de:7f:90:e1:55:9c:c7:90:3c:9b:41:d0:6b:
                    0d:6a:0c:9e:a7:c9:a2:6c:d9:0e:0b:df:50:62:67:
                    23:61:92:3e:35:64:a4:0d:da:c4:76:f0:63:ef:99:
                    d6:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:10:F3:3C:27:21:C5:6A:66:91:6F:87:32:0F:A7:20:EB:97:CF:FC
            X509v3 Authority Key Identifier:
                keyid:F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:3d:7d:1f:98:ca:81:7f:2e:df:07:cb:e5:23:08:fe:ff:4d:
         24:14:7a:60:eb:eb:fd:b7:ed:06:90:b4:c1:50:d9:ee:cb:88:
         e3:c8:16:5e:36:92:b0:3e:6d:c3:ab:b2:f2:a5:2a:1e:97:09:
         e0:0c:1c:0c:c7:ac:a2:95:fd:87:d8:6f:95:81:f5:02:8e:01:
         8d:97:e8:b5:79:1c:12:79:92:11:e7:95:e2:f2:93:19:34:03:
         70:64:ed:53:fb:2f:b6:6d:52:05:d9:b5:81:04:11:59:11:00:
         39:3b:6b:d9:32:1a:6c:ea:fb:8e:4f:38:90:af:11:59:e3:bc:
         0b:ac:e9:9d:e7:ff:20:b7:e1:20:a6:2d:2a:1c:cd:8f:eb:bc:
         04:09:1d:cc:ce:bc:1e:bc:01:41:e9:1e:1b:9b:37:4c:8e:61:
         62:82:9f:64:ac:74:a2:ae:bc:2b:db:55:08:be:29:6b:a8:88:
         3f:42:44:0a:5c:b5:ac:b3:4e:6d:63:81:5f:20:48:4c:f2:d8:
         4a:fa:18:2f:01:3a:db:5d:9c:60:e2:1b:09:51:a9:e4:54:fd:
         5e:d1:d3:1a:69:36:53:df:4d:8d:b6:3b:09:56:ef:14:ec:fe:
         8a:74:30:8b:e0:d6:67:d1:88:9b:d5:2a:7e:e0:60:9c:60:2c:
         12:ca:d8:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZXCAaHnxRxLWEnVprPjCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YjMxMGU5ZDQ0ZTg0NzBkNmNkODAwOTU5MDY2Y2IwMGYy
OTFlZmEwHhcNMjYwMzI5MDcwMTA1WhcNMjYwMzMwMDcwMTA1WjAzMTEwLwYDVQQD
Eyg0MDEwZjMzYzI3MjFjNTZhNjY5MTZmODczMjBmYTcyMGViOTdjZmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTX/ofa0y70QQiD8drcW5RLFl3Lg
WBgwYUYf8skphdUn7yazCwNleNmjCYujLjQ/BxkiiDBMoo966HV45zYFnUtDSGEu
kXlEoKPrBvuiOwIKWWEoC7YROl1mD3jX2wfb3zgJ1F4vi5WR64AETMaJDsY3xhoM
Wd9GWnSPUPVQuoDRXhCP8O/93A9ymatAaMoku67ngBiSh4XTUw5F4H8XyrDT7YjZ
fn15LbUcr1HfCwaRbd3Lk7Cxba00H+iSov+wpw+9S0rSmNGQ7MtJ3DOaEOoZ/N5/
kOFVnMeQPJtB0GsNagyep8mibNkOC99QYmcjYZI+NWSkDdrEdvBj75nW3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEAQ8zwnIcVqZpFvhzIPpyDrl8/8MB8GA1UdIwQY
MBaAFPWzEOnUToRw1s2ACVkGbLAPKR76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYt
ZTgzNmViM2QyZjFmLzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYtZTgzNmViM2QyZjFm
LzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACD19H5jK
gX8u3wfL5SMI/v9NJBR6YOvr/bftBpC0wVDZ7suI48gWXjaSsD5tw6uy8qUqHpcJ
4AwcDMesopX9h9hvlYH1Ao4BjZfotXkcEnmSEeeV4vKTGTQDcGTtU/svtm1SBdm1
gQQRWREAOTtr2TIabOr7jk84kK8RWeO8C6zpnef/ILfhIKYtKhzNj+u8BAkdzM68
HrwBQekeG5s3TI5hYoKfZKx0oq68K9tVCL4pa6iIP0JECly1rLNObWOBXyBITPLY
SvoYLwE6212cYOIbCVGp5FT9XtHTGmk2U99NjbY7CVbvFOz+inQwi+DWZ9GIm9Uq
fuBgnGAsEsrYOg==
-----END CERTIFICATE-----