Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/b92b30-8ada-475c-aa2a-567dc9a79fdd/1/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.mft
File:                     mcE8tY0v0x4SxeFGzGtPLHR4FvQ.mft (raw, json)
Hash identifier:          eaNvClHjxsf61hqM8BTl8tm/qNTEL+AxHkbwoxA7idA=
Subject key identifier:   7C:02:9A:53:74:F3:C4:2F:3D:24:90:3D:B7:47:2C:29:4C:4E:36:0D
Authority key identifier: 99:C1:3C:B5:8D:2F:D3:1E:12:C5:E1:46:CC:6B:4F:2C:74:78:16:F4
Certificate issuer:       /CN=99c13cb58d2fd31e12c5e146cc6b4f2c747816f4
Certificate serial:       019D3865CF7E886A33728EDB2FD2A3605193
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/b92b30-8ada-475c-aa2a-567dc9a79fdd/1/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.mft
Manifest number:          0BBA
Signing time:             Sun 29 Mar 2026 07:01:29 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:29 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:29 +0000
Files and hashes:         1: mcE8tY0v0x4SxeFGzGtPLHR4FvQ.crl (hash: jZSWNMIgDBcDCLsaqr2fuhRYoEaEZQFfKQJHsXML6o0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/b92b30-8ada-475c-aa2a-567dc9a79fdd/1/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/b92b30-8ada-475c-aa2a-567dc9a79fdd/1/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:cf:7e:88:6a:33:72:8e:db:2f:d2:a3:60:51:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99c13cb58d2fd31e12c5e146cc6b4f2c747816f4
        Validity
            Not Before: Mar 29 07:01:29 2026 GMT
            Not After : Mar 30 07:01:29 2026 GMT
        Subject: CN=7c029a5374f3c42f3d24903db7472c294c4e360d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:a4:57:37:66:a1:f4:6d:81:0f:fe:b3:24:95:
                    fd:a5:65:36:42:98:1a:c3:eb:49:4e:13:28:e1:3e:
                    e8:94:47:f2:d8:71:c1:98:69:ad:3c:53:df:36:dc:
                    05:a1:7d:d5:37:7d:12:98:85:b4:b6:53:66:8a:77:
                    de:2b:43:d9:1c:e8:19:1d:ce:90:5d:6e:76:1d:e7:
                    14:d9:fc:7a:af:e0:96:04:d6:0d:c4:d0:e6:be:c0:
                    47:2e:1b:3f:a3:f9:4a:4d:33:27:fa:f4:9f:d3:60:
                    e7:f0:e6:dd:0c:30:ea:3f:2d:a3:1c:da:2b:91:58:
                    c2:54:6b:b9:41:07:fe:35:a1:2d:c0:d8:94:9f:03:
                    75:99:1f:ee:a1:04:ae:d7:49:f8:d1:26:00:43:66:
                    bc:ac:9a:62:1d:dd:4a:b2:74:bd:b6:31:4a:f3:a9:
                    e6:b9:1d:88:4f:5a:ac:9f:a7:8e:2f:dc:35:14:a1:
                    3a:2d:32:df:41:57:b6:ea:45:65:26:e2:74:dd:f3:
                    41:78:43:24:ed:f4:4e:30:8f:45:91:ee:55:52:15:
                    b7:67:e0:e8:76:2b:11:5d:a1:e7:a5:d2:a6:dc:a4:
                    4a:d0:44:04:0b:06:91:85:4d:73:8d:84:14:90:a1:
                    72:4b:07:c5:19:8e:5e:66:fa:20:5e:f5:a6:23:3f:
                    5f:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:02:9A:53:74:F3:C4:2F:3D:24:90:3D:B7:47:2C:29:4C:4E:36:0D
            X509v3 Authority Key Identifier:
                keyid:99:C1:3C:B5:8D:2F:D3:1E:12:C5:E1:46:CC:6B:4F:2C:74:78:16:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/b92b30-8ada-475c-aa2a-567dc9a79fdd/1/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/b92b30-8ada-475c-aa2a-567dc9a79fdd/1/mcE8tY0v0x4SxeFGzGtPLHR4FvQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:a7:dc:10:fc:90:73:31:4c:9c:06:70:af:bf:1f:5a:d0:f1:
         3d:4e:c6:72:6c:be:90:cb:e1:c0:fb:ec:d4:b6:31:f6:65:bb:
         ca:25:06:db:08:2b:ff:f4:6b:47:90:fb:73:1a:95:12:37:52:
         b7:52:f6:2a:32:e9:7b:c3:3c:4c:94:c9:46:9c:9d:95:31:36:
         93:da:99:f3:b1:9a:fb:aa:19:eb:af:81:04:9a:17:be:72:c7:
         51:fb:cc:b0:1a:00:b6:6f:2a:6e:62:15:b5:0d:32:41:00:7b:
         91:c8:2e:86:bb:1d:73:83:ca:59:02:6d:32:75:1b:01:96:88:
         40:0c:fc:5d:92:7d:9c:00:83:f3:06:6f:c0:17:8c:5d:a7:d9:
         ba:a4:ca:4e:1f:65:bd:56:7a:a0:5e:82:e0:2f:98:4b:85:bb:
         f3:40:22:c5:6b:0d:f8:b2:8e:fc:3b:29:38:c5:67:1a:f3:42:
         3f:70:8a:d1:cb:30:5e:db:4e:38:62:4e:64:d4:e6:7a:cf:43:
         0c:f0:ff:a3:cc:5a:10:f7:07:f1:18:50:59:a2:35:5c:8b:2f:
         bc:e4:d4:e2:a3:f8:27:31:1d:da:43:ea:65:3a:6a:ff:77:c7:
         0e:a2:f4:af:64:12:ba:46:7c:38:1b:65:81:d9:4d:e4:51:e4:
         f7:cf:6c:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zc9+iGozco7bL9KjYFGTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YzEzY2I1OGQyZmQzMWUxMmM1ZTE0NmNjNmI0ZjJjNzQ3
ODE2ZjQwHhcNMjYwMzI5MDcwMTI5WhcNMjYwMzMwMDcwMTI5WjAzMTEwLwYDVQQD
Eyg3YzAyOWE1Mzc0ZjNjNDJmM2QyNDkwM2RiNzQ3MmMyOTRjNGUzNjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaRXN2ah9G2BD/6zJJX9pWU2Qpga
w+tJThMo4T7olEfy2HHBmGmtPFPfNtwFoX3VN30SmIW0tlNminfeK0PZHOgZHc6Q
XW52HecU2fx6r+CWBNYNxNDmvsBHLhs/o/lKTTMn+vSf02Dn8ObdDDDqPy2jHNor
kVjCVGu5QQf+NaEtwNiUnwN1mR/uoQSu10n40SYAQ2a8rJpiHd1KsnS9tjFK86nm
uR2IT1qsn6eOL9w1FKE6LTLfQVe26kVlJuJ03fNBeEMk7fROMI9Fke5VUhW3Z+Do
disRXaHnpdKm3KRK0EQECwaRhU1zjYQUkKFySwfFGY5eZvogXvWmIz9fcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHwCmlN088QvPSSQPbdHLClMTjYNMB8GA1UdIwQY
MBaAFJnBPLWNL9MeEsXhRsxrTyx0eBb0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWNFOHRZMHYweDRTeGVGR3pHdFBMSFI0RnZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9iOTJiMzAtOGFkYS00NzVjLWFhMmEt
NTY3ZGM5YTc5ZmRkLzEvbWNFOHRZMHYweDRTeGVGR3pHdFBMSFI0RnZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9iOTJiMzAtOGFkYS00NzVjLWFhMmEtNTY3ZGM5YTc5ZmRk
LzEvbWNFOHRZMHYweDRTeGVGR3pHdFBMSFI0RnZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmafcEPyQ
czFMnAZwr78fWtDxPU7Gcmy+kMvhwPvs1LYx9mW7yiUG2wgr//RrR5D7cxqVEjdS
t1L2KjLpe8M8TJTJRpydlTE2k9qZ87Ga+6oZ66+BBJoXvnLHUfvMsBoAtm8qbmIV
tQ0yQQB7kcguhrsdc4PKWQJtMnUbAZaIQAz8XZJ9nACD8wZvwBeMXafZuqTKTh9l
vVZ6oF6C4C+YS4W780AixWsN+LKO/DspOMVnGvNCP3CK0cswXttOOGJOZNTmes9D
DPD/o8xaEPcH8RhQWaI1XIsvvOTU4qP4JzEd2kPqZTpq/3fHDqL0r2QSukZ8OBtl
gdlN5FHk989s0A==
-----END CERTIFICATE-----