Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a75507-5c5c-4842-a1c4-8d56ddcfa4b8/1/bMfzcUDRMXn5pckglknIDDfGpxM.mft
File:                     bMfzcUDRMXn5pckglknIDDfGpxM.mft (raw, json)
Hash identifier:          gzdz++Z388wOdL/CVpiKVG+ifSRD4nJMCIZicyhT+7o=
Subject key identifier:   A7:51:E2:1C:21:47:1F:2F:76:0F:84:D8:77:81:C8:D6:B6:88:28:4C
Authority key identifier: 6C:C7:F3:71:40:D1:31:79:F9:A5:C9:20:96:49:C8:0C:37:C6:A7:13
Certificate issuer:       /CN=6cc7f37140d13179f9a5c9209649c80c37c6a713
Certificate serial:       019D38D3A500E1DFA5752B3D9CC22C511545
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bMfzcUDRMXn5pckglknIDDfGpxM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/a75507-5c5c-4842-a1c4-8d56ddcfa4b8/1/bMfzcUDRMXn5pckglknIDDfGpxM.mft
Manifest number:          14A7
Signing time:             Sun 29 Mar 2026 09:01:27 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:27 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:27 +0000
Files and hashes:         1: bMfzcUDRMXn5pckglknIDDfGpxM.crl (hash: eGOmRL/ZsctCE9H52QFBKMQBrcbjcuzsLbZnWutmdVc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/a75507-5c5c-4842-a1c4-8d56ddcfa4b8/1/bMfzcUDRMXn5pckglknIDDfGpxM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/a75507-5c5c-4842-a1c4-8d56ddcfa4b8/1/bMfzcUDRMXn5pckglknIDDfGpxM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bMfzcUDRMXn5pckglknIDDfGpxM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:a5:00:e1:df:a5:75:2b:3d:9c:c2:2c:51:15:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cc7f37140d13179f9a5c9209649c80c37c6a713
        Validity
            Not Before: Mar 29 09:01:27 2026 GMT
            Not After : Mar 30 09:01:27 2026 GMT
        Subject: CN=a751e21c21471f2f760f84d87781c8d6b688284c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:2b:e4:6f:90:b1:67:f0:e7:a2:bd:ff:a4:78:
                    de:c9:f1:dd:7f:b6:af:2d:9e:49:58:44:eb:6d:80:
                    5e:7f:76:63:a0:a1:75:09:2d:a1:65:02:ac:0f:2a:
                    f1:07:02:52:c8:bb:e5:d5:73:d5:77:2c:a3:3d:a7:
                    a6:03:38:25:2a:b1:c9:f9:0d:8c:00:35:c0:6b:03:
                    90:37:16:97:89:3f:be:94:e7:48:f8:60:9d:2a:5f:
                    2c:0c:cd:07:ca:3d:16:18:79:ff:04:b0:93:d2:50:
                    1f:8a:8d:44:6e:b6:ec:ce:8b:30:52:9a:01:f4:de:
                    8b:b2:c1:21:9a:75:06:89:e2:ab:d6:87:fc:9a:6e:
                    dc:64:fb:97:4e:5d:c2:40:86:2a:b4:47:38:0b:f3:
                    c5:97:0d:0b:d0:ea:96:58:5e:95:2e:07:c7:58:e3:
                    8d:08:d9:0c:df:22:79:0b:85:7d:57:bc:ec:c8:2e:
                    4f:00:58:e4:2d:30:d1:24:b1:21:91:00:99:e6:18:
                    af:c8:39:c4:ce:06:cb:ed:02:3b:a7:25:c3:01:a1:
                    41:6f:63:f2:a3:9e:05:30:8b:f1:6c:94:4d:13:b9:
                    0f:4a:6f:17:75:97:46:98:0b:45:05:1f:dd:3c:c9:
                    58:2b:db:d4:fd:92:88:75:72:4f:30:9c:3a:8f:d2:
                    d7:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:51:E2:1C:21:47:1F:2F:76:0F:84:D8:77:81:C8:D6:B6:88:28:4C
            X509v3 Authority Key Identifier:
                keyid:6C:C7:F3:71:40:D1:31:79:F9:A5:C9:20:96:49:C8:0C:37:C6:A7:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bMfzcUDRMXn5pckglknIDDfGpxM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a75507-5c5c-4842-a1c4-8d56ddcfa4b8/1/bMfzcUDRMXn5pckglknIDDfGpxM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a75507-5c5c-4842-a1c4-8d56ddcfa4b8/1/bMfzcUDRMXn5pckglknIDDfGpxM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:f7:59:dd:07:29:fa:3d:4e:01:8d:40:c7:9f:dd:fe:36:ab:
         2c:58:18:8e:40:29:96:cb:e8:2e:82:d0:b1:4d:60:f2:82:23:
         74:b9:b4:d5:8f:4a:bd:55:9f:7d:7d:e1:35:f5:43:4e:f3:74:
         27:f1:39:59:2d:de:f9:3d:7b:d7:3b:1a:8e:4c:85:f3:c7:5d:
         99:97:69:63:28:aa:58:78:e5:06:e9:20:28:10:35:6c:fe:6f:
         94:b4:28:ac:eb:2f:25:12:bd:81:c5:d4:93:b2:0b:b5:4a:86:
         40:79:e0:16:d1:15:bb:01:22:44:24:bd:60:15:a8:f0:d8:84:
         19:ac:5f:db:95:83:66:34:4f:bf:dd:29:3e:39:82:8f:6d:27:
         3d:6a:94:ce:bc:2c:43:d6:a0:fb:30:ed:d1:d9:f6:d4:6b:23:
         97:30:09:32:cf:60:8c:da:b0:ac:97:77:0e:38:af:91:c2:5e:
         96:5d:65:f7:e5:bf:29:c2:0c:ad:ef:b5:2c:b8:b7:bb:92:60:
         aa:14:5d:85:57:a0:34:8f:45:2c:f6:a4:7f:fd:4c:12:fd:00:
         c9:ac:9c:fa:46:bc:58:0e:5a:4a:0e:a2:c6:22:cd:be:d6:5c:
         d6:84:73:58:a0:c9:4e:d9:e0:c4:03:4a:29:14:06:20:b1:c8:
         0b:ff:56:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0406UA4d+ldSs9nMIsURVFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYzdmMzcxNDBkMTMxNzlmOWE1YzkyMDk2NDljODBjMzdj
NmE3MTMwHhcNMjYwMzI5MDkwMTI3WhcNMjYwMzMwMDkwMTI3WjAzMTEwLwYDVQQD
EyhhNzUxZTIxYzIxNDcxZjJmNzYwZjg0ZDg3NzgxYzhkNmI2ODgyODRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSvkb5CxZ/Dnor3/pHjeyfHdf7av
LZ5JWETrbYBef3ZjoKF1CS2hZQKsDyrxBwJSyLvl1XPVdyyjPaemAzglKrHJ+Q2M
ADXAawOQNxaXiT++lOdI+GCdKl8sDM0Hyj0WGHn/BLCT0lAfio1EbrbszoswUpoB
9N6LssEhmnUGieKr1of8mm7cZPuXTl3CQIYqtEc4C/PFlw0L0OqWWF6VLgfHWOON
CNkM3yJ5C4V9V7zsyC5PAFjkLTDRJLEhkQCZ5hivyDnEzgbL7QI7pyXDAaFBb2Py
o54FMIvxbJRNE7kPSm8XdZdGmAtFBR/dPMlYK9vU/ZKIdXJPMJw6j9LXEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKdR4hwhRx8vdg+E2HeByNa2iChMMB8GA1UdIwQY
MBaAFGzH83FA0TF5+aXJIJZJyAw3xqcTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk1memNVRFJNWG41cGNrZ2xrbklERGZHcHhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9hNzU1MDctNWM1Yy00ODQyLWExYzQt
OGQ1NmRkY2ZhNGI4LzEvYk1memNVRFJNWG41cGNrZ2xrbklERGZHcHhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9hNzU1MDctNWM1Yy00ODQyLWExYzQtOGQ1NmRkY2ZhNGI4
LzEvYk1memNVRFJNWG41cGNrZ2xrbklERGZHcHhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVPdZ3Qcp
+j1OAY1Ax5/d/jarLFgYjkAplsvoLoLQsU1g8oIjdLm01Y9KvVWffX3hNfVDTvN0
J/E5WS3e+T171zsajkyF88ddmZdpYyiqWHjlBukgKBA1bP5vlLQorOsvJRK9gcXU
k7ILtUqGQHngFtEVuwEiRCS9YBWo8NiEGaxf25WDZjRPv90pPjmCj20nPWqUzrws
Q9ag+zDt0dn21GsjlzAJMs9gjNqwrJd3DjivkcJell1l9+W/KcIMre+1LLi3u5Jg
qhRdhVegNI9FLPakf/1MEv0Ayayc+ka8WA5aSg6ixiLNvtZc1oRzWKDJTtngxANK
KRQGILHIC/9WxQ==
-----END CERTIFICATE-----