Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft
File:                     spK68_TAei7dR9iMKxW2Wir33q0.mft (raw, json)
Hash identifier:          ZbDwwQGvPR9Gkvhgru+UTJNTLgBdmWT1h/IMQKMF4ng=
Subject key identifier:   83:6B:D1:9F:C4:36:12:5B:D1:EC:DA:65:46:4C:2E:DE:3A:BA:83:B4
Authority key identifier: B2:92:BA:F3:F4:C0:7A:2E:DD:47:D8:8C:2B:15:B6:5A:2A:F7:DE:AD
Certificate issuer:       /CN=b292baf3f4c07a2edd47d88c2b15b65a2af7dead
Certificate serial:       019D38664BEC17685ED021F02750ED98CAB6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/spK68_TAei7dR9iMKxW2Wir33q0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft
Manifest number:          0F27
Signing time:             Sun 29 Mar 2026 07:02:01 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:01 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:01 +0000
Files and hashes:         1: spK68_TAei7dR9iMKxW2Wir33q0.crl (hash: wfdh/W+8OqUiVc+RLwft9QP4C7D3bJF1+zSkXrrfuUQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/spK68_TAei7dR9iMKxW2Wir33q0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:4b:ec:17:68:5e:d0:21:f0:27:50:ed:98:ca:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b292baf3f4c07a2edd47d88c2b15b65a2af7dead
        Validity
            Not Before: Mar 29 07:02:01 2026 GMT
            Not After : Mar 30 07:02:01 2026 GMT
        Subject: CN=836bd19fc436125bd1ecda65464c2ede3aba83b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:4e:b6:1b:45:a4:a2:a4:bc:0e:4b:4f:26:a8:
                    62:01:af:a0:17:6c:fc:47:c6:48:e1:69:b7:43:fa:
                    1e:1e:20:c5:2b:7f:06:2f:57:36:65:05:b6:91:5e:
                    19:99:0c:73:c6:6d:6c:90:b7:65:47:47:a6:16:2e:
                    25:f6:0c:f2:de:1b:81:27:7f:19:d4:b6:a4:1f:c1:
                    7c:58:2c:fc:8a:45:3c:d0:82:cb:85:14:c3:05:ec:
                    97:e5:9c:57:e1:65:6d:e7:aa:49:b6:f3:ea:47:ae:
                    43:52:84:74:c7:75:af:0f:3c:3e:3e:7e:7c:37:43:
                    1f:09:6e:de:5d:7d:49:8b:69:8a:0f:d0:10:1b:d6:
                    23:48:c8:f2:a0:58:86:bf:e8:1d:5f:20:bf:f8:ca:
                    80:e6:22:c6:d7:15:52:52:0c:b2:7d:fb:aa:12:63:
                    d5:67:18:b0:65:93:b9:62:6b:ea:b7:36:c8:ac:88:
                    2b:90:ed:31:df:1a:6b:fe:b1:d9:82:a7:fc:a4:3f:
                    1e:e6:63:e6:a7:e6:6f:1e:db:a6:05:48:5a:e0:67:
                    af:47:00:6d:b2:a5:9a:49:6d:73:d2:75:6f:55:b8:
                    6e:12:7d:79:2a:56:0d:6f:33:80:58:95:ff:5d:52:
                    99:91:29:8e:54:28:07:86:b3:0d:20:72:f5:10:a3:
                    25:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:6B:D1:9F:C4:36:12:5B:D1:EC:DA:65:46:4C:2E:DE:3A:BA:83:B4
            X509v3 Authority Key Identifier:
                keyid:B2:92:BA:F3:F4:C0:7A:2E:DD:47:D8:8C:2B:15:B6:5A:2A:F7:DE:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/spK68_TAei7dR9iMKxW2Wir33q0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:c8:8f:4d:2a:e2:ee:8d:07:b8:4a:7b:88:b6:9e:e0:19:23:
         52:b3:b7:6f:10:d6:8a:96:2b:8a:63:63:63:67:0a:9f:6b:d4:
         4c:9b:dc:d4:c7:ae:c2:c6:5a:56:c0:e3:7a:28:ff:a3:3e:9a:
         da:f6:4a:11:72:ed:6e:9c:fb:fc:29:23:b2:cb:c2:2c:82:94:
         84:ad:e1:a2:73:26:eb:cd:e4:3c:8e:dc:0d:62:e3:ca:e8:71:
         83:8d:50:ff:d0:c9:6f:ca:ff:52:db:99:85:36:06:62:49:a8:
         15:f3:38:c4:70:a4:34:e2:b3:e0:8f:9d:2a:df:fe:96:43:96:
         12:95:40:73:9c:c1:3e:0c:73:83:58:2e:05:24:9a:2b:24:25:
         a9:74:a9:74:39:54:fc:7c:3d:da:2b:46:da:97:60:4b:5c:3c:
         ee:96:6d:f7:a7:7f:a1:8f:4b:d3:e1:6e:ae:c3:03:11:65:c7:
         a9:23:c2:56:8f:cd:e3:68:c9:89:24:f9:81:9d:8c:60:63:2a:
         f6:70:ba:f8:4f:35:76:f4:3a:f1:22:27:2d:b7:b5:d2:0f:c3:
         e4:2c:22:08:ac:35:1a:3d:bf:bf:86:fb:9b:48:5b:8b:7f:61:
         9b:de:3c:02:ac:f4:7e:b3:41:f3:ef:28:ee:8d:03:bd:b1:69:
         13:a4:64:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZkvsF2he0CHwJ1DtmMq2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyOTJiYWYzZjRjMDdhMmVkZDQ3ZDg4YzJiMTViNjVhMmFm
N2RlYWQwHhcNMjYwMzI5MDcwMjAxWhcNMjYwMzMwMDcwMjAxWjAzMTEwLwYDVQQD
Eyg4MzZiZDE5ZmM0MzYxMjViZDFlY2RhNjU0NjRjMmVkZTNhYmE4M2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1U62G0WkoqS8DktPJqhiAa+gF2z8
R8ZI4Wm3Q/oeHiDFK38GL1c2ZQW2kV4ZmQxzxm1skLdlR0emFi4l9gzy3huBJ38Z
1LakH8F8WCz8ikU80ILLhRTDBeyX5ZxX4WVt56pJtvPqR65DUoR0x3WvDzw+Pn58
N0MfCW7eXX1Ji2mKD9AQG9YjSMjyoFiGv+gdXyC/+MqA5iLG1xVSUgyyffuqEmPV
ZxiwZZO5YmvqtzbIrIgrkO0x3xpr/rHZgqf8pD8e5mPmp+ZvHtumBUha4GevRwBt
sqWaSW1z0nVvVbhuEn15KlYNbzOAWJX/XVKZkSmOVCgHhrMNIHL1EKMl0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFINr0Z/ENhJb0ezaZUZMLt46uoO0MB8GA1UdIwQY
MBaAFLKSuvP0wHou3UfYjCsVtloq996tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3BLNjhfVEFlaTdkUjlpTUt4VzJXaXIzM3EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jMWY4M2EtZGZjNy00OTRkLTlhNGIt
MmE3MmMyODU4YmFjLzEvc3BLNjhfVEFlaTdkUjlpTUt4VzJXaXIzM3EwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jMWY4M2EtZGZjNy00OTRkLTlhNGItMmE3MmMyODU4YmFj
LzEvc3BLNjhfVEFlaTdkUjlpTUt4VzJXaXIzM3EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGMiPTSri
7o0HuEp7iLae4BkjUrO3bxDWipYrimNjY2cKn2vUTJvc1MeuwsZaVsDjeij/oz6a
2vZKEXLtbpz7/CkjssvCLIKUhK3honMm683kPI7cDWLjyuhxg41Q/9DJb8r/UtuZ
hTYGYkmoFfM4xHCkNOKz4I+dKt/+lkOWEpVAc5zBPgxzg1guBSSaKyQlqXSpdDlU
/Hw92itG2pdgS1w87pZt96d/oY9L0+FursMDEWXHqSPCVo/N42jJiST5gZ2MYGMq
9nC6+E81dvQ68SInLbe10g/D5CwiCKw1Gj2/v4b7m0hbi39hm948Aqz0frNB8+8o
7o0DvbFpE6RkBQ==
-----END CERTIFICATE-----