Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
File:                     s_sdIFBvVM-5oflFH6EKiP87L2Q.mft (raw, json)
Hash identifier:          onSc8qpV6eEj6dzYMzLEUdBCLCSzR3YBFTqBglie9LI=
Subject key identifier:   AC:C9:08:82:5C:12:D9:10:12:44:E1:4F:10:6B:AF:41:AC:B0:3B:E0
Authority key identifier: B3:FB:1D:20:50:6F:54:CF:B9:A1:F9:45:1F:A1:0A:88:FF:3B:2F:64
Certificate issuer:       /CN=b3fb1d20506f54cfb9a1f9451fa10a88ff3b2f64
Certificate serial:       019D3AC1CA89ED078D92271D906EE2A416C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
Manifest number:          0F35
Signing time:             Sun 29 Mar 2026 18:01:11 +0000
Manifest this update:     Sun 29 Mar 2026 18:01:11 +0000
Manifest next update:     Mon 30 Mar 2026 18:01:11 +0000
Files and hashes:         1: s_sdIFBvVM-5oflFH6EKiP87L2Q.crl (hash: nZXkuMwGMFCR33uB9mK464BqWC5aBAsjJFz7HxVFnLk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:c1:ca:89:ed:07:8d:92:27:1d:90:6e:e2:a4:16:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3fb1d20506f54cfb9a1f9451fa10a88ff3b2f64
        Validity
            Not Before: Mar 29 18:01:11 2026 GMT
            Not After : Mar 30 18:01:11 2026 GMT
        Subject: CN=acc908825c12d9101244e14f106baf41acb03be0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:8a:48:a1:90:df:a1:2b:8b:5a:72:63:eb:2b:
                    b7:66:70:08:8d:8e:e2:e7:e4:8e:4d:9b:9e:06:f4:
                    86:81:99:a8:4e:60:cf:e7:1a:d4:e3:ba:29:8b:e3:
                    de:94:7c:91:5c:c9:b9:02:b8:1f:62:fe:6b:97:f9:
                    72:7d:e0:78:64:24:88:07:e9:bd:f1:e1:57:19:cb:
                    50:b7:a7:5f:14:eb:c8:f2:2c:67:3a:b1:be:bc:e7:
                    2b:cd:c9:d2:2f:fe:a2:57:8a:49:16:2a:23:b7:d3:
                    4c:93:4a:30:c1:7b:6f:52:b5:60:50:e4:ad:06:e3:
                    dd:64:8e:7d:56:61:b2:79:20:31:a2:01:57:9e:10:
                    97:00:af:d4:89:db:ca:23:8a:c1:f4:3e:37:06:16:
                    d6:13:e7:d0:76:d6:fc:91:f8:8e:76:40:41:1e:d3:
                    f5:33:c3:8b:3d:f2:20:30:1d:12:d0:1c:4b:4d:9a:
                    2f:65:f4:d4:33:be:de:54:cc:10:2f:72:1b:10:9a:
                    02:e9:ff:69:8c:c1:f4:37:88:cd:b7:46:42:50:6f:
                    b4:dc:7e:ce:95:16:68:71:53:33:54:5d:42:d2:85:
                    ac:49:78:fb:f4:ce:7f:ca:f8:30:ba:39:87:54:01:
                    5b:58:0f:6f:0c:be:a5:9d:70:be:d3:57:dc:01:b5:
                    34:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:C9:08:82:5C:12:D9:10:12:44:E1:4F:10:6B:AF:41:AC:B0:3B:E0
            X509v3 Authority Key Identifier:
                keyid:B3:FB:1D:20:50:6F:54:CF:B9:A1:F9:45:1F:A1:0A:88:FF:3B:2F:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:e2:07:b6:de:08:67:a3:fb:71:69:40:12:a0:a9:5b:b2:46:
         92:16:87:cd:08:be:40:79:47:dc:4e:7d:0a:5a:5c:f7:7b:b6:
         0d:05:c3:1e:4f:34:57:37:4f:9e:04:8a:ec:2b:52:bd:ca:64:
         f2:d2:18:27:6c:f9:94:91:be:b6:30:41:4d:ad:c8:c6:aa:a7:
         e9:c2:0d:49:83:0e:10:41:66:63:3f:df:b6:d4:eb:c5:38:b0:
         ec:d4:ed:4c:4b:93:9a:b6:a5:17:d9:14:b5:85:86:b4:27:0b:
         81:9d:bc:67:64:98:45:62:f2:e2:2d:e0:62:23:6b:eb:69:39:
         fc:51:49:27:f3:1f:47:5a:2e:23:5c:8f:d7:8f:8e:72:cc:69:
         25:60:5f:de:cd:30:5b:27:cf:5f:27:fc:f4:51:59:92:79:f1:
         76:73:cd:33:1c:b2:25:a1:f2:8c:17:c7:d4:7c:83:aa:44:ca:
         87:c6:63:2b:9b:8d:08:14:70:63:a6:21:0c:89:e5:ed:e1:c7:
         d9:70:0f:cf:b9:18:7f:42:70:24:4e:a9:fc:77:7d:0f:7d:0b:
         f1:60:d9:01:d1:c1:a7:28:ce:40:62:2b:a2:bb:eb:58:18:62:
         8d:40:88:43:5c:b6:a5:41:f6:e4:70:82:05:0a:b0:40:86:17:
         93:e2:fc:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06wcqJ7QeNkicdkG7ipBbFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZmIxZDIwNTA2ZjU0Y2ZiOWExZjk0NTFmYTEwYTg4ZmYz
YjJmNjQwHhcNMjYwMzI5MTgwMTExWhcNMjYwMzMwMTgwMTExWjAzMTEwLwYDVQQD
EyhhY2M5MDg4MjVjMTJkOTEwMTI0NGUxNGYxMDZiYWY0MWFjYjAzYmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIpIoZDfoSuLWnJj6yu3ZnAIjY7i
5+SOTZueBvSGgZmoTmDP5xrU47opi+PelHyRXMm5ArgfYv5rl/lyfeB4ZCSIB+m9
8eFXGctQt6dfFOvI8ixnOrG+vOcrzcnSL/6iV4pJFiojt9NMk0owwXtvUrVgUOSt
BuPdZI59VmGyeSAxogFXnhCXAK/UidvKI4rB9D43BhbWE+fQdtb8kfiOdkBBHtP1
M8OLPfIgMB0S0BxLTZovZfTUM77eVMwQL3IbEJoC6f9pjMH0N4jNt0ZCUG+03H7O
lRZocVMzVF1C0oWsSXj79M5/yvgwujmHVAFbWA9vDL6lnXC+01fcAbU0yQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKzJCIJcEtkQEkThTxBrr0GssDvgMB8GA1UdIwQY
MBaAFLP7HSBQb1TPuaH5RR+hCoj/Oy9kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNDJkZjUtNGY5Mi00NDdkLWJkMjUt
ODZkNmUyZjQ2NjQyLzEvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNDJkZjUtNGY5Mi00NDdkLWJkMjUtODZkNmUyZjQ2NjQy
LzEvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd+IHtt4I
Z6P7cWlAEqCpW7JGkhaHzQi+QHlH3E59Clpc93u2DQXDHk80VzdPngSK7CtSvcpk
8tIYJ2z5lJG+tjBBTa3Ixqqn6cINSYMOEEFmYz/fttTrxTiw7NTtTEuTmralF9kU
tYWGtCcLgZ28Z2SYRWLy4i3gYiNr62k5/FFJJ/MfR1ouI1yP14+OcsxpJWBf3s0w
WyfPXyf89FFZknnxdnPNMxyyJaHyjBfH1HyDqkTKh8ZjK5uNCBRwY6YhDInl7eHH
2XAPz7kYf0JwJE6p/Hd9D30L8WDZAdHBpyjOQGIrorvrWBhijUCIQ1y2pUH25HCC
BQqwQIYXk+L8Bw==
-----END CERTIFICATE-----