Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.mft
File:                     u0OX5un46iWRVggDysuzI5Ytn64.mft (raw, json)
Hash identifier:          I+wk2hKzBl0TLiAeCJ6TJrd1ALbC9aK2uoj1RChtJnM=
Subject key identifier:   DB:A1:E6:2F:39:68:4B:6A:7F:7D:07:37:B0:03:9C:6D:64:DF:0D:9A
Authority key identifier: BB:43:97:E6:E9:F8:EA:25:91:56:08:03:CA:CB:B3:23:96:2D:9F:AE
Certificate issuer:       /CN=bb4397e6e9f8ea2591560803cacbb323962d9fae
Certificate serial:       019D386619BBACC2546792D6D7122FED27C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u0OX5un46iWRVggDysuzI5Ytn64.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.mft
Manifest number:          12CF
Signing time:             Sun 29 Mar 2026 07:01:48 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:48 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:48 +0000
Files and hashes:         1: u0OX5un46iWRVggDysuzI5Ytn64.crl (hash: mrX5G1frqweSVH4HxTRZaH6aCKxgneWQdVDa4RjB2kM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/u0OX5un46iWRVggDysuzI5Ytn64.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:19:bb:ac:c2:54:67:92:d6:d7:12:2f:ed:27:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb4397e6e9f8ea2591560803cacbb323962d9fae
        Validity
            Not Before: Mar 29 07:01:48 2026 GMT
            Not After : Mar 30 07:01:48 2026 GMT
        Subject: CN=dba1e62f39684b6a7f7d0737b0039c6d64df0d9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:34:ab:e9:b2:e2:7b:e8:c7:e7:eb:8b:51:0e:
                    85:00:63:07:05:92:de:08:c2:f1:ae:6d:0a:5f:61:
                    43:07:cf:8f:f9:0f:a5:1c:9d:61:cc:d4:43:d0:cc:
                    8a:b0:55:c2:17:3c:e7:0a:e9:08:0c:c3:04:b2:83:
                    ff:3f:0e:5c:fb:c9:fe:79:06:c9:3e:a4:d8:29:13:
                    d9:5c:07:c6:ba:34:81:71:52:a6:5c:a4:78:19:3f:
                    f0:11:ba:d5:8d:53:a5:8d:b1:4d:b0:d6:4c:5f:d4:
                    4d:49:6f:43:97:09:53:0d:24:4a:d5:48:79:21:33:
                    e0:09:c2:a9:ec:0c:1a:64:07:95:4b:9c:a0:0c:0a:
                    e3:ea:39:8b:97:14:f7:64:eb:a3:22:eb:a2:fe:56:
                    83:c3:0c:73:7b:08:78:3c:a8:ac:ad:fe:9a:44:72:
                    99:05:ee:d9:73:27:0f:f8:91:c5:9f:23:4d:98:fb:
                    d3:58:62:c4:ab:b5:be:00:81:2f:82:3c:43:b2:76:
                    3f:09:a4:c0:31:da:c2:f1:f3:03:ab:dd:2f:ba:24:
                    6a:ab:69:fa:25:d8:9a:ab:59:40:78:f6:8b:8d:ef:
                    54:c4:41:1c:1e:a0:a5:29:6d:07:4c:c3:1d:93:29:
                    e0:b8:10:7c:51:a0:58:11:b6:5f:2f:4c:d6:f4:e1:
                    54:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:A1:E6:2F:39:68:4B:6A:7F:7D:07:37:B0:03:9C:6D:64:DF:0D:9A
            X509v3 Authority Key Identifier:
                keyid:BB:43:97:E6:E9:F8:EA:25:91:56:08:03:CA:CB:B3:23:96:2D:9F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0OX5un46iWRVggDysuzI5Ytn64.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bc5e2f-a4ab-4bdc-9a07-6fb10eeaf627/1/u0OX5un46iWRVggDysuzI5Ytn64.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:a6:e5:08:0a:9c:bb:1c:e3:ec:6e:29:00:6a:3e:70:89:bc:
         ac:3b:5d:78:5a:9d:c9:e2:13:5b:bc:ff:1d:3b:93:81:ef:0a:
         f0:c3:f0:d5:b7:72:69:61:8b:6a:3a:9b:48:5a:1c:f8:9a:4b:
         5b:8b:81:e6:1d:49:a9:54:d2:0c:90:c3:c6:18:1f:b6:8b:1b:
         e6:67:21:af:03:35:77:c5:34:dc:8f:5e:ed:c2:4d:d9:6d:cf:
         9d:f6:6e:00:74:b9:dc:58:1e:97:7e:8c:c9:c3:51:4d:79:c8:
         70:8c:bb:f0:8a:4c:ed:6b:ff:91:60:20:8d:da:b8:76:31:7e:
         e2:51:1b:62:f9:2b:23:46:16:77:a5:7c:e3:f5:1f:29:df:a5:
         35:67:06:66:ac:39:cd:85:e3:38:94:13:88:64:af:46:13:a6:
         96:37:5c:c2:43:e9:f5:3d:31:dc:48:69:44:62:dd:bd:1e:d2:
         ad:f2:86:5b:41:a0:9b:7e:34:67:e2:fe:24:8a:28:ce:6a:76:
         d1:40:38:77:ad:16:4d:f5:f3:d4:18:18:5b:79:89:fa:5c:5c:
         59:9b:af:b8:1f:ef:92:6a:1e:65:c1:16:fe:0e:3e:d0:34:97:
         38:00:e9:a6:6f:75:b0:c8:ef:6c:77:bd:d5:a8:9b:b1:d3:e3:
         d0:40:79:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zhm7rMJUZ5LW1xIv7SfDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDM5N2U2ZTlmOGVhMjU5MTU2MDgwM2NhY2JiMzIzOTYy
ZDlmYWUwHhcNMjYwMzI5MDcwMTQ4WhcNMjYwMzMwMDcwMTQ4WjAzMTEwLwYDVQQD
EyhkYmExZTYyZjM5Njg0YjZhN2Y3ZDA3MzdiMDAzOWM2ZDY0ZGYwZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujSr6bLie+jH5+uLUQ6FAGMHBZLe
CMLxrm0KX2FDB8+P+Q+lHJ1hzNRD0MyKsFXCFzznCukIDMMEsoP/Pw5c+8n+eQbJ
PqTYKRPZXAfGujSBcVKmXKR4GT/wEbrVjVOljbFNsNZMX9RNSW9DlwlTDSRK1Uh5
ITPgCcKp7AwaZAeVS5ygDArj6jmLlxT3ZOujIuui/laDwwxzewh4PKisrf6aRHKZ
Be7ZcycP+JHFnyNNmPvTWGLEq7W+AIEvgjxDsnY/CaTAMdrC8fMDq90vuiRqq2n6
Jdiaq1lAePaLje9UxEEcHqClKW0HTMMdkynguBB8UaBYEbZfL0zW9OFUEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNuh5i85aEtqf30HN7ADnG1k3w2aMB8GA1UdIwQY
MBaAFLtDl+bp+OolkVYIA8rLsyOWLZ+uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBPWDV1bjQ2aVdSVmdnRHlzdXpJNVl0bjY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iYzVlMmYtYTRhYi00YmRjLTlhMDct
NmZiMTBlZWFmNjI3LzEvdTBPWDV1bjQ2aVdSVmdnRHlzdXpJNVl0bjY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iYzVlMmYtYTRhYi00YmRjLTlhMDctNmZiMTBlZWFmNjI3
LzEvdTBPWDV1bjQ2aVdSVmdnRHlzdXpJNVl0bjY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtqblCAqc
uxzj7G4pAGo+cIm8rDtdeFqdyeITW7z/HTuTge8K8MPw1bdyaWGLajqbSFoc+JpL
W4uB5h1JqVTSDJDDxhgftosb5mchrwM1d8U03I9e7cJN2W3PnfZuAHS53Fgel36M
ycNRTXnIcIy78IpM7Wv/kWAgjdq4djF+4lEbYvkrI0YWd6V84/UfKd+lNWcGZqw5
zYXjOJQTiGSvRhOmljdcwkPp9T0x3EhpRGLdvR7SrfKGW0Ggm340Z+L+JIoozmp2
0UA4d60WTfXz1BgYW3mJ+lxcWZuvuB/vkmoeZcEW/g4+0DSXOADppm91sMjvbHe9
1aibsdPj0EB5VA==
-----END CERTIFICATE-----