Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft
File:                     MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft (raw, json)
Hash identifier:          cjeh5zf5gUouCDiTwR2ZjO7dLTWhzgcjUTjiQiBfhp0=
Subject key identifier:   E2:3F:89:19:7B:2E:26:B8:0B:DC:7F:78:C5:EE:03:96:34:01:FC:37
Authority key identifier: 31:B1:62:1C:E2:8C:BB:FE:F0:38:AB:D7:54:9F:C6:CB:50:E7:11:6B
Certificate issuer:       /CN=31b1621ce28cbbfef038abd7549fc6cb50e7116b
Certificate serial:       019D3AC12A5B3B705782009999D62471A393
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft
Manifest number:          0B81
Signing time:             Sun 29 Mar 2026 18:00:30 +0000
Manifest this update:     Sun 29 Mar 2026 18:00:30 +0000
Manifest next update:     Mon 30 Mar 2026 18:00:30 +0000
Files and hashes:         1: MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.crl (hash: 9L+ldjIsGvGxCaj7vv6DvgpDFIWq2udWc8sfhOakJKQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:c1:2a:5b:3b:70:57:82:00:99:99:d6:24:71:a3:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31b1621ce28cbbfef038abd7549fc6cb50e7116b
        Validity
            Not Before: Mar 29 18:00:30 2026 GMT
            Not After : Mar 30 18:00:30 2026 GMT
        Subject: CN=e23f89197b2e26b80bdc7f78c5ee03963401fc37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:fd:de:d7:1b:be:92:39:18:1f:82:11:ec:be:
                    62:66:02:50:4b:cc:d9:d3:c2:e5:1f:7d:19:04:07:
                    b2:7f:47:c8:80:10:7c:ca:b4:6f:f1:33:95:d5:e3:
                    fc:cc:a1:10:b8:2c:3b:1e:e7:cc:94:b3:eb:75:b6:
                    b5:c3:18:73:ca:62:76:68:43:12:23:40:5a:ed:ef:
                    6d:7e:26:28:5f:c5:45:7a:b7:d3:b6:fe:bc:b5:76:
                    4c:bf:41:0b:bd:81:cc:f3:da:5f:85:22:43:21:c3:
                    7d:73:85:09:52:56:ba:27:e5:d7:98:4b:9a:d3:94:
                    ce:49:c1:15:ea:21:d5:f6:4d:79:48:7b:ee:b2:f2:
                    a1:61:3e:37:4b:61:ac:aa:11:2d:8d:02:17:ae:77:
                    ee:42:b3:37:55:07:30:ef:98:8c:3e:45:a8:30:3d:
                    f3:f6:6f:8c:30:47:3c:d7:ad:e8:9a:3e:f7:b2:d2:
                    06:01:9d:45:91:ec:d5:78:ae:f9:d9:e8:44:7b:b5:
                    f9:f5:d8:76:57:75:61:dd:b8:ce:6b:56:ab:2e:97:
                    84:b2:5e:a1:af:7b:8f:5b:b0:52:61:1e:fc:2a:1c:
                    b3:f9:98:35:36:d8:77:fd:1c:6c:5e:29:c2:87:b3:
                    d7:7a:d0:68:58:e0:b4:aa:a5:ab:39:15:c1:63:f5:
                    02:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:3F:89:19:7B:2E:26:B8:0B:DC:7F:78:C5:EE:03:96:34:01:FC:37
            X509v3 Authority Key Identifier:
                keyid:31:B1:62:1C:E2:8C:BB:FE:F0:38:AB:D7:54:9F:C6:CB:50:E7:11:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:6e:a3:02:81:a9:24:4e:00:b5:12:18:35:95:60:bf:63:44:
         0b:92:fe:a7:77:4c:bf:cc:cb:3f:9d:ec:11:83:13:10:10:7d:
         e5:ed:be:d4:ad:c0:c6:dd:43:46:f8:44:90:1c:96:6a:20:84:
         fb:01:d2:00:b7:93:69:3a:49:b0:ad:32:38:32:ac:28:76:64:
         e9:ce:0e:bf:5c:09:90:25:3f:7f:6c:5d:67:a2:35:7c:00:13:
         d4:8a:d3:f0:20:b8:17:3a:d8:ff:d0:f4:18:be:a4:a5:30:8e:
         51:0a:7e:b5:a0:c0:66:40:60:e0:45:71:f6:2c:91:5f:8e:c4:
         26:39:2d:53:83:79:07:80:bb:92:56:9c:fa:bc:1d:71:01:b4:
         b5:72:09:7c:52:66:70:07:27:06:c2:28:19:29:55:d3:3f:18:
         a4:6e:2d:8d:31:bc:63:e8:f0:cc:aa:75:24:de:d4:b6:6c:93:
         48:5c:9c:aa:db:39:8f:e0:1c:c8:1f:4c:ef:4b:f1:67:ef:73:
         a6:84:ff:00:c6:59:9d:18:92:e9:d8:cb:5b:eb:d0:eb:a4:94:
         f4:db:5d:37:c3:84:3c:74:c9:5e:6c:da:a4:63:1f:96:a0:19:
         64:af:3c:e7:7e:68:d0:08:e0:13:d6:8c:c9:37:7b:2f:25:be:
         fa:3c:e8:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06wSpbO3BXggCZmdYkcaOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYjE2MjFjZTI4Y2JiZmVmMDM4YWJkNzU0OWZjNmNiNTBl
NzExNmIwHhcNMjYwMzI5MTgwMDMwWhcNMjYwMzMwMTgwMDMwWjAzMTEwLwYDVQQD
EyhlMjNmODkxOTdiMmUyNmI4MGJkYzdmNzhjNWVlMDM5NjM0MDFmYzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/3e1xu+kjkYH4IR7L5iZgJQS8zZ
08LlH30ZBAeyf0fIgBB8yrRv8TOV1eP8zKEQuCw7HufMlLPrdba1wxhzymJ2aEMS
I0Ba7e9tfiYoX8VFerfTtv68tXZMv0ELvYHM89pfhSJDIcN9c4UJUla6J+XXmEua
05TOScEV6iHV9k15SHvusvKhYT43S2GsqhEtjQIXrnfuQrM3VQcw75iMPkWoMD3z
9m+MMEc8163omj73stIGAZ1FkezVeK752ehEe7X59dh2V3Vh3bjOa1arLpeEsl6h
r3uPW7BSYR78Khyz+Zg1Nth3/RxsXinCh7PXetBoWOC0qqWrORXBY/UChQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOI/iRl7Lia4C9x/eMXuA5Y0Afw3MB8GA1UdIwQY
MBaAFDGxYhzijLv+8Dir11SfxstQ5xFrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWJGaUhPS011Xzd3T0t2WFZKX0d5MURuRVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMDYwMmMtOGRlNC00ZGVjLThiMjQt
NjYxNDYzMjcyM2I5LzEvTWJGaUhPS011Xzd3T0t2WFZKX0d5MURuRVdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8yMDYwMmMtOGRlNC00ZGVjLThiMjQtNjYxNDYzMjcyM2I5
LzEvTWJGaUhPS011Xzd3T0t2WFZKX0d5MURuRVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAom6jAoGp
JE4AtRIYNZVgv2NEC5L+p3dMv8zLP53sEYMTEBB95e2+1K3Axt1DRvhEkByWaiCE
+wHSALeTaTpJsK0yODKsKHZk6c4Ov1wJkCU/f2xdZ6I1fAAT1IrT8CC4FzrY/9D0
GL6kpTCOUQp+taDAZkBg4EVx9iyRX47EJjktU4N5B4C7klac+rwdcQG0tXIJfFJm
cAcnBsIoGSlV0z8YpG4tjTG8Y+jwzKp1JN7UtmyTSFycqts5j+AcyB9M70vxZ+9z
poT/AMZZnRiS6djLW+vQ66SU9NtdN8OEPHTJXmzapGMflqAZZK88535o0AjgE9aM
yTd7LyW++jzo9Q==
-----END CERTIFICATE-----