Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
File:                     ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft (raw, json)
Hash identifier:          tE84lxXFjJ1npWWnVNgwBUczWyCW84R1HVwAMUgaeL0=
Subject key identifier:   83:B1:14:65:37:62:9C:73:FF:83:A8:D5:84:13:FA:79:3A:99:E3:E0
Authority key identifier: 89:B9:8B:1D:BC:4D:B0:FB:D8:65:6D:2B:2B:8A:53:E2:C3:DC:A6:AB
Certificate issuer:       /CN=89b98b1dbc4db0fbd8656d2b2b8a53e2c3dca6ab
Certificate serial:       019D3940A5DD16F165331E13770A5551A2BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
Manifest number:          118C
Signing time:             Sun 29 Mar 2026 11:00:31 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:31 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:31 +0000
Files and hashes:         1: ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl (hash: uSe2PpTiGsSN2dpSUMdHc+kMKp4F0XdyShw8XZAxaIE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:a5:dd:16:f1:65:33:1e:13:77:0a:55:51:a2:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89b98b1dbc4db0fbd8656d2b2b8a53e2c3dca6ab
        Validity
            Not Before: Mar 29 11:00:31 2026 GMT
            Not After : Mar 30 11:00:31 2026 GMT
        Subject: CN=83b1146537629c73ff83a8d58413fa793a99e3e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:a1:25:bc:0f:6c:d1:e5:4b:d7:45:22:58:c5:
                    e0:c4:a4:22:a1:13:b8:0d:53:2c:42:f5:59:9c:24:
                    7a:77:d0:ab:9b:07:e0:ec:0d:bc:42:90:4d:e3:bb:
                    a3:a4:02:7f:95:39:68:0f:df:03:6e:c8:4b:30:44:
                    89:a4:c5:3c:75:07:ba:f3:d3:cf:25:30:97:ef:0a:
                    80:8a:54:bf:5a:67:83:83:10:80:fa:95:35:a2:9d:
                    cc:a9:78:2b:bc:28:bd:a2:df:59:c6:77:3e:6a:19:
                    a1:0f:b0:e6:52:96:4d:30:6d:33:7c:b8:e4:2f:65:
                    56:47:c4:d2:65:4a:c6:84:e9:ee:68:72:e4:de:68:
                    63:61:77:b1:85:15:1f:d0:8b:84:1f:0c:d3:c6:cf:
                    4c:33:6f:fd:f0:c3:ea:25:7d:ba:cd:3e:64:8c:b0:
                    82:30:a3:cf:9f:82:23:10:86:04:9b:92:60:f9:5c:
                    69:6d:91:d2:5d:ff:7d:e3:1d:58:84:5d:ad:e9:da:
                    9d:da:9a:2d:7a:d3:8e:ae:d3:94:c4:b0:7f:b2:57:
                    16:a0:89:8a:30:8e:5f:e9:a9:d2:f6:88:b2:63:5c:
                    70:46:d9:22:85:44:e5:59:07:20:5f:3c:ac:82:a7:
                    92:3a:94:d1:b6:46:06:cf:56:46:9b:7d:8c:a9:fa:
                    eb:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:B1:14:65:37:62:9C:73:FF:83:A8:D5:84:13:FA:79:3A:99:E3:E0
            X509v3 Authority Key Identifier:
                keyid:89:B9:8B:1D:BC:4D:B0:FB:D8:65:6D:2B:2B:8A:53:E2:C3:DC:A6:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:ee:48:1d:1d:8d:54:2f:31:8a:6d:c3:11:7c:db:d5:1c:76:
         b7:6e:22:90:93:36:bc:33:b5:fe:b3:84:80:a6:57:fb:55:62:
         d4:e9:69:e1:1c:d5:9f:a0:d9:9a:8f:3e:7c:9e:cc:20:08:ab:
         ab:35:7d:8f:e3:27:a7:93:54:92:45:5d:c1:f1:56:ce:ce:31:
         3a:06:f1:65:5a:32:81:df:33:72:67:0a:a1:e5:04:03:a7:36:
         1f:68:53:40:e9:c3:da:58:dd:04:df:7b:ff:60:c5:9b:e7:21:
         36:c5:13:c2:7f:c0:97:3f:3c:63:23:ab:9f:d7:47:8e:60:5e:
         3f:8b:13:ea:da:a2:49:6d:61:9e:df:b2:62:c5:10:cc:c2:c3:
         98:89:5b:13:f4:14:7a:4b:aa:80:af:cf:72:c7:7b:95:37:29:
         d3:da:b3:74:53:ed:2f:cb:cb:bf:e9:6f:a4:01:09:a8:39:78:
         bf:1d:24:3e:6c:fa:ba:0a:81:56:01:22:6c:e3:4e:87:bd:8b:
         d6:48:96:96:d8:7b:a2:02:93:f8:a3:6a:b9:d0:5c:ea:e0:31:
         2d:40:61:5d:3d:f6:44:07:ad:48:31:af:19:b8:fb:b8:61:52:
         ba:0f:4d:df:fa:44:f5:1f:b8:a4:29:a0:5a:47:ab:5e:9e:2d:
         0a:76:dd:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QKXdFvFlMx4TdwpVUaK9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5Yjk4YjFkYmM0ZGIwZmJkODY1NmQyYjJiOGE1M2UyYzNk
Y2E2YWIwHhcNMjYwMzI5MTEwMDMxWhcNMjYwMzMwMTEwMDMxWjAzMTEwLwYDVQQD
Eyg4M2IxMTQ2NTM3NjI5YzczZmY4M2E4ZDU4NDEzZmE3OTNhOTllM2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqElvA9s0eVL10UiWMXgxKQioRO4
DVMsQvVZnCR6d9Crmwfg7A28QpBN47ujpAJ/lTloD98DbshLMESJpMU8dQe689PP
JTCX7wqAilS/WmeDgxCA+pU1op3MqXgrvCi9ot9Zxnc+ahmhD7DmUpZNMG0zfLjk
L2VWR8TSZUrGhOnuaHLk3mhjYXexhRUf0IuEHwzTxs9MM2/98MPqJX26zT5kjLCC
MKPPn4IjEIYEm5Jg+VxpbZHSXf994x1YhF2t6dqd2potetOOrtOUxLB/slcWoImK
MI5f6anS9oiyY1xwRtkihUTlWQcgXzysgqeSOpTRtkYGz1ZGm32MqfrreQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIOxFGU3Ypxz/4Oo1YQT+nk6mePgMB8GA1UdIwQY
MBaAFIm5ix28TbD72GVtKyuKU+LD3KarMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iNGI2MDAtNDdhNy00NzA3LTlhOWUt
NGRhNTQ0NzE3NjJlLzEvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iNGI2MDAtNDdhNy00NzA3LTlhOWUtNGRhNTQ0NzE3NjJl
LzEvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQO5IHR2N
VC8xim3DEXzb1Rx2t24ikJM2vDO1/rOEgKZX+1Vi1Olp4RzVn6DZmo8+fJ7MIAir
qzV9j+Mnp5NUkkVdwfFWzs4xOgbxZVoygd8zcmcKoeUEA6c2H2hTQOnD2ljdBN97
/2DFm+chNsUTwn/Alz88YyOrn9dHjmBeP4sT6tqiSW1hnt+yYsUQzMLDmIlbE/QU
ekuqgK/Pcsd7lTcp09qzdFPtL8vLv+lvpAEJqDl4vx0kPmz6ugqBVgEibONOh72L
1kiWlth7ogKT+KNqudBc6uAxLUBhXT32RAetSDGvGbj7uGFSug9N3/pE9R+4pCmg
WkerXp4tCnbd7Q==
-----END CERTIFICATE-----