Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.mft
File:                     L8tesBINBwkLEmJWxFo1KC1awKw.mft (raw, json)
Hash identifier:          sU8DopewYNNg8McSM7RfI6NRASht9ZuStGQ8rF0Jb4A=
Subject key identifier:   98:0C:F0:0B:B3:36:2F:15:1D:61:91:A1:CB:93:EB:C4:7C:94:92:0B
Authority key identifier: 2F:CB:5E:B0:12:0D:07:09:0B:12:62:56:C4:5A:35:28:2D:5A:C0:AC
Certificate issuer:       /CN=2fcb5eb0120d07090b126256c45a35282d5ac0ac
Certificate serial:       019D386655A3E63053766A49D9923E89F0F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L8tesBINBwkLEmJWxFo1KC1awKw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.mft
Manifest number:          0343
Signing time:             Sun 29 Mar 2026 07:02:03 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:03 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:03 +0000
Files and hashes:         1: L8tesBINBwkLEmJWxFo1KC1awKw.crl (hash: SknnmWUB3Tp4wHForarhCBENY6C+fM5qRBaZAxaPbFE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/L8tesBINBwkLEmJWxFo1KC1awKw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:55:a3:e6:30:53:76:6a:49:d9:92:3e:89:f0:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2fcb5eb0120d07090b126256c45a35282d5ac0ac
        Validity
            Not Before: Mar 29 07:02:03 2026 GMT
            Not After : Mar 30 07:02:03 2026 GMT
        Subject: CN=980cf00bb3362f151d6191a1cb93ebc47c94920b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:fd:17:cf:47:04:ac:60:a2:4f:49:f5:62:01:
                    c0:c6:c1:a0:b3:87:2a:c3:fe:92:97:06:a4:df:13:
                    4e:ec:ba:7b:76:31:5e:7f:1c:74:73:71:42:05:c8:
                    07:e1:33:b4:15:16:5c:3c:db:c2:22:2b:27:64:0d:
                    30:1b:ea:12:fc:d6:f1:3e:05:31:71:73:e7:ae:a8:
                    8b:f1:99:5b:4c:ea:fa:1a:c2:b2:b1:b6:c5:cd:b5:
                    e7:d3:a5:bc:f6:0a:bb:e6:8c:01:b9:30:04:49:55:
                    ea:41:9f:54:59:c8:fd:30:a4:06:cf:d0:d9:12:4d:
                    88:5e:72:39:ef:50:f9:23:45:c5:34:74:e4:53:d5:
                    55:df:43:97:96:2c:24:98:e0:54:fe:38:14:43:6b:
                    3b:69:3a:1e:4b:c4:84:c2:2f:be:51:80:c9:ce:03:
                    c6:3d:7e:76:a9:c6:78:5c:a2:1d:5b:76:21:fe:25:
                    94:79:ac:05:9b:59:38:d0:bf:30:55:0f:fd:18:12:
                    2e:d0:bb:c7:93:4c:5a:48:8f:e6:1c:da:07:97:3c:
                    2b:64:a8:e0:20:61:09:14:0c:6b:b0:af:83:41:5e:
                    68:bd:84:e4:b7:4a:ae:bc:15:9c:61:ec:34:53:4d:
                    6f:e4:66:88:6a:02:2b:d5:3a:3b:99:a5:ee:83:8c:
                    63:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:0C:F0:0B:B3:36:2F:15:1D:61:91:A1:CB:93:EB:C4:7C:94:92:0B
            X509v3 Authority Key Identifier:
                keyid:2F:CB:5E:B0:12:0D:07:09:0B:12:62:56:C4:5A:35:28:2D:5A:C0:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L8tesBINBwkLEmJWxFo1KC1awKw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/bb5912-17c7-4607-9472-e2152edf9f9c/1/L8tesBINBwkLEmJWxFo1KC1awKw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:d1:af:cf:1f:40:45:7b:c9:b2:03:bf:c6:95:30:82:90:91:
         02:0e:cc:3a:7f:20:a9:10:13:11:01:c4:c4:fe:38:c7:54:87:
         0e:4a:b8:1a:90:34:9a:28:3d:94:a3:10:45:9e:41:81:4c:fb:
         bc:6e:08:7e:21:02:bb:bf:d7:44:ba:22:be:30:d0:c3:28:99:
         6c:54:6a:c6:76:dd:c8:0f:7a:a1:5f:28:8e:b4:9c:fa:1c:ef:
         0c:95:60:31:21:df:85:30:f9:49:2e:b4:60:01:14:c3:01:f2:
         ed:e3:64:86:60:44:98:9d:9c:bb:23:6c:00:b9:f4:0e:a9:d5:
         2e:e7:2f:67:95:49:0d:90:7a:f6:43:85:9d:5d:16:27:db:a5:
         d8:db:59:aa:75:27:57:7c:56:d4:a2:65:6d:e4:35:5e:0f:17:
         b2:97:90:e0:81:5a:0d:4f:e5:b5:bd:75:b6:e9:60:0a:e8:1d:
         e6:ab:1c:bb:fd:4e:dd:8e:ab:d2:ad:e4:a5:4c:9c:6a:44:66:
         e5:e6:da:16:2d:cd:70:e4:04:33:a2:5b:04:3e:a0:1c:8a:4f:
         fb:00:b0:95:e8:41:d8:26:ab:65:3d:d6:23:ac:51:18:89:56:
         2a:67:d8:ef:80:b8:50:63:a2:5c:40:a0:3d:cc:b8:c6:5a:cf:
         ce:45:94:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZlWj5jBTdmpJ2ZI+ifD3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmY2I1ZWIwMTIwZDA3MDkwYjEyNjI1NmM0NWEzNTI4MmQ1
YWMwYWMwHhcNMjYwMzI5MDcwMjAzWhcNMjYwMzMwMDcwMjAzWjAzMTEwLwYDVQQD
Eyg5ODBjZjAwYmIzMzYyZjE1MWQ2MTkxYTFjYjkzZWJjNDdjOTQ5MjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/0Xz0cErGCiT0n1YgHAxsGgs4cq
w/6Slwak3xNO7Lp7djFefxx0c3FCBcgH4TO0FRZcPNvCIisnZA0wG+oS/NbxPgUx
cXPnrqiL8ZlbTOr6GsKysbbFzbXn06W89gq75owBuTAESVXqQZ9UWcj9MKQGz9DZ
Ek2IXnI571D5I0XFNHTkU9VV30OXliwkmOBU/jgUQ2s7aToeS8SEwi++UYDJzgPG
PX52qcZ4XKIdW3Yh/iWUeawFm1k40L8wVQ/9GBIu0LvHk0xaSI/mHNoHlzwrZKjg
IGEJFAxrsK+DQV5ovYTkt0quvBWcYew0U01v5GaIagIr1To7maXug4xjGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJgM8AuzNi8VHWGRocuT68R8lJILMB8GA1UdIwQY
MBaAFC/LXrASDQcJCxJiVsRaNSgtWsCsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDh0ZXNCSU5Cd2tMRW1KV3hGbzFLQzFhd0t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9iYjU5MTItMTdjNy00NjA3LTk0NzIt
ZTIxNTJlZGY5ZjljLzEvTDh0ZXNCSU5Cd2tMRW1KV3hGbzFLQzFhd0t3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9iYjU5MTItMTdjNy00NjA3LTk0NzItZTIxNTJlZGY5Zjlj
LzEvTDh0ZXNCSU5Cd2tMRW1KV3hGbzFLQzFhd0t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF9Gvzx9A
RXvJsgO/xpUwgpCRAg7MOn8gqRATEQHExP44x1SHDkq4GpA0mig9lKMQRZ5BgUz7
vG4IfiECu7/XRLoivjDQwyiZbFRqxnbdyA96oV8ojrSc+hzvDJVgMSHfhTD5SS60
YAEUwwHy7eNkhmBEmJ2cuyNsALn0DqnVLucvZ5VJDZB69kOFnV0WJ9ul2NtZqnUn
V3xW1KJlbeQ1Xg8XspeQ4IFaDU/ltb11tulgCugd5qscu/1O3Y6r0q3kpUycakRm
5ebaFi3NcOQEM6JbBD6gHIpP+wCwlehB2CarZT3WI6xRGIlWKmfY74C4UGOiXECg
Pcy4xlrPzkWUqw==
-----END CERTIFICATE-----