Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/18c999-b73a-4214-a22c-728fd6babaff/1/k0F7oKbrs_OxuCr3UPviioakGzU.mft
File:                     k0F7oKbrs_OxuCr3UPviioakGzU.mft (raw, json)
Hash identifier:          ooZ43IsS8h6QiPxpmpGr8KTVK4nQhRDzgARqX4iB4gU=
Subject key identifier:   8D:FE:D3:99:CA:F8:67:67:D4:E1:16:2F:C7:C2:E9:3C:99:51:30:52
Authority key identifier: 93:41:7B:A0:A6:EB:B3:F3:B1:B8:2A:F7:50:FB:E2:8A:86:A4:1B:35
Certificate issuer:       /CN=93417ba0a6ebb3f3b1b82af750fbe28a86a41b35
Certificate serial:       019D38655850E6840679268EB4542D91ED74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k0F7oKbrs_OxuCr3UPviioakGzU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/18c999-b73a-4214-a22c-728fd6babaff/1/k0F7oKbrs_OxuCr3UPviioakGzU.mft
Manifest number:          0BB0
Signing time:             Sun 29 Mar 2026 07:00:59 +0000
Manifest this update:     Sun 29 Mar 2026 07:00:59 +0000
Manifest next update:     Mon 30 Mar 2026 07:00:59 +0000
Files and hashes:         1: k0F7oKbrs_OxuCr3UPviioakGzU.crl (hash: 4SAsMS99S04iTjrNepj3UWTBMAbK88dGu2O5kTCW0Qg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/18c999-b73a-4214-a22c-728fd6babaff/1/k0F7oKbrs_OxuCr3UPviioakGzU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/18c999-b73a-4214-a22c-728fd6babaff/1/k0F7oKbrs_OxuCr3UPviioakGzU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/k0F7oKbrs_OxuCr3UPviioakGzU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:58:50:e6:84:06:79:26:8e:b4:54:2d:91:ed:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93417ba0a6ebb3f3b1b82af750fbe28a86a41b35
        Validity
            Not Before: Mar 29 07:00:59 2026 GMT
            Not After : Mar 30 07:00:59 2026 GMT
        Subject: CN=8dfed399caf86767d4e1162fc7c2e93c99513052
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:ac:17:61:7d:d4:c5:c5:d4:08:29:54:f6:ff:
                    3e:a5:58:45:60:49:b7:49:10:44:f2:39:05:2d:e6:
                    0b:6f:9a:0c:c3:c8:cc:da:20:13:23:9a:27:b9:82:
                    06:34:be:b6:8e:2b:a4:c2:96:a9:cc:3d:1f:ab:f5:
                    e0:d3:0f:61:7d:c5:86:de:75:05:59:13:3f:cc:ab:
                    1d:73:47:5c:28:5e:94:1e:75:0f:1b:2a:6f:30:dc:
                    aa:6a:23:30:97:08:86:fa:5b:83:55:e6:4f:49:db:
                    af:5a:18:e6:b9:e6:45:01:6a:b0:d9:b4:09:0a:4d:
                    e1:a4:f3:7f:16:f1:4d:18:0a:27:41:fb:61:d2:c5:
                    6b:6a:97:53:71:fe:8f:3c:b7:b0:e1:26:b6:b9:f1:
                    c5:cf:df:be:c0:84:54:4c:6f:b1:f7:0d:6c:9e:47:
                    9d:92:f3:ca:66:d9:bb:ed:f3:11:98:7f:01:b6:a3:
                    a0:01:4f:bf:a8:bc:63:48:38:b8:28:b0:b4:d1:70:
                    8c:d3:e8:7c:8b:5f:f0:85:37:12:a7:5b:24:94:cd:
                    58:5c:26:89:47:f9:73:12:24:7d:84:a1:69:a2:68:
                    e9:66:64:b7:5c:b2:c5:de:ff:7b:b8:93:8c:2a:13:
                    b1:86:d9:86:73:e1:87:e8:6c:d5:5e:bd:d9:27:3f:
                    f7:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:FE:D3:99:CA:F8:67:67:D4:E1:16:2F:C7:C2:E9:3C:99:51:30:52
            X509v3 Authority Key Identifier:
                keyid:93:41:7B:A0:A6:EB:B3:F3:B1:B8:2A:F7:50:FB:E2:8A:86:A4:1B:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k0F7oKbrs_OxuCr3UPviioakGzU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/18c999-b73a-4214-a22c-728fd6babaff/1/k0F7oKbrs_OxuCr3UPviioakGzU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/18c999-b73a-4214-a22c-728fd6babaff/1/k0F7oKbrs_OxuCr3UPviioakGzU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:d4:03:57:ab:d6:7a:fc:64:ca:29:1d:9e:c2:55:31:73:7d:
         05:fe:ec:bb:f8:3a:3d:5f:c2:5b:fa:22:ff:ca:31:dd:58:68:
         3a:dc:32:85:92:8e:63:10:ba:6a:39:46:6a:71:e4:d5:29:1d:
         d7:0b:db:36:e6:50:aa:c1:93:4d:a1:08:ee:39:c8:bc:f4:2d:
         20:75:22:1d:17:e3:2b:77:f9:c3:9b:42:ef:49:89:1a:ec:fb:
         6a:a2:cf:fd:aa:e6:81:72:e4:de:ad:a2:9a:24:52:8b:ba:ad:
         98:db:c7:cc:49:d6:dc:92:bd:0d:be:dc:7b:08:13:7e:b8:ce:
         35:26:d9:94:e7:7f:1f:13:95:79:bd:b6:e4:0a:fe:80:c6:b9:
         4c:a4:05:5c:17:ca:96:f4:f6:63:fb:cd:fe:bd:79:bf:cf:1e:
         1f:56:7e:5d:f2:f6:8c:5c:23:69:24:8e:14:33:ef:ca:87:93:
         a4:e1:32:3f:87:6c:03:5c:d3:64:55:d6:6e:cc:1a:8d:37:c3:
         d0:70:dc:5f:a1:ce:5c:85:dd:53:24:61:8b:1a:35:d9:f3:d8:
         e4:ce:db:bd:5e:1e:c0:e6:fe:d6:07:46:f7:6d:fd:0f:94:4c:
         b0:ea:a5:29:8a:69:5d:90:42:87:b7:7b:65:b9:cf:11:1f:47:
         3a:9f:b2:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZVhQ5oQGeSaOtFQtke10MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNDE3YmEwYTZlYmIzZjNiMWI4MmFmNzUwZmJlMjhhODZh
NDFiMzUwHhcNMjYwMzI5MDcwMDU5WhcNMjYwMzMwMDcwMDU5WjAzMTEwLwYDVQQD
Eyg4ZGZlZDM5OWNhZjg2NzY3ZDRlMTE2MmZjN2MyZTkzYzk5NTEzMDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKwXYX3UxcXUCClU9v8+pVhFYEm3
SRBE8jkFLeYLb5oMw8jM2iATI5onuYIGNL62jiukwpapzD0fq/Xg0w9hfcWG3nUF
WRM/zKsdc0dcKF6UHnUPGypvMNyqaiMwlwiG+luDVeZPSduvWhjmueZFAWqw2bQJ
Ck3hpPN/FvFNGAonQfth0sVrapdTcf6PPLew4Sa2ufHFz9++wIRUTG+x9w1snked
kvPKZtm77fMRmH8BtqOgAU+/qLxjSDi4KLC00XCM0+h8i1/whTcSp1sklM1YXCaJ
R/lzEiR9hKFpomjpZmS3XLLF3v97uJOMKhOxhtmGc+GH6GzVXr3ZJz/3OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI3+05nK+Gdn1OEWL8fC6TyZUTBSMB8GA1UdIwQY
MBaAFJNBe6Cm67Pzsbgq91D74oqGpBs1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazBGN29LYnJzX094dUNyM1VQdmlpb2FrR3pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8xOGM5OTktYjczYS00MjE0LWEyMmMt
NzI4ZmQ2YmFiYWZmLzEvazBGN29LYnJzX094dUNyM1VQdmlpb2FrR3pVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8xOGM5OTktYjczYS00MjE0LWEyMmMtNzI4ZmQ2YmFiYWZm
LzEvazBGN29LYnJzX094dUNyM1VQdmlpb2FrR3pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAStQDV6vW
evxkyikdnsJVMXN9Bf7su/g6PV/CW/oi/8ox3VhoOtwyhZKOYxC6ajlGanHk1Skd
1wvbNuZQqsGTTaEI7jnIvPQtIHUiHRfjK3f5w5tC70mJGuz7aqLP/armgXLk3q2i
miRSi7qtmNvHzEnW3JK9Db7cewgTfrjONSbZlOd/HxOVeb225Ar+gMa5TKQFXBfK
lvT2Y/vN/r15v88eH1Z+XfL2jFwjaSSOFDPvyoeTpOEyP4dsA1zTZFXWbswajTfD
0HDcX6HOXIXdUyRhixo12fPY5M7bvV4ewOb+1gdG9239D5RMsOqlKYppXZBCh7d7
ZbnPER9HOp+ypA==
-----END CERTIFICATE-----