Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/160d81-c728-462f-aa26-a15935064add/1/b27JJY79ACkhePqBwjzXfAKhoRA.mft
File:                     b27JJY79ACkhePqBwjzXfAKhoRA.mft (raw, json)
Hash identifier:          Cz8AeFyQUABVef5x1efh4gbldtH05fUj3UNMBXrN99U=
Subject key identifier:   61:FD:6E:E5:40:F5:BF:F3:C1:0F:DC:EA:8D:FC:84:3A:58:C7:4A:5A
Authority key identifier: 6F:6E:C9:25:8E:FD:00:29:21:78:FA:81:C2:3C:D7:7C:02:A1:A1:10
Certificate issuer:       /CN=6f6ec9258efd00292178fa81c23cd77c02a1a110
Certificate serial:       019D38D2E39E646CA0962F62A9DBD5CE0310
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b27JJY79ACkhePqBwjzXfAKhoRA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/160d81-c728-462f-aa26-a15935064add/1/b27JJY79ACkhePqBwjzXfAKhoRA.mft
Manifest number:          0F0E
Signing time:             Sun 29 Mar 2026 09:00:38 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:38 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:38 +0000
Files and hashes:         1: b27JJY79ACkhePqBwjzXfAKhoRA.crl (hash: URLUkIYAXNoXZWnsqxxticU6l5pDg3ueQWp1pIHl+eA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/160d81-c728-462f-aa26-a15935064add/1/b27JJY79ACkhePqBwjzXfAKhoRA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/160d81-c728-462f-aa26-a15935064add/1/b27JJY79ACkhePqBwjzXfAKhoRA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b27JJY79ACkhePqBwjzXfAKhoRA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:e3:9e:64:6c:a0:96:2f:62:a9:db:d5:ce:03:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f6ec9258efd00292178fa81c23cd77c02a1a110
        Validity
            Not Before: Mar 29 09:00:38 2026 GMT
            Not After : Mar 30 09:00:38 2026 GMT
        Subject: CN=61fd6ee540f5bff3c10fdcea8dfc843a58c74a5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:43:29:f2:48:6c:e0:cd:41:f8:f0:5f:aa:b5:
                    13:9b:9c:1f:ba:a3:21:86:2d:96:ab:7e:ba:c8:fb:
                    f4:a6:22:8a:82:df:38:38:9f:dc:7c:cf:be:4a:ef:
                    bb:41:6b:d2:4a:2b:13:3d:3e:f4:8f:f3:68:88:2f:
                    a8:79:6b:ea:3c:15:cd:09:2d:7f:ea:81:3d:06:7b:
                    71:49:ab:e7:64:c0:ff:9a:bb:fa:d5:fa:0d:a5:57:
                    79:ae:8d:cc:29:6d:a1:ee:6e:86:e7:c1:db:69:b1:
                    5e:89:b0:4c:5c:d8:b1:6b:c2:d7:e9:99:a4:b3:bb:
                    2a:f9:99:dd:b5:d6:ed:e5:f2:bb:8f:58:08:8a:88:
                    40:6c:d5:06:90:81:30:37:e9:93:c2:fe:d5:7f:43:
                    af:ae:91:68:4b:d4:a6:a9:5e:ad:7c:f0:86:62:16:
                    d8:2c:f4:5a:35:50:bd:80:b7:6c:19:f3:47:3d:a4:
                    9e:3a:4f:40:e7:23:ef:c0:48:44:40:03:5c:34:d6:
                    ea:ca:b7:47:f1:e2:6e:25:67:ee:c7:2d:36:2d:70:
                    9c:8c:8b:d6:92:ac:e5:cf:d4:7f:3a:49:f6:43:82:
                    5f:ae:37:3c:78:eb:7d:d3:2f:0d:13:0b:8f:cc:25:
                    c1:05:31:10:3e:62:29:33:4c:57:48:b9:6f:49:07:
                    96:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:FD:6E:E5:40:F5:BF:F3:C1:0F:DC:EA:8D:FC:84:3A:58:C7:4A:5A
            X509v3 Authority Key Identifier:
                keyid:6F:6E:C9:25:8E:FD:00:29:21:78:FA:81:C2:3C:D7:7C:02:A1:A1:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b27JJY79ACkhePqBwjzXfAKhoRA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/160d81-c728-462f-aa26-a15935064add/1/b27JJY79ACkhePqBwjzXfAKhoRA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/160d81-c728-462f-aa26-a15935064add/1/b27JJY79ACkhePqBwjzXfAKhoRA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:33:f8:03:0e:24:90:29:64:1e:0a:61:7a:cc:1c:22:05:7b:
         9e:60:22:d2:d3:eb:f2:05:5e:df:7c:28:47:88:9a:3e:10:46:
         4e:12:ac:c7:c6:85:90:20:b3:87:63:85:a9:ef:d4:43:9c:39:
         8b:a3:62:49:e5:83:fb:93:6a:74:ea:6f:6c:9c:20:3c:2c:a0:
         cd:4e:70:90:97:73:be:9c:b7:ef:ac:8f:fd:33:05:15:8b:7a:
         80:6e:a7:d9:a3:06:4f:82:7c:5f:3d:a5:8d:78:f3:00:91:00:
         27:0a:c9:06:cd:2e:51:9c:b7:2e:8a:02:c7:85:a2:0e:73:02:
         f6:a4:dc:07:f7:a9:a9:92:9c:06:9c:8d:62:ab:98:a6:07:52:
         52:54:a3:c3:bf:6b:2d:17:ee:22:b5:a7:27:80:f4:df:eb:e9:
         0e:00:0e:55:fd:9c:bb:e7:80:ec:a8:d5:d7:81:b9:96:9c:95:
         8e:41:7d:67:3a:7e:a3:9b:8a:4b:25:96:16:44:b7:30:19:91:
         36:95:99:ff:86:b2:98:b4:ae:c0:c6:08:27:cc:19:d8:a4:84:
         28:36:2c:df:09:4a:0c:15:f9:52:c1:d1:b8:76:05:60:a7:db:
         40:4a:98:0d:64:3c:f1:15:e6:c4:e1:fb:c0:48:50:02:0a:ce:
         36:42:ae:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040uOeZGygli9iqdvVzgMQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNmVjOTI1OGVmZDAwMjkyMTc4ZmE4MWMyM2NkNzdjMDJh
MWExMTAwHhcNMjYwMzI5MDkwMDM4WhcNMjYwMzMwMDkwMDM4WjAzMTEwLwYDVQQD
Eyg2MWZkNmVlNTQwZjViZmYzYzEwZmRjZWE4ZGZjODQzYTU4Yzc0YTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0Mp8khs4M1B+PBfqrUTm5wfuqMh
hi2Wq366yPv0piKKgt84OJ/cfM++Su+7QWvSSisTPT70j/NoiC+oeWvqPBXNCS1/
6oE9BntxSavnZMD/mrv61foNpVd5ro3MKW2h7m6G58HbabFeibBMXNixa8LX6Zmk
s7sq+Zndtdbt5fK7j1gIiohAbNUGkIEwN+mTwv7Vf0OvrpFoS9SmqV6tfPCGYhbY
LPRaNVC9gLdsGfNHPaSeOk9A5yPvwEhEQANcNNbqyrdH8eJuJWfuxy02LXCcjIvW
kqzlz9R/Okn2Q4Jfrjc8eOt90y8NEwuPzCXBBTEQPmIpM0xXSLlvSQeWIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGH9buVA9b/zwQ/c6o38hDpYx0paMB8GA1UdIwQY
MBaAFG9uySWO/QApIXj6gcI813wCoaEQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjI3SkpZNzlBQ2toZVBxQndqelhmQUtob1JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8xNjBkODEtYzcyOC00NjJmLWFhMjYt
YTE1OTM1MDY0YWRkLzEvYjI3SkpZNzlBQ2toZVBxQndqelhmQUtob1JBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8xNjBkODEtYzcyOC00NjJmLWFhMjYtYTE1OTM1MDY0YWRk
LzEvYjI3SkpZNzlBQ2toZVBxQndqelhmQUtob1JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbjP4Aw4k
kClkHgpheswcIgV7nmAi0tPr8gVe33woR4iaPhBGThKsx8aFkCCzh2OFqe/UQ5w5
i6NiSeWD+5NqdOpvbJwgPCygzU5wkJdzvpy376yP/TMFFYt6gG6n2aMGT4J8Xz2l
jXjzAJEAJwrJBs0uUZy3LooCx4WiDnMC9qTcB/epqZKcBpyNYquYpgdSUlSjw79r
LRfuIrWnJ4D03+vpDgAOVf2cu+eA7KjV14G5lpyVjkF9Zzp+o5uKSyWWFkS3MBmR
NpWZ/4aymLSuwMYIJ8wZ2KSEKDYs3wlKDBX5UsHRuHYFYKfbQEqYDWQ88RXmxOH7
wEhQAgrONkKuHw==
-----END CERTIFICATE-----