Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/e25b63-7b94-4759-9195-20fad94cab14/1/j7phV8tS0RaPUIRsXlB5IkDt8-A.mft
File:                     j7phV8tS0RaPUIRsXlB5IkDt8-A.mft (raw, json)
Hash identifier:          1mimQX6jSZJKKF73Kebd6ffXFAYeOiF8qnbC/Zer4AY=
Subject key identifier:   9D:53:D9:4A:E5:D6:11:CE:24:5A:9C:E8:C4:47:8A:B8:E6:F1:CF:6B
Authority key identifier: 8F:BA:61:57:CB:52:D1:16:8F:50:84:6C:5E:50:79:22:40:ED:F3:E0
Certificate issuer:       /CN=8fba6157cb52d1168f50846c5e50792240edf3e0
Certificate serial:       019D38D2CB1A713160502D159C5A02F75D85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j7phV8tS0RaPUIRsXlB5IkDt8-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/e25b63-7b94-4759-9195-20fad94cab14/1/j7phV8tS0RaPUIRsXlB5IkDt8-A.mft
Manifest number:          0BBF
Signing time:             Sun 29 Mar 2026 09:00:31 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:31 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:31 +0000
Files and hashes:         1: j7phV8tS0RaPUIRsXlB5IkDt8-A.crl (hash: bNX5PaHfUNHIYTcqJ/BC8PuXH3BeRxcfT0vqiqGJj+Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/e25b63-7b94-4759-9195-20fad94cab14/1/j7phV8tS0RaPUIRsXlB5IkDt8-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/e25b63-7b94-4759-9195-20fad94cab14/1/j7phV8tS0RaPUIRsXlB5IkDt8-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j7phV8tS0RaPUIRsXlB5IkDt8-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:cb:1a:71:31:60:50:2d:15:9c:5a:02:f7:5d:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8fba6157cb52d1168f50846c5e50792240edf3e0
        Validity
            Not Before: Mar 29 09:00:31 2026 GMT
            Not After : Mar 30 09:00:31 2026 GMT
        Subject: CN=9d53d94ae5d611ce245a9ce8c4478ab8e6f1cf6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:49:32:30:49:18:6e:a5:30:77:7a:22:86:96:
                    a6:91:d3:3a:f4:4d:e7:4f:50:0a:6b:32:ff:f9:58:
                    c4:4d:ef:7b:90:eb:29:90:62:bd:39:61:29:a2:99:
                    c9:ee:a2:f8:bf:1e:56:f3:77:df:34:ec:62:0b:de:
                    c7:df:6d:9b:2e:02:f6:dd:fb:63:d5:11:42:2c:a1:
                    d5:b7:e5:d7:ce:3a:b0:33:a7:d7:3f:73:c9:b2:2d:
                    89:7c:eb:77:85:13:51:f2:c8:da:b5:c8:35:ab:3b:
                    23:ca:f6:37:56:0d:e4:a9:76:ab:8d:02:a4:f6:66:
                    66:ea:ec:72:49:94:bb:a5:8b:37:00:3b:7e:03:f2:
                    d4:5a:dc:3e:4d:ab:ff:9c:88:66:8b:41:6b:9b:6b:
                    e4:2e:c2:91:1c:fb:79:3c:96:ac:70:ef:46:43:24:
                    06:a1:0d:e7:75:d9:e5:00:c9:f1:f5:df:de:2c:2d:
                    b3:44:cf:15:84:1e:e9:e8:a9:60:a6:0a:ec:1c:39:
                    79:48:81:3c:e6:a3:63:ad:20:4e:c7:02:ac:dd:47:
                    b2:d3:30:95:85:13:06:38:d3:99:7d:74:09:ab:4a:
                    ed:fc:d0:d3:e7:61:4a:60:4f:34:ba:af:8e:4d:bb:
                    0a:d5:65:37:35:13:66:62:8b:e4:f2:92:30:f3:9f:
                    72:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:53:D9:4A:E5:D6:11:CE:24:5A:9C:E8:C4:47:8A:B8:E6:F1:CF:6B
            X509v3 Authority Key Identifier:
                keyid:8F:BA:61:57:CB:52:D1:16:8F:50:84:6C:5E:50:79:22:40:ED:F3:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j7phV8tS0RaPUIRsXlB5IkDt8-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e25b63-7b94-4759-9195-20fad94cab14/1/j7phV8tS0RaPUIRsXlB5IkDt8-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e25b63-7b94-4759-9195-20fad94cab14/1/j7phV8tS0RaPUIRsXlB5IkDt8-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:7a:f3:41:2f:6f:0d:02:6d:2f:f9:af:c5:08:b8:26:df:73:
         33:c5:e9:0b:24:68:51:73:0c:36:6a:eb:a1:25:10:47:39:ce:
         72:43:20:9a:23:5f:64:4b:7d:01:54:23:3b:63:18:79:9d:75:
         fa:51:ac:9b:eb:2b:55:91:3f:e5:da:a8:04:c3:5e:b4:fe:18:
         3c:19:b5:b4:5a:bf:ea:1f:61:4e:88:91:ef:a0:3d:11:44:67:
         14:f0:1b:a9:7f:62:82:51:00:2c:fb:40:1c:e5:4f:fe:cf:29:
         6e:9e:e4:0f:4c:1f:b9:cf:89:19:b5:4a:86:a9:94:3c:c6:db:
         58:be:8f:9a:b1:c6:f6:ac:e2:29:c3:1d:78:0f:d6:45:81:c5:
         21:c9:47:98:cf:69:bb:49:02:97:28:dd:97:82:b9:70:d3:09:
         6d:51:e0:96:db:96:9b:21:c7:72:da:86:45:95:5c:09:cb:1b:
         05:28:06:a4:c6:4f:ad:15:d2:1f:6e:55:45:e1:f6:7c:6d:30:
         01:80:ef:b5:2d:e1:e4:48:d0:e1:c6:fa:13:ca:7b:40:14:37:
         68:44:94:b7:25:cf:18:0a:68:65:36:45:a1:81:aa:e6:c8:a3:
         2b:ce:18:cd:e2:c5:9d:d8:db:bb:b7:cb:ab:85:7f:27:67:42:
         7c:2f:27:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040ssacTFgUC0VnFoC912FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYmE2MTU3Y2I1MmQxMTY4ZjUwODQ2YzVlNTA3OTIyNDBl
ZGYzZTAwHhcNMjYwMzI5MDkwMDMxWhcNMjYwMzMwMDkwMDMxWjAzMTEwLwYDVQQD
Eyg5ZDUzZDk0YWU1ZDYxMWNlMjQ1YTljZThjNDQ3OGFiOGU2ZjFjZjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA80kyMEkYbqUwd3oihpamkdM69E3n
T1AKazL/+VjETe97kOspkGK9OWEpopnJ7qL4vx5W83ffNOxiC97H322bLgL23ftj
1RFCLKHVt+XXzjqwM6fXP3PJsi2JfOt3hRNR8sjatcg1qzsjyvY3Vg3kqXarjQKk
9mZm6uxySZS7pYs3ADt+A/LUWtw+Tav/nIhmi0Frm2vkLsKRHPt5PJascO9GQyQG
oQ3nddnlAMnx9d/eLC2zRM8VhB7p6KlgpgrsHDl5SIE85qNjrSBOxwKs3Uey0zCV
hRMGONOZfXQJq0rt/NDT52FKYE80uq+OTbsK1WU3NRNmYovk8pIw859yhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ1T2Url1hHOJFqc6MRHirjm8c9rMB8GA1UdIwQY
MBaAFI+6YVfLUtEWj1CEbF5QeSJA7fPgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajdwaFY4dFMwUmFQVUlSc1hsQjVJa0R0OC1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9lMjViNjMtN2I5NC00NzU5LTkxOTUt
MjBmYWQ5NGNhYjE0LzEvajdwaFY4dFMwUmFQVUlSc1hsQjVJa0R0OC1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9lMjViNjMtN2I5NC00NzU5LTkxOTUtMjBmYWQ5NGNhYjE0
LzEvajdwaFY4dFMwUmFQVUlSc1hsQjVJa0R0OC1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk3rzQS9v
DQJtL/mvxQi4Jt9zM8XpCyRoUXMMNmrroSUQRznOckMgmiNfZEt9AVQjO2MYeZ11
+lGsm+srVZE/5dqoBMNetP4YPBm1tFq/6h9hToiR76A9EURnFPAbqX9iglEALPtA
HOVP/s8pbp7kD0wfuc+JGbVKhqmUPMbbWL6PmrHG9qziKcMdeA/WRYHFIclHmM9p
u0kClyjdl4K5cNMJbVHgltuWmyHHctqGRZVcCcsbBSgGpMZPrRXSH25VReH2fG0w
AYDvtS3h5EjQ4cb6E8p7QBQ3aESUtyXPGApoZTZFoYGq5sijK84YzeLFndjbu7fL
q4V/J2dCfC8ntg==
-----END CERTIFICATE-----