Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/3113e1-4230-4380-971e-6782a73c2b47/1/bxfKsp3wkGVUwRzpqynGDR56Z1w.mft
File:                     bxfKsp3wkGVUwRzpqynGDR56Z1w.mft (raw, json)
Hash identifier:          nEP8FujKoNwcrW3ld6JzXoe3Ft5hHxvIgTFBzsO1ENI=
Subject key identifier:   91:BE:17:74:D1:5B:0E:85:77:DB:3D:FA:37:74:8A:2F:4B:B3:6C:F7
Authority key identifier: 6F:17:CA:B2:9D:F0:90:65:54:C1:1C:E9:AB:29:C6:0D:1E:7A:67:5C
Certificate issuer:       /CN=6f17cab29df0906554c11ce9ab29c60d1e7a675c
Certificate serial:       019D3909C549F01625397DFBC74ECD2B372A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bxfKsp3wkGVUwRzpqynGDR56Z1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/3113e1-4230-4380-971e-6782a73c2b47/1/bxfKsp3wkGVUwRzpqynGDR56Z1w.mft
Manifest number:          0766
Signing time:             Sun 29 Mar 2026 10:00:34 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:34 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:34 +0000
Files and hashes:         1: bxfKsp3wkGVUwRzpqynGDR56Z1w.crl (hash: n3b6sh3UwwjJETU+7n+KpTYDZj4gqp0Zh05GdF3RiYo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/3113e1-4230-4380-971e-6782a73c2b47/1/bxfKsp3wkGVUwRzpqynGDR56Z1w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/3113e1-4230-4380-971e-6782a73c2b47/1/bxfKsp3wkGVUwRzpqynGDR56Z1w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bxfKsp3wkGVUwRzpqynGDR56Z1w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:c5:49:f0:16:25:39:7d:fb:c7:4e:cd:2b:37:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f17cab29df0906554c11ce9ab29c60d1e7a675c
        Validity
            Not Before: Mar 29 10:00:34 2026 GMT
            Not After : Mar 30 10:00:34 2026 GMT
        Subject: CN=91be1774d15b0e8577db3dfa37748a2f4bb36cf7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:c9:86:d5:58:05:15:d1:7d:44:a6:ea:fb:d7:
                    22:bc:a5:0f:ee:f8:22:8a:bb:ad:aa:45:fd:31:00:
                    fe:35:b6:db:25:fc:85:56:ca:b8:85:cc:a8:be:0d:
                    eb:c6:66:f9:c5:c2:a3:f9:89:fa:60:e5:6f:a3:0b:
                    af:cb:3a:c2:6c:3c:02:3e:b1:6f:65:b6:22:7a:0f:
                    c2:33:de:7e:8d:f1:53:28:6b:9b:71:f7:ea:e5:ee:
                    f1:01:d6:3f:11:09:be:85:f5:d0:26:97:3f:95:f7:
                    ec:35:df:91:64:8d:4e:10:1d:1a:f0:ad:e0:97:7d:
                    7c:0f:ca:ee:d8:3b:ff:6b:af:36:6d:59:a3:63:8f:
                    71:ca:37:2f:2e:33:d4:75:14:63:49:c6:e8:2f:fa:
                    41:db:79:bb:23:cc:6f:d4:ec:6a:2e:5f:3b:31:e9:
                    78:ad:dc:ce:8c:aa:92:57:78:fc:d0:31:3a:50:c4:
                    b0:3f:13:1d:db:d8:77:fc:0d:1b:bb:78:3e:9f:d9:
                    81:63:71:62:23:90:9c:5d:00:94:cc:1a:d0:3d:c6:
                    9e:3e:e0:93:24:2c:53:af:53:7c:d5:1e:ba:af:24:
                    11:4e:c2:69:ba:ce:e4:37:e6:43:bb:b5:b3:7c:78:
                    be:5b:f3:82:f0:9f:9e:ea:56:b9:1f:62:4a:4e:d7:
                    59:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:BE:17:74:D1:5B:0E:85:77:DB:3D:FA:37:74:8A:2F:4B:B3:6C:F7
            X509v3 Authority Key Identifier:
                keyid:6F:17:CA:B2:9D:F0:90:65:54:C1:1C:E9:AB:29:C6:0D:1E:7A:67:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bxfKsp3wkGVUwRzpqynGDR56Z1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/3113e1-4230-4380-971e-6782a73c2b47/1/bxfKsp3wkGVUwRzpqynGDR56Z1w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/3113e1-4230-4380-971e-6782a73c2b47/1/bxfKsp3wkGVUwRzpqynGDR56Z1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:64:b6:ba:09:1c:6c:e7:39:61:56:d0:d9:28:45:13:11:f4:
         22:bd:61:77:de:96:9e:51:5c:a0:e9:b9:27:aa:90:aa:2a:ab:
         17:aa:53:b4:a7:93:f6:e8:2d:30:69:9e:87:6c:7a:cd:81:ed:
         8b:f0:ae:52:38:ba:6d:d9:74:97:e7:84:57:a5:48:45:27:2d:
         27:0a:75:50:9a:f5:2d:c7:33:ad:66:63:cc:18:99:7b:1a:d3:
         de:08:0d:df:cf:dc:a2:9a:29:f9:b1:06:19:a9:86:95:5c:92:
         65:71:3a:3a:c0:5c:41:25:3f:f6:b2:98:bd:62:0f:44:41:b8:
         57:1f:40:db:e5:e7:90:49:f5:93:14:6f:8b:6f:2f:0b:12:8e:
         69:85:87:cc:53:22:fb:ff:11:da:f0:0e:d8:bd:b2:13:38:67:
         ba:2d:15:78:df:3b:57:a6:ad:60:77:8e:87:6f:a2:b7:47:0b:
         93:e1:0c:1b:a6:89:ce:3c:37:ca:71:e1:de:d0:90:9b:a8:92:
         48:f8:d2:7e:03:e8:03:e1:8b:fa:1a:4e:d3:91:09:4e:fd:12:
         91:5c:22:a6:dd:ed:7a:98:24:ed:82:c5:de:99:5d:7e:41:9e:
         2b:57:52:d9:26:c5:8f:2d:c7:bc:a2:64:27:ad:b9:b3:4f:52:
         ec:7b:71:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CcVJ8BYlOX37x07NKzcqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMTdjYWIyOWRmMDkwNjU1NGMxMWNlOWFiMjljNjBkMWU3
YTY3NWMwHhcNMjYwMzI5MTAwMDM0WhcNMjYwMzMwMTAwMDM0WjAzMTEwLwYDVQQD
Eyg5MWJlMTc3NGQxNWIwZTg1NzdkYjNkZmEzNzc0OGEyZjRiYjM2Y2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsmG1VgFFdF9RKbq+9civKUP7vgi
irutqkX9MQD+NbbbJfyFVsq4hcyovg3rxmb5xcKj+Yn6YOVvowuvyzrCbDwCPrFv
ZbYieg/CM95+jfFTKGubcffq5e7xAdY/EQm+hfXQJpc/lffsNd+RZI1OEB0a8K3g
l318D8ru2Dv/a682bVmjY49xyjcvLjPUdRRjScboL/pB23m7I8xv1OxqLl87Mel4
rdzOjKqSV3j80DE6UMSwPxMd29h3/A0bu3g+n9mBY3FiI5CcXQCUzBrQPcaePuCT
JCxTr1N81R66ryQRTsJpus7kN+ZDu7WzfHi+W/OC8J+e6la5H2JKTtdZIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJG+F3TRWw6Fd9s9+jd0ii9Ls2z3MB8GA1UdIwQY
MBaAFG8XyrKd8JBlVMEc6aspxg0eemdcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnhmS3NwM3drR1ZVd1J6cHF5bkdEUjU2WjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8zMTEzZTEtNDIzMC00MzgwLTk3MWUt
Njc4MmE3M2MyYjQ3LzEvYnhmS3NwM3drR1ZVd1J6cHF5bkdEUjU2WjF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8zMTEzZTEtNDIzMC00MzgwLTk3MWUtNjc4MmE3M2MyYjQ3
LzEvYnhmS3NwM3drR1ZVd1J6cHF5bkdEUjU2WjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB2S2ugkc
bOc5YVbQ2ShFExH0Ir1hd96WnlFcoOm5J6qQqiqrF6pTtKeT9ugtMGmeh2x6zYHt
i/CuUji6bdl0l+eEV6VIRSctJwp1UJr1LcczrWZjzBiZexrT3ggN38/copop+bEG
GamGlVySZXE6OsBcQSU/9rKYvWIPREG4Vx9A2+XnkEn1kxRvi28vCxKOaYWHzFMi
+/8R2vAO2L2yEzhnui0VeN87V6atYHeOh2+it0cLk+EMG6aJzjw3ynHh3tCQm6iS
SPjSfgPoA+GL+hpO05EJTv0SkVwipt3tepgk7YLF3pldfkGeK1dS2SbFjy3HvKJk
J625s09S7Htx9g==
-----END CERTIFICATE-----