Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/72f328-ce5f-404a-9d4c-d3c19598a0e6/1/s8l-xqz0xTcKU8r4I5YxblbkhsY.mft
File:                     s8l-xqz0xTcKU8r4I5YxblbkhsY.mft (raw, json)
Hash identifier:          hS7/bf6KqxQq38Wq6X3CRXoKi/TY8pRtKoHRPFH6Mf4=
Subject key identifier:   BC:40:85:7C:8F:34:BB:B0:7A:37:39:15:EA:86:55:60:E3:01:CD:17
Authority key identifier: B3:C9:7E:C6:AC:F4:C5:37:0A:53:CA:F8:23:96:31:6E:56:E4:86:C6
Certificate issuer:       /CN=b3c97ec6acf4c5370a53caf82396316e56e486c6
Certificate serial:       019D382E360AD73A4838192C59B15437AA11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s8l-xqz0xTcKU8r4I5YxblbkhsY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/72f328-ce5f-404a-9d4c-d3c19598a0e6/1/s8l-xqz0xTcKU8r4I5YxblbkhsY.mft
Manifest number:          0859
Signing time:             Sun 29 Mar 2026 06:00:45 +0000
Manifest this update:     Sun 29 Mar 2026 06:00:45 +0000
Manifest next update:     Mon 30 Mar 2026 06:00:45 +0000
Files and hashes:         1: s8l-xqz0xTcKU8r4I5YxblbkhsY.crl (hash: NxrMmzEpHghyUv5Yy5o8di8byeS/wkNK853Vgp7kBT8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/72f328-ce5f-404a-9d4c-d3c19598a0e6/1/s8l-xqz0xTcKU8r4I5YxblbkhsY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/72f328-ce5f-404a-9d4c-d3c19598a0e6/1/s8l-xqz0xTcKU8r4I5YxblbkhsY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s8l-xqz0xTcKU8r4I5YxblbkhsY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 06:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:2e:36:0a:d7:3a:48:38:19:2c:59:b1:54:37:aa:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3c97ec6acf4c5370a53caf82396316e56e486c6
        Validity
            Not Before: Mar 29 06:00:45 2026 GMT
            Not After : Mar 30 06:00:45 2026 GMT
        Subject: CN=bc40857c8f34bbb07a373915ea865560e301cd17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:a9:3a:e6:c4:63:e3:99:fc:df:a8:01:b1:04:
                    96:3e:44:2f:fb:01:7e:9d:9e:14:7b:d8:20:79:bf:
                    08:53:70:3a:6d:dd:8c:0f:54:0b:3a:7d:6b:1b:a1:
                    34:88:95:26:74:02:45:e7:4d:69:18:d7:70:f9:9d:
                    eb:dd:f5:3c:54:34:4a:8f:2c:bd:03:1f:1b:c0:1e:
                    47:17:d5:2e:db:4f:24:be:9c:bf:70:1b:78:42:33:
                    93:9c:e9:60:bb:8d:01:4b:60:91:34:3c:54:2d:eb:
                    ac:1c:b5:13:38:3c:b7:30:94:d2:41:bc:f1:ba:4b:
                    25:0e:df:30:e5:4a:02:d4:fe:98:87:bd:c0:54:80:
                    82:07:ac:ec:e9:be:58:ff:33:f9:ba:7e:cf:2e:a6:
                    c0:d2:74:80:66:a1:56:3f:36:42:d0:5d:41:15:b1:
                    4c:3d:60:dd:aa:48:0a:c8:7f:a6:26:00:6a:a5:2b:
                    a4:30:61:91:55:45:8f:08:17:b1:58:c9:1c:48:da:
                    bd:f5:22:53:9a:3e:a9:8e:45:b0:aa:c2:e5:57:45:
                    d1:0a:61:c5:b1:8d:d0:c1:67:48:ba:bf:1e:37:c8:
                    32:ac:8e:5e:69:0c:d2:47:fd:f3:74:e7:bc:85:26:
                    62:e8:07:a5:e6:60:38:05:8d:9f:34:a2:9d:45:2f:
                    2d:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:40:85:7C:8F:34:BB:B0:7A:37:39:15:EA:86:55:60:E3:01:CD:17
            X509v3 Authority Key Identifier:
                keyid:B3:C9:7E:C6:AC:F4:C5:37:0A:53:CA:F8:23:96:31:6E:56:E4:86:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s8l-xqz0xTcKU8r4I5YxblbkhsY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/72f328-ce5f-404a-9d4c-d3c19598a0e6/1/s8l-xqz0xTcKU8r4I5YxblbkhsY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/72f328-ce5f-404a-9d4c-d3c19598a0e6/1/s8l-xqz0xTcKU8r4I5YxblbkhsY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:02:1c:f1:b8:fd:48:86:c4:8f:70:64:3c:4d:55:84:d2:ea:
         37:aa:bf:bf:34:68:55:81:4f:5a:23:6d:4e:84:40:88:95:dd:
         ff:37:ea:14:5f:e1:94:bb:33:bd:9b:c2:19:69:29:9c:b4:23:
         02:9a:1f:53:97:0a:db:78:57:58:60:10:aa:5a:8d:9e:f3:bc:
         a1:c6:4b:36:14:a4:e7:01:9c:d1:e5:46:71:a2:a7:f3:63:c6:
         0d:b8:85:e9:17:91:45:26:c2:8e:8b:e4:f4:2c:a6:b1:9b:a3:
         f9:70:f6:7c:93:d7:b3:fb:7d:14:d8:2d:da:c5:bd:05:2f:ed:
         f8:7b:c1:7a:70:d8:81:56:ae:87:c8:51:66:77:87:26:84:9f:
         4c:b7:f1:cc:e3:36:c5:fe:80:8f:9f:45:a0:5d:58:2d:ff:99:
         73:0a:26:f8:25:69:23:96:af:50:95:60:aa:f7:cb:ac:0a:5c:
         a9:29:62:36:83:ab:b5:f6:c5:cd:5a:fa:d6:19:31:0b:b9:95:
         dd:28:71:9b:48:73:64:b9:d6:32:96:53:fd:f6:de:e6:96:78:
         14:1b:47:c3:de:be:da:76:a4:01:69:44:e9:2a:c3:02:44:b2:
         78:4e:c9:e3:24:04:3c:3b:2e:d8:8d:f2:3d:82:16:c5:f3:da:
         0d:a7:35:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LjYK1zpIOBksWbFUN6oRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYzk3ZWM2YWNmNGM1MzcwYTUzY2FmODIzOTYzMTZlNTZl
NDg2YzYwHhcNMjYwMzI5MDYwMDQ1WhcNMjYwMzMwMDYwMDQ1WjAzMTEwLwYDVQQD
EyhiYzQwODU3YzhmMzRiYmIwN2EzNzM5MTVlYTg2NTU2MGUzMDFjZDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApak65sRj45n836gBsQSWPkQv+wF+
nZ4Ue9ggeb8IU3A6bd2MD1QLOn1rG6E0iJUmdAJF501pGNdw+Z3r3fU8VDRKjyy9
Ax8bwB5HF9Uu208kvpy/cBt4QjOTnOlgu40BS2CRNDxULeusHLUTODy3MJTSQbzx
ukslDt8w5UoC1P6Yh73AVICCB6zs6b5Y/zP5un7PLqbA0nSAZqFWPzZC0F1BFbFM
PWDdqkgKyH+mJgBqpSukMGGRVUWPCBexWMkcSNq99SJTmj6pjkWwqsLlV0XRCmHF
sY3QwWdIur8eN8gyrI5eaQzSR/3zdOe8hSZi6Ael5mA4BY2fNKKdRS8trQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLxAhXyPNLuwejc5FeqGVWDjAc0XMB8GA1UdIwQY
MBaAFLPJfsas9MU3ClPK+COWMW5W5IbGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczhsLXhxejB4VGNLVThyNEk1WXhibGJraHNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni83MmYzMjgtY2U1Zi00MDRhLTlkNGMt
ZDNjMTk1OThhMGU2LzEvczhsLXhxejB4VGNLVThyNEk1WXhibGJraHNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni83MmYzMjgtY2U1Zi00MDRhLTlkNGMtZDNjMTk1OThhMGU2
LzEvczhsLXhxejB4VGNLVThyNEk1WXhibGJraHNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJwIc8bj9
SIbEj3BkPE1VhNLqN6q/vzRoVYFPWiNtToRAiJXd/zfqFF/hlLszvZvCGWkpnLQj
ApofU5cK23hXWGAQqlqNnvO8ocZLNhSk5wGc0eVGcaKn82PGDbiF6ReRRSbCjovk
9CymsZuj+XD2fJPXs/t9FNgt2sW9BS/t+HvBenDYgVauh8hRZneHJoSfTLfxzOM2
xf6Aj59FoF1YLf+Zcwom+CVpI5avUJVgqvfLrApcqSliNoOrtfbFzVr61hkxC7mV
3Shxm0hzZLnWMpZT/fbe5pZ4FBtHw96+2nakAWlE6SrDAkSyeE7J4yQEPDsu2I3y
PYIWxfPaDac1hA==
-----END CERTIFICATE-----