Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
File:                     4VW0MN7doRMQ9shzieMgj8ZSnps.mft (raw, json)
Hash identifier:          cwmQv9PWzTbITMGWbAGqbvX5xxgQTbLUAx/cueUb564=
Subject key identifier:   CB:41:85:A2:DB:E0:AC:BC:21:5F:5E:B5:43:EC:A7:E1:4B:F6:A2:39
Authority key identifier: E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B
Certificate issuer:       /CN=e155b430dedda11310f6c87389e3208fc6529e9b
Certificate serial:       019D38D32A9BE5408AA14F7744AD2DB16955
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
Manifest number:          11B8
Signing time:             Sun 29 Mar 2026 09:00:56 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:56 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:56 +0000
Files and hashes:         1: 4VW0MN7doRMQ9shzieMgj8ZSnps.crl (hash: aqJgIABYTYcdsJ4nea6ll346aAyQhoWBJuD1dJfYa/U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:2a:9b:e5:40:8a:a1:4f:77:44:ad:2d:b1:69:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e155b430dedda11310f6c87389e3208fc6529e9b
        Validity
            Not Before: Mar 29 09:00:56 2026 GMT
            Not After : Mar 30 09:00:56 2026 GMT
        Subject: CN=cb4185a2dbe0acbc215f5eb543eca7e14bf6a239
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:38:24:44:7f:ba:98:c7:ec:35:5e:30:e3:4b:
                    ba:3b:6f:31:58:4e:a6:d8:b9:40:12:e4:f7:47:78:
                    b3:3a:e7:5d:9f:32:7d:20:c7:a2:cf:25:b1:4d:39:
                    14:73:0b:18:02:9d:3d:cd:14:59:5a:ef:89:42:8e:
                    e7:79:7f:ca:c1:bd:9b:21:c1:37:52:59:55:60:66:
                    a4:18:d6:7e:67:22:6e:6f:57:a4:18:b3:d3:63:48:
                    59:75:54:9d:bd:3b:27:c8:55:14:66:82:4c:a4:b5:
                    91:21:a0:63:a2:4e:c1:17:0d:8e:85:b5:d9:ca:3a:
                    b1:2a:ea:e1:8b:6a:4f:3b:57:40:6d:7b:bf:92:ed:
                    ed:aa:0b:ad:aa:f6:80:fd:9a:87:a8:d2:73:e4:f8:
                    a2:b8:3e:6f:1b:da:ad:a7:88:3a:86:02:bf:e2:68:
                    34:a9:dc:fd:4c:d7:09:5e:b9:7f:3a:e9:67:4c:4e:
                    6e:46:4c:d1:f9:f8:8d:61:94:53:9e:7d:fe:60:ce:
                    a3:f1:ab:f9:3a:a1:10:ef:04:9f:6a:d0:18:64:43:
                    06:6e:ba:fe:41:53:d8:96:db:51:b5:49:a7:30:4f:
                    6a:41:d5:0e:21:a8:51:d7:b4:9f:5a:34:3d:07:be:
                    64:e1:d5:df:70:61:c6:38:2d:40:a8:00:32:3a:b5:
                    8b:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:41:85:A2:DB:E0:AC:BC:21:5F:5E:B5:43:EC:A7:E1:4B:F6:A2:39
            X509v3 Authority Key Identifier:
                keyid:E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:49:50:02:fa:b5:6c:c3:83:99:a3:d3:6b:1d:d6:ca:a1:77:
         24:97:1c:fc:22:4b:2b:ce:9a:22:57:f6:cf:f3:48:a0:08:23:
         2d:1d:b1:32:3a:87:a3:a9:45:89:29:17:41:bb:b0:10:03:1c:
         b2:ba:e0:5d:ac:08:af:56:da:64:22:05:04:13:ad:7e:25:84:
         e6:53:75:06:d1:24:e3:14:e2:6f:7a:ea:79:d2:7c:3d:c9:30:
         ab:8c:53:e2:99:f3:f5:24:a3:38:5c:8e:11:cf:1c:84:98:78:
         96:73:da:22:22:c1:05:ce:27:fb:59:cc:8f:61:7c:f9:74:67:
         9b:a4:8d:2a:51:bb:54:1d:dd:1a:71:b0:c4:23:05:95:d9:29:
         46:85:56:7f:d0:05:21:05:1d:e9:d4:a7:ba:fd:bb:af:14:06:
         70:0a:b1:8f:8e:db:bb:dc:61:f1:40:0e:3b:57:ee:5a:51:76:
         c9:8f:e2:dd:3e:3f:8f:c6:7f:d8:9e:94:ce:d6:cc:16:41:80:
         48:c3:0c:c8:1b:30:b9:7e:61:5e:a8:56:ba:7b:39:da:f5:73:
         91:55:3a:8a:f7:b8:fe:82:8c:c0:cc:ed:70:81:a4:a1:7b:0f:
         84:67:9a:b3:53:07:91:8a:b6:7f:b4:8d:b8:34:45:2f:44:48:
         7b:4f:cc:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040yqb5UCKoU93RK0tsWlVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTViNDMwZGVkZGExMTMxMGY2Yzg3Mzg5ZTMyMDhmYzY1
MjllOWIwHhcNMjYwMzI5MDkwMDU2WhcNMjYwMzMwMDkwMDU2WjAzMTEwLwYDVQQD
EyhjYjQxODVhMmRiZTBhY2JjMjE1ZjVlYjU0M2VjYTdlMTRiZjZhMjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4zgkRH+6mMfsNV4w40u6O28xWE6m
2LlAEuT3R3izOuddnzJ9IMeizyWxTTkUcwsYAp09zRRZWu+JQo7neX/Kwb2bIcE3
UllVYGakGNZ+ZyJub1ekGLPTY0hZdVSdvTsnyFUUZoJMpLWRIaBjok7BFw2OhbXZ
yjqxKurhi2pPO1dAbXu/ku3tqgutqvaA/ZqHqNJz5PiiuD5vG9qtp4g6hgK/4mg0
qdz9TNcJXrl/OulnTE5uRkzR+fiNYZRTnn3+YM6j8av5OqEQ7wSfatAYZEMGbrr+
QVPYlttRtUmnME9qQdUOIahR17SfWjQ9B75k4dXfcGHGOC1AqAAyOrWLKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMtBhaLb4Ky8IV9etUPsp+FL9qI5MB8GA1UdIwQY
MBaAFOFVtDDe3aETEPbIc4njII/GUp6bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAt
MGQ3NDA2MGExNmRkLzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAtMGQ3NDA2MGExNmRk
LzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEElQAvq1
bMODmaPTax3WyqF3JJcc/CJLK86aIlf2z/NIoAgjLR2xMjqHo6lFiSkXQbuwEAMc
srrgXawIr1baZCIFBBOtfiWE5lN1BtEk4xTib3rqedJ8Pckwq4xT4pnz9SSjOFyO
Ec8chJh4lnPaIiLBBc4n+1nMj2F8+XRnm6SNKlG7VB3dGnGwxCMFldkpRoVWf9AF
IQUd6dSnuv27rxQGcAqxj47bu9xh8UAOO1fuWlF2yY/i3T4/j8Z/2J6UztbMFkGA
SMMMyBswuX5hXqhWuns52vVzkVU6ive4/oKMwMztcIGkoXsPhGeas1MHkYq2f7SN
uDRFL0RIe0/MLA==
-----END CERTIFICATE-----