Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/f4c354-80fb-4c39-a0f8-f18fbf596eba/1/K2s1AF0wIoBENtctw8nIZc-qoAM.mft
File:                     K2s1AF0wIoBENtctw8nIZc-qoAM.mft (raw, json)
Hash identifier:          RNwuV0979xib2ysmiZZCRMHgIZ/LDuooC23FnoeJavM=
Subject key identifier:   C0:6A:EC:88:61:98:2A:FF:2E:A6:DA:65:62:3D:7F:8D:9F:0D:AA:24
Authority key identifier: 2B:6B:35:00:5D:30:22:80:44:36:D7:2D:C3:C9:C8:65:CF:AA:A0:03
Certificate issuer:       /CN=2b6b35005d3022804436d72dc3c9c865cfaaa003
Certificate serial:       019D38D37BCCEDD927E0CD16D9091E487E62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K2s1AF0wIoBENtctw8nIZc-qoAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/f4c354-80fb-4c39-a0f8-f18fbf596eba/1/K2s1AF0wIoBENtctw8nIZc-qoAM.mft
Manifest number:          0DBA
Signing time:             Sun 29 Mar 2026 09:01:16 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:16 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:16 +0000
Files and hashes:         1: K2s1AF0wIoBENtctw8nIZc-qoAM.crl (hash: K5a+sKyX6CH0Uab6pIttPHLa9WAUD70aEry8rgUNhiM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/f4c354-80fb-4c39-a0f8-f18fbf596eba/1/K2s1AF0wIoBENtctw8nIZc-qoAM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/f4c354-80fb-4c39-a0f8-f18fbf596eba/1/K2s1AF0wIoBENtctw8nIZc-qoAM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K2s1AF0wIoBENtctw8nIZc-qoAM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:7b:cc:ed:d9:27:e0:cd:16:d9:09:1e:48:7e:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b6b35005d3022804436d72dc3c9c865cfaaa003
        Validity
            Not Before: Mar 29 09:01:16 2026 GMT
            Not After : Mar 30 09:01:16 2026 GMT
        Subject: CN=c06aec8861982aff2ea6da65623d7f8d9f0daa24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:2d:ca:f8:31:98:85:44:c2:3e:ac:7e:63:7c:
                    e7:43:e1:fe:2c:b5:b1:be:df:3e:a9:ed:26:2e:91:
                    d5:d2:72:2a:39:33:13:c9:9a:4b:ad:85:e2:25:9b:
                    5a:f6:44:ee:ba:09:3f:46:c1:ef:65:f5:76:46:ca:
                    46:36:f1:8a:9c:14:4b:70:2f:b3:54:9f:5e:76:fa:
                    ae:82:60:38:d6:c4:bd:34:bf:b8:7c:ed:b4:23:3f:
                    98:e4:9d:4c:06:0e:cb:a8:b0:51:bc:47:72:fe:ad:
                    08:01:79:5c:07:91:27:86:cf:d5:52:20:42:a1:0a:
                    ee:b0:9d:66:be:1d:4b:b5:67:e8:cc:40:6b:4a:81:
                    53:00:d2:b3:55:b2:ce:cf:d5:32:6a:78:8c:83:02:
                    67:06:e6:b5:c0:24:e9:64:27:ec:6b:57:9b:a0:db:
                    d6:f5:98:5b:72:e4:83:a4:5f:14:41:ce:ff:bf:05:
                    93:52:5b:cc:14:7d:d0:e9:b6:03:76:a8:be:56:7e:
                    49:5a:8f:c7:d3:0f:60:89:34:3d:ee:21:c6:7e:02:
                    df:a3:65:25:29:a1:67:dd:c0:77:36:60:1d:81:a4:
                    f2:8c:0a:72:63:cd:48:d6:44:37:bf:be:b7:51:a9:
                    55:f7:d2:eb:60:e1:bf:d4:fe:ab:7f:4e:26:d0:e2:
                    44:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:6A:EC:88:61:98:2A:FF:2E:A6:DA:65:62:3D:7F:8D:9F:0D:AA:24
            X509v3 Authority Key Identifier:
                keyid:2B:6B:35:00:5D:30:22:80:44:36:D7:2D:C3:C9:C8:65:CF:AA:A0:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K2s1AF0wIoBENtctw8nIZc-qoAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f4c354-80fb-4c39-a0f8-f18fbf596eba/1/K2s1AF0wIoBENtctw8nIZc-qoAM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f4c354-80fb-4c39-a0f8-f18fbf596eba/1/K2s1AF0wIoBENtctw8nIZc-qoAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:5c:31:59:64:5d:9e:f3:04:64:95:c0:ff:bf:c1:a3:99:5a:
         d8:14:02:4f:2b:10:4b:e7:94:92:b1:1a:32:21:30:e9:be:47:
         8d:f8:35:a0:b4:5a:93:29:67:24:39:6d:2b:a8:4d:de:f2:74:
         b5:ed:20:39:fb:6f:28:84:d3:0d:be:b3:f9:55:75:4b:d6:98:
         99:80:fd:5d:47:88:f1:90:19:be:f9:c0:04:69:43:9a:81:0b:
         c7:a3:ec:f1:d0:5d:aa:4e:10:b2:34:8a:66:f5:d4:e2:98:12:
         0c:29:a1:c7:e5:f2:41:17:80:a1:ab:71:e5:ed:72:9a:eb:df:
         d0:00:6f:34:62:84:72:81:d7:c0:c3:08:cf:6b:87:f4:af:e9:
         8a:73:3d:86:b1:68:40:0f:88:67:e8:c6:a1:4b:90:9f:de:63:
         73:a1:44:99:6f:21:26:14:40:7f:95:a4:f4:43:7b:ca:dc:36:
         2c:38:55:ac:23:3a:7a:55:29:39:08:60:00:bf:85:24:ff:df:
         be:c3:56:2d:ae:5f:70:b8:5e:09:f9:f3:6e:2c:0b:ba:4c:f6:
         fd:99:13:f7:bc:49:19:12:67:f5:ad:cb:ed:00:20:99:40:d7:
         92:4f:ca:27:c2:6b:cf:39:c8:8d:3e:77:35:67:ec:9c:cf:b9:
         0c:6c:ff:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0403vM7dkn4M0W2QkeSH5iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNmIzNTAwNWQzMDIyODA0NDM2ZDcyZGMzYzljODY1Y2Zh
YWEwMDMwHhcNMjYwMzI5MDkwMTE2WhcNMjYwMzMwMDkwMTE2WjAzMTEwLwYDVQQD
EyhjMDZhZWM4ODYxOTgyYWZmMmVhNmRhNjU2MjNkN2Y4ZDlmMGRhYTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxy3K+DGYhUTCPqx+Y3znQ+H+LLWx
vt8+qe0mLpHV0nIqOTMTyZpLrYXiJZta9kTuugk/RsHvZfV2RspGNvGKnBRLcC+z
VJ9edvqugmA41sS9NL+4fO20Iz+Y5J1MBg7LqLBRvEdy/q0IAXlcB5Enhs/VUiBC
oQrusJ1mvh1LtWfozEBrSoFTANKzVbLOz9UyaniMgwJnBua1wCTpZCfsa1eboNvW
9ZhbcuSDpF8UQc7/vwWTUlvMFH3Q6bYDdqi+Vn5JWo/H0w9giTQ97iHGfgLfo2Ul
KaFn3cB3NmAdgaTyjApyY81I1kQ3v763UalV99LrYOG/1P6rf04m0OJEWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMBq7IhhmCr/LqbaZWI9f42fDaokMB8GA1UdIwQY
MBaAFCtrNQBdMCKARDbXLcPJyGXPqqADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzJzMUFGMHdJb0JFTnRjdHc4bklaYy1xb0FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9mNGMzNTQtODBmYi00YzM5LWEwZjgt
ZjE4ZmJmNTk2ZWJhLzEvSzJzMUFGMHdJb0JFTnRjdHc4bklaYy1xb0FNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9mNGMzNTQtODBmYi00YzM5LWEwZjgtZjE4ZmJmNTk2ZWJh
LzEvSzJzMUFGMHdJb0JFTnRjdHc4bklaYy1xb0FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg1wxWWRd
nvMEZJXA/7/Bo5la2BQCTysQS+eUkrEaMiEw6b5Hjfg1oLRakylnJDltK6hN3vJ0
te0gOftvKITTDb6z+VV1S9aYmYD9XUeI8ZAZvvnABGlDmoELx6Ps8dBdqk4QsjSK
ZvXU4pgSDCmhx+XyQReAoatx5e1ymuvf0ABvNGKEcoHXwMMIz2uH9K/pinM9hrFo
QA+IZ+jGoUuQn95jc6FEmW8hJhRAf5Wk9EN7ytw2LDhVrCM6elUpOQhgAL+FJP/f
vsNWLa5fcLheCfnzbiwLukz2/ZkT97xJGRJn9a3L7QAgmUDXkk/KJ8JrzznIjT53
NWfsnM+5DGz/bQ==
-----END CERTIFICATE-----