Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
File:                     MCbiQi-nIkVOYIMX0hhitmqjfTM.mft (raw, json)
Hash identifier:          QLwEgQOwiBmDDFxYjqab5e922nVCSDwEv34MT8Qt/F8=
Subject key identifier:   08:D7:1D:4D:0C:3F:7C:10:FA:49:23:4B:51:68:E0:4B:69:38:99:E6
Authority key identifier: 30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33
Certificate issuer:       /CN=3026e2422fa722454e608317d21862b66aa37d33
Certificate serial:       019D3865CAB951612FC82F0359932AFBD35C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
Manifest number:          17DF
Signing time:             Sun 29 Mar 2026 07:01:28 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:28 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:28 +0000
Files and hashes:         1: MCbiQi-nIkVOYIMX0hhitmqjfTM.crl (hash: cpp1+mH99vEpbWOTjE/+AKzb7fjNcr+pDitZ6ge/b+w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:ca:b9:51:61:2f:c8:2f:03:59:93:2a:fb:d3:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3026e2422fa722454e608317d21862b66aa37d33
        Validity
            Not Before: Mar 29 07:01:28 2026 GMT
            Not After : Mar 30 07:01:28 2026 GMT
        Subject: CN=08d71d4d0c3f7c10fa49234b5168e04b693899e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:d0:39:8b:57:3e:41:bd:81:cb:30:8a:d2:6c:
                    39:f4:3c:a6:d6:eb:b2:74:51:f3:2d:da:b7:14:bd:
                    5e:6e:dc:16:e5:82:49:ad:59:99:3c:24:88:ee:b2:
                    20:b8:61:7a:b9:3c:5e:be:62:1e:e2:9c:3d:b4:6c:
                    ca:fa:84:cc:c5:13:b6:33:46:a6:68:61:d0:f4:1a:
                    c7:d8:fb:11:c3:fd:95:e0:31:ea:fc:55:6c:06:0f:
                    6e:41:cb:16:18:1d:13:45:6f:ed:a7:05:e6:ec:e2:
                    7b:75:f7:36:54:79:f8:e6:98:c2:c2:04:95:6d:4f:
                    b6:cb:29:f1:08:69:71:bd:2b:b4:d6:71:60:bd:64:
                    6b:21:f9:1a:79:ac:3a:6c:89:b5:3b:e7:76:aa:aa:
                    4f:42:04:41:36:19:79:d1:54:67:b6:f0:a2:a0:38:
                    fe:08:ae:66:69:b0:97:fc:e0:d1:52:74:fa:8b:ec:
                    b4:93:c7:41:4f:8c:1d:fc:1e:c0:a0:c2:6f:d4:1a:
                    00:08:73:4b:a5:eb:57:f3:82:c9:77:9f:e5:a7:37:
                    ab:2a:1d:51:eb:04:ca:13:85:90:28:80:2f:a2:25:
                    ba:e7:ef:f1:03:8b:88:ca:fc:be:be:66:d6:ee:bd:
                    1e:c4:4e:e5:cf:1e:15:4e:c7:7c:53:52:77:ff:03:
                    d0:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:D7:1D:4D:0C:3F:7C:10:FA:49:23:4B:51:68:E0:4B:69:38:99:E6
            X509v3 Authority Key Identifier:
                keyid:30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:4d:03:7d:fb:e2:20:ae:50:19:88:bb:d4:ba:3c:1e:c6:6e:
         aa:27:0e:66:25:9d:19:4a:25:12:88:79:7f:a9:2b:6f:56:0c:
         a6:f9:f9:60:65:3a:25:12:ba:6e:89:cb:da:0b:db:08:31:9e:
         4d:0a:de:8c:e4:f8:cb:95:a3:4f:4e:b8:7a:9c:4f:b0:9c:42:
         a5:67:e0:de:d5:ed:46:27:90:a6:e7:16:50:d9:46:6f:db:99:
         1b:65:41:d7:9a:81:a1:34:b0:18:0f:1e:25:49:04:f0:fe:eb:
         e1:77:ba:6d:f7:9d:85:c5:d9:22:7a:41:8a:29:f0:36:42:5e:
         94:bf:22:b6:10:44:84:7b:64:5b:fa:e5:4e:76:88:20:39:cc:
         30:16:6c:45:ef:1d:f2:32:c9:67:c4:3f:f2:4b:36:ee:8a:bb:
         70:1b:70:af:63:b5:ee:99:2d:e2:3a:40:94:ab:e5:05:bf:4c:
         4c:b7:b3:7b:a4:4c:d1:c9:10:12:c8:fa:09:79:12:d9:e9:04:
         0a:52:af:e1:d8:88:68:e3:89:a3:9d:be:d2:2f:7d:7b:50:39:
         e4:4a:7d:3d:35:4d:e8:28:1b:f4:4a:58:23:6a:8d:e1:b5:d9:
         54:fc:8a:37:62:f9:8b:a1:63:f2:0e:06:3e:cb:66:95:22:eb:
         b0:c3:41:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zcq5UWEvyC8DWZMq+9NcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjZlMjQyMmZhNzIyNDU0ZTYwODMxN2QyMTg2MmI2NmFh
MzdkMzMwHhcNMjYwMzI5MDcwMTI4WhcNMjYwMzMwMDcwMTI4WjAzMTEwLwYDVQQD
EygwOGQ3MWQ0ZDBjM2Y3YzEwZmE0OTIzNGI1MTY4ZTA0YjY5Mzg5OWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdA5i1c+Qb2ByzCK0mw59Dym1uuy
dFHzLdq3FL1ebtwW5YJJrVmZPCSI7rIguGF6uTxevmIe4pw9tGzK+oTMxRO2M0am
aGHQ9BrH2PsRw/2V4DHq/FVsBg9uQcsWGB0TRW/tpwXm7OJ7dfc2VHn45pjCwgSV
bU+2yynxCGlxvSu01nFgvWRrIfkaeaw6bIm1O+d2qqpPQgRBNhl50VRntvCioDj+
CK5mabCX/ODRUnT6i+y0k8dBT4wd/B7AoMJv1BoACHNLpetX84LJd5/lpzerKh1R
6wTKE4WQKIAvoiW65+/xA4uIyvy+vmbW7r0exE7lzx4VTsd8U1J3/wPQ2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAjXHU0MP3wQ+kkjS1Fo4EtpOJnmMB8GA1UdIwQY
MBaAFDAm4kIvpyJFTmCDF9IYYrZqo30zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2Ut
YTFlZTQ0MGZmZTNlLzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2UtYTFlZTQ0MGZmZTNl
LzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfE0Dffvi
IK5QGYi71Lo8HsZuqicOZiWdGUolEoh5f6krb1YMpvn5YGU6JRK6bonL2gvbCDGe
TQrejOT4y5WjT064epxPsJxCpWfg3tXtRieQpucWUNlGb9uZG2VB15qBoTSwGA8e
JUkE8P7r4Xe6bfedhcXZInpBiinwNkJelL8ithBEhHtkW/rlTnaIIDnMMBZsRe8d
8jLJZ8Q/8ks27oq7cBtwr2O17pkt4jpAlKvlBb9MTLeze6RM0ckQEsj6CXkS2ekE
ClKv4diIaOOJo52+0i99e1A55Ep9PTVN6Cgb9EpYI2qN4bXZVPyKN2L5i6Fj8g4G
PstmlSLrsMNBDg==
-----END CERTIFICATE-----