Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
File:                     b20hysOH8-N4uiOkynfeyTA7qS0.mft (raw, json)
Hash identifier:          48+/yAkvKoA1uZ6B5NhUCxyitjeD9vm/LRZ7bcBNySM=
Subject key identifier:   4B:93:A5:29:98:5A:35:AD:4D:99:71:2A:64:AF:FF:BF:5B:59:36:A3
Authority key identifier: 6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D
Certificate issuer:       /CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
Certificate serial:       019D371C03F9B2F1DFE247A265AF8171C57F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
Manifest number:          188A
Signing time:             Sun 29 Mar 2026 01:01:15 +0000
Manifest this update:     Sun 29 Mar 2026 01:01:15 +0000
Manifest next update:     Mon 30 Mar 2026 01:01:15 +0000
Files and hashes:         1: b20hysOH8-N4uiOkynfeyTA7qS0.crl (hash: aXMr+/SrkbQFPtz3kc5zA4zgg4XMCaKIDq67SrfvCis=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 01:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:1c:03:f9:b2:f1:df:e2:47:a2:65:af:81:71:c5:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f6d21cac387f3e378ba23a4ca77dec9303ba92d
        Validity
            Not Before: Mar 29 01:01:15 2026 GMT
            Not After : Mar 30 01:01:15 2026 GMT
        Subject: CN=4b93a529985a35ad4d99712a64afffbf5b5936a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:15:94:c5:5f:b6:89:3c:78:ca:b9:10:63:0b:
                    a1:c9:50:ec:18:bd:8f:01:c8:0f:f4:1b:28:ed:64:
                    2f:80:7b:4c:28:c5:1c:09:f9:11:f6:bd:c0:18:6a:
                    5a:7a:62:6b:5e:ac:31:1e:b0:08:a4:97:32:e5:1b:
                    67:94:a6:5e:93:79:2d:62:56:52:3b:d1:54:0f:a1:
                    c0:0d:b1:40:c7:b9:9d:d8:7b:bc:87:06:44:16:6d:
                    23:23:b6:0b:d4:49:9c:ed:be:88:53:f9:5e:ba:01:
                    39:26:88:27:f1:37:a7:bc:db:3a:59:99:f9:96:ae:
                    9c:e7:5d:91:33:14:ac:47:50:1c:1b:ae:d7:6c:d8:
                    d3:90:f9:34:8e:0f:f2:f7:82:8f:61:e4:1e:e5:27:
                    6b:fa:9f:29:99:26:23:07:a7:e9:25:ef:84:1f:b6:
                    db:56:2b:9c:ac:e3:c5:a9:5d:79:e7:4e:15:f4:3b:
                    1c:c2:ab:bb:4c:58:d3:4a:b0:a7:0c:9f:a7:fb:da:
                    66:1b:1f:c7:07:2a:93:22:20:3b:f5:ad:81:52:7f:
                    eb:ee:27:ce:aa:55:5b:d5:8d:c1:b4:fd:6d:69:e9:
                    05:76:7d:96:b1:7d:97:ff:f0:a9:7b:b3:d5:ef:2d:
                    63:c3:a4:a8:f3:fa:6c:82:78:06:60:81:c2:c3:e5:
                    c6:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:93:A5:29:98:5A:35:AD:4D:99:71:2A:64:AF:FF:BF:5B:59:36:A3
            X509v3 Authority Key Identifier:
                keyid:6F:6D:21:CA:C3:87:F3:E3:78:BA:23:A4:CA:77:DE:C9:30:3B:A9:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b20hysOH8-N4uiOkynfeyTA7qS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6ff22e-853c-4bab-84cc-1aebca4b6db8/1/b20hysOH8-N4uiOkynfeyTA7qS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:26:e7:ae:18:85:68:26:a5:4e:5b:28:fe:a6:2f:d4:8a:92:
         2f:d1:0c:8f:eb:3e:30:ed:2f:18:5a:15:b4:1b:32:76:1e:a9:
         84:8b:5a:ae:0f:7f:b8:14:7d:cb:86:07:8b:4d:69:5f:e3:ff:
         d6:10:47:1e:22:4d:b3:29:67:9e:4a:8b:0e:de:6b:be:9b:1a:
         ae:55:6d:47:ec:4d:09:5b:23:04:99:d8:86:de:b0:5c:52:c9:
         8f:ad:05:e4:e9:33:72:04:e8:e5:bb:d3:c7:26:9d:5d:c9:2a:
         77:c6:9f:9a:1e:fb:4b:ea:31:67:fa:6c:68:d9:87:d5:30:49:
         2d:03:56:a9:d1:d3:fc:db:26:fc:25:08:cc:71:2d:3c:f4:99:
         a7:92:d4:27:d4:bc:60:8a:ca:3a:78:80:b7:66:34:dd:7b:20:
         b3:bb:d8:0b:1a:45:87:ac:f2:a1:75:fa:b1:25:b9:67:2d:37:
         23:84:d4:dc:31:f1:99:5d:e7:68:48:dc:09:1f:9f:2a:cd:4e:
         ea:7c:87:63:e9:d8:42:4b:93:0d:d7:ec:8d:fe:06:30:d0:7a:
         7c:6f:b9:ea:90:b9:01:9d:8a:ab:bd:2d:3b:2d:04:97:fb:cf:
         51:2e:70:2b:a8:b5:f0:9b:18:b6:de:6d:a8:b8:ea:3a:1b:da:
         ac:19:13:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03HAP5svHf4keiZa+BccV/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNmQyMWNhYzM4N2YzZTM3OGJhMjNhNGNhNzdkZWM5MzAz
YmE5MmQwHhcNMjYwMzI5MDEwMTE1WhcNMjYwMzMwMDEwMTE1WjAzMTEwLwYDVQQD
Eyg0YjkzYTUyOTk4NWEzNWFkNGQ5OTcxMmE2NGFmZmZiZjViNTkzNmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxWUxV+2iTx4yrkQYwuhyVDsGL2P
AcgP9Bso7WQvgHtMKMUcCfkR9r3AGGpaemJrXqwxHrAIpJcy5RtnlKZek3ktYlZS
O9FUD6HADbFAx7md2Hu8hwZEFm0jI7YL1Emc7b6IU/leugE5Jogn8TenvNs6WZn5
lq6c512RMxSsR1AcG67XbNjTkPk0jg/y94KPYeQe5Sdr+p8pmSYjB6fpJe+EH7bb
ViucrOPFqV15504V9Dscwqu7TFjTSrCnDJ+n+9pmGx/HByqTIiA79a2BUn/r7ifO
qlVb1Y3BtP1taekFdn2WsX2X//Cpe7PV7y1jw6So8/psgngGYIHCw+XGwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEuTpSmYWjWtTZlxKmSv/79bWTajMB8GA1UdIwQY
MBaAFG9tIcrDh/PjeLojpMp33skwO6ktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2Mt
MWFlYmNhNGI2ZGI4LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi82ZmYyMmUtODUzYy00YmFiLTg0Y2MtMWFlYmNhNGI2ZGI4
LzEvYjIwaHlzT0g4LU40dWlPa3luZmV5VEE3cVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnCbnrhiF
aCalTlso/qYv1IqSL9EMj+s+MO0vGFoVtBsydh6phItarg9/uBR9y4YHi01pX+P/
1hBHHiJNsylnnkqLDt5rvpsarlVtR+xNCVsjBJnYht6wXFLJj60F5OkzcgTo5bvT
xyadXckqd8afmh77S+oxZ/psaNmH1TBJLQNWqdHT/Nsm/CUIzHEtPPSZp5LUJ9S8
YIrKOniAt2Y03Xsgs7vYCxpFh6zyoXX6sSW5Zy03I4TU3DHxmV3naEjcCR+fKs1O
6nyHY+nYQkuTDdfsjf4GMNB6fG+56pC5AZ2Kq70tOy0El/vPUS5wK6i18JsYtt5t
qLjqOhvarBkTug==
-----END CERTIFICATE-----