Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1d2f2d-a425-44ab-9b5d-8c3b40285566/1/SFF8v1-HKM7CSvPC6G7PuANT5g0.mft
File:                     SFF8v1-HKM7CSvPC6G7PuANT5g0.mft (raw, json)
Hash identifier:          AqCszNaL9fQWGQlLneo00uZ+79aMlrIUrqf2aZKtQSc=
Subject key identifier:   11:64:54:EA:66:92:F9:57:E9:75:7C:37:17:24:C4:3F:7B:83:5A:0F
Authority key identifier: 48:51:7C:BF:5F:87:28:CE:C2:4A:F3:C2:E8:6E:CF:B8:03:53:E6:0D
Certificate issuer:       /CN=48517cbf5f8728cec24af3c2e86ecfb80353e60d
Certificate serial:       019D36E4B2487ADD7D70896018E3BD730534
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SFF8v1-HKM7CSvPC6G7PuANT5g0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/1d2f2d-a425-44ab-9b5d-8c3b40285566/1/SFF8v1-HKM7CSvPC6G7PuANT5g0.mft
Manifest number:          0F6E
Signing time:             Sun 29 Mar 2026 00:00:50 +0000
Manifest this update:     Sun 29 Mar 2026 00:00:50 +0000
Manifest next update:     Mon 30 Mar 2026 00:00:50 +0000
Files and hashes:         1: SFF8v1-HKM7CSvPC6G7PuANT5g0.crl (hash: cCmQW43GoFjMA7QF3O7aqVk5WIO50aptI6E4QkvQUec=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/1d2f2d-a425-44ab-9b5d-8c3b40285566/1/SFF8v1-HKM7CSvPC6G7PuANT5g0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/1d2f2d-a425-44ab-9b5d-8c3b40285566/1/SFF8v1-HKM7CSvPC6G7PuANT5g0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SFF8v1-HKM7CSvPC6G7PuANT5g0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 00:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:36:e4:b2:48:7a:dd:7d:70:89:60:18:e3:bd:73:05:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=48517cbf5f8728cec24af3c2e86ecfb80353e60d
        Validity
            Not Before: Mar 29 00:00:50 2026 GMT
            Not After : Mar 30 00:00:50 2026 GMT
        Subject: CN=116454ea6692f957e9757c371724c43f7b835a0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:58:fa:61:b1:7b:bd:5c:be:2c:b9:1a:e7:87:
                    9b:bd:81:fd:ed:8c:0c:fa:f9:46:21:00:cd:2e:c7:
                    50:39:ce:a4:3c:7c:15:8c:ca:57:91:f8:a2:93:3e:
                    33:ec:12:70:35:f9:df:0d:4c:d7:6f:47:0f:e7:c9:
                    73:27:ce:d4:8a:a4:72:0b:95:03:2e:fe:99:f7:a8:
                    d6:20:8f:bb:14:90:2f:dd:1f:08:37:f1:c8:0b:12:
                    e3:0f:07:dd:09:0f:b5:95:75:b5:4c:23:c5:a3:d6:
                    38:58:61:57:d6:b8:85:56:8f:3f:79:62:32:f7:c7:
                    80:45:bc:7b:2b:38:0b:52:43:17:b7:91:d9:7b:2f:
                    1f:3a:ea:f0:1f:fa:7f:53:61:a2:25:25:0a:48:42:
                    2f:2a:d6:b2:4c:26:10:f6:06:0a:b1:e7:b9:3f:0e:
                    22:d8:fa:62:e6:3d:56:f8:fe:64:83:84:e7:64:9a:
                    bc:d6:6c:23:29:5a:39:40:53:e6:65:1b:ec:63:9c:
                    2a:a3:a0:1e:23:9c:2d:fc:9a:f0:f2:fc:58:6f:61:
                    03:e2:65:60:14:83:57:0c:da:c1:52:52:7e:ed:ca:
                    30:b8:6b:0e:aa:0f:0f:24:75:be:17:48:3b:3d:7e:
                    f0:73:5a:67:08:fb:de:3f:ba:58:7b:f1:01:54:cd:
                    12:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:64:54:EA:66:92:F9:57:E9:75:7C:37:17:24:C4:3F:7B:83:5A:0F
            X509v3 Authority Key Identifier:
                keyid:48:51:7C:BF:5F:87:28:CE:C2:4A:F3:C2:E8:6E:CF:B8:03:53:E6:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SFF8v1-HKM7CSvPC6G7PuANT5g0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1d2f2d-a425-44ab-9b5d-8c3b40285566/1/SFF8v1-HKM7CSvPC6G7PuANT5g0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1d2f2d-a425-44ab-9b5d-8c3b40285566/1/SFF8v1-HKM7CSvPC6G7PuANT5g0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:92:98:4b:6d:94:fa:fa:78:75:5c:aa:b0:3a:0a:7f:ef:dc:
         25:c5:cf:32:2b:eb:64:b0:f2:76:59:6c:4e:34:22:b7:01:8f:
         75:bc:2d:b5:43:2d:d3:3a:8c:47:71:c1:df:69:95:dc:a2:6c:
         a1:e1:c6:21:26:21:68:1f:2a:f1:97:0b:e8:70:ea:d4:22:e6:
         4b:3c:3b:7b:3a:a3:dd:c9:28:10:e1:49:0c:f5:60:1e:09:c5:
         a9:ba:f2:f1:e8:a3:48:8d:f1:39:d7:f6:17:a5:41:ab:05:2e:
         20:d3:18:cc:c5:c9:e5:58:58:8a:c5:c0:b4:2c:6d:4a:5b:3b:
         60:3f:21:a2:46:d2:61:8f:b0:5f:29:99:3d:fb:cb:60:4c:be:
         ce:02:dd:d6:1d:56:1a:d5:eb:a5:29:a9:71:c4:2d:a7:a1:33:
         59:c2:79:7e:02:16:d2:5b:87:cb:a8:a2:1f:84:3f:fb:5e:79:
         96:e3:2c:2e:02:e0:d9:b6:0b:e7:db:ec:32:a5:79:d6:08:d3:
         fb:50:67:6d:9e:61:cc:d5:25:9e:a6:9d:96:cd:27:68:08:8f:
         4c:e5:00:7b:07:ca:3c:d7:3d:0c:f7:9d:59:49:b3:79:11:a6:
         0f:d2:d2:64:ad:0b:b7:fb:fc:86:0b:ac:c2:c6:60:36:c0:4f:
         06:12:b3:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ025LJIet19cIlgGOO9cwU0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NTE3Y2JmNWY4NzI4Y2VjMjRhZjNjMmU4NmVjZmI4MDM1
M2U2MGQwHhcNMjYwMzI5MDAwMDUwWhcNMjYwMzMwMDAwMDUwWjAzMTEwLwYDVQQD
EygxMTY0NTRlYTY2OTJmOTU3ZTk3NTdjMzcxNzI0YzQzZjdiODM1YTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA71j6YbF7vVy+LLka54ebvYH97YwM
+vlGIQDNLsdQOc6kPHwVjMpXkfiikz4z7BJwNfnfDUzXb0cP58lzJ87UiqRyC5UD
Lv6Z96jWII+7FJAv3R8IN/HICxLjDwfdCQ+1lXW1TCPFo9Y4WGFX1riFVo8/eWIy
98eARbx7KzgLUkMXt5HZey8fOurwH/p/U2GiJSUKSEIvKtayTCYQ9gYKsee5Pw4i
2Ppi5j1W+P5kg4TnZJq81mwjKVo5QFPmZRvsY5wqo6AeI5wt/Jrw8vxYb2ED4mVg
FINXDNrBUlJ+7cowuGsOqg8PJHW+F0g7PX7wc1pnCPveP7pYe/EBVM0S/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBFkVOpmkvlX6XV8NxckxD97g1oPMB8GA1UdIwQY
MBaAFEhRfL9fhyjOwkrzwuhuz7gDU+YNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0ZGOHYxLUhLTTdDU3ZQQzZHN1B1QU5UNWcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZDJmMmQtYTQyNS00NGFiLTliNWQt
OGMzYjQwMjg1NTY2LzEvU0ZGOHYxLUhLTTdDU3ZQQzZHN1B1QU5UNWcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZDJmMmQtYTQyNS00NGFiLTliNWQtOGMzYjQwMjg1NTY2
LzEvU0ZGOHYxLUhLTTdDU3ZQQzZHN1B1QU5UNWcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANJKYS22U
+vp4dVyqsDoKf+/cJcXPMivrZLDydllsTjQitwGPdbwttUMt0zqMR3HB32mV3KJs
oeHGISYhaB8q8ZcL6HDq1CLmSzw7ezqj3ckoEOFJDPVgHgnFqbry8eijSI3xOdf2
F6VBqwUuINMYzMXJ5VhYisXAtCxtSls7YD8hokbSYY+wXymZPfvLYEy+zgLd1h1W
GtXrpSmpccQtp6EzWcJ5fgIW0luHy6iiH4Q/+155luMsLgLg2bYL59vsMqV51gjT
+1BnbZ5hzNUlnqadls0naAiPTOUAewfKPNc9DPedWUmzeRGmD9LSZK0Lt/v8hgus
wsZgNsBPBhKzfA==
-----END CERTIFICATE-----