Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/bbf773-67f9-4be5-95cb-70d7f8f4925a/1/stNBgAdlZtcr7mHzoybFbgq7gEo.mft
File:                     stNBgAdlZtcr7mHzoybFbgq7gEo.mft (raw, json)
Hash identifier:          cbfOzDRIw0Mm2YJFOMsLdXjk39kYJiO/6evMWiql2Fs=
Subject key identifier:   A0:BE:57:21:81:1E:53:D2:5B:D5:98:99:E7:B9:1A:37:61:8B:2B:B6
Authority key identifier: B2:D3:41:80:07:65:66:D7:2B:EE:61:F3:A3:26:C5:6E:0A:BB:80:4A
Certificate issuer:       /CN=b2d34180076566d72bee61f3a326c56e0abb804a
Certificate serial:       019D38663031D46680E7052057EF3062C41B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/stNBgAdlZtcr7mHzoybFbgq7gEo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/bbf773-67f9-4be5-95cb-70d7f8f4925a/1/stNBgAdlZtcr7mHzoybFbgq7gEo.mft
Manifest number:          1168
Signing time:             Sun 29 Mar 2026 07:01:54 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:54 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:54 +0000
Files and hashes:         1: stNBgAdlZtcr7mHzoybFbgq7gEo.crl (hash: KVgXn8gHwQ12TvWUk/fm1aqi6KA50OQJ/C4i1vPcEOU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ad/bbf773-67f9-4be5-95cb-70d7f8f4925a/1/stNBgAdlZtcr7mHzoybFbgq7gEo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ad/bbf773-67f9-4be5-95cb-70d7f8f4925a/1/stNBgAdlZtcr7mHzoybFbgq7gEo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/stNBgAdlZtcr7mHzoybFbgq7gEo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:30:31:d4:66:80:e7:05:20:57:ef:30:62:c4:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2d34180076566d72bee61f3a326c56e0abb804a
        Validity
            Not Before: Mar 29 07:01:54 2026 GMT
            Not After : Mar 30 07:01:54 2026 GMT
        Subject: CN=a0be5721811e53d25bd59899e7b91a37618b2bb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:95:67:9e:65:05:6d:65:5a:1d:4e:2e:59:4a:
                    e1:96:15:7c:aa:bd:f5:ca:f2:30:00:bd:a1:46:a7:
                    02:21:48:ee:01:b2:82:de:f4:d5:d0:08:e8:73:85:
                    5a:c3:0d:e6:e4:8d:f9:a6:89:db:cb:ad:ee:a2:5c:
                    35:e1:a0:3c:ec:d0:fd:77:3e:a7:7b:75:d4:87:9f:
                    bb:7f:18:ee:a9:16:4b:b3:ca:34:23:c2:0b:6a:5a:
                    18:5b:b9:cb:b3:42:97:59:3c:ce:84:e2:99:b7:b9:
                    ce:f0:1a:0e:b2:41:87:a3:2e:b3:54:88:1e:00:78:
                    8f:e2:41:83:2d:78:11:0a:e1:03:08:56:77:c8:55:
                    9a:b9:68:9e:9c:de:c6:ae:21:35:2f:cf:cd:94:9b:
                    92:04:60:d8:b9:ef:3d:5a:65:49:7a:9b:0e:73:82:
                    ab:8b:03:64:f0:6e:4b:86:70:20:fd:97:ee:62:10:
                    b6:a5:06:76:1a:05:67:ce:71:df:ee:c9:11:d9:f7:
                    f1:75:ab:81:c9:6c:28:93:39:51:68:71:28:84:b5:
                    81:bd:f4:36:24:d1:b8:3a:d2:a3:db:6a:70:b9:1e:
                    41:4c:6b:20:02:14:cd:a3:e4:98:f3:77:56:9f:de:
                    49:a7:33:b3:1a:d2:3c:3a:84:cd:91:1c:94:77:d8:
                    db:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:BE:57:21:81:1E:53:D2:5B:D5:98:99:E7:B9:1A:37:61:8B:2B:B6
            X509v3 Authority Key Identifier:
                keyid:B2:D3:41:80:07:65:66:D7:2B:EE:61:F3:A3:26:C5:6E:0A:BB:80:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stNBgAdlZtcr7mHzoybFbgq7gEo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/bbf773-67f9-4be5-95cb-70d7f8f4925a/1/stNBgAdlZtcr7mHzoybFbgq7gEo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/bbf773-67f9-4be5-95cb-70d7f8f4925a/1/stNBgAdlZtcr7mHzoybFbgq7gEo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:df:50:5d:2d:4e:11:5c:50:21:2e:ff:63:bc:46:85:7f:2a:
         71:05:3d:6e:05:ce:d3:58:6a:ab:7a:8f:6e:1a:0c:73:1e:ee:
         e4:88:f1:9d:1e:bd:fa:d7:a2:10:6c:ba:f3:65:5a:9f:7b:b4:
         b9:ab:66:50:93:bd:12:1c:f5:2b:e2:60:8d:0d:37:46:e2:8a:
         e6:7b:99:ef:51:47:9c:28:c6:80:ed:13:50:fc:55:e4:b9:88:
         7d:b7:a1:b1:8f:3f:78:81:d0:28:30:1a:a8:7b:aa:c4:f9:1b:
         6c:6e:7a:e8:43:92:fa:b2:8f:e0:26:38:c8:ae:95:7e:df:85:
         4c:b6:cf:28:12:13:ab:0f:3c:b3:5b:ef:51:b4:1d:10:ad:b8:
         1c:4c:97:81:e2:b6:ba:aa:47:a3:9a:9b:28:4e:02:72:e6:22:
         95:8e:a2:d4:4f:a6:3c:aa:b3:f9:1a:de:17:35:5c:07:fb:cd:
         ca:9a:0c:bc:85:28:72:32:19:4d:6d:2a:27:df:63:39:b2:49:
         06:ae:8c:a0:8c:03:fe:99:a6:d2:ff:bc:42:e8:62:42:2d:b6:
         9e:07:ce:45:af:25:47:07:1b:c5:2f:40:c7:1c:68:0a:a6:4d:
         c0:41:6c:57:64:e4:b9:f0:f0:97:2e:ca:da:43:9a:a4:9c:f3:
         77:ba:f0:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZjAx1GaA5wUgV+8wYsQbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZDM0MTgwMDc2NTY2ZDcyYmVlNjFmM2EzMjZjNTZlMGFi
YjgwNGEwHhcNMjYwMzI5MDcwMTU0WhcNMjYwMzMwMDcwMTU0WjAzMTEwLwYDVQQD
EyhhMGJlNTcyMTgxMWU1M2QyNWJkNTk4OTllN2I5MWEzNzYxOGIyYmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJVnnmUFbWVaHU4uWUrhlhV8qr31
yvIwAL2hRqcCIUjuAbKC3vTV0Ajoc4Vaww3m5I35ponby63uolw14aA87ND9dz6n
e3XUh5+7fxjuqRZLs8o0I8ILaloYW7nLs0KXWTzOhOKZt7nO8BoOskGHoy6zVIge
AHiP4kGDLXgRCuEDCFZ3yFWauWienN7GriE1L8/NlJuSBGDYue89WmVJepsOc4Kr
iwNk8G5LhnAg/ZfuYhC2pQZ2GgVnznHf7skR2ffxdauByWwokzlRaHEohLWBvfQ2
JNG4OtKj22pwuR5BTGsgAhTNo+SY83dWn95JpzOzGtI8OoTNkRyUd9jbdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKC+VyGBHlPSW9WYmee5Gjdhiyu2MB8GA1UdIwQY
MBaAFLLTQYAHZWbXK+5h86MmxW4Ku4BKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3ROQmdBZGxadGNyN21Iem95YkZiZ3E3Z0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9iYmY3NzMtNjdmOS00YmU1LTk1Y2It
NzBkN2Y4ZjQ5MjVhLzEvc3ROQmdBZGxadGNyN21Iem95YkZiZ3E3Z0VvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9iYmY3NzMtNjdmOS00YmU1LTk1Y2ItNzBkN2Y4ZjQ5MjVh
LzEvc3ROQmdBZGxadGNyN21Iem95YkZiZ3E3Z0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE99QXS1O
EVxQIS7/Y7xGhX8qcQU9bgXO01hqq3qPbhoMcx7u5IjxnR69+teiEGy682Van3u0
uatmUJO9Ehz1K+JgjQ03RuKK5nuZ71FHnCjGgO0TUPxV5LmIfbehsY8/eIHQKDAa
qHuqxPkbbG566EOS+rKP4CY4yK6Vft+FTLbPKBITqw88s1vvUbQdEK24HEyXgeK2
uqpHo5qbKE4CcuYilY6i1E+mPKqz+RreFzVcB/vNypoMvIUocjIZTW0qJ99jObJJ
Bq6MoIwD/pmm0v+8QuhiQi22ngfORa8lRwcbxS9AxxxoCqZNwEFsV2TkufDwly7K
2kOapJzzd7rwbA==
-----END CERTIFICATE-----