Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft
File:                     8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft (raw, json)
Hash identifier:          mnNwVcQJsocZt5oHssUSMdVhBQClQvn7rFSIEg6VvAw=
Subject key identifier:   2A:5A:B5:87:BA:C3:27:EC:2E:8D:34:0F:CF:0E:3F:FB:F2:9E:A5:9D
Authority key identifier: F0:8A:2C:EC:71:01:F2:17:73:DE:FC:59:16:C0:8B:01:C1:85:90:E7
Certificate issuer:       /CN=f08a2cec7101f21773defc5916c08b01c18590e7
Certificate serial:       019D382E86B43617CC5043860DBAEFF8DDAC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8Ios7HEB8hdz3vxZFsCLAcGFkOc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft
Manifest number:          01AB
Signing time:             Sun 29 Mar 2026 06:01:06 +0000
Manifest this update:     Sun 29 Mar 2026 06:01:06 +0000
Manifest next update:     Mon 30 Mar 2026 06:01:06 +0000
Files and hashes:         1: 8Ios7HEB8hdz3vxZFsCLAcGFkOc.crl (hash: BPnDhcJgyzUpezCkZsZORdwM2a5gXoiMnl8zh4Why+s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8Ios7HEB8hdz3vxZFsCLAcGFkOc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 06:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:2e:86:b4:36:17:cc:50:43:86:0d:ba:ef:f8:dd:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f08a2cec7101f21773defc5916c08b01c18590e7
        Validity
            Not Before: Mar 29 06:01:06 2026 GMT
            Not After : Mar 30 06:01:06 2026 GMT
        Subject: CN=2a5ab587bac327ec2e8d340fcf0e3ffbf29ea59d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:06:9d:3b:3c:08:00:de:af:15:a1:c6:44:e9:
                    16:4f:27:9c:90:44:9f:ce:b3:9f:5c:e9:a6:3b:bb:
                    3d:9f:b3:ff:ec:b4:9a:02:2f:a1:70:96:60:94:a4:
                    e6:f7:93:11:cb:95:98:48:6d:39:3d:b7:a5:4e:7b:
                    49:b5:f5:e1:5f:41:c8:0c:a5:45:0b:e2:d4:cd:31:
                    dd:46:e6:0a:a0:78:32:c7:f7:7f:a1:c8:01:2a:71:
                    4f:a2:5e:cf:8d:7e:c2:8e:8a:09:6e:51:e6:d2:69:
                    b0:22:b3:ab:44:69:7e:61:5e:dc:f5:fc:c8:d5:c5:
                    a5:23:e9:d6:86:16:a2:97:91:b2:b7:8a:b7:2e:1f:
                    5c:a6:48:e2:14:44:a1:af:90:05:52:94:3d:36:c2:
                    3a:20:47:64:06:ba:80:3f:d8:2a:6a:92:4e:ef:04:
                    eb:02:2b:b2:e0:c6:f3:3c:e5:55:0f:cf:4f:60:24:
                    5d:bf:d5:90:fe:ad:8e:42:59:ef:d1:f4:c3:fb:4c:
                    2b:c2:a7:9a:9b:94:f3:01:8e:04:3c:32:c8:3d:18:
                    9d:8b:34:bc:16:ca:27:1b:96:f7:5b:dc:db:11:3e:
                    ef:d3:be:64:87:62:5b:ea:0b:ad:d3:e8:89:fc:4c:
                    f3:0f:f2:2f:c8:40:84:9a:cd:57:c1:c3:25:98:e6:
                    6c:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:5A:B5:87:BA:C3:27:EC:2E:8D:34:0F:CF:0E:3F:FB:F2:9E:A5:9D
            X509v3 Authority Key Identifier:
                keyid:F0:8A:2C:EC:71:01:F2:17:73:DE:FC:59:16:C0:8B:01:C1:85:90:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Ios7HEB8hdz3vxZFsCLAcGFkOc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:17:55:5d:a9:07:4b:28:11:e2:4f:e0:16:d9:ef:e6:30:ec:
         3b:58:c5:f3:03:6a:44:36:c7:04:9e:33:91:77:b9:26:b3:c5:
         0e:83:6b:24:47:31:f6:5d:f3:f3:47:a4:cc:c4:35:c5:4c:95:
         4d:fe:3a:df:9d:fb:d1:12:ca:f5:d4:10:f3:95:5e:0f:48:37:
         cf:93:9a:51:ac:3c:db:56:29:11:7a:92:7d:2f:01:f5:ec:f8:
         85:58:0d:5a:fc:26:fb:d8:3c:6c:c7:a3:99:3a:64:83:42:cb:
         c9:dd:4c:5a:d3:3d:8b:a0:be:7c:04:c7:81:64:ba:79:c4:cf:
         e2:c3:2f:f9:f9:55:3d:cd:ef:12:78:d6:3b:1d:1f:94:5f:3c:
         6a:f1:f4:79:26:18:58:fa:0f:a2:45:6a:50:76:00:bf:98:cb:
         6f:72:4b:e1:87:67:d1:78:2c:e8:06:43:f1:87:96:0e:0b:2b:
         ec:f9:d0:97:71:4e:b2:78:56:ce:c6:24:4c:95:56:34:9e:b1:
         38:fa:1d:26:4d:9f:40:6a:eb:72:0c:14:db:db:51:9a:f6:94:
         98:78:5c:70:3f:e3:2b:ba:5d:f3:8d:79:20:d9:d2:4c:69:d4:
         4f:2b:e4:f8:02:7f:cc:fd:cb:11:d4:01:dd:f2:a4:7e:44:a5:
         1e:7b:42:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Loa0NhfMUEOGDbrv+N2sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwOGEyY2VjNzEwMWYyMTc3M2RlZmM1OTE2YzA4YjAxYzE4
NTkwZTcwHhcNMjYwMzI5MDYwMTA2WhcNMjYwMzMwMDYwMTA2WjAzMTEwLwYDVQQD
EygyYTVhYjU4N2JhYzMyN2VjMmU4ZDM0MGZjZjBlM2ZmYmYyOWVhNTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7QadOzwIAN6vFaHGROkWTyeckESf
zrOfXOmmO7s9n7P/7LSaAi+hcJZglKTm95MRy5WYSG05PbelTntJtfXhX0HIDKVF
C+LUzTHdRuYKoHgyx/d/ocgBKnFPol7PjX7CjooJblHm0mmwIrOrRGl+YV7c9fzI
1cWlI+nWhhail5Gyt4q3Lh9cpkjiFEShr5AFUpQ9NsI6IEdkBrqAP9gqapJO7wTr
Aiuy4MbzPOVVD89PYCRdv9WQ/q2OQlnv0fTD+0wrwqeam5TzAY4EPDLIPRidizS8
FsonG5b3W9zbET7v075kh2Jb6gut0+iJ/EzzD/IvyECEms1XwcMlmOZsTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCpatYe6wyfsLo00D88OP/vynqWdMB8GA1UdIwQY
MBaAFPCKLOxxAfIXc978WRbAiwHBhZDnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOElvczdIRUI4aGR6M3Z4WkZzQ0xBY0dGa09jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82ZjI1MmQtNTllZC00YTIyLTlkOTct
NjViNjQwOGJkZmZlLzEvOElvczdIRUI4aGR6M3Z4WkZzQ0xBY0dGa09jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82ZjI1MmQtNTllZC00YTIyLTlkOTctNjViNjQwOGJkZmZl
LzEvOElvczdIRUI4aGR6M3Z4WkZzQ0xBY0dGa09jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmBdVXakH
SygR4k/gFtnv5jDsO1jF8wNqRDbHBJ4zkXe5JrPFDoNrJEcx9l3z80ekzMQ1xUyV
Tf4635370RLK9dQQ85VeD0g3z5OaUaw821YpEXqSfS8B9ez4hVgNWvwm+9g8bMej
mTpkg0LLyd1MWtM9i6C+fATHgWS6ecTP4sMv+flVPc3vEnjWOx0flF88avH0eSYY
WPoPokVqUHYAv5jLb3JL4Ydn0Xgs6AZD8YeWDgsr7PnQl3FOsnhWzsYkTJVWNJ6x
OPodJk2fQGrrcgwU29tRmvaUmHhccD/jK7pd8415INnSTGnUTyvk+AJ/zP3LEdQB
3fKkfkSlHntCAA==
-----END CERTIFICATE-----