Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/916742-51f9-4eb4-a195-29fd80ba4bf1/1/u8v1S15m1hoXV2yMc2vyZy47mho.mft
File:                     u8v1S15m1hoXV2yMc2vyZy47mho.mft (raw, json)
Hash identifier:          22w6t1ZcbZNu23Ss6ZrM3nW0956NJE+kLfirBSQ+YrQ=
Subject key identifier:   5F:00:14:BB:57:FD:C0:52:C4:CD:BB:1D:29:A2:BA:DA:91:04:8D:31
Authority key identifier: BB:CB:F5:4B:5E:66:D6:1A:17:57:6C:8C:73:6B:F2:67:2E:3B:9A:1A
Certificate issuer:       /CN=bbcbf54b5e66d61a17576c8c736bf2672e3b9a1a
Certificate serial:       019D3940716B848633EA4887AF2301213B13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u8v1S15m1hoXV2yMc2vyZy47mho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/916742-51f9-4eb4-a195-29fd80ba4bf1/1/u8v1S15m1hoXV2yMc2vyZy47mho.mft
Manifest number:          09F1
Signing time:             Sun 29 Mar 2026 11:00:17 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:17 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:17 +0000
Files and hashes:         1: u8v1S15m1hoXV2yMc2vyZy47mho.crl (hash: TCU150j/77L/uhZ8Kph8h66B7BiMK6FSm2swdBk79MQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/916742-51f9-4eb4-a195-29fd80ba4bf1/1/u8v1S15m1hoXV2yMc2vyZy47mho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/916742-51f9-4eb4-a195-29fd80ba4bf1/1/u8v1S15m1hoXV2yMc2vyZy47mho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/u8v1S15m1hoXV2yMc2vyZy47mho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:71:6b:84:86:33:ea:48:87:af:23:01:21:3b:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bbcbf54b5e66d61a17576c8c736bf2672e3b9a1a
        Validity
            Not Before: Mar 29 11:00:17 2026 GMT
            Not After : Mar 30 11:00:17 2026 GMT
        Subject: CN=5f0014bb57fdc052c4cdbb1d29a2bada91048d31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:67:1a:97:c5:79:5a:57:d1:17:f8:db:9e:be:
                    34:57:e0:67:35:0c:e2:70:5f:da:a8:cb:ea:81:ce:
                    5a:0a:af:68:1e:b5:85:ba:c1:5f:76:aa:be:a3:a9:
                    d1:d8:2f:13:4c:88:9b:18:9a:ab:5e:aa:e9:f8:d7:
                    a6:f5:9d:6d:ce:57:81:97:e4:d2:22:6c:c4:98:f3:
                    42:0a:39:d6:2c:4c:83:2f:ff:d4:31:3f:b3:1a:dd:
                    88:ba:1a:77:c2:5a:db:08:3c:d7:d9:0f:16:80:b1:
                    ab:d0:41:34:2a:a6:31:c8:ac:12:51:0c:e8:af:d5:
                    37:46:53:3f:41:df:13:81:82:0c:c5:80:53:3f:f1:
                    17:5d:8b:c8:df:69:9f:d1:c7:c2:b6:25:a0:d2:aa:
                    ba:fd:c9:43:72:f9:bd:64:49:8d:c6:fd:72:14:d3:
                    48:da:5f:61:89:ca:1f:b2:9f:3b:5d:49:6f:ff:ae:
                    99:ac:4d:da:85:3a:cb:cd:95:50:7b:d6:8e:bd:83:
                    6b:66:0c:5d:32:2e:16:b0:6a:17:37:fd:12:24:dd:
                    71:19:5c:fa:16:6f:22:25:9f:d7:1a:a8:5b:65:d3:
                    c3:ea:f4:76:f7:20:1d:51:3f:30:bb:bc:cc:12:8f:
                    ea:a5:61:5f:22:0e:1d:7a:26:9e:52:ca:00:c5:77:
                    f8:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:00:14:BB:57:FD:C0:52:C4:CD:BB:1D:29:A2:BA:DA:91:04:8D:31
            X509v3 Authority Key Identifier:
                keyid:BB:CB:F5:4B:5E:66:D6:1A:17:57:6C:8C:73:6B:F2:67:2E:3B:9A:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u8v1S15m1hoXV2yMc2vyZy47mho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/916742-51f9-4eb4-a195-29fd80ba4bf1/1/u8v1S15m1hoXV2yMc2vyZy47mho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/916742-51f9-4eb4-a195-29fd80ba4bf1/1/u8v1S15m1hoXV2yMc2vyZy47mho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:8c:22:f4:66:ea:f0:c0:b4:9e:ae:97:ab:fc:e5:d4:f9:63:
         92:23:6d:9b:78:85:d8:32:24:d5:e7:8e:d2:02:28:50:a0:32:
         97:5b:ff:5a:25:81:2a:2d:c2:a0:8c:b1:10:40:5d:c2:6b:5d:
         73:71:97:9a:f2:0f:51:e4:41:7c:4a:e1:43:03:d8:a0:c3:15:
         9c:cd:f7:d0:d9:4e:8b:8c:0d:53:22:49:d1:55:79:2f:45:ad:
         dc:12:03:46:88:c8:3d:7c:c3:12:5f:43:ca:4e:5d:06:ab:be:
         98:3b:66:b2:a2:c7:52:6a:e3:b1:e6:0c:55:fa:ee:7d:22:ec:
         7c:37:06:e1:01:93:2a:98:a5:d6:fb:7a:02:80:75:3f:b6:57:
         be:7a:39:bd:6c:61:2a:19:0d:51:7a:bf:40:5b:cc:ff:eb:21:
         59:67:a9:19:91:90:e5:bf:d5:70:66:1e:0e:46:7f:dd:04:e7:
         c1:f1:b9:aa:04:bf:a7:0f:32:81:19:0e:48:e8:cc:a3:ef:a8:
         96:16:23:6c:5d:c3:41:af:26:46:9b:6a:e7:1e:b5:e3:d3:cf:
         6c:9f:e3:73:51:ed:ca:38:49:4b:7e:c5:57:20:5e:cf:3d:a2:
         8d:95:e7:d1:ab:17:d5:cc:e4:b7:37:af:d1:dd:5a:9c:16:f1:
         95:f2:20:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QHFrhIYz6kiHryMBITsTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiY2JmNTRiNWU2NmQ2MWExNzU3NmM4YzczNmJmMjY3MmUz
YjlhMWEwHhcNMjYwMzI5MTEwMDE3WhcNMjYwMzMwMTEwMDE3WjAzMTEwLwYDVQQD
Eyg1ZjAwMTRiYjU3ZmRjMDUyYzRjZGJiMWQyOWEyYmFkYTkxMDQ4ZDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGcal8V5WlfRF/jbnr40V+BnNQzi
cF/aqMvqgc5aCq9oHrWFusFfdqq+o6nR2C8TTIibGJqrXqrp+Nem9Z1tzleBl+TS
ImzEmPNCCjnWLEyDL//UMT+zGt2Iuhp3wlrbCDzX2Q8WgLGr0EE0KqYxyKwSUQzo
r9U3RlM/Qd8TgYIMxYBTP/EXXYvI32mf0cfCtiWg0qq6/clDcvm9ZEmNxv1yFNNI
2l9hicofsp87XUlv/66ZrE3ahTrLzZVQe9aOvYNrZgxdMi4WsGoXN/0SJN1xGVz6
Fm8iJZ/XGqhbZdPD6vR29yAdUT8wu7zMEo/qpWFfIg4deiaeUsoAxXf4RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF8AFLtX/cBSxM27HSmiutqRBI0xMB8GA1UdIwQY
MBaAFLvL9UteZtYaF1dsjHNr8mcuO5oaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTh2MVMxNW0xaG9YVjJ5TWMydnlaeTQ3bWhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC85MTY3NDItNTFmOS00ZWI0LWExOTUt
MjlmZDgwYmE0YmYxLzEvdTh2MVMxNW0xaG9YVjJ5TWMydnlaeTQ3bWhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC85MTY3NDItNTFmOS00ZWI0LWExOTUtMjlmZDgwYmE0YmYx
LzEvdTh2MVMxNW0xaG9YVjJ5TWMydnlaeTQ3bWhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAIwi9Gbq
8MC0nq6Xq/zl1PljkiNtm3iF2DIk1eeO0gIoUKAyl1v/WiWBKi3CoIyxEEBdwmtd
c3GXmvIPUeRBfErhQwPYoMMVnM330NlOi4wNUyJJ0VV5L0Wt3BIDRojIPXzDEl9D
yk5dBqu+mDtmsqLHUmrjseYMVfrufSLsfDcG4QGTKpil1vt6AoB1P7ZXvno5vWxh
KhkNUXq/QFvM/+shWWepGZGQ5b/VcGYeDkZ/3QTnwfG5qgS/pw8ygRkOSOjMo++o
lhYjbF3DQa8mRptq5x6149PPbJ/jc1HtyjhJS37FVyBezz2ijZXn0asX1czktzev
0d1anBbxlfIgNQ==
-----END CERTIFICATE-----