Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/047982-37de-4e70-bebd-7c9e10517c25/1/8M0rO57YMSbUXboSAD1sbjWms4A.mft
File:                     8M0rO57YMSbUXboSAD1sbjWms4A.mft (raw, json)
Hash identifier:          IXTfebYZAIFrfAKZGLexpynEekX+8nbWlAhF56XX4uI=
Subject key identifier:   1A:29:76:BF:F1:6D:F2:75:0E:A8:64:3F:CF:C7:B1:B5:AC:91:AB:38
Authority key identifier: F0:CD:2B:3B:9E:D8:31:26:D4:5D:BA:12:00:3D:6C:6E:35:A6:B3:80
Certificate issuer:       /CN=f0cd2b3b9ed83126d45dba12003d6c6e35a6b380
Certificate serial:       019D37C08359B7CB93C6F0C1532225EB802B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8M0rO57YMSbUXboSAD1sbjWms4A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/047982-37de-4e70-bebd-7c9e10517c25/1/8M0rO57YMSbUXboSAD1sbjWms4A.mft
Manifest number:          15B5
Signing time:             Sun 29 Mar 2026 04:00:56 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:56 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:56 +0000
Files and hashes:         1: 8M0rO57YMSbUXboSAD1sbjWms4A.crl (hash: +4fgAHL7WLHnGZ2mQvj9g1WQPbHiOw+jeI5vXX2eqr8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/047982-37de-4e70-bebd-7c9e10517c25/1/8M0rO57YMSbUXboSAD1sbjWms4A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/047982-37de-4e70-bebd-7c9e10517c25/1/8M0rO57YMSbUXboSAD1sbjWms4A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8M0rO57YMSbUXboSAD1sbjWms4A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:83:59:b7:cb:93:c6:f0:c1:53:22:25:eb:80:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f0cd2b3b9ed83126d45dba12003d6c6e35a6b380
        Validity
            Not Before: Mar 29 04:00:56 2026 GMT
            Not After : Mar 30 04:00:56 2026 GMT
        Subject: CN=1a2976bff16df2750ea8643fcfc7b1b5ac91ab38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:3f:ec:e8:2c:12:aa:51:b0:01:40:0c:ee:1d:
                    f5:ec:c0:43:e7:42:c6:cd:78:3b:ee:8d:a6:13:30:
                    37:9f:46:57:0e:18:16:79:94:40:44:68:3f:5f:05:
                    f4:50:64:67:3e:8c:80:e7:b7:3b:b9:e2:f1:95:b7:
                    19:ca:7c:3a:2c:a0:8d:1b:ab:fb:6e:47:41:11:48:
                    e1:e6:70:58:8e:5f:96:3b:32:c8:30:ac:a3:ca:bb:
                    2b:78:50:6e:c6:aa:64:9b:19:e2:d2:41:e3:ca:8f:
                    61:86:50:18:16:8e:b6:43:09:1a:b7:9d:68:e0:1f:
                    b3:ea:2f:59:cd:9a:03:44:a6:b5:cc:cc:b0:a1:04:
                    26:57:18:0c:67:32:c8:21:08:94:37:32:41:26:7d:
                    e1:6c:5b:74:39:df:74:94:5b:46:2e:48:13:24:3b:
                    54:26:36:a4:f9:f0:57:82:78:73:2b:9b:d7:94:5e:
                    67:0b:20:9d:b8:0d:27:15:ba:68:0d:d7:4b:86:ef:
                    d8:9d:c4:56:1e:3f:bd:4e:d9:c2:ee:b1:84:d4:01:
                    10:7c:c4:37:2d:51:a7:47:61:cc:22:24:3f:61:f1:
                    d2:13:d1:6b:cd:19:44:57:58:76:5b:41:41:4a:0c:
                    e7:36:d0:14:24:5b:37:b7:8b:15:3b:c0:54:8b:4b:
                    4c:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:29:76:BF:F1:6D:F2:75:0E:A8:64:3F:CF:C7:B1:B5:AC:91:AB:38
            X509v3 Authority Key Identifier:
                keyid:F0:CD:2B:3B:9E:D8:31:26:D4:5D:BA:12:00:3D:6C:6E:35:A6:B3:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8M0rO57YMSbUXboSAD1sbjWms4A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/047982-37de-4e70-bebd-7c9e10517c25/1/8M0rO57YMSbUXboSAD1sbjWms4A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/047982-37de-4e70-bebd-7c9e10517c25/1/8M0rO57YMSbUXboSAD1sbjWms4A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:9a:e9:a0:d0:79:b1:c1:ed:3a:99:da:63:0b:ba:1a:e6:0a:
         1d:fe:60:7d:c7:07:a2:48:04:9c:fd:4a:40:ed:2a:d3:82:18:
         22:c6:bd:f4:36:4a:7f:9d:93:56:5a:c3:33:e9:89:3f:63:61:
         4e:4d:96:a9:fb:d4:65:ff:d7:38:c8:5f:57:37:91:55:90:a1:
         59:f1:36:04:fb:e0:46:49:85:7b:ad:d8:e4:66:45:9b:3b:ba:
         2e:a2:cc:88:cc:49:86:33:67:39:92:8e:e6:78:5d:a3:6d:3d:
         09:35:24:37:ff:65:0a:2c:bd:79:4c:80:b6:21:4f:9f:e5:3a:
         86:ff:70:8e:ab:8c:81:8c:6f:38:b4:c6:56:4a:a4:e7:b9:e9:
         47:4c:3c:f4:8d:73:91:5e:fc:39:f1:22:3d:45:10:b5:3b:c7:
         f5:b9:d3:36:2f:a9:c2:0c:32:ce:72:ca:f4:20:b4:d6:3d:19:
         37:bd:2b:24:e6:c1:31:28:02:58:e9:76:8f:ce:f3:75:15:ff:
         90:5b:e9:d7:2d:6d:3f:77:18:38:bf:fc:99:35:8b:7f:09:7b:
         02:8c:18:e0:98:b0:b0:fb:5f:e1:8a:53:00:4d:e1:8b:33:8a:
         d7:61:62:a6:4a:ab:27:08:69:f9:bb:7c:8c:5e:58:ca:0c:f6:
         fd:0b:67:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wINZt8uTxvDBUyIl64ArMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwY2QyYjNiOWVkODMxMjZkNDVkYmExMjAwM2Q2YzZlMzVh
NmIzODAwHhcNMjYwMzI5MDQwMDU2WhcNMjYwMzMwMDQwMDU2WjAzMTEwLwYDVQQD
EygxYTI5NzZiZmYxNmRmMjc1MGVhODY0M2ZjZmM3YjFiNWFjOTFhYjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlz/s6CwSqlGwAUAM7h317MBD50LG
zXg77o2mEzA3n0ZXDhgWeZRARGg/XwX0UGRnPoyA57c7ueLxlbcZynw6LKCNG6v7
bkdBEUjh5nBYjl+WOzLIMKyjyrsreFBuxqpkmxni0kHjyo9hhlAYFo62Qwkat51o
4B+z6i9ZzZoDRKa1zMywoQQmVxgMZzLIIQiUNzJBJn3hbFt0Od90lFtGLkgTJDtU
Jjak+fBXgnhzK5vXlF5nCyCduA0nFbpoDddLhu/YncRWHj+9TtnC7rGE1AEQfMQ3
LVGnR2HMIiQ/YfHSE9FrzRlEV1h2W0FBSgznNtAUJFs3t4sVO8BUi0tMsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBopdr/xbfJ1DqhkP8/HsbWskas4MB8GA1UdIwQY
MBaAFPDNKzue2DEm1F26EgA9bG41prOAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE0wck81N1lNU2JVWGJvU0FEMXNialdtczRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8wNDc5ODItMzdkZS00ZTcwLWJlYmQt
N2M5ZTEwNTE3YzI1LzEvOE0wck81N1lNU2JVWGJvU0FEMXNialdtczRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8wNDc5ODItMzdkZS00ZTcwLWJlYmQtN2M5ZTEwNTE3YzI1
LzEvOE0wck81N1lNU2JVWGJvU0FEMXNialdtczRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo5rpoNB5
scHtOpnaYwu6GuYKHf5gfccHokgEnP1KQO0q04IYIsa99DZKf52TVlrDM+mJP2Nh
Tk2WqfvUZf/XOMhfVzeRVZChWfE2BPvgRkmFe63Y5GZFmzu6LqLMiMxJhjNnOZKO
5nhdo209CTUkN/9lCiy9eUyAtiFPn+U6hv9wjquMgYxvOLTGVkqk57npR0w89I1z
kV78OfEiPUUQtTvH9bnTNi+pwgwyznLK9CC01j0ZN70rJObBMSgCWOl2j87zdRX/
kFvp1y1tP3cYOL/8mTWLfwl7AowY4JiwsPtf4YpTAE3hizOK12FipkqrJwhp+bt8
jF5Yygz2/Qtnlg==
-----END CERTIFICATE-----