Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
File:                     2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft (raw, json)
Hash identifier:          hWU0K1VnGDJeAfN1FigpeB3r19Mau0KT4gtiouUIcA8=
Subject key identifier:   FF:39:50:81:92:76:6E:91:92:CC:00:5D:B2:8E:0A:23:B2:BB:E7:F0
Authority key identifier: D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53
Certificate issuer:       /CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753
Certificate serial:       019D394187FCF640EFEE3A4B509044F18376
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
Manifest number:          0699
Signing time:             Sun 29 Mar 2026 11:01:29 +0000
Manifest this update:     Sun 29 Mar 2026 11:01:29 +0000
Manifest next update:     Mon 30 Mar 2026 11:01:29 +0000
Files and hashes:         1: 2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl (hash: jAa96nWcB+xqnN514hyP8eyZIL2EK8iI+LjF9U3HFdg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:41:87:fc:f6:40:ef:ee:3a:4b:50:90:44:f1:83:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d811dd22f7eaf272bc4bf3ebb152d364bb4d9753
        Validity
            Not Before: Mar 29 11:01:29 2026 GMT
            Not After : Mar 30 11:01:29 2026 GMT
        Subject: CN=ff39508192766e9192cc005db28e0a23b2bbe7f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:e3:a1:54:51:f4:f6:23:8b:51:6d:06:9a:d0:
                    5a:fe:d8:d9:d9:95:13:53:71:da:c1:74:3e:00:88:
                    68:c1:ae:26:be:ef:20:26:6d:ec:3a:79:50:b2:2c:
                    96:be:98:c7:15:07:15:fc:d9:3e:73:27:7a:11:fa:
                    52:52:82:6b:c9:40:d5:13:94:01:0e:69:a1:b7:05:
                    69:f0:59:be:01:03:95:1e:9b:6b:2d:a4:b3:f4:72:
                    ea:22:bd:53:99:f6:6d:96:1f:ee:13:9e:85:9b:82:
                    07:d8:4a:d0:54:b7:37:19:84:54:8b:79:b7:cd:ad:
                    61:7b:22:5a:b2:f8:ef:b6:6c:35:13:10:09:a6:c6:
                    6f:04:e9:1e:05:a7:be:c3:39:93:a6:bf:c3:ca:dd:
                    2b:75:09:3b:63:18:25:a1:6b:e6:6f:22:ec:56:84:
                    6c:6c:06:97:53:c2:ee:9f:20:82:cb:5d:b9:5c:14:
                    b9:30:b6:df:f9:8e:41:47:61:21:d1:03:92:6f:56:
                    1f:e0:c9:0d:54:01:5e:b1:73:af:f3:b4:a4:70:fc:
                    30:7c:9f:00:a7:1c:0e:57:40:f8:c2:07:50:6c:d1:
                    e7:23:14:df:c4:32:bc:b1:f6:42:b8:9d:9e:3f:0f:
                    c0:bd:61:81:d9:b3:4f:05:46:a5:25:24:17:67:92:
                    d6:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:39:50:81:92:76:6E:91:92:CC:00:5D:B2:8E:0A:23:B2:BB:E7:F0
            X509v3 Authority Key Identifier:
                keyid:D8:11:DD:22:F7:EA:F2:72:BC:4B:F3:EB:B1:52:D3:64:BB:4D:97:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BHdIvfq8nK8S_PrsVLTZLtNl1M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4762c6-5eaf-4e7c-a824-f70adf1dc0fe/1/2BHdIvfq8nK8S_PrsVLTZLtNl1M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:bf:f1:1a:94:38:0c:20:50:37:df:ff:d8:96:de:e8:ba:06:
         d9:76:59:31:14:71:1c:38:6c:dd:45:9e:b1:3a:96:ab:58:56:
         45:97:9a:ba:c2:f7:33:c0:6a:35:e7:f0:2d:fb:7f:c3:76:04:
         37:f5:37:7e:50:ec:20:fb:d2:6b:d1:a3:90:78:4b:ca:d9:6b:
         5b:6f:ee:98:a4:aa:c2:9d:7c:26:03:75:3f:2b:8b:b6:7b:e1:
         44:43:c0:cc:a3:e3:a7:c6:69:54:bc:77:19:e7:1b:d4:81:ea:
         49:77:1d:a1:3d:f8:c0:ed:e2:d9:cd:85:20:c1:97:94:a0:0e:
         9a:bd:e3:e1:97:92:32:37:f0:02:6b:93:bb:3f:87:b5:f2:e5:
         a2:d9:eb:fd:23:aa:f2:d6:b7:72:9a:13:d4:63:27:f1:99:3c:
         68:65:8b:95:a8:4a:34:6e:be:b8:8a:4b:b5:ce:54:f1:4c:42:
         45:c6:38:98:17:25:c5:a4:c1:c9:2b:52:c4:f1:2c:b8:fe:4c:
         a3:93:7b:af:69:b3:61:5d:0f:63:dd:dc:f2:5a:dc:a6:e1:68:
         f9:d6:65:91:cf:97:a3:9c:73:e4:a5:5f:e4:29:24:cc:5b:1d:
         93:89:e9:6c:1a:cd:65:29:47:8b:0b:a4:a5:de:ff:46:06:df:
         79:a1:ef:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QYf89kDv7jpLUJBE8YN2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MTFkZDIyZjdlYWYyNzJiYzRiZjNlYmIxNTJkMzY0YmI0
ZDk3NTMwHhcNMjYwMzI5MTEwMTI5WhcNMjYwMzMwMTEwMTI5WjAzMTEwLwYDVQQD
EyhmZjM5NTA4MTkyNzY2ZTkxOTJjYzAwNWRiMjhlMGEyM2IyYmJlN2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+OhVFH09iOLUW0GmtBa/tjZ2ZUT
U3HawXQ+AIhowa4mvu8gJm3sOnlQsiyWvpjHFQcV/Nk+cyd6EfpSUoJryUDVE5QB
DmmhtwVp8Fm+AQOVHptrLaSz9HLqIr1TmfZtlh/uE56Fm4IH2ErQVLc3GYRUi3m3
za1heyJasvjvtmw1ExAJpsZvBOkeBae+wzmTpr/Dyt0rdQk7YxgloWvmbyLsVoRs
bAaXU8LunyCCy125XBS5MLbf+Y5BR2Eh0QOSb1Yf4MkNVAFesXOv87SkcPwwfJ8A
pxwOV0D4wgdQbNHnIxTfxDK8sfZCuJ2ePw/AvWGB2bNPBUalJSQXZ5LWAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP85UIGSdm6RkswAXbKOCiOyu+fwMB8GA1UdIwQY
MBaAFNgR3SL36vJyvEvz67FS02S7TZdTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQt
ZjcwYWRmMWRjMGZlLzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80NzYyYzYtNWVhZi00ZTdjLWE4MjQtZjcwYWRmMWRjMGZl
LzEvMkJIZEl2ZnE4bks4U19QcnNWTFRaTHRObDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYL/xGpQ4
DCBQN9//2Jbe6LoG2XZZMRRxHDhs3UWesTqWq1hWRZeausL3M8BqNefwLft/w3YE
N/U3flDsIPvSa9GjkHhLytlrW2/umKSqwp18JgN1PyuLtnvhREPAzKPjp8ZpVLx3
Gecb1IHqSXcdoT34wO3i2c2FIMGXlKAOmr3j4ZeSMjfwAmuTuz+HtfLlotnr/SOq
8ta3cpoT1GMn8Zk8aGWLlahKNG6+uIpLtc5U8UxCRcY4mBclxaTByStSxPEsuP5M
o5N7r2mzYV0PY93c8lrcpuFo+dZlkc+Xo5xz5KVf5CkkzFsdk4npbBrNZSlHiwuk
pd7/RgbfeaHvmg==
-----END CERTIFICATE-----