Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/7f52d8-c2ca-4a7f-bd63-fba565238129/1/biYdnc3dmGfliSrRpNII32lTEXc.mft
File:                     biYdnc3dmGfliSrRpNII32lTEXc.mft (raw, json)
Hash identifier:          5t6osidFUd3DHcvbvSrLUHFC5UFr3XqXqXcHBMwYBG0=
Subject key identifier:   38:3D:48:54:A9:B7:90:3D:91:A5:CC:D8:5B:2E:AE:F7:65:84:D8:1E
Authority key identifier: 6E:26:1D:9D:CD:DD:98:67:E5:89:2A:D1:A4:D2:08:DF:69:53:11:77
Certificate issuer:       /CN=6e261d9dcddd9867e5892ad1a4d208df69531177
Certificate serial:       019D38665092F5D1C877D0346AF85997F039
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/biYdnc3dmGfliSrRpNII32lTEXc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/7f52d8-c2ca-4a7f-bd63-fba565238129/1/biYdnc3dmGfliSrRpNII32lTEXc.mft
Manifest number:          10EB
Signing time:             Sun 29 Mar 2026 07:02:02 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:02 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:02 +0000
Files and hashes:         1: biYdnc3dmGfliSrRpNII32lTEXc.crl (hash: alzJURGZwlLvgONOC9BahmJyt0WNuln834RaEPFZDj0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/7f52d8-c2ca-4a7f-bd63-fba565238129/1/biYdnc3dmGfliSrRpNII32lTEXc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/7f52d8-c2ca-4a7f-bd63-fba565238129/1/biYdnc3dmGfliSrRpNII32lTEXc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/biYdnc3dmGfliSrRpNII32lTEXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:50:92:f5:d1:c8:77:d0:34:6a:f8:59:97:f0:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e261d9dcddd9867e5892ad1a4d208df69531177
        Validity
            Not Before: Mar 29 07:02:02 2026 GMT
            Not After : Mar 30 07:02:02 2026 GMT
        Subject: CN=383d4854a9b7903d91a5ccd85b2eaef76584d81e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:98:a6:eb:2f:13:63:9f:c5:b2:67:f3:84:ca:
                    07:3d:51:73:db:5c:5e:a2:df:6d:74:78:e4:eb:61:
                    33:e8:29:a5:4a:55:d2:a8:b2:f3:01:d4:24:1e:39:
                    41:c7:d6:8a:0c:7d:4d:3a:c8:d5:07:e6:a2:4b:ee:
                    a8:4f:e8:a0:39:dd:ea:33:d2:3c:fc:e7:e2:43:93:
                    ec:b5:f6:15:b7:aa:86:4b:0e:f7:62:1f:b2:e5:50:
                    c6:5d:37:87:06:59:79:df:df:7b:52:e2:bb:00:3e:
                    8a:a4:ec:ce:6e:2a:e6:08:60:fb:43:50:0d:6f:9b:
                    3b:bc:e5:45:38:39:10:59:12:3a:41:4b:25:95:13:
                    4f:26:fe:e9:57:48:c6:69:4f:32:04:93:8f:58:12:
                    e9:0c:32:4d:7a:6d:11:e9:30:10:5f:a4:83:65:24:
                    e3:bd:a3:04:0c:4a:67:c2:80:38:6c:11:e9:9d:b9:
                    f3:cd:91:c2:79:80:8e:78:ea:84:56:d6:b1:ca:45:
                    85:b3:f0:c4:a3:4f:bd:88:3b:42:1f:82:62:b8:72:
                    b9:f3:8c:bf:a9:e3:d3:37:0a:69:fb:60:f5:25:39:
                    b9:a5:33:5f:1c:e5:f9:09:74:eb:3f:23:51:42:bc:
                    11:7c:fb:a0:d9:6a:5b:a0:fc:24:b2:c8:2b:fe:50:
                    0e:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:3D:48:54:A9:B7:90:3D:91:A5:CC:D8:5B:2E:AE:F7:65:84:D8:1E
            X509v3 Authority Key Identifier:
                keyid:6E:26:1D:9D:CD:DD:98:67:E5:89:2A:D1:A4:D2:08:DF:69:53:11:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/biYdnc3dmGfliSrRpNII32lTEXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/7f52d8-c2ca-4a7f-bd63-fba565238129/1/biYdnc3dmGfliSrRpNII32lTEXc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/7f52d8-c2ca-4a7f-bd63-fba565238129/1/biYdnc3dmGfliSrRpNII32lTEXc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d0:f5:64:46:51:36:6d:e0:9c:56:bf:b7:9a:a7:76:25:d5:54:
         c3:bc:2e:b3:98:1b:c3:06:7d:0c:e4:b9:34:90:f6:be:ce:66:
         0b:68:42:bf:0a:ad:75:c1:8a:35:3a:3b:36:e1:cd:01:a7:79:
         4c:3b:93:c8:06:d3:98:07:6c:41:78:a9:0c:f5:8b:f5:a1:79:
         95:f5:d0:e2:49:73:9b:65:c3:12:66:32:a5:79:3c:1c:c6:76:
         79:7c:0d:1c:e1:81:13:f3:1f:32:42:46:c1:1e:15:a4:26:54:
         84:97:87:dc:08:36:df:4a:d4:05:0f:a7:a3:8b:19:62:06:08:
         e6:e9:55:86:be:16:f7:82:04:b4:79:1d:a4:4c:9d:f7:02:24:
         f0:e4:a4:a3:1e:33:a4:df:f3:77:8d:19:9f:af:05:57:b7:cd:
         10:3a:04:bf:59:92:12:f1:b1:5b:ab:eb:d4:20:29:86:af:a6:
         7b:9a:b5:1a:11:d6:a2:21:8b:c9:7f:d0:81:f0:a9:ee:86:d2:
         4c:d1:5c:f4:a7:ec:61:50:95:f0:89:49:32:00:af:c1:e2:77:
         33:d1:c1:39:35:d0:52:35:b7:f5:bf:2e:dc:78:98:e4:1f:cb:
         e4:f8:32:f3:19:36:d9:58:82:55:52:8d:6e:8b:27:0e:fd:09:
         ff:66:1a:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZlCS9dHId9A0avhZl/A5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlMjYxZDlkY2RkZDk4NjdlNTg5MmFkMWE0ZDIwOGRmNjk1
MzExNzcwHhcNMjYwMzI5MDcwMjAyWhcNMjYwMzMwMDcwMjAyWjAzMTEwLwYDVQQD
EygzODNkNDg1NGE5Yjc5MDNkOTFhNWNjZDg1YjJlYWVmNzY1ODRkODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5im6y8TY5/FsmfzhMoHPVFz21xe
ot9tdHjk62Ez6CmlSlXSqLLzAdQkHjlBx9aKDH1NOsjVB+aiS+6oT+igOd3qM9I8
/OfiQ5PstfYVt6qGSw73Yh+y5VDGXTeHBll53997UuK7AD6KpOzObirmCGD7Q1AN
b5s7vOVFODkQWRI6QUsllRNPJv7pV0jGaU8yBJOPWBLpDDJNem0R6TAQX6SDZSTj
vaMEDEpnwoA4bBHpnbnzzZHCeYCOeOqEVtaxykWFs/DEo0+9iDtCH4JiuHK584y/
qePTNwpp+2D1JTm5pTNfHOX5CXTrPyNRQrwRfPug2WpboPwkssgr/lAOIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDg9SFSpt5A9kaXM2FsurvdlhNgeMB8GA1UdIwQY
MBaAFG4mHZ3N3Zhn5Ykq0aTSCN9pUxF3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmlZZG5jM2RtR2ZsaVNyUnBOSUkzMmxURVhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi83ZjUyZDgtYzJjYS00YTdmLWJkNjMt
ZmJhNTY1MjM4MTI5LzEvYmlZZG5jM2RtR2ZsaVNyUnBOSUkzMmxURVhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi83ZjUyZDgtYzJjYS00YTdmLWJkNjMtZmJhNTY1MjM4MTI5
LzEvYmlZZG5jM2RtR2ZsaVNyUnBOSUkzMmxURVhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0PVkRlE2
beCcVr+3mqd2JdVUw7wus5gbwwZ9DOS5NJD2vs5mC2hCvwqtdcGKNTo7NuHNAad5
TDuTyAbTmAdsQXipDPWL9aF5lfXQ4klzm2XDEmYypXk8HMZ2eXwNHOGBE/MfMkJG
wR4VpCZUhJeH3Ag230rUBQ+no4sZYgYI5ulVhr4W94IEtHkdpEyd9wIk8OSkox4z
pN/zd40Zn68FV7fNEDoEv1mSEvGxW6vr1CAphq+me5q1GhHWoiGLyX/QgfCp7obS
TNFc9KfsYVCV8IlJMgCvweJ3M9HBOTXQUjW39b8u3HiY5B/L5Pgy8xk22ViCVVKN
bosnDv0J/2YaOQ==
-----END CERTIFICATE-----