Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.mft
File:                     bdEoKnfiVmUBaNLlZWrvzprWouw.mft (raw, json)
Hash identifier:          eXsX9rlNVWpr8oNdH8L/3JAQyRTlugng+Q16dMtEcqY=
Subject key identifier:   33:B1:0E:9E:74:B5:E9:98:2A:CB:1B:A3:7F:EE:4B:7D:69:F1:51:D6
Authority key identifier: 6D:D1:28:2A:77:E2:56:65:01:68:D2:E5:65:6A:EF:CE:9A:D6:A2:EC
Certificate issuer:       /CN=6dd1282a77e256650168d2e5656aefce9ad6a2ec
Certificate serial:       019D389C448F1E3407F0F1DBA00BF37C2E0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bdEoKnfiVmUBaNLlZWrvzprWouw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.mft
Manifest number:          06C3
Signing time:             Sun 29 Mar 2026 08:00:58 +0000
Manifest this update:     Sun 29 Mar 2026 08:00:58 +0000
Manifest next update:     Mon 30 Mar 2026 08:00:58 +0000
Files and hashes:         1: bdEoKnfiVmUBaNLlZWrvzprWouw.crl (hash: KfCN7RdQuN8y7NTafjOhmIWDhZtyKFsuHNi8cLTsXo8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bdEoKnfiVmUBaNLlZWrvzprWouw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9c:44:8f:1e:34:07:f0:f1:db:a0:0b:f3:7c:2e:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6dd1282a77e256650168d2e5656aefce9ad6a2ec
        Validity
            Not Before: Mar 29 08:00:58 2026 GMT
            Not After : Mar 30 08:00:58 2026 GMT
        Subject: CN=33b10e9e74b5e9982acb1ba37fee4b7d69f151d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:05:8e:93:69:df:ed:9f:54:2e:a0:d9:cd:1a:
                    ef:8d:31:0d:d7:59:8e:7c:2b:cb:8d:e9:2c:9d:45:
                    e0:48:42:8e:49:30:42:f0:62:d0:de:20:47:df:21:
                    19:22:5b:20:a1:ee:f6:63:8e:72:8f:15:b1:b1:80:
                    ce:bf:13:9d:6e:e3:08:99:e8:97:c9:f4:c7:81:31:
                    4f:f3:d8:e5:63:18:b6:32:c3:6b:49:fc:17:03:f0:
                    65:21:67:e8:19:42:14:79:9c:2c:1e:66:12:84:8d:
                    00:ac:2c:76:a3:0b:ac:08:7f:df:96:5a:68:b9:7a:
                    25:d1:c3:63:04:75:b1:b9:7b:ef:35:0b:5b:f5:8a:
                    7e:a6:5c:14:bd:29:94:d5:4c:f4:2d:e8:0d:30:b9:
                    1c:2f:98:d2:36:de:91:17:d1:2b:14:50:d7:0b:ed:
                    fb:6e:c0:b5:d1:b0:24:4b:2f:77:76:7d:38:95:43:
                    49:ab:55:41:15:83:7b:7b:0f:6e:29:f2:95:17:17:
                    0f:56:9a:5d:88:12:b3:ce:5b:5f:56:64:80:08:ba:
                    7c:fb:95:db:55:cf:23:74:f2:b6:74:8f:a3:47:56:
                    5f:2d:7c:f4:4e:9d:4e:38:c5:82:19:ed:b8:be:ce:
                    59:f0:fb:4c:d7:c3:63:a9:a6:6d:8b:27:b5:48:33:
                    e1:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:B1:0E:9E:74:B5:E9:98:2A:CB:1B:A3:7F:EE:4B:7D:69:F1:51:D6
            X509v3 Authority Key Identifier:
                keyid:6D:D1:28:2A:77:E2:56:65:01:68:D2:E5:65:6A:EF:CE:9A:D6:A2:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bdEoKnfiVmUBaNLlZWrvzprWouw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:ae:5a:23:11:7c:0f:ac:f4:01:a5:1f:41:59:e1:14:5e:5a:
         71:13:61:52:d8:05:16:8f:0d:e1:40:e2:cc:1c:b6:e0:76:96:
         38:37:d1:da:4c:d4:be:95:68:17:d2:ec:26:ad:ab:ce:fe:14:
         84:fb:62:41:5a:66:2e:71:94:9b:cd:66:bf:82:ba:5e:60:ae:
         e9:d4:f4:94:58:ec:08:b4:ec:68:74:7c:61:79:4a:8d:7c:56:
         13:25:77:c5:54:77:2b:af:d7:16:a5:04:27:bb:57:85:5d:b3:
         62:d2:44:f9:bf:57:ef:89:30:5f:72:53:bc:60:73:a7:2e:0f:
         a2:84:e0:a1:26:f4:d4:71:60:28:ad:9a:4c:d5:63:db:c3:56:
         aa:3b:05:ac:e2:6e:4c:c6:bf:71:dd:a2:5f:00:db:3d:ac:ec:
         11:2e:44:31:c1:9b:17:ca:5c:20:41:6f:03:07:65:1c:fe:d8:
         5a:79:2d:d5:eb:b1:a2:22:05:2a:2d:e9:b2:90:5a:8e:54:d7:
         a8:ed:85:b6:30:c4:e2:ea:54:34:5d:ad:bb:6e:22:51:58:03:
         c6:88:b9:32:8f:98:0c:c8:53:f7:b7:f6:e9:de:6f:65:36:c5:
         53:74:66:a5:cd:22:a3:1d:06:45:fd:3f:39:b0:39:e6:70:49:
         ba:4c:8b:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nESPHjQH8PHboAvzfC4KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZDEyODJhNzdlMjU2NjUwMTY4ZDJlNTY1NmFlZmNlOWFk
NmEyZWMwHhcNMjYwMzI5MDgwMDU4WhcNMjYwMzMwMDgwMDU4WjAzMTEwLwYDVQQD
EygzM2IxMGU5ZTc0YjVlOTk4MmFjYjFiYTM3ZmVlNGI3ZDY5ZjE1MWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1QWOk2nf7Z9ULqDZzRrvjTEN11mO
fCvLjeksnUXgSEKOSTBC8GLQ3iBH3yEZIlsgoe72Y45yjxWxsYDOvxOdbuMImeiX
yfTHgTFP89jlYxi2MsNrSfwXA/BlIWfoGUIUeZwsHmYShI0ArCx2owusCH/fllpo
uXol0cNjBHWxuXvvNQtb9Yp+plwUvSmU1Uz0LegNMLkcL5jSNt6RF9ErFFDXC+37
bsC10bAkSy93dn04lUNJq1VBFYN7ew9uKfKVFxcPVppdiBKzzltfVmSACLp8+5Xb
Vc8jdPK2dI+jR1ZfLXz0Tp1OOMWCGe24vs5Z8PtM18NjqaZtiye1SDPhtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDOxDp50temYKssbo3/uS31p8VHWMB8GA1UdIwQY
MBaAFG3RKCp34lZlAWjS5WVq786a1qLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRFb0tuZmlWbVVCYU5MbFpXcnZ6cHJXb3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9hNzczYjEtNWYzNi00ZTgwLWEzOTgt
ZTAyMzNiN2M2MGFhLzEvYmRFb0tuZmlWbVVCYU5MbFpXcnZ6cHJXb3V3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9hNzczYjEtNWYzNi00ZTgwLWEzOTgtZTAyMzNiN2M2MGFh
LzEvYmRFb0tuZmlWbVVCYU5MbFpXcnZ6cHJXb3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeK5aIxF8
D6z0AaUfQVnhFF5acRNhUtgFFo8N4UDizBy24HaWODfR2kzUvpVoF9LsJq2rzv4U
hPtiQVpmLnGUm81mv4K6XmCu6dT0lFjsCLTsaHR8YXlKjXxWEyV3xVR3K6/XFqUE
J7tXhV2zYtJE+b9X74kwX3JTvGBzpy4PooTgoSb01HFgKK2aTNVj28NWqjsFrOJu
TMa/cd2iXwDbPazsES5EMcGbF8pcIEFvAwdlHP7YWnkt1euxoiIFKi3pspBajlTX
qO2FtjDE4upUNF2tu24iUVgDxoi5Mo+YDMhT97f26d5vZTbFU3Rmpc0iox0GRf0/
ObA55nBJukyLwg==
-----END CERTIFICATE-----