Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft
File:                     MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft (raw, json)
Hash identifier:          ++8M8DmafGrhPs3xznrFWxSPUeLHGFYOLS48WH+w3MY=
Subject key identifier:   5F:36:7E:D0:7A:CF:DB:D2:00:B4:21:3A:87:66:43:87:1B:26:13:93
Authority key identifier: 31:3D:A1:93:57:CB:C6:7D:A7:D5:5F:A3:5A:AB:36:95:BC:04:D0:4F
Certificate issuer:       /CN=313da19357cbc67da7d55fa35aab3695bc04d04f
Certificate serial:       019D38661729CDE450011BEE65306A78D3B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MT2hk1fLxn2n1V-jWqs2lbwE0E8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft
Manifest number:          0BFE
Signing time:             Sun 29 Mar 2026 07:01:47 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:47 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:47 +0000
Files and hashes:         1: MT2hk1fLxn2n1V-jWqs2lbwE0E8.crl (hash: 0pOLRSHL8bbtcxQ7kgXnWFVMJ2ZndkZVAYSEDYCsYQM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MT2hk1fLxn2n1V-jWqs2lbwE0E8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:17:29:cd:e4:50:01:1b:ee:65:30:6a:78:d3:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=313da19357cbc67da7d55fa35aab3695bc04d04f
        Validity
            Not Before: Mar 29 07:01:47 2026 GMT
            Not After : Mar 30 07:01:47 2026 GMT
        Subject: CN=5f367ed07acfdbd200b4213a876643871b261393
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:d6:b6:72:a8:2d:f2:00:4d:3e:9d:4a:89:ea:
                    3f:c9:b8:4c:42:02:4b:49:38:c4:03:57:e0:45:69:
                    c1:ad:cf:54:b3:17:4e:0b:62:09:46:96:18:64:f1:
                    59:18:e2:73:02:20:ad:f8:4a:e0:e9:af:48:07:1e:
                    ed:60:61:9d:d2:76:1a:8d:14:32:94:f1:74:ad:eb:
                    13:eb:ae:f2:41:2e:fe:f3:b2:6f:b1:2d:2a:4f:42:
                    17:8d:7e:1a:f2:10:4a:fa:10:29:c9:43:9c:d4:71:
                    1e:33:4c:41:85:01:ea:ff:58:8d:17:62:ab:e5:a7:
                    38:87:61:58:af:25:cc:5f:70:d4:c5:8c:1f:0c:59:
                    0e:96:40:ac:d4:6c:93:f3:b3:6f:f2:1b:79:47:b9:
                    66:6b:7b:f4:1d:08:ce:6c:3c:90:c4:3c:a8:f5:1a:
                    e0:51:12:07:f0:96:29:dc:46:65:48:39:bc:47:05:
                    ba:69:ee:4d:60:93:29:4a:06:7c:5a:cf:83:f9:89:
                    37:6d:79:63:aa:e9:51:08:83:e1:d7:da:19:cd:c9:
                    f4:ca:dd:14:c6:14:0a:a1:18:b2:c5:f2:2d:b7:8c:
                    0b:90:43:16:06:84:3d:b9:3a:98:c9:1b:9b:bf:03:
                    64:4c:44:f8:44:8e:14:a0:a0:05:fe:4f:90:53:31:
                    7e:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:36:7E:D0:7A:CF:DB:D2:00:B4:21:3A:87:66:43:87:1B:26:13:93
            X509v3 Authority Key Identifier:
                keyid:31:3D:A1:93:57:CB:C6:7D:A7:D5:5F:A3:5A:AB:36:95:BC:04:D0:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MT2hk1fLxn2n1V-jWqs2lbwE0E8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:c1:86:2d:ba:3c:e0:f5:b0:39:cb:8c:98:57:5b:a8:96:73:
         0d:e1:9b:7c:0b:8d:12:98:91:36:71:14:ff:1a:29:18:3e:92:
         47:b4:bd:8b:e5:a2:70:4d:bb:18:56:98:3f:9c:c8:81:b6:80:
         02:bc:1c:ff:8a:2c:0f:7f:6b:89:53:4a:b0:95:c5:73:4c:bf:
         00:29:c0:f5:30:14:ee:2e:52:1e:01:d8:b1:64:82:a1:23:92:
         59:2e:5b:ee:54:a3:d6:2f:7f:8c:19:d0:b3:7d:d2:a4:15:47:
         40:e9:f7:88:5b:e7:c8:a5:4a:cd:3c:5b:df:34:10:10:c6:25:
         b2:e6:ff:95:be:40:d4:d7:9f:87:34:59:32:0a:23:45:9b:97:
         35:b9:4d:90:78:94:a0:61:24:db:4a:09:22:af:89:25:df:31:
         5f:0e:96:37:97:87:34:0d:0a:65:e2:e0:57:c3:cd:50:50:ac:
         6f:43:43:3c:f3:10:69:d2:8d:ff:84:a8:48:18:5a:8f:c9:cf:
         47:1e:13:ba:67:fd:ba:83:89:7a:55:20:2b:d0:f3:3b:27:27:
         9d:a2:72:50:92:e0:74:c4:89:79:6a:65:e2:5e:0e:35:64:1a:
         87:b4:c3:82:53:18:a0:8f:42:47:22:08:48:47:b7:44:c4:49:
         ae:eb:80:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZhcpzeRQARvuZTBqeNO1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxM2RhMTkzNTdjYmM2N2RhN2Q1NWZhMzVhYWIzNjk1YmMw
NGQwNGYwHhcNMjYwMzI5MDcwMTQ3WhcNMjYwMzMwMDcwMTQ3WjAzMTEwLwYDVQQD
Eyg1ZjM2N2VkMDdhY2ZkYmQyMDBiNDIxM2E4NzY2NDM4NzFiMjYxMzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlta2cqgt8gBNPp1Kieo/ybhMQgJL
STjEA1fgRWnBrc9UsxdOC2IJRpYYZPFZGOJzAiCt+Erg6a9IBx7tYGGd0nYajRQy
lPF0resT667yQS7+87JvsS0qT0IXjX4a8hBK+hApyUOc1HEeM0xBhQHq/1iNF2Kr
5ac4h2FYryXMX3DUxYwfDFkOlkCs1GyT87Nv8ht5R7lma3v0HQjObDyQxDyo9Rrg
URIH8JYp3EZlSDm8RwW6ae5NYJMpSgZ8Ws+D+Yk3bXljqulRCIPh19oZzcn0yt0U
xhQKoRiyxfItt4wLkEMWBoQ9uTqYyRubvwNkTET4RI4UoKAF/k+QUzF+zwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF82ftB6z9vSALQhOodmQ4cbJhOTMB8GA1UdIwQY
MBaAFDE9oZNXy8Z9p9Vfo1qrNpW8BNBPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVQyaGsxZkx4bjJuMVYtaldxczJsYndFMEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8wNjNiYzMtOGM3Ni00NzVlLWI5ZjEt
ZjBiYmJlYmJkNmE5LzEvTVQyaGsxZkx4bjJuMVYtaldxczJsYndFMEU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8wNjNiYzMtOGM3Ni00NzVlLWI5ZjEtZjBiYmJlYmJkNmE5
LzEvTVQyaGsxZkx4bjJuMVYtaldxczJsYndFMEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqcGGLbo8
4PWwOcuMmFdbqJZzDeGbfAuNEpiRNnEU/xopGD6SR7S9i+WicE27GFaYP5zIgbaA
Arwc/4osD39riVNKsJXFc0y/ACnA9TAU7i5SHgHYsWSCoSOSWS5b7lSj1i9/jBnQ
s33SpBVHQOn3iFvnyKVKzTxb3zQQEMYlsub/lb5A1NefhzRZMgojRZuXNblNkHiU
oGEk20oJIq+JJd8xXw6WN5eHNA0KZeLgV8PNUFCsb0NDPPMQadKN/4SoSBhaj8nP
Rx4Tumf9uoOJelUgK9DzOycnnaJyUJLgdMSJeWpl4l4ONWQah7TDglMYoI9CRyII
SEe3RMRJruuAEQ==
-----END CERTIFICATE-----