Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
File:                     bP-QsXePU3Q_kng8rxdIouzWaKA.mft (raw, json)
Hash identifier:          dZZ3l8b63mnFA7JPbS0dX638cUitr1t6qAGCdKn95Ck=
Subject key identifier:   12:53:17:FD:55:38:B6:F8:34:26:9D:1B:1D:27:AA:E8:EE:6D:66:AC
Authority key identifier: 6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0
Certificate issuer:       /CN=6cff90b1778f53743f92783caf1748a2ecd668a0
Certificate serial:       019CAEDA4935E5CEF632A6B7B7374C18A835
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
Manifest number:          055C
Signing time:             Mon 02 Mar 2026 14:01:06 +0000
Manifest this update:     Mon 02 Mar 2026 14:01:06 +0000
Manifest next update:     Tue 03 Mar 2026 14:01:06 +0000
Files and hashes:         1: bP-QsXePU3Q_kng8rxdIouzWaKA.crl (hash: M3HLoxUQWaMTckLyh/RSyMgzPReCnnA/60KzbBZl8es=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 14:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ae:da:49:35:e5:ce:f6:32:a6:b7:b7:37:4c:18:a8:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cff90b1778f53743f92783caf1748a2ecd668a0
        Validity
            Not Before: Mar  2 14:01:06 2026 GMT
            Not After : Mar  3 14:01:06 2026 GMT
        Subject: CN=125317fd5538b6f834269d1b1d27aae8ee6d66ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:cf:a4:04:4e:ca:2e:66:73:cd:2c:f2:ef:28:
                    af:e0:2d:e2:02:c5:e4:99:d6:ec:61:c2:a6:38:17:
                    63:45:6a:c1:fe:0f:38:0e:36:96:24:1b:bc:74:70:
                    e4:62:9e:8c:02:ac:f6:e2:4b:e7:4a:27:f9:d1:d5:
                    36:f2:c5:44:9c:76:0b:c3:e3:da:09:f0:4b:ab:ee:
                    ee:fd:5c:de:aa:0d:8d:09:c8:9c:b4:60:9a:0c:d3:
                    5d:e5:8f:e4:68:16:01:af:11:dd:70:1b:e3:42:ac:
                    f6:52:ef:d6:e4:b3:9f:07:f9:46:10:4f:cc:b1:3e:
                    ca:0f:6e:c3:e0:86:4d:0e:d9:1b:f7:b0:85:d5:05:
                    a4:61:28:fe:56:55:53:41:a3:4d:be:6f:14:a8:3f:
                    ca:42:3f:d4:44:d1:2b:5f:75:99:35:18:35:32:b4:
                    d5:8e:f7:b5:79:13:d0:ba:71:64:1a:9c:13:32:95:
                    39:ee:1e:48:29:7b:e6:f8:29:62:98:5a:55:23:86:
                    8a:3e:8d:f3:3b:38:dd:3d:58:2d:cd:40:ef:e8:ed:
                    39:ff:d8:21:9e:08:c6:db:69:fd:5b:ef:3d:d5:b3:
                    4f:bd:f1:25:26:70:a3:9b:7b:c2:8e:12:04:96:ee:
                    72:32:71:0d:a3:4d:31:e6:01:e6:50:1b:cd:6e:b1:
                    47:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:53:17:FD:55:38:B6:F8:34:26:9D:1B:1D:27:AA:E8:EE:6D:66:AC
            X509v3 Authority Key Identifier:
                keyid:6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:a8:6e:52:a5:e7:58:4d:7c:1d:0e:16:41:6d:a5:be:a1:f5:
         80:8a:b9:9d:32:4f:dc:b7:ec:f3:da:14:a3:42:e3:4c:8a:74:
         7b:af:4e:78:86:7b:d7:40:74:db:ac:61:e2:73:47:48:b5:2c:
         35:0f:f1:1d:23:1a:71:d4:69:cb:a3:2d:9f:29:f0:8b:ac:de:
         81:de:02:c3:b1:bc:4b:a4:91:3b:fb:03:b6:ed:93:84:0d:8a:
         86:ea:6a:9d:37:25:6f:5e:68:9a:1d:49:e8:8b:2a:08:fb:0c:
         a7:6f:4f:a8:99:59:db:5e:6f:50:f7:7e:a1:12:c1:04:99:fe:
         24:5e:0c:1b:4a:5b:62:dd:85:a6:be:b1:f0:2c:61:5d:e1:ec:
         b6:40:c4:43:19:6e:c1:ff:6d:36:c4:61:b7:81:93:07:5d:a1:
         a8:c6:bb:a4:61:6f:ee:a7:28:31:58:9b:e7:e1:7c:d4:14:7a:
         17:06:31:fc:a4:4c:34:8d:b4:5c:32:b8:55:37:f9:9b:50:9b:
         07:93:5e:d6:a1:e4:09:fb:b7:c1:02:dc:b5:b4:53:77:02:d0:
         cf:c9:2a:fd:50:af:4c:80:14:92:f8:d3:1e:d7:08:65:6a:10:
         0b:58:3a:29:78:ca:bb:00:8b:94:61:4d:80:af:1d:4a:3f:de:
         a9:9c:0d:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyu2kk15c72Mqa3tzdMGKg1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZmY5MGIxNzc4ZjUzNzQzZjkyNzgzY2FmMTc0OGEyZWNk
NjY4YTAwHhcNMjYwMzAyMTQwMTA2WhcNMjYwMzAzMTQwMTA2WjAzMTEwLwYDVQQD
EygxMjUzMTdmZDU1MzhiNmY4MzQyNjlkMWIxZDI3YWFlOGVlNmQ2NmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmc+kBE7KLmZzzSzy7yiv4C3iAsXk
mdbsYcKmOBdjRWrB/g84DjaWJBu8dHDkYp6MAqz24kvnSif50dU28sVEnHYLw+Pa
CfBLq+7u/Vzeqg2NCcictGCaDNNd5Y/kaBYBrxHdcBvjQqz2Uu/W5LOfB/lGEE/M
sT7KD27D4IZNDtkb97CF1QWkYSj+VlVTQaNNvm8UqD/KQj/URNErX3WZNRg1MrTV
jve1eRPQunFkGpwTMpU57h5IKXvm+ClimFpVI4aKPo3zOzjdPVgtzUDv6O05/9gh
ngjG22n9W+891bNPvfElJnCjm3vCjhIElu5yMnENo00x5gHmUBvNbrFHowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBJTF/1VOLb4NCadGx0nqujubWasMB8GA1UdIwQY
MBaAFGz/kLF3j1N0P5J4PK8XSKLs1migMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTIt
N2RlZDRkNjFlOGQyLzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTItN2RlZDRkNjFlOGQy
LzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB6huUqXn
WE18HQ4WQW2lvqH1gIq5nTJP3Lfs89oUo0LjTIp0e69OeIZ710B026xh4nNHSLUs
NQ/xHSMacdRpy6Mtnynwi6zegd4Cw7G8S6SRO/sDtu2ThA2KhupqnTclb15omh1J
6IsqCPsMp29PqJlZ215vUPd+oRLBBJn+JF4MG0pbYt2Fpr6x8CxhXeHstkDEQxlu
wf9tNsRht4GTB12hqMa7pGFv7qcoMVib5+F81BR6FwYx/KRMNI20XDK4VTf5m1Cb
B5Ne1qHkCfu3wQLctbRTdwLQz8kq/VCvTIAUkvjTHtcIZWoQC1g6KXjKuwCLlGFN
gK8dSj/eqZwNxg==
-----END CERTIFICATE-----