Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
File:                     9bMQ6dROhHDWzYAJWQZssA8pHvo.mft (raw, json)
Hash identifier:          BBqBGQMLurQSntbHi9bZLK8ybzENsQT5djiozLd7Dxg=
Subject key identifier:   56:A3:DB:F1:F1:2A:15:C5:6D:2F:52:48:12:CB:C4:3F:4F:D8:B0:0F
Authority key identifier: F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA
Certificate issuer:       /CN=f5b310e9d44e8470d6cd800959066cb00f291efa
Certificate serial:       019CAB6AE120B60FA6B540F1BC226E377641
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
Manifest number:          12AA
Signing time:             Sun 01 Mar 2026 22:00:34 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:34 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:34 +0000
Files and hashes:         1: 9bMQ6dROhHDWzYAJWQZssA8pHvo.crl (hash: Ad9kLBMsKXSOMH14z9RiZXFvRljAxrOrD0pZfyPbqHs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6a:e1:20:b6:0f:a6:b5:40:f1:bc:22:6e:37:76:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5b310e9d44e8470d6cd800959066cb00f291efa
        Validity
            Not Before: Mar  1 22:00:34 2026 GMT
            Not After : Mar  2 22:00:34 2026 GMT
        Subject: CN=56a3dbf1f12a15c56d2f524812cbc43f4fd8b00f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:b3:a9:df:44:61:d0:df:47:d1:14:87:b9:0d:
                    d8:ef:b9:d2:f6:d8:fc:f1:41:6a:e9:d9:81:72:77:
                    e2:74:0f:49:55:66:5e:63:4b:61:f8:64:1d:13:eb:
                    9c:ea:e6:a7:0d:49:11:6b:75:d5:4e:78:6a:81:b3:
                    09:e2:25:48:00:69:35:52:0b:e5:4c:2c:94:f8:96:
                    af:c2:2b:c7:8b:89:cc:0f:99:47:3f:14:7c:c4:5e:
                    6e:a1:92:e9:da:4e:b0:9d:9a:d4:34:59:2c:70:34:
                    7f:93:d9:3a:3c:7d:83:c6:49:3b:4b:84:bb:25:84:
                    d5:e6:42:64:c3:5e:b3:02:cc:28:cf:34:8a:04:c0:
                    34:36:57:75:ae:b3:c3:d7:69:b3:ea:8c:a8:3f:1f:
                    34:d3:a2:3a:e4:82:15:2b:a3:ca:5b:53:42:d1:5b:
                    71:96:8c:4a:77:e5:a1:5f:ad:18:ca:0a:ee:9c:6a:
                    96:80:54:96:2a:70:b4:98:67:80:87:5b:79:68:34:
                    5a:1f:38:9a:9e:dd:d5:bd:c5:ab:9b:41:37:a8:93:
                    e2:06:d3:51:bc:6a:99:85:45:59:06:fb:02:61:ce:
                    c8:2b:a7:e8:3a:b1:d3:b4:ff:b5:fd:04:e9:7a:84:
                    2e:de:c9:86:b3:39:9a:de:20:b0:81:fd:36:7d:d4:
                    b4:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:A3:DB:F1:F1:2A:15:C5:6D:2F:52:48:12:CB:C4:3F:4F:D8:B0:0F
            X509v3 Authority Key Identifier:
                keyid:F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:d4:74:73:14:07:a1:9f:6b:07:70:24:d1:b8:f0:0a:aa:9c:
         58:3c:ac:48:d0:7f:e3:0c:3c:47:85:7d:38:39:66:28:3c:65:
         25:d4:aa:56:e2:ec:3f:9b:6c:35:d5:d6:6d:0e:58:91:b3:e6:
         62:9e:d3:72:76:07:1d:ca:2b:27:fe:26:d7:54:09:b4:bc:af:
         a8:62:87:4a:39:3f:be:2d:f5:7b:47:0f:03:a3:20:ff:f6:18:
         e6:e4:77:fd:8a:c0:dc:1a:cb:54:11:a0:91:2a:03:79:c8:5c:
         e3:35:d5:80:72:c6:7e:fe:f3:9e:1e:19:1e:77:0e:31:4a:73:
         3b:53:64:f3:33:92:db:f0:00:dd:bb:a7:c6:c6:34:e9:c3:8a:
         7c:f5:39:44:10:b0:d6:b0:7c:db:c3:78:66:4a:db:42:34:ae:
         12:98:af:b7:b7:db:b4:14:b6:27:60:e7:f5:e2:94:e2:75:ce:
         f6:ca:cb:52:33:0a:1e:64:b8:0b:dd:8f:a8:3d:c4:f9:5e:2d:
         c8:24:48:4f:9e:bd:d3:7d:8f:d9:e0:42:30:34:16:83:a0:06:
         04:2b:19:ff:f8:57:5d:a1:58:93:48:2e:1b:a8:8f:41:95:1a:
         de:84:39:a1:d7:38:4f:ff:f0:35:cb:fa:e3:0b:b7:bc:99:96:
         99:f4:9c:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrauEgtg+mtUDxvCJuN3ZBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YjMxMGU5ZDQ0ZTg0NzBkNmNkODAwOTU5MDY2Y2IwMGYy
OTFlZmEwHhcNMjYwMzAxMjIwMDM0WhcNMjYwMzAyMjIwMDM0WjAzMTEwLwYDVQQD
Eyg1NmEzZGJmMWYxMmExNWM1NmQyZjUyNDgxMmNiYzQzZjRmZDhiMDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27Op30Rh0N9H0RSHuQ3Y77nS9tj8
8UFq6dmBcnfidA9JVWZeY0th+GQdE+uc6uanDUkRa3XVTnhqgbMJ4iVIAGk1Ugvl
TCyU+JavwivHi4nMD5lHPxR8xF5uoZLp2k6wnZrUNFkscDR/k9k6PH2Dxkk7S4S7
JYTV5kJkw16zAswozzSKBMA0Nld1rrPD12mz6oyoPx8006I65IIVK6PKW1NC0Vtx
loxKd+WhX60YygrunGqWgFSWKnC0mGeAh1t5aDRaHziant3VvcWrm0E3qJPiBtNR
vGqZhUVZBvsCYc7IK6foOrHTtP+1/QTpeoQu3smGszma3iCwgf02fdS0sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFaj2/HxKhXFbS9SSBLLxD9P2LAPMB8GA1UdIwQY
MBaAFPWzEOnUToRw1s2ACVkGbLAPKR76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYt
ZTgzNmViM2QyZjFmLzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYtZTgzNmViM2QyZjFm
LzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOdR0cxQH
oZ9rB3Ak0bjwCqqcWDysSNB/4ww8R4V9ODlmKDxlJdSqVuLsP5tsNdXWbQ5YkbPm
Yp7TcnYHHcorJ/4m11QJtLyvqGKHSjk/vi31e0cPA6Mg//YY5uR3/YrA3BrLVBGg
kSoDechc4zXVgHLGfv7znh4ZHncOMUpzO1Nk8zOS2/AA3bunxsY06cOKfPU5RBCw
1rB828N4ZkrbQjSuEpivt7fbtBS2J2Dn9eKU4nXO9srLUjMKHmS4C92PqD3E+V4t
yCRIT569032P2eBCMDQWg6AGBCsZ//hXXaFYk0guG6iPQZUa3oQ5odc4T//wNcv6
4wu3vJmWmfSc6g==
-----END CERTIFICATE-----