Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/2cc9f6-05f3-40d9-b6ae-07ffb66c54df/1/bnnOupU7B9qiKvPIqrKxzU4iSNA.mft
File:                     bnnOupU7B9qiKvPIqrKxzU4iSNA.mft (raw, json)
Hash identifier:          nd95w9T+tRyjXqv8yLIn4fIMT2kTNHNafgBQqqVmDWI=
Subject key identifier:   6C:7D:F2:F9:2B:24:25:D6:F1:8A:6D:4E:43:6C:13:D8:60:B6:66:97
Authority key identifier: 6E:79:CE:BA:95:3B:07:DA:A2:2A:F3:C8:AA:B2:B1:CD:4E:22:48:D0
Certificate issuer:       /CN=6e79ceba953b07daa22af3c8aab2b1cd4e2248d0
Certificate serial:       019CAB6B42485D11E08C2BD3A0D749BB1BD5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bnnOupU7B9qiKvPIqrKxzU4iSNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/2cc9f6-05f3-40d9-b6ae-07ffb66c54df/1/bnnOupU7B9qiKvPIqrKxzU4iSNA.mft
Manifest number:          08C8
Signing time:             Sun 01 Mar 2026 22:00:59 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:59 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:59 +0000
Files and hashes:         1: bnnOupU7B9qiKvPIqrKxzU4iSNA.crl (hash: V689E3yI7Gzj+gY2bt8i5d+0WtPzAdfeXEW/azBpjWM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/2cc9f6-05f3-40d9-b6ae-07ffb66c54df/1/bnnOupU7B9qiKvPIqrKxzU4iSNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/2cc9f6-05f3-40d9-b6ae-07ffb66c54df/1/bnnOupU7B9qiKvPIqrKxzU4iSNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bnnOupU7B9qiKvPIqrKxzU4iSNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:42:48:5d:11:e0:8c:2b:d3:a0:d7:49:bb:1b:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e79ceba953b07daa22af3c8aab2b1cd4e2248d0
        Validity
            Not Before: Mar  1 22:00:59 2026 GMT
            Not After : Mar  2 22:00:59 2026 GMT
        Subject: CN=6c7df2f92b2425d6f18a6d4e436c13d860b66697
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:44:8e:36:f7:6f:05:cd:ed:1d:99:25:16:5d:
                    dc:6a:2f:3b:5c:e8:03:ef:dd:77:46:be:ea:4d:e2:
                    d8:81:ae:6a:c5:a6:99:37:34:1b:d3:d5:b6:c9:df:
                    b0:16:cb:a3:3e:76:35:f2:99:62:fd:0b:3d:53:9f:
                    46:09:8e:a5:24:b7:e3:9e:3e:0f:59:54:a1:16:99:
                    00:41:66:3e:17:03:97:5f:44:e6:8f:79:67:ce:67:
                    59:42:da:2f:c0:b8:df:48:7d:65:f7:76:d7:67:4b:
                    43:70:83:fa:df:d0:a1:51:f7:78:31:de:95:fd:ae:
                    fe:04:8e:b7:90:58:13:98:a9:4a:08:05:47:62:6f:
                    ef:0c:8c:a7:5b:50:54:a5:1a:20:36:90:2e:d7:80:
                    f5:a0:17:c6:44:31:fe:00:93:53:32:87:8a:97:df:
                    36:57:a8:cf:3c:96:aa:07:ef:9c:1d:7e:52:3a:23:
                    41:8c:1a:2e:4d:2b:ba:98:a6:ef:6b:85:87:60:78:
                    8e:7a:2e:b1:3b:bf:cd:70:c3:c2:60:f8:55:f4:57:
                    c5:c6:a1:81:25:6e:19:5b:93:ec:71:77:7e:a7:47:
                    27:3d:62:83:a0:f9:8f:9d:8f:91:53:10:86:ec:27:
                    7e:a4:76:ae:a9:88:0c:1e:91:6e:d5:88:5c:96:82:
                    00:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:7D:F2:F9:2B:24:25:D6:F1:8A:6D:4E:43:6C:13:D8:60:B6:66:97
            X509v3 Authority Key Identifier:
                keyid:6E:79:CE:BA:95:3B:07:DA:A2:2A:F3:C8:AA:B2:B1:CD:4E:22:48:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bnnOupU7B9qiKvPIqrKxzU4iSNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2cc9f6-05f3-40d9-b6ae-07ffb66c54df/1/bnnOupU7B9qiKvPIqrKxzU4iSNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2cc9f6-05f3-40d9-b6ae-07ffb66c54df/1/bnnOupU7B9qiKvPIqrKxzU4iSNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:86:e2:0e:d8:35:d3:08:5c:69:a6:72:bf:24:4b:2e:08:9e:
         83:33:a4:a0:a4:fa:78:04:9e:81:ca:ad:b4:5f:30:37:4c:0f:
         3e:66:21:2c:78:62:38:cf:63:e3:d1:99:a8:dd:88:e5:1e:31:
         d0:10:8f:80:a4:bc:bd:98:2a:b1:b2:1e:fe:cc:a6:63:3d:ff:
         e8:0c:74:8e:6f:a8:8b:c1:49:ed:d1:16:58:4a:b6:8b:fd:d1:
         65:8d:16:22:06:4b:c1:6c:b1:68:6f:3f:6d:88:cc:39:45:4f:
         6e:37:e6:5f:a6:2d:51:6f:10:b0:f0:ec:ec:46:ae:e0:11:b0:
         97:0b:c3:47:01:55:8e:7b:b7:f7:3b:83:4b:d7:14:a3:4e:b1:
         6e:d3:cb:d8:5f:93:d8:c5:32:22:47:71:5d:1d:c8:99:dd:0c:
         ad:e8:e2:89:41:f1:d5:aa:9c:8f:5e:7c:96:5b:20:c8:83:02:
         ca:5c:ce:b2:d4:da:3f:03:4f:d5:b2:e5:df:34:9d:29:a4:95:
         b0:a4:cd:31:0a:9e:aa:77:8b:c2:22:0c:f4:dd:67:53:14:75:
         ea:26:a0:41:e3:dc:31:4c:8a:89:51:0e:61:ec:aa:bb:7f:08:
         58:84:1d:22:a4:bc:2b:8d:6c:d6:59:9a:fa:9d:48:69:0c:7e:
         f1:00:da:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra0JIXRHgjCvToNdJuxvVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNzljZWJhOTUzYjA3ZGFhMjJhZjNjOGFhYjJiMWNkNGUy
MjQ4ZDAwHhcNMjYwMzAxMjIwMDU5WhcNMjYwMzAyMjIwMDU5WjAzMTEwLwYDVQQD
Eyg2YzdkZjJmOTJiMjQyNWQ2ZjE4YTZkNGU0MzZjMTNkODYwYjY2Njk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ESONvdvBc3tHZklFl3cai87XOgD
7913Rr7qTeLYga5qxaaZNzQb09W2yd+wFsujPnY18pli/Qs9U59GCY6lJLfjnj4P
WVShFpkAQWY+FwOXX0Tmj3lnzmdZQtovwLjfSH1l93bXZ0tDcIP639ChUfd4Md6V
/a7+BI63kFgTmKlKCAVHYm/vDIynW1BUpRogNpAu14D1oBfGRDH+AJNTMoeKl982
V6jPPJaqB++cHX5SOiNBjBouTSu6mKbva4WHYHiOei6xO7/NcMPCYPhV9FfFxqGB
JW4ZW5PscXd+p0cnPWKDoPmPnY+RUxCG7Cd+pHauqYgMHpFu1YhcloIA8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGx98vkrJCXW8YptTkNsE9hgtmaXMB8GA1UdIwQY
MBaAFG55zrqVOwfaoirzyKqysc1OIkjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm5uT3VwVTdCOXFpS3ZQSXFyS3h6VTRpU05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yY2M5ZjYtMDVmMy00MGQ5LWI2YWUt
MDdmZmI2NmM1NGRmLzEvYm5uT3VwVTdCOXFpS3ZQSXFyS3h6VTRpU05BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yY2M5ZjYtMDVmMy00MGQ5LWI2YWUtMDdmZmI2NmM1NGRm
LzEvYm5uT3VwVTdCOXFpS3ZQSXFyS3h6VTRpU05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAYbiDtg1
0whcaaZyvyRLLgiegzOkoKT6eASegcqttF8wN0wPPmYhLHhiOM9j49GZqN2I5R4x
0BCPgKS8vZgqsbIe/symYz3/6Ax0jm+oi8FJ7dEWWEq2i/3RZY0WIgZLwWyxaG8/
bYjMOUVPbjfmX6YtUW8QsPDs7Eau4BGwlwvDRwFVjnu39zuDS9cUo06xbtPL2F+T
2MUyIkdxXR3Imd0MrejiiUHx1aqcj158llsgyIMCylzOstTaPwNP1bLl3zSdKaSV
sKTNMQqeqneLwiIM9N1nUxR16iagQePcMUyKiVEOYeyqu38IWIQdIqS8K41s1lma
+p1IaQx+8QDaFg==
-----END CERTIFICATE-----