Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft
File:                     spK68_TAei7dR9iMKxW2Wir33q0.mft (raw, json)
Hash identifier:          O7Dii/F2+cf/vvM8k+NDzAMuIXx3pS/MVAm6CJncO2Q=
Subject key identifier:   BD:8A:1B:B8:BD:FA:C3:22:49:8D:B6:D6:FA:9A:29:8B:E7:BB:50:74
Authority key identifier: B2:92:BA:F3:F4:C0:7A:2E:DD:47:D8:8C:2B:15:B6:5A:2A:F7:DE:AD
Certificate issuer:       /CN=b292baf3f4c07a2edd47d88c2b15b65a2af7dead
Certificate serial:       019CAD59EA8183417101793AF5EC5D34EB3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/spK68_TAei7dR9iMKxW2Wir33q0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft
Manifest number:          0EDF
Signing time:             Mon 02 Mar 2026 07:01:16 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:16 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:16 +0000
Files and hashes:         1: spK68_TAei7dR9iMKxW2Wir33q0.crl (hash: zqPvjlQbQguSB2GK2N7q6n94poMzIQnZ9kf9ldg16Oc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/spK68_TAei7dR9iMKxW2Wir33q0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:ea:81:83:41:71:01:79:3a:f5:ec:5d:34:eb:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b292baf3f4c07a2edd47d88c2b15b65a2af7dead
        Validity
            Not Before: Mar  2 07:01:16 2026 GMT
            Not After : Mar  3 07:01:16 2026 GMT
        Subject: CN=bd8a1bb8bdfac322498db6d6fa9a298be7bb5074
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:34:a6:e9:72:4b:2c:f9:3c:30:3d:ae:c3:5b:
                    99:af:a6:20:6d:47:39:fb:be:bb:a5:1f:77:9e:f5:
                    eb:2c:68:74:dc:3d:96:23:c1:e1:bb:36:72:d9:eb:
                    7f:63:4d:50:45:ce:15:59:e2:30:31:e1:a4:27:34:
                    4a:a9:7a:29:c5:fc:49:ee:38:a9:7b:80:c7:4c:64:
                    95:16:92:b7:43:2c:dd:db:ca:f0:13:20:d2:41:4c:
                    83:15:96:ed:82:4f:22:4b:36:92:1b:6f:45:d2:bc:
                    d3:c5:ba:5e:20:c5:de:29:19:f6:d2:e9:74:f8:09:
                    99:51:22:27:74:a9:7c:cf:09:0c:0e:ad:5f:9a:3e:
                    32:15:11:e4:cb:c6:ea:80:87:80:e5:f0:a8:22:41:
                    eb:f8:00:d7:2c:74:42:e4:72:a1:40:70:42:51:25:
                    b2:d5:3f:15:48:17:39:97:3c:b2:eb:07:ac:3a:a6:
                    2e:b6:86:2c:43:63:b2:9f:4e:46:a7:79:93:70:7d:
                    ca:23:83:ae:2f:38:51:aa:b0:d9:1c:75:9a:ab:78:
                    b8:9b:e9:53:ff:a9:9b:c3:58:05:b6:3a:c6:52:53:
                    f6:6c:73:a9:87:70:51:a3:8c:93:0a:f1:a1:ca:11:
                    b6:a5:fa:de:92:93:6f:10:16:4d:0c:92:e7:40:f4:
                    1f:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:8A:1B:B8:BD:FA:C3:22:49:8D:B6:D6:FA:9A:29:8B:E7:BB:50:74
            X509v3 Authority Key Identifier:
                keyid:B2:92:BA:F3:F4:C0:7A:2E:DD:47:D8:8C:2B:15:B6:5A:2A:F7:DE:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/spK68_TAei7dR9iMKxW2Wir33q0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c1f83a-dfc7-494d-9a4b-2a72c2858bac/1/spK68_TAei7dR9iMKxW2Wir33q0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:91:04:5e:60:92:cf:52:a6:0f:f2:6a:9c:ff:8b:54:43:61:
         ad:93:b5:06:72:14:4d:7e:24:f1:7d:70:d3:f7:1c:67:98:61:
         4b:c0:bc:f6:c5:79:24:11:1a:e9:14:45:7a:9b:8f:42:12:97:
         06:30:3c:f4:64:b8:fa:e4:61:7f:63:24:4b:0e:49:d5:4c:87:
         60:6d:b0:46:c1:00:7f:cc:c2:41:22:dc:b3:dd:13:ed:f7:0b:
         e2:25:60:9f:a1:a5:fb:c5:4b:8b:97:7c:6a:6d:6b:f9:2b:7e:
         eb:37:0b:08:11:4b:36:75:1d:7d:1d:b1:6a:61:99:3c:aa:e9:
         24:11:de:fc:4e:ed:8f:a1:b6:f5:45:fc:17:c3:82:2d:e5:b1:
         ff:87:ef:5e:e1:6e:2a:3d:68:1a:ee:7b:01:a8:4e:83:13:65:
         50:8d:e2:a8:5a:09:8f:97:58:d9:38:4f:a9:9a:e2:bd:80:e1:
         a9:06:42:16:fc:94:76:fe:28:fa:48:f3:19:8f:01:2f:6d:42:
         75:6d:96:b1:2c:32:bf:5c:f8:b4:1b:79:00:01:27:a3:82:54:
         51:f2:a2:da:d9:3a:75:fb:94:a7:fa:70:a4:04:d0:38:5a:59:
         88:81:4b:24:1f:84:de:8c:70:24:f3:90:64:c5:b3:fb:a8:a0:
         83:29:83:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWeqBg0FxAXk69exdNOs+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyOTJiYWYzZjRjMDdhMmVkZDQ3ZDg4YzJiMTViNjVhMmFm
N2RlYWQwHhcNMjYwMzAyMDcwMTE2WhcNMjYwMzAzMDcwMTE2WjAzMTEwLwYDVQQD
EyhiZDhhMWJiOGJkZmFjMzIyNDk4ZGI2ZDZmYTlhMjk4YmU3YmI1MDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjSm6XJLLPk8MD2uw1uZr6YgbUc5
+767pR93nvXrLGh03D2WI8HhuzZy2et/Y01QRc4VWeIwMeGkJzRKqXopxfxJ7jip
e4DHTGSVFpK3Qyzd28rwEyDSQUyDFZbtgk8iSzaSG29F0rzTxbpeIMXeKRn20ul0
+AmZUSIndKl8zwkMDq1fmj4yFRHky8bqgIeA5fCoIkHr+ADXLHRC5HKhQHBCUSWy
1T8VSBc5lzyy6wesOqYutoYsQ2Oyn05Gp3mTcH3KI4OuLzhRqrDZHHWaq3i4m+lT
/6mbw1gFtjrGUlP2bHOph3BRo4yTCvGhyhG2pfrekpNvEBZNDJLnQPQfYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL2KG7i9+sMiSY221vqaKYvnu1B0MB8GA1UdIwQY
MBaAFLKSuvP0wHou3UfYjCsVtloq996tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3BLNjhfVEFlaTdkUjlpTUt4VzJXaXIzM3EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jMWY4M2EtZGZjNy00OTRkLTlhNGIt
MmE3MmMyODU4YmFjLzEvc3BLNjhfVEFlaTdkUjlpTUt4VzJXaXIzM3EwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jMWY4M2EtZGZjNy00OTRkLTlhNGItMmE3MmMyODU4YmFj
LzEvc3BLNjhfVEFlaTdkUjlpTUt4VzJXaXIzM3EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAppEEXmCS
z1KmD/JqnP+LVENhrZO1BnIUTX4k8X1w0/ccZ5hhS8C89sV5JBEa6RRFepuPQhKX
BjA89GS4+uRhf2MkSw5J1UyHYG2wRsEAf8zCQSLcs90T7fcL4iVgn6Gl+8VLi5d8
am1r+St+6zcLCBFLNnUdfR2xamGZPKrpJBHe/E7tj6G29UX8F8OCLeWx/4fvXuFu
Kj1oGu57AahOgxNlUI3iqFoJj5dY2ThPqZrivYDhqQZCFvyUdv4o+kjzGY8BL21C
dW2WsSwyv1z4tBt5AAEno4JUUfKi2tk6dfuUp/pwpATQOFpZiIFLJB+E3oxwJPOQ
ZMWz+6iggymDrQ==
-----END CERTIFICATE-----