Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/e736fa-81c8-475f-a73e-2bb0e1c0e3ef/1/Sbp0yMvh4n-spcZ-idP2I8Hwml4.mft
File:                     Sbp0yMvh4n-spcZ-idP2I8Hwml4.mft (raw, json)
Hash identifier:          RCcTkK2m+Etc8cx3Ihrqn/pDKyzDAcvuvGoDP6PqrSM=
Subject key identifier:   7A:CD:99:72:14:F5:9E:D2:87:06:A7:C3:00:9A:BD:FC:E8:74:F7:8A
Authority key identifier: 49:BA:74:C8:CB:E1:E2:7F:AC:A5:C6:7E:89:D3:F6:23:C1:F0:9A:5E
Certificate issuer:       /CN=49ba74c8cbe1e27faca5c67e89d3f623c1f09a5e
Certificate serial:       019CAAC6DB5E91F3FC888020C02103194C4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sbp0yMvh4n-spcZ-idP2I8Hwml4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/e736fa-81c8-475f-a73e-2bb0e1c0e3ef/1/Sbp0yMvh4n-spcZ-idP2I8Hwml4.mft
Manifest number:          12DB
Signing time:             Sun 01 Mar 2026 19:01:24 +0000
Manifest this update:     Sun 01 Mar 2026 19:01:24 +0000
Manifest next update:     Mon 02 Mar 2026 19:01:24 +0000
Files and hashes:         1: Sbp0yMvh4n-spcZ-idP2I8Hwml4.crl (hash: 4bmLZmoiGBrjmTTr2TtQWBidda+VXb0iK/Pkja9tFFU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/e736fa-81c8-475f-a73e-2bb0e1c0e3ef/1/Sbp0yMvh4n-spcZ-idP2I8Hwml4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/e736fa-81c8-475f-a73e-2bb0e1c0e3ef/1/Sbp0yMvh4n-spcZ-idP2I8Hwml4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Sbp0yMvh4n-spcZ-idP2I8Hwml4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:db:5e:91:f3:fc:88:80:20:c0:21:03:19:4c:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49ba74c8cbe1e27faca5c67e89d3f623c1f09a5e
        Validity
            Not Before: Mar  1 19:01:24 2026 GMT
            Not After : Mar  2 19:01:24 2026 GMT
        Subject: CN=7acd997214f59ed28706a7c3009abdfce874f78a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:ab:c4:7c:72:76:a1:e8:4a:73:97:d2:44:ef:
                    42:4b:a5:10:19:cd:7f:bb:e7:38:5d:e2:4e:46:fc:
                    22:47:fa:29:14:5c:74:29:ef:60:e8:ce:8e:46:aa:
                    07:3b:24:2e:eb:d7:f2:7a:8e:81:53:1d:95:4f:37:
                    89:57:44:10:fb:60:98:ae:8f:21:b0:b5:de:dd:90:
                    3e:a0:94:c1:23:80:67:91:5b:19:b9:9b:32:66:8f:
                    eb:28:b1:20:1b:46:e8:7a:4f:ba:69:f0:09:ea:f0:
                    4d:33:55:9c:2f:c3:b8:46:a5:a2:1a:49:c3:71:7c:
                    85:e0:4b:0c:46:a6:0f:c6:4a:bf:4e:7c:e5:43:89:
                    ae:aa:9b:0d:a8:3c:6d:da:8b:24:8f:b1:4d:2e:5c:
                    ef:9d:dc:1a:d2:a8:7d:fe:b5:d1:88:19:95:02:0f:
                    8f:08:0d:84:89:10:8c:7b:0d:83:fd:6a:80:c4:b4:
                    8c:8d:4e:83:9b:23:a0:d4:0f:a2:80:ca:7f:53:89:
                    f3:1f:84:17:4f:d1:df:46:0d:17:0d:f3:5a:b9:e8:
                    d8:e2:e5:17:42:67:f2:32:c2:c8:12:15:27:65:9c:
                    7a:4e:f4:9f:c3:e8:dd:d3:bc:84:0d:eb:f2:07:44:
                    35:d4:3b:5e:15:b8:22:1f:3b:c9:b2:18:ef:87:8e:
                    c1:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:CD:99:72:14:F5:9E:D2:87:06:A7:C3:00:9A:BD:FC:E8:74:F7:8A
            X509v3 Authority Key Identifier:
                keyid:49:BA:74:C8:CB:E1:E2:7F:AC:A5:C6:7E:89:D3:F6:23:C1:F0:9A:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sbp0yMvh4n-spcZ-idP2I8Hwml4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/e736fa-81c8-475f-a73e-2bb0e1c0e3ef/1/Sbp0yMvh4n-spcZ-idP2I8Hwml4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/e736fa-81c8-475f-a73e-2bb0e1c0e3ef/1/Sbp0yMvh4n-spcZ-idP2I8Hwml4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:7e:54:87:68:af:76:69:37:1f:1c:02:e1:f6:05:57:19:e8:
         41:45:82:64:91:0e:3e:29:68:bf:68:e7:54:1e:8e:82:1e:77:
         cd:19:b3:5b:93:fd:92:28:16:c8:4d:0b:e6:4c:13:98:ad:98:
         5f:12:48:81:7e:24:f8:29:60:f1:19:09:19:80:97:c9:c8:be:
         78:eb:af:de:bb:86:e1:e3:0d:20:bc:e1:c5:dc:af:e2:88:03:
         2e:b0:84:b9:d3:3e:25:b7:42:b8:6d:10:13:18:0f:7a:99:7a:
         fd:54:56:d2:a4:6d:81:d7:e6:eb:bf:f7:e1:26:b4:6c:13:b3:
         8a:8f:15:e0:a1:f8:4c:8f:e3:c8:da:eb:1c:0d:97:42:85:6e:
         0d:b1:7c:98:50:89:ca:a7:a8:2f:57:55:e8:4e:56:38:ec:6d:
         9c:80:20:96:79:54:e7:bf:26:62:35:6b:a8:d2:dc:5b:ee:09:
         43:ba:e5:79:31:7f:0e:d0:e9:4f:00:b7:64:5a:ec:46:da:01:
         bb:be:24:f0:dc:f1:bf:dc:b8:5b:42:34:b5:94:9a:4d:34:28:
         e5:82:f5:5b:f7:4b:58:ec:d2:a6:b9:86:be:d3:e7:9b:62:51:
         17:6b:d5:f9:ab:8d:92:8a:e5:74:8e:21:03:4f:88:85:2d:93:
         8f:f1:1f:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxttekfP8iIAgwCEDGUxLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5YmE3NGM4Y2JlMWUyN2ZhY2E1YzY3ZTg5ZDNmNjIzYzFm
MDlhNWUwHhcNMjYwMzAxMTkwMTI0WhcNMjYwMzAyMTkwMTI0WjAzMTEwLwYDVQQD
Eyg3YWNkOTk3MjE0ZjU5ZWQyODcwNmE3YzMwMDlhYmRmY2U4NzRmNzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsavEfHJ2oehKc5fSRO9CS6UQGc1/
u+c4XeJORvwiR/opFFx0Ke9g6M6ORqoHOyQu69fyeo6BUx2VTzeJV0QQ+2CYro8h
sLXe3ZA+oJTBI4BnkVsZuZsyZo/rKLEgG0boek+6afAJ6vBNM1WcL8O4RqWiGknD
cXyF4EsMRqYPxkq/TnzlQ4muqpsNqDxt2oskj7FNLlzvndwa0qh9/rXRiBmVAg+P
CA2EiRCMew2D/WqAxLSMjU6DmyOg1A+igMp/U4nzH4QXT9HfRg0XDfNauejY4uUX
QmfyMsLIEhUnZZx6TvSfw+jd07yEDevyB0Q11DteFbgiHzvJshjvh47BNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHrNmXIU9Z7ShwanwwCavfzodPeKMB8GA1UdIwQY
MBaAFEm6dMjL4eJ/rKXGfonT9iPB8JpeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2JwMHlNdmg0bi1zcGNaLWlkUDJJOEh3bWw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9lNzM2ZmEtODFjOC00NzVmLWE3M2Ut
MmJiMGUxYzBlM2VmLzEvU2JwMHlNdmg0bi1zcGNaLWlkUDJJOEh3bWw0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9lNzM2ZmEtODFjOC00NzVmLWE3M2UtMmJiMGUxYzBlM2Vm
LzEvU2JwMHlNdmg0bi1zcGNaLWlkUDJJOEh3bWw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEH5Uh2iv
dmk3HxwC4fYFVxnoQUWCZJEOPilov2jnVB6Ogh53zRmzW5P9kigWyE0L5kwTmK2Y
XxJIgX4k+Clg8RkJGYCXyci+eOuv3ruG4eMNILzhxdyv4ogDLrCEudM+JbdCuG0Q
ExgPepl6/VRW0qRtgdfm67/34Sa0bBOzio8V4KH4TI/jyNrrHA2XQoVuDbF8mFCJ
yqeoL1dV6E5WOOxtnIAglnlU578mYjVrqNLcW+4JQ7rleTF/DtDpTwC3ZFrsRtoB
u74k8Nzxv9y4W0I0tZSaTTQo5YL1W/dLWOzSprmGvtPnm2JRF2vV+auNkorldI4h
A0+IhS2Tj/EfXg==
-----END CERTIFICATE-----