Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
File:                     ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft (raw, json)
Hash identifier:          14xHaRFPw/5+b8KLqiRr+p75cmC8v5xLoMIyHV4z/Is=
Subject key identifier:   B4:E4:A6:AB:CA:9D:74:60:79:94:C4:9F:A5:66:C6:C9:CD:4C:5C:8E
Authority key identifier: 89:B9:8B:1D:BC:4D:B0:FB:D8:65:6D:2B:2B:8A:53:E2:C3:DC:A6:AB
Certificate issuer:       /CN=89b98b1dbc4db0fbd8656d2b2b8a53e2c3dca6ab
Certificate serial:       019D97E21A4CB2D7628956E9A1C54A045103
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
Manifest number:          11BD
Signing time:             Thu 16 Apr 2026 20:01:10 +0000
Manifest this update:     Thu 16 Apr 2026 20:01:10 +0000
Manifest next update:     Fri 17 Apr 2026 20:01:10 +0000
Files and hashes:         1: ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl (hash: 9aXlUGa+cmz/1kn5qq8vuk+CiKB6O5ZuFLbcwzqtKE0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 20:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:97:e2:1a:4c:b2:d7:62:89:56:e9:a1:c5:4a:04:51:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89b98b1dbc4db0fbd8656d2b2b8a53e2c3dca6ab
        Validity
            Not Before: Apr 16 20:01:10 2026 GMT
            Not After : Apr 17 20:01:10 2026 GMT
        Subject: CN=b4e4a6abca9d74607994c49fa566c6c9cd4c5c8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:82:77:66:0e:bd:b3:9d:d8:06:fe:fa:65:58:
                    40:9b:40:37:96:0a:c2:7f:bc:f4:09:7c:e1:5b:f7:
                    4a:5d:8b:2d:6a:96:7e:5e:b9:1a:57:0c:ce:5f:d0:
                    ab:5c:be:72:df:6e:da:01:96:51:f3:5f:f5:56:f2:
                    42:cf:ed:5d:c7:e6:79:8b:05:a1:e8:0f:3b:71:f7:
                    d8:33:9e:e3:d8:94:97:c0:d7:7c:d1:d3:e8:2f:7c:
                    1b:e2:a4:66:8a:c6:db:a0:46:f3:e3:64:8a:e9:38:
                    e2:c6:9b:5b:44:12:ab:dd:27:04:70:61:a4:2f:e5:
                    da:20:78:f3:e7:70:36:20:17:92:cf:b7:3f:66:3a:
                    02:d2:7c:9d:c8:9b:3c:36:fb:8c:6d:9b:59:1b:22:
                    aa:0b:1d:de:f0:51:62:78:92:43:35:51:15:ca:1b:
                    93:28:10:f2:39:86:01:41:54:e2:9f:b9:42:7e:6e:
                    b1:5e:0e:e2:1d:29:7a:9f:52:be:5f:fb:0e:86:50:
                    c9:4b:8e:65:45:9e:3c:c0:51:61:27:28:5f:10:a6:
                    59:c1:cc:89:56:48:77:80:83:da:54:ec:a2:48:8d:
                    d5:3b:99:b9:d9:a6:38:dc:ac:78:08:83:17:fa:dd:
                    7a:d9:d4:35:59:e8:7a:b8:83:a2:9d:f5:9c:a9:36:
                    0e:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:E4:A6:AB:CA:9D:74:60:79:94:C4:9F:A5:66:C6:C9:CD:4C:5C:8E
            X509v3 Authority Key Identifier:
                keyid:89:B9:8B:1D:BC:4D:B0:FB:D8:65:6D:2B:2B:8A:53:E2:C3:DC:A6:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:62:f9:85:11:45:19:ce:fc:8e:0e:c3:95:70:65:e2:3f:87:
         2c:79:38:77:af:4d:4c:57:cb:12:3b:2d:0c:cf:6f:31:4d:53:
         ba:b2:dd:cf:7d:5b:5e:05:aa:aa:b8:1e:29:b2:1a:0a:f8:55:
         1f:49:c1:03:e8:ba:1e:fe:44:f8:dc:33:36:a1:f3:20:12:f8:
         09:07:d8:74:86:1b:57:01:87:c3:a6:d9:7c:1f:79:5b:32:78:
         a5:25:be:6b:0d:ce:24:e4:b2:e2:6c:9e:83:53:9c:d1:7d:01:
         a9:c1:fe:43:84:7b:33:92:44:7c:fa:cc:4c:da:e6:83:c0:bf:
         4b:55:ad:96:d7:c5:24:2b:af:2e:44:22:55:ec:44:42:06:dd:
         1c:bf:4d:8c:9d:eb:2d:fe:12:87:cb:7e:69:4c:86:30:1c:42:
         9b:49:1d:a6:2d:34:0d:c4:83:36:02:13:d8:a6:20:af:0d:7f:
         42:03:eb:76:13:39:d1:60:df:2c:cd:dc:63:87:2d:91:7a:ab:
         24:85:90:b0:0b:bc:16:81:29:fe:01:2a:05:47:56:0a:08:93:
         e5:54:97:60:de:5f:84:3d:98:80:4c:d8:99:37:a0:fc:bc:63:
         28:ae:93:40:c2:1d:9d:26:0c:6f:91:e8:be:06:d2:02:dd:e3:
         7e:83:80:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2X4hpMstdiiVbpocVKBFEDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5Yjk4YjFkYmM0ZGIwZmJkODY1NmQyYjJiOGE1M2UyYzNk
Y2E2YWIwHhcNMjYwNDE2MjAwMTEwWhcNMjYwNDE3MjAwMTEwWjAzMTEwLwYDVQQD
EyhiNGU0YTZhYmNhOWQ3NDYwNzk5NGM0OWZhNTY2YzZjOWNkNGM1YzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYJ3Zg69s53YBv76ZVhAm0A3lgrC
f7z0CXzhW/dKXYstapZ+XrkaVwzOX9CrXL5y327aAZZR81/1VvJCz+1dx+Z5iwWh
6A87cffYM57j2JSXwNd80dPoL3wb4qRmisbboEbz42SK6TjixptbRBKr3ScEcGGk
L+XaIHjz53A2IBeSz7c/ZjoC0nydyJs8NvuMbZtZGyKqCx3e8FFieJJDNVEVyhuT
KBDyOYYBQVTin7lCfm6xXg7iHSl6n1K+X/sOhlDJS45lRZ48wFFhJyhfEKZZwcyJ
Vkh3gIPaVOyiSI3VO5m52aY43Kx4CIMX+t162dQ1Weh6uIOinfWcqTYOLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLTkpqvKnXRgeZTEn6VmxsnNTFyOMB8GA1UdIwQY
MBaAFIm5ix28TbD72GVtKyuKU+LD3KarMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iNGI2MDAtNDdhNy00NzA3LTlhOWUt
NGRhNTQ0NzE3NjJlLzEvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iNGI2MDAtNDdhNy00NzA3LTlhOWUtNGRhNTQ0NzE3NjJl
LzEvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIGL5hRFF
Gc78jg7DlXBl4j+HLHk4d69NTFfLEjstDM9vMU1TurLdz31bXgWqqrgeKbIaCvhV
H0nBA+i6Hv5E+NwzNqHzIBL4CQfYdIYbVwGHw6bZfB95WzJ4pSW+aw3OJOSy4mye
g1Oc0X0BqcH+Q4R7M5JEfPrMTNrmg8C/S1WtltfFJCuvLkQiVexEQgbdHL9NjJ3r
Lf4Sh8t+aUyGMBxCm0kdpi00DcSDNgIT2KYgrw1/QgPrdhM50WDfLM3cY4ctkXqr
JIWQsAu8FoEp/gEqBUdWCgiT5VSXYN5fhD2YgEzYmTeg/LxjKK6TQMIdnSYMb5Ho
vgbSAt3jfoOAlQ==
-----END CERTIFICATE-----