Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
File:                     ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft (raw, json)
Hash identifier:          OPvs+6gKFo12MeBsQ8aM1JzkZIUKBVn/Inad5p05ImY=
Subject key identifier:   11:BB:9F:F0:3C:73:EC:B6:CD:78:BB:88:7B:B7:C0:4C:4C:6C:D2:7C
Authority key identifier: 89:B9:8B:1D:BC:4D:B0:FB:D8:65:6D:2B:2B:8A:53:E2:C3:DC:A6:AB
Certificate issuer:       /CN=89b98b1dbc4db0fbd8656d2b2b8a53e2c3dca6ab
Certificate serial:       019CAA58F01BDD3B0924174A4FF114692AB3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
Manifest number:          1142
Signing time:             Sun 01 Mar 2026 17:01:21 +0000
Manifest this update:     Sun 01 Mar 2026 17:01:21 +0000
Manifest next update:     Mon 02 Mar 2026 17:01:21 +0000
Files and hashes:         1: ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl (hash: K5LzLnWMF8o6Z3hxEJp+GNj81KYeBeYWJ9HBXRSaRUs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:58:f0:1b:dd:3b:09:24:17:4a:4f:f1:14:69:2a:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89b98b1dbc4db0fbd8656d2b2b8a53e2c3dca6ab
        Validity
            Not Before: Mar  1 17:01:21 2026 GMT
            Not After : Mar  2 17:01:21 2026 GMT
        Subject: CN=11bb9ff03c73ecb6cd78bb887bb7c04c4c6cd27c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:fe:c4:bd:58:41:0d:21:ab:08:f8:6d:11:db:
                    35:69:52:39:c2:e9:0a:45:1f:9b:94:7d:d0:2f:0b:
                    6c:41:8f:62:2a:62:a0:1e:e0:d6:25:38:a7:81:c5:
                    37:58:e0:e2:2f:1f:6d:24:b7:c2:6c:27:b9:84:4b:
                    dd:da:d4:43:c3:a2:d5:14:01:6a:3d:d2:ab:13:c1:
                    f8:23:d0:b5:29:f1:08:93:75:8d:21:76:fc:4a:36:
                    33:9a:33:00:14:8c:62:f7:35:d7:e4:c4:e7:7a:54:
                    9e:02:78:64:ea:36:95:b6:b2:5f:e6:95:9e:3c:2a:
                    b2:1d:34:91:0f:71:85:0d:12:72:59:09:b4:eb:41:
                    24:42:e4:f4:98:fc:b4:87:9f:c5:54:f1:28:53:64:
                    d2:2e:a0:ad:d0:d9:4f:b4:5e:dd:e0:1e:b1:ff:30:
                    c6:17:a8:59:94:df:21:cf:fa:34:ff:40:8f:ea:67:
                    0e:54:5c:89:da:c9:93:dc:8f:5f:db:32:35:4c:c1:
                    03:60:73:f3:42:34:50:36:44:11:4d:cb:97:6b:a9:
                    a6:dd:0d:58:1b:08:d5:ef:4d:42:09:9a:ff:5d:59:
                    9b:9d:c3:7c:53:ee:6f:98:4f:09:98:8a:32:16:e7:
                    33:34:43:63:b5:b0:d1:d1:1b:26:9a:e3:ec:fd:8f:
                    45:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:BB:9F:F0:3C:73:EC:B6:CD:78:BB:88:7B:B7:C0:4C:4C:6C:D2:7C
            X509v3 Authority Key Identifier:
                keyid:89:B9:8B:1D:BC:4D:B0:FB:D8:65:6D:2B:2B:8A:53:E2:C3:DC:A6:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:dc:62:ff:a5:35:0d:9d:d4:71:fa:37:b0:63:b0:d3:f9:8b:
         f1:46:06:82:a8:16:fe:6d:ba:3c:9c:59:24:de:2f:cb:f9:9d:
         11:02:a6:1f:15:ce:08:74:e7:7f:3a:fe:ba:e4:d3:3a:d9:e1:
         cc:5a:9b:f8:4d:b6:76:1f:22:75:eb:51:b1:2c:08:aa:41:e9:
         e4:8b:11:1f:95:6e:31:ee:c5:8b:4a:6a:07:d6:7b:2f:a8:3f:
         c2:0a:6b:c1:11:33:80:fe:6f:98:33:d9:e3:0f:d6:e3:10:89:
         da:8c:4b:42:48:77:88:f7:7d:08:f7:2d:10:65:40:40:60:b6:
         bd:98:31:2f:66:c7:1c:d0:5b:02:3a:0a:fe:c4:ff:06:31:52:
         55:40:e7:3b:03:ee:a3:e2:2d:f9:7b:41:f7:6c:cb:72:e4:43:
         d1:7a:fc:bd:14:a5:1a:f9:ab:28:77:7c:97:1a:be:a8:63:4a:
         94:e4:90:75:2e:07:38:10:40:c1:1b:6c:50:3d:5d:69:a0:c7:
         4e:d9:d8:94:d1:92:5f:97:75:6d:ba:f8:2c:4d:18:2e:fa:ab:
         05:f8:98:01:c5:c4:f3:8b:3a:c8:4d:92:1a:5f:a1:11:52:de:
         f2:8f:a3:5e:08:44:2b:fb:f3:da:5c:e5:24:d2:ab:46:cc:1a:
         b0:f2:3d:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWPAb3TsJJBdKT/EUaSqzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5Yjk4YjFkYmM0ZGIwZmJkODY1NmQyYjJiOGE1M2UyYzNk
Y2E2YWIwHhcNMjYwMzAxMTcwMTIxWhcNMjYwMzAyMTcwMTIxWjAzMTEwLwYDVQQD
EygxMWJiOWZmMDNjNzNlY2I2Y2Q3OGJiODg3YmI3YzA0YzRjNmNkMjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqP7EvVhBDSGrCPhtEds1aVI5wukK
RR+blH3QLwtsQY9iKmKgHuDWJTingcU3WODiLx9tJLfCbCe5hEvd2tRDw6LVFAFq
PdKrE8H4I9C1KfEIk3WNIXb8SjYzmjMAFIxi9zXX5MTnelSeAnhk6jaVtrJf5pWe
PCqyHTSRD3GFDRJyWQm060EkQuT0mPy0h5/FVPEoU2TSLqCt0NlPtF7d4B6x/zDG
F6hZlN8hz/o0/0CP6mcOVFyJ2smT3I9f2zI1TMEDYHPzQjRQNkQRTcuXa6mm3Q1Y
GwjV701CCZr/XVmbncN8U+5vmE8JmIoyFuczNENjtbDR0RsmmuPs/Y9FzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBG7n/A8c+y2zXi7iHu3wExMbNJ8MB8GA1UdIwQY
MBaAFIm5ix28TbD72GVtKyuKU+LD3KarMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iNGI2MDAtNDdhNy00NzA3LTlhOWUt
NGRhNTQ0NzE3NjJlLzEvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iNGI2MDAtNDdhNy00NzA3LTlhOWUtNGRhNTQ0NzE3NjJl
LzEvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJtxi/6U1
DZ3Ucfo3sGOw0/mL8UYGgqgW/m26PJxZJN4vy/mdEQKmHxXOCHTnfzr+uuTTOtnh
zFqb+E22dh8idetRsSwIqkHp5IsRH5VuMe7Fi0pqB9Z7L6g/wgprwREzgP5vmDPZ
4w/W4xCJ2oxLQkh3iPd9CPctEGVAQGC2vZgxL2bHHNBbAjoK/sT/BjFSVUDnOwPu
o+It+XtB92zLcuRD0Xr8vRSlGvmrKHd8lxq+qGNKlOSQdS4HOBBAwRtsUD1daaDH
TtnYlNGSX5d1bbr4LE0YLvqrBfiYAcXE84s6yE2SGl+hEVLe8o+jXghEK/vz2lzl
JNKrRswasPI9hQ==
-----END CERTIFICATE-----