Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
File:                     2bN6OM6IfTdjYEau84ehwjMVLkE.mft (raw, json)
Hash identifier:          RidunGH3dZKowqZ820foB6zigkDzwpkRyymY8jLlHvg=
Subject key identifier:   BE:3B:C0:EE:6D:9D:12:E9:07:68:42:48:6C:33:DB:D2:77:8F:DC:59
Authority key identifier: D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41
Certificate issuer:       /CN=d9b37a38ce887d37636046aef387a1c233152e41
Certificate serial:       019CAD595799F06658BAEF0C08C632B2BF81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
Manifest number:          08D8
Signing time:             Mon 02 Mar 2026 07:00:39 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:39 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:39 +0000
Files and hashes:         1: 2bN6OM6IfTdjYEau84ehwjMVLkE.crl (hash: u22A7/dNd0P/MrOYSpFaJJDrKZLxZoYfarqFQa1nDlg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:57:99:f0:66:58:ba:ef:0c:08:c6:32:b2:bf:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9b37a38ce887d37636046aef387a1c233152e41
        Validity
            Not Before: Mar  2 07:00:39 2026 GMT
            Not After : Mar  3 07:00:39 2026 GMT
        Subject: CN=be3bc0ee6d9d12e9076842486c33dbd2778fdc59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:ef:22:26:6f:6e:1c:85:e2:1a:62:b8:3f:54:
                    a2:27:fc:86:79:86:13:80:4f:2b:5f:5d:98:1e:85:
                    82:a3:64:a0:5c:3b:08:e7:41:df:6d:72:6c:02:93:
                    bb:55:a5:23:9b:76:08:26:ee:8f:4b:54:8b:17:f2:
                    4b:e8:a2:83:98:1b:fd:c2:db:f4:d8:c8:e5:f1:16:
                    9d:51:02:23:e2:25:55:0b:af:76:5b:8d:12:21:b5:
                    83:a9:73:91:8f:35:e0:b2:de:bc:2b:96:7d:ff:93:
                    00:bf:a8:c6:76:f0:4a:57:02:11:ca:7b:23:c7:04:
                    f9:27:37:a2:38:e9:aa:72:e8:3d:3a:0f:7d:54:e3:
                    16:2f:e8:ce:10:96:b1:df:41:50:a1:1f:9d:f2:b2:
                    4f:ed:81:7b:e5:ce:d5:68:c7:48:5e:6b:85:96:96:
                    44:20:27:b7:7f:7c:09:d0:33:c3:e0:7c:2c:b8:89:
                    59:59:db:c3:be:db:f7:c4:a7:b5:9e:91:7b:bf:3b:
                    d0:d9:00:8f:9f:1b:e9:9c:b8:3e:a8:b6:a2:32:3f:
                    1f:02:1b:31:41:24:30:86:55:06:8f:b6:49:69:1b:
                    58:7a:38:ad:04:6e:05:a8:4c:f3:15:d2:2b:ba:1f:
                    1c:c1:34:5c:ef:48:05:ab:e6:30:24:08:6b:c3:ed:
                    b6:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:3B:C0:EE:6D:9D:12:E9:07:68:42:48:6C:33:DB:D2:77:8F:DC:59
            X509v3 Authority Key Identifier:
                keyid:D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:44:f9:81:2b:49:0d:78:2d:f0:76:e2:d0:08:aa:be:3b:7e:
         0a:98:85:a7:0d:4b:d4:bb:63:8e:d1:7c:13:90:52:bf:19:40:
         d7:0f:78:86:f0:41:bc:3a:be:1b:fe:0d:cc:02:52:2b:1c:22:
         1a:c8:ff:33:30:7c:2f:4e:16:75:b9:e5:a6:05:d3:a0:b2:b0:
         3c:5e:7d:9a:ab:b7:0c:c7:b8:14:bf:27:7d:33:7d:b8:7f:ab:
         39:2a:f1:30:dd:b5:d8:3c:ff:56:ce:bb:e3:54:a4:60:6c:6a:
         2d:ba:b3:33:67:6b:e2:30:ec:ea:c1:29:48:cd:12:6f:23:96:
         e0:da:05:5c:b3:90:b3:d5:df:38:53:26:0e:e3:81:55:50:c6:
         bd:21:31:43:ee:35:10:c1:4d:28:1d:2c:63:44:5c:aa:48:6e:
         88:ac:55:7c:13:2c:ca:ce:1c:1c:de:ed:b4:f5:a2:9c:3d:94:
         e4:4f:56:5b:15:9b:a3:12:25:32:0a:2f:4d:bd:a7:6f:96:5c:
         02:ac:57:7a:da:b8:10:29:f8:a6:9d:11:53:4c:26:df:07:1e:
         10:a7:0d:0a:51:89:df:91:bd:64:a2:c1:82:ea:2d:82:3e:fb:
         e2:6d:91:67:08:e6:b6:e6:d4:45:cf:49:b7:07:06:50:89:11:
         04:2c:d5:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWVeZ8GZYuu8MCMYysr+BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YjM3YTM4Y2U4ODdkMzc2MzYwNDZhZWYzODdhMWMyMzMx
NTJlNDEwHhcNMjYwMzAyMDcwMDM5WhcNMjYwMzAzMDcwMDM5WjAzMTEwLwYDVQQD
EyhiZTNiYzBlZTZkOWQxMmU5MDc2ODQyNDg2YzMzZGJkMjc3OGZkYzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnu8iJm9uHIXiGmK4P1SiJ/yGeYYT
gE8rX12YHoWCo2SgXDsI50HfbXJsApO7VaUjm3YIJu6PS1SLF/JL6KKDmBv9wtv0
2Mjl8RadUQIj4iVVC692W40SIbWDqXORjzXgst68K5Z9/5MAv6jGdvBKVwIRynsj
xwT5JzeiOOmqcug9Og99VOMWL+jOEJax30FQoR+d8rJP7YF75c7VaMdIXmuFlpZE
ICe3f3wJ0DPD4HwsuIlZWdvDvtv3xKe1npF7vzvQ2QCPnxvpnLg+qLaiMj8fAhsx
QSQwhlUGj7ZJaRtYejitBG4FqEzzFdIruh8cwTRc70gFq+YwJAhrw+22RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL47wO5tnRLpB2hCSGwz29J3j9xZMB8GA1UdIwQY
MBaAFNmzejjOiH03Y2BGrvOHocIzFS5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgt
ZDZhYWM2MTM4MzBiLzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgtZDZhYWM2MTM4MzBi
LzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkET5gStJ
DXgt8Hbi0Aiqvjt+CpiFpw1L1LtjjtF8E5BSvxlA1w94hvBBvDq+G/4NzAJSKxwi
Gsj/MzB8L04WdbnlpgXToLKwPF59mqu3DMe4FL8nfTN9uH+rOSrxMN212Dz/Vs67
41SkYGxqLbqzM2dr4jDs6sEpSM0SbyOW4NoFXLOQs9XfOFMmDuOBVVDGvSExQ+41
EMFNKB0sY0RcqkhuiKxVfBMsys4cHN7ttPWinD2U5E9WWxWboxIlMgovTb2nb5Zc
AqxXetq4ECn4pp0RU0wm3wceEKcNClGJ35G9ZKLBguotgj774m2RZwjmtubURc9J
twcGUIkRBCzVPg==
-----END CERTIFICATE-----