Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
File:                     ba7zApYp3gKduYq3tOm9IhwomRw.mft (raw, json)
Hash identifier:          +YrG26OyRQTZyefA821+Be0ymQynoxEGDWBDg+7sJME=
Subject key identifier:   58:F2:37:AB:9D:C1:89:F9:2E:B0:B5:60:3A:9D:27:96:2B:01:58:93
Authority key identifier: 6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C
Certificate issuer:       /CN=6daef3029629de029db98ab7b4e9bd221c28991c
Certificate serial:       019CAD5A26114714C6E57B574B70B33A4CAA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
Manifest number:          0E30
Signing time:             Mon 02 Mar 2026 07:01:32 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:32 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:32 +0000
Files and hashes:         1: ba7zApYp3gKduYq3tOm9IhwomRw.crl (hash: yemlTz1Rr86Y5gYAU14uizB/lWm6FZSvTuwtxpLsGJg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:5a:26:11:47:14:c6:e5:7b:57:4b:70:b3:3a:4c:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6daef3029629de029db98ab7b4e9bd221c28991c
        Validity
            Not Before: Mar  2 07:01:32 2026 GMT
            Not After : Mar  3 07:01:32 2026 GMT
        Subject: CN=58f237ab9dc189f92eb0b5603a9d27962b015893
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:d4:47:0c:1d:84:23:58:73:38:98:82:ad:01:
                    3f:d0:fb:97:4c:d6:fb:ec:4b:a5:88:f6:4f:23:ae:
                    51:f9:e8:20:d1:65:48:76:db:4f:a5:08:07:ad:cd:
                    d4:91:c2:df:2f:4c:86:13:90:c5:30:45:73:80:6b:
                    cd:48:39:0b:b1:de:53:6c:ee:9f:61:5e:d3:87:b2:
                    2f:01:34:e2:c4:21:c3:c6:bd:f7:d3:3f:ee:3c:fb:
                    03:43:1b:2d:11:72:85:da:3d:04:1a:1f:f5:31:e0:
                    a7:cb:e2:64:8b:a7:56:f0:18:55:f7:de:04:ad:c5:
                    9b:4a:93:d1:84:00:14:21:aa:87:c5:a4:ed:4a:e0:
                    8d:2a:63:52:a7:e9:70:04:0e:89:23:20:c7:a2:cf:
                    04:f3:f2:f5:43:8c:01:2a:aa:f9:3c:55:39:49:05:
                    02:4f:55:f9:e3:f6:b3:31:50:8a:34:4c:b7:b3:03:
                    51:50:e6:6e:e4:cd:a4:73:0c:2d:49:a1:01:2c:ef:
                    bd:85:3f:c9:fc:83:0f:5d:13:ab:04:e0:5b:06:fa:
                    df:34:14:2d:ba:63:9f:19:8d:79:4b:20:43:7c:60:
                    3e:b6:f8:f8:29:53:9b:b7:65:85:51:ff:c2:de:b4:
                    a4:84:29:7c:43:73:aa:0e:8c:7f:88:e4:55:ee:a3:
                    92:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:F2:37:AB:9D:C1:89:F9:2E:B0:B5:60:3A:9D:27:96:2B:01:58:93
            X509v3 Authority Key Identifier:
                keyid:6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:a6:2f:c8:7c:53:29:b4:b7:62:93:f2:33:ef:5d:41:2b:ff:
         29:57:07:53:f1:6b:bc:61:16:d7:1c:93:03:cf:8c:61:e5:9c:
         a8:be:fd:b7:fd:cb:c7:9b:46:1c:ab:f7:12:da:a0:75:a1:5a:
         81:f8:11:04:6f:73:43:24:78:73:b8:53:de:46:d2:a7:2b:d9:
         b2:9b:0b:e9:01:1c:f0:73:5d:ec:59:93:84:ac:22:9d:03:25:
         b0:a5:99:05:53:ec:47:84:0e:e5:77:72:17:15:34:df:47:1d:
         42:60:50:f2:2f:5d:ec:e8:82:96:48:58:e4:35:dd:ba:49:f9:
         7e:db:e1:4d:7c:fe:32:81:a4:aa:b0:84:88:2a:89:19:bc:82:
         97:f4:62:59:84:5a:b1:89:1a:7f:79:98:e4:0d:32:d0:45:ca:
         6d:e0:aa:7c:11:fb:74:11:8e:bf:ac:5a:63:95:68:53:85:63:
         8a:6e:6b:2f:7b:eb:97:9d:af:87:63:e8:4f:1e:27:58:ab:0e:
         55:d9:87:3d:00:10:3c:55:3d:e6:09:6c:c3:07:64:06:39:3b:
         3f:76:44:62:e0:1c:30:a0:e1:48:d1:0a:5c:90:35:08:e0:42:
         2b:ef:4b:9f:66:27:bd:25:41:ce:ca:86:02:5c:ee:35:9f:27:
         c5:1f:3f:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWiYRRxTG5XtXS3CzOkyqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYWVmMzAyOTYyOWRlMDI5ZGI5OGFiN2I0ZTliZDIyMWMy
ODk5MWMwHhcNMjYwMzAyMDcwMTMyWhcNMjYwMzAzMDcwMTMyWjAzMTEwLwYDVQQD
Eyg1OGYyMzdhYjlkYzE4OWY5MmViMGI1NjAzYTlkMjc5NjJiMDE1ODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9RHDB2EI1hzOJiCrQE/0PuXTNb7
7EuliPZPI65R+egg0WVIdttPpQgHrc3UkcLfL0yGE5DFMEVzgGvNSDkLsd5TbO6f
YV7Th7IvATTixCHDxr330z/uPPsDQxstEXKF2j0EGh/1MeCny+Jki6dW8BhV994E
rcWbSpPRhAAUIaqHxaTtSuCNKmNSp+lwBA6JIyDHos8E8/L1Q4wBKqr5PFU5SQUC
T1X54/azMVCKNEy3swNRUOZu5M2kcwwtSaEBLO+9hT/J/IMPXROrBOBbBvrfNBQt
umOfGY15SyBDfGA+tvj4KVObt2WFUf/C3rSkhCl8Q3OqDox/iORV7qOSKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFjyN6udwYn5LrC1YDqdJ5YrAViTMB8GA1UdIwQY
MBaAFG2u8wKWKd4CnbmKt7TpvSIcKJkcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDIt
Y2RlNDA0ODA1YjEwLzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDItY2RlNDA0ODA1YjEw
LzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC6YvyHxT
KbS3YpPyM+9dQSv/KVcHU/FrvGEW1xyTA8+MYeWcqL79t/3Lx5tGHKv3EtqgdaFa
gfgRBG9zQyR4c7hT3kbSpyvZspsL6QEc8HNd7FmThKwinQMlsKWZBVPsR4QO5Xdy
FxU030cdQmBQ8i9d7OiClkhY5DXdukn5ftvhTXz+MoGkqrCEiCqJGbyCl/RiWYRa
sYkaf3mY5A0y0EXKbeCqfBH7dBGOv6xaY5VoU4Vjim5rL3vrl52vh2PoTx4nWKsO
VdmHPQAQPFU95glswwdkBjk7P3ZEYuAcMKDhSNEKXJA1COBCK+9Ln2YnvSVBzsqG
AlzuNZ8nxR8/Kw==
-----END CERTIFICATE-----