Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
File:                     xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft (raw, json)
Hash identifier:          oWQVkdjmbPOgZ5eJAOSSF668boe06j6SraUDgMEx0sU=
Subject key identifier:   0C:6E:4F:E7:05:F4:8F:73:F2:91:EF:E6:E1:EF:CF:1B:E8:3B:B0:F1
Authority key identifier: C4:13:D7:A3:76:5F:F9:A2:2B:BC:22:99:E0:49:69:1E:29:40:CB:82
Certificate issuer:       /CN=c413d7a3765ff9a22bbc2299e049691e2940cb82
Certificate serial:       019CABD9E26160AE51A4108D823704BF7F21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
Manifest number:          15B7
Signing time:             Mon 02 Mar 2026 00:01:48 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:48 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:48 +0000
Files and hashes:         1: xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl (hash: pgqaDvpI3lW68i3P2VRSBJ9nINbuob3RdZYlWWAIZcQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:e2:61:60:ae:51:a4:10:8d:82:37:04:bf:7f:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c413d7a3765ff9a22bbc2299e049691e2940cb82
        Validity
            Not Before: Mar  2 00:01:48 2026 GMT
            Not After : Mar  3 00:01:48 2026 GMT
        Subject: CN=0c6e4fe705f48f73f291efe6e1efcf1be83bb0f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:2d:32:6c:e3:c8:47:d0:1c:bb:59:ab:ab:aa:
                    37:43:81:42:cd:f8:f8:84:c0:a9:80:e7:30:3c:13:
                    5f:6d:9d:61:c0:2d:b1:e8:4e:9f:02:38:ec:6c:d3:
                    56:40:68:37:e7:c9:29:46:2e:98:bc:c4:fb:82:a9:
                    65:c1:98:fb:ce:96:87:e7:4b:35:61:ba:1a:47:c9:
                    0a:6a:f7:7b:1a:71:63:c9:e4:58:26:8e:f7:a4:38:
                    b7:c9:1c:32:c1:8d:92:7c:ab:db:1a:0c:96:6c:a3:
                    3e:c0:3b:44:00:6e:a2:3c:46:a1:82:3b:b7:87:73:
                    0b:00:bc:da:6c:d4:97:52:d8:92:a6:99:1b:99:67:
                    ad:c1:60:c3:41:70:06:9e:4e:f0:50:4a:42:a5:13:
                    b4:b4:a1:05:5c:9a:e6:04:ab:88:36:a1:c9:61:d9:
                    9f:2d:ce:29:3c:f3:7e:01:09:18:c1:db:47:87:9c:
                    8a:24:0c:06:2f:3e:47:f5:34:c4:7c:dd:a6:53:32:
                    73:82:eb:98:8f:93:cd:20:83:c1:5f:01:1f:20:af:
                    7b:65:8c:b6:6a:5c:41:73:cb:eb:02:fd:81:7b:fc:
                    3b:97:fd:03:c4:ea:45:a6:fa:1e:6a:0b:0b:12:54:
                    f3:67:01:3e:74:3d:ae:2e:29:c5:31:9f:f4:f6:c6:
                    4f:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:6E:4F:E7:05:F4:8F:73:F2:91:EF:E6:E1:EF:CF:1B:E8:3B:B0:F1
            X509v3 Authority Key Identifier:
                keyid:C4:13:D7:A3:76:5F:F9:A2:2B:BC:22:99:E0:49:69:1E:29:40:CB:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:ab:cc:b0:4b:14:c7:16:a2:b1:01:e2:2c:8c:5f:fe:16:87:
         db:9c:0e:2c:5d:f1:97:cc:e4:e9:f4:d5:81:8b:5d:fa:5e:94:
         05:b5:04:e7:0d:64:a9:52:52:83:31:e1:86:fb:17:c1:a8:20:
         eb:2d:73:de:8d:e9:eb:1d:0f:48:d6:30:9f:3b:d9:80:cf:59:
         81:52:0a:eb:13:07:d8:53:52:2b:4a:15:48:b4:8b:01:80:1b:
         4b:48:12:fe:7b:fc:b9:2e:8e:a4:b5:ca:3a:cd:fc:b2:f8:c0:
         c5:9d:22:3a:d5:60:06:32:32:34:5d:e8:fe:a1:8e:bd:ae:b4:
         b2:ba:e6:e3:a5:38:aa:c2:bd:6b:87:ab:a8:cf:9d:28:0f:fb:
         69:4a:f9:83:ba:79:3e:76:99:7f:1d:5a:f7:2f:64:d9:ae:16:
         2b:ab:91:20:77:23:84:33:cd:90:6d:77:f6:8f:f9:8f:52:67:
         af:14:98:52:14:f5:78:c5:1a:f8:50:fa:c8:84:75:ed:51:01:
         29:a9:c6:34:71:f8:89:39:87:5e:ed:9b:ee:47:40:7a:69:4a:
         e7:df:82:95:3b:d0:06:e2:8d:ea:2e:43:63:83:4e:42:47:26:
         a2:4c:7a:b2:73:e0:ac:2d:f2:95:58:a2:d3:e1:b0:a9:f1:5b:
         8e:f4:4c:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2eJhYK5RpBCNgjcEv38hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MTNkN2EzNzY1ZmY5YTIyYmJjMjI5OWUwNDk2OTFlMjk0
MGNiODIwHhcNMjYwMzAyMDAwMTQ4WhcNMjYwMzAzMDAwMTQ4WjAzMTEwLwYDVQQD
EygwYzZlNGZlNzA1ZjQ4ZjczZjI5MWVmZTZlMWVmY2YxYmU4M2JiMGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsi0ybOPIR9Acu1mrq6o3Q4FCzfj4
hMCpgOcwPBNfbZ1hwC2x6E6fAjjsbNNWQGg358kpRi6YvMT7gqllwZj7zpaH50s1
YboaR8kKavd7GnFjyeRYJo73pDi3yRwywY2SfKvbGgyWbKM+wDtEAG6iPEahgju3
h3MLALzabNSXUtiSppkbmWetwWDDQXAGnk7wUEpCpRO0tKEFXJrmBKuINqHJYdmf
Lc4pPPN+AQkYwdtHh5yKJAwGLz5H9TTEfN2mUzJzguuYj5PNIIPBXwEfIK97ZYy2
alxBc8vrAv2Be/w7l/0DxOpFpvoeagsLElTzZwE+dD2uLinFMZ/09sZPlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAxuT+cF9I9z8pHv5uHvzxvoO7DxMB8GA1UdIwQY
MBaAFMQT16N2X/miK7wimeBJaR4pQMuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hN2JjODYtMDk1NS00NjhiLTllYjUt
ZTg2MGJlN2U3YzU0LzEveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hN2JjODYtMDk1NS00NjhiLTllYjUtZTg2MGJlN2U3YzU0
LzEveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWavMsEsU
xxaisQHiLIxf/haH25wOLF3xl8zk6fTVgYtd+l6UBbUE5w1kqVJSgzHhhvsXwagg
6y1z3o3p6x0PSNYwnzvZgM9ZgVIK6xMH2FNSK0oVSLSLAYAbS0gS/nv8uS6OpLXK
Os38svjAxZ0iOtVgBjIyNF3o/qGOva60srrm46U4qsK9a4erqM+dKA/7aUr5g7p5
PnaZfx1a9y9k2a4WK6uRIHcjhDPNkG139o/5j1JnrxSYUhT1eMUa+FD6yIR17VEB
KanGNHH4iTmHXu2b7kdAemlK59+ClTvQBuKN6i5DY4NOQkcmokx6snPgrC3ylVii
0+GwqfFbjvRM7w==
-----END CERTIFICATE-----