Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
File:                     s1IytLD6jIPU_4wSROhk67yt1os.mft (raw, json)
Hash identifier:          ni8KMs/jZov1QFt+JGDp8c1po0wx0zz4J1BPLMgJ9pw=
Subject key identifier:   38:A9:66:70:97:52:69:B8:84:85:02:32:39:27:5F:29:F7:5F:12:B8
Authority key identifier: B3:52:32:B4:B0:FA:8C:83:D4:FF:8C:12:44:E8:64:EB:BC:AD:D6:8B
Certificate issuer:       /CN=b35232b4b0fa8c83d4ff8c1244e864ebbcadd68b
Certificate serial:       019CAD5A3946103CD5C57B4024AFC6D16B5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
Manifest number:          12BE
Signing time:             Mon 02 Mar 2026 07:01:37 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:37 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:37 +0000
Files and hashes:         1: s1IytLD6jIPU_4wSROhk67yt1os.crl (hash: nxZg9GW5kiP7Uyu/RdMgVCNuU3LBaE+LYVAyCLiDK3s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:5a:39:46:10:3c:d5:c5:7b:40:24:af:c6:d1:6b:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b35232b4b0fa8c83d4ff8c1244e864ebbcadd68b
        Validity
            Not Before: Mar  2 07:01:37 2026 GMT
            Not After : Mar  3 07:01:37 2026 GMT
        Subject: CN=38a96670975269b88485023239275f29f75f12b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:69:d1:73:85:55:2a:43:82:d3:b7:65:cb:64:
                    a4:35:39:3e:b6:fb:46:f3:4c:b2:cd:ce:5f:ed:2a:
                    59:ef:2a:2c:b1:82:27:e2:c7:8e:0e:8e:7a:08:94:
                    03:c0:9b:5f:d4:75:c9:7d:37:92:a1:e8:17:48:12:
                    05:2e:1c:af:a3:10:30:a1:0b:ec:d7:51:80:82:71:
                    7b:59:5e:89:14:19:49:bb:3e:36:76:b1:4a:7e:44:
                    ff:5e:b2:24:c5:f3:35:52:eb:ce:22:cd:94:c3:06:
                    20:d6:2f:db:2f:8c:14:ac:61:e8:08:75:49:19:10:
                    ec:c9:e6:0b:7d:5d:1c:3c:2f:12:38:16:17:4f:28:
                    09:30:29:b8:aa:b1:59:21:ae:ca:c3:f5:9f:1e:29:
                    3d:80:6b:73:4e:06:a3:32:4c:a4:02:5d:b1:85:d9:
                    9f:1c:5b:ec:ca:b8:38:41:b9:a5:aa:b9:06:8b:4f:
                    da:24:19:31:a4:1c:1a:7f:58:8f:9a:90:2a:fb:05:
                    2e:a1:2c:c2:69:c6:50:74:ea:f9:b9:55:8c:5f:19:
                    52:80:9f:e5:63:a2:b4:f1:c9:1e:f0:4c:18:b6:3d:
                    36:85:b1:cf:4b:11:8e:40:d4:fb:f9:95:44:1b:59:
                    81:78:5e:d5:94:6a:9d:4c:e8:58:79:6f:16:bf:6b:
                    78:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:A9:66:70:97:52:69:B8:84:85:02:32:39:27:5F:29:F7:5F:12:B8
            X509v3 Authority Key Identifier:
                keyid:B3:52:32:B4:B0:FA:8C:83:D4:FF:8C:12:44:E8:64:EB:BC:AD:D6:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:0b:12:95:b8:15:b2:3c:fc:e4:f5:f7:62:2e:7a:21:a7:b3:
         89:af:7e:ce:c9:75:f1:f1:5c:01:0d:ec:0d:b2:d9:a1:70:c1:
         8f:93:6d:a6:f7:1f:a7:36:ed:b3:f5:9f:92:af:b1:99:dc:c8:
         1b:50:33:f6:58:72:00:08:cf:86:3d:63:47:5a:c9:bc:1d:d1:
         8c:05:5f:c6:ae:75:93:ae:9d:91:87:76:19:79:65:b4:f7:06:
         eb:58:50:f4:28:fd:2b:93:bf:23:42:34:dc:20:6e:2f:ab:39:
         8e:bb:55:38:1f:e7:fb:fe:87:85:ed:8e:6c:ce:85:cf:0a:30:
         d5:74:23:59:c9:60:81:36:5e:4e:d5:25:f7:f6:d2:38:4c:b8:
         69:d2:12:92:7c:63:cd:da:85:a1:6f:b0:a7:65:66:35:29:ca:
         db:ba:cc:0a:3e:ed:38:d5:c0:21:8c:8b:05:78:0a:68:a0:cd:
         28:15:53:b4:63:67:9f:3e:ba:cd:e4:d2:df:8d:6e:ec:b2:aa:
         56:39:65:fe:32:25:46:70:92:3c:fe:60:86:94:2b:23:2f:57:
         9e:c0:6d:d5:13:db:41:b3:c0:2d:94:22:6c:f1:37:4b:03:f4:
         3e:cf:61:b5:47:25:b4:5a:5b:70:03:37:a3:89:e6:7b:83:56:
         72:59:7f:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWjlGEDzVxXtAJK/G0WtaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTIzMmI0YjBmYThjODNkNGZmOGMxMjQ0ZTg2NGViYmNh
ZGQ2OGIwHhcNMjYwMzAyMDcwMTM3WhcNMjYwMzAzMDcwMTM3WjAzMTEwLwYDVQQD
EygzOGE5NjY3MDk3NTI2OWI4ODQ4NTAyMzIzOTI3NWYyOWY3NWYxMmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02nRc4VVKkOC07dly2SkNTk+tvtG
80yyzc5f7SpZ7yossYIn4seODo56CJQDwJtf1HXJfTeSoegXSBIFLhyvoxAwoQvs
11GAgnF7WV6JFBlJuz42drFKfkT/XrIkxfM1UuvOIs2UwwYg1i/bL4wUrGHoCHVJ
GRDsyeYLfV0cPC8SOBYXTygJMCm4qrFZIa7Kw/WfHik9gGtzTgajMkykAl2xhdmf
HFvsyrg4QbmlqrkGi0/aJBkxpBwaf1iPmpAq+wUuoSzCacZQdOr5uVWMXxlSgJ/l
Y6K08cke8EwYtj02hbHPSxGOQNT7+ZVEG1mBeF7VlGqdTOhYeW8Wv2t4iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDipZnCXUmm4hIUCMjknXyn3XxK4MB8GA1UdIwQY
MBaAFLNSMrSw+oyD1P+MEkToZOu8rdaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iZDlmZDgtYTM0Ni00NTllLTgzOGEt
YjkxMjJlNTIxMDU4LzEvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iZDlmZDgtYTM0Ni00NTllLTgzOGEtYjkxMjJlNTIxMDU4
LzEvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGwsSlbgV
sjz85PX3Yi56Iaezia9+zsl18fFcAQ3sDbLZoXDBj5Ntpvcfpzbts/Wfkq+xmdzI
G1Az9lhyAAjPhj1jR1rJvB3RjAVfxq51k66dkYd2GXlltPcG61hQ9Cj9K5O/I0I0
3CBuL6s5jrtVOB/n+/6Hhe2ObM6Fzwow1XQjWclggTZeTtUl9/bSOEy4adISknxj
zdqFoW+wp2VmNSnK27rMCj7tONXAIYyLBXgKaKDNKBVTtGNnnz66zeTS341u7LKq
Vjll/jIlRnCSPP5ghpQrIy9XnsBt1RPbQbPALZQibPE3SwP0Ps9htUcltFpbcAM3
o4nme4NWcll/Qw==
-----END CERTIFICATE-----