Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft
File:                     kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft (raw, json)
Hash identifier:          sdfpkqKR+51wyo/HlsVdRmytRPApY3HWRZtlNgZ9HCU=
Subject key identifier:   FF:C6:41:DB:93:3B:2D:BF:63:F7:98:E0:76:85:A0:DB:0F:13:70:31
Authority key identifier: 91:78:30:D9:41:EE:09:0A:8E:32:34:8F:97:B8:30:8F:D1:CE:09:FD
Certificate issuer:       /CN=917830d941ee090a8e32348f97b8308fd1ce09fd
Certificate serial:       019D277293556E49729A0DA0AB6EFF09E511
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft
Manifest number:          0F02
Signing time:             Thu 26 Mar 2026 00:01:53 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:53 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:53 +0000
Files and hashes:         1: kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl (hash: xn2VbMfXYKLKXtAMLmJlm8GEBrOcUs0O/csT4GU57w4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:93:55:6e:49:72:9a:0d:a0:ab:6e:ff:09:e5:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=917830d941ee090a8e32348f97b8308fd1ce09fd
        Validity
            Not Before: Mar 26 00:01:53 2026 GMT
            Not After : Mar 27 00:01:53 2026 GMT
        Subject: CN=ffc641db933b2dbf63f798e07685a0db0f137031
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:f7:ca:e5:a1:15:2b:eb:68:10:cd:ba:5d:5b:
                    37:32:75:69:f2:54:26:f5:3d:da:aa:62:f5:e3:bc:
                    89:d6:61:ff:78:06:81:a4:a5:a8:e6:95:88:58:1a:
                    2f:96:67:bc:51:b0:45:21:cb:89:f1:b1:7f:a2:d1:
                    21:63:6b:7b:bd:05:32:b7:bf:81:02:d8:3b:0f:91:
                    07:7e:47:8c:ac:b4:66:ab:16:b3:3f:36:5e:04:da:
                    26:bb:61:c8:4b:ed:cc:fe:f5:a2:75:a7:46:eb:c4:
                    85:26:d9:27:53:c2:80:6e:2d:a9:fc:63:69:f7:f1:
                    09:a0:59:5c:49:36:f0:eb:5f:bc:52:9d:86:4b:1b:
                    7a:a3:b2:3d:af:ad:cf:f0:d8:67:54:d7:5e:39:4e:
                    b3:f5:d1:13:d7:90:9b:7d:19:8d:8f:dd:07:1a:32:
                    9c:01:88:8d:bb:3f:3f:74:19:4b:c5:df:66:eb:78:
                    5d:cc:44:59:01:f7:da:7e:99:37:5f:1f:3c:2e:d6:
                    1e:34:80:a3:c3:ef:4a:1a:8d:2b:8f:48:48:17:15:
                    97:c9:c4:1c:38:c7:db:d4:c0:89:53:cb:29:77:10:
                    1f:b6:33:69:4e:14:38:46:da:0f:ae:99:02:ba:2c:
                    73:96:3d:14:51:ab:26:34:7c:6e:2d:b9:56:16:07:
                    52:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:C6:41:DB:93:3B:2D:BF:63:F7:98:E0:76:85:A0:DB:0F:13:70:31
            X509v3 Authority Key Identifier:
                keyid:91:78:30:D9:41:EE:09:0A:8E:32:34:8F:97:B8:30:8F:D1:CE:09:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:77:58:6d:e1:62:fe:ef:bf:f0:3a:4e:ae:5b:03:31:06:37:
         0d:d5:e5:ed:86:ec:20:af:f5:8e:89:b5:9f:dc:1a:a6:8c:96:
         5b:3e:44:e3:b9:13:08:af:8c:32:84:14:37:e3:46:af:ef:54:
         83:5f:c1:0c:e6:ef:47:24:1e:b5:a9:d0:29:d8:f8:dc:78:39:
         c0:a0:12:1d:ae:ce:bb:6f:07:8c:d8:43:bd:0f:74:4b:7b:53:
         fb:d6:7d:5e:47:16:7e:c0:8a:71:b7:9c:47:de:57:8a:d7:3b:
         1d:fb:18:b6:54:b0:56:fc:fb:f9:6e:b9:0e:60:9b:61:e0:ff:
         b3:aa:6a:65:ae:f0:25:4e:21:60:e1:97:7d:38:c8:fe:6a:c1:
         10:4f:a2:84:a6:91:a1:fd:ad:69:b9:a9:2f:a1:65:27:9d:00:
         09:43:76:72:50:74:b7:88:6d:67:bf:aa:79:74:d5:47:aa:fb:
         ad:66:01:77:d3:8a:98:78:54:19:72:4c:3e:19:b3:7c:51:58:
         e4:eb:41:56:59:d2:14:c4:6e:9e:24:d1:41:6c:d6:a0:a8:20:
         38:e3:84:94:2a:6c:e7:ea:c1:50:c4:ed:68:62:a3:11:dd:93:
         18:28:fb:1a:95:64:f3:66:f0:7d:6e:b6:92:86:44:ae:f2:70:
         f2:1f:e5:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncpNVbklymg2gq27/CeURMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNzgzMGQ5NDFlZTA5MGE4ZTMyMzQ4Zjk3YjgzMDhmZDFj
ZTA5ZmQwHhcNMjYwMzI2MDAwMTUzWhcNMjYwMzI3MDAwMTUzWjAzMTEwLwYDVQQD
EyhmZmM2NDFkYjkzM2IyZGJmNjNmNzk4ZTA3Njg1YTBkYjBmMTM3MDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPfK5aEVK+toEM26XVs3MnVp8lQm
9T3aqmL147yJ1mH/eAaBpKWo5pWIWBovlme8UbBFIcuJ8bF/otEhY2t7vQUyt7+B
Atg7D5EHfkeMrLRmqxazPzZeBNomu2HIS+3M/vWidadG68SFJtknU8KAbi2p/GNp
9/EJoFlcSTbw61+8Up2GSxt6o7I9r63P8NhnVNdeOU6z9dET15CbfRmNj90HGjKc
AYiNuz8/dBlLxd9m63hdzERZAffafpk3Xx88LtYeNICjw+9KGo0rj0hIFxWXycQc
OMfb1MCJU8spdxAftjNpThQ4RtoPrpkCuixzlj0UUasmNHxuLblWFgdSYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP/GQduTOy2/Y/eY4HaFoNsPE3AxMB8GA1UdIwQY
MBaAFJF4MNlB7gkKjjI0j5e4MI/Rzgn9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9mZjJmZDAtNjI0ZC00N2Y4LWJlOWYt
ZDFmMTgwM2IxODEyLzEva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9mZjJmZDAtNjI0ZC00N2Y4LWJlOWYtZDFmMTgwM2IxODEy
LzEva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfndYbeFi
/u+/8DpOrlsDMQY3DdXl7YbsIK/1jom1n9wapoyWWz5E47kTCK+MMoQUN+NGr+9U
g1/BDObvRyQetanQKdj43Hg5wKASHa7Ou28HjNhDvQ90S3tT+9Z9XkcWfsCKcbec
R95Xitc7HfsYtlSwVvz7+W65DmCbYeD/s6pqZa7wJU4hYOGXfTjI/mrBEE+ihKaR
of2tabmpL6FlJ50ACUN2clB0t4htZ7+qeXTVR6r7rWYBd9OKmHhUGXJMPhmzfFFY
5OtBVlnSFMRuniTRQWzWoKggOOOElCps5+rBUMTtaGKjEd2TGCj7GpVk82bwfW62
koZErvJw8h/lNg==
-----END CERTIFICATE-----