Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
File:                     kHpNEpJLU1fjAmev48XMc2QkEVg.mft (raw, json)
Hash identifier:          92TzdJiAlpUXT80cVXACHUefkFE2AIC31jr/XYkXWbY=
Subject key identifier:   02:16:ED:4C:DA:C7:B2:A5:17:67:62:6D:E3:57:BC:FD:8F:19:F6:94
Authority key identifier: 90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58
Certificate issuer:       /CN=907a4d12924b5357e30267afe3c5cc7364241158
Certificate serial:       019D2704AB2D58562C6C4B67674D03ABA4AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
Manifest number:          129B
Signing time:             Wed 25 Mar 2026 22:01:50 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:50 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:50 +0000
Files and hashes:         1: kHpNEpJLU1fjAmev48XMc2QkEVg.crl (hash: mO23dDtGvfnCn5GE9g1+Y4J4hyvsQUNEScxM6URhpYw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:ab:2d:58:56:2c:6c:4b:67:67:4d:03:ab:a4:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=907a4d12924b5357e30267afe3c5cc7364241158
        Validity
            Not Before: Mar 25 22:01:50 2026 GMT
            Not After : Mar 26 22:01:50 2026 GMT
        Subject: CN=0216ed4cdac7b2a51767626de357bcfd8f19f694
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:d9:a0:4c:4e:8a:f3:6c:4b:a2:e6:c1:ee:03:
                    5b:0c:c1:57:26:18:32:4a:b0:10:1f:84:75:e7:6a:
                    0b:4c:15:00:1f:80:fa:15:93:21:4c:c7:ed:0d:22:
                    54:cd:00:75:48:c1:b7:e0:ed:e3:8e:a0:3c:90:e7:
                    34:5e:cd:72:98:27:bb:05:40:d2:5c:f1:e0:6e:9e:
                    4c:81:0b:26:77:09:57:a3:19:d3:e3:95:2e:e1:0c:
                    62:d8:81:43:2b:eb:91:33:a9:59:56:68:e6:80:b1:
                    8a:ef:97:7c:fb:a3:91:9e:93:43:ff:c0:77:d9:c8:
                    00:75:59:7b:cb:4c:bb:3d:f5:51:94:2c:72:e5:8b:
                    e9:11:69:ae:c9:8a:3a:f0:22:9d:5d:97:93:32:77:
                    ef:f1:83:e3:fa:0e:dc:18:fc:e9:16:1a:36:dc:a7:
                    e5:ae:74:bc:eb:6f:5d:42:19:75:a3:3a:1b:4c:a6:
                    f3:b3:82:34:cf:64:90:ba:50:52:5a:9e:32:6f:c2:
                    9d:c9:ff:5e:1e:5e:b8:94:8b:76:cc:64:eb:63:05:
                    7a:43:d4:8f:ee:d5:17:f8:a9:a2:87:7d:6b:3e:75:
                    9e:43:1a:cf:4b:77:d3:b3:ae:c1:80:ed:a5:5e:08:
                    c4:74:f8:4a:7d:68:8a:e7:36:a5:c3:db:20:2f:16:
                    b7:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:16:ED:4C:DA:C7:B2:A5:17:67:62:6D:E3:57:BC:FD:8F:19:F6:94
            X509v3 Authority Key Identifier:
                keyid:90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:7a:1d:5d:45:0f:e8:c9:af:7c:86:20:a3:cf:b7:75:70:f5:
         77:89:ea:7b:6f:a7:87:72:8f:ac:f3:dc:26:0c:84:f1:25:24:
         14:0b:f6:c5:87:76:b5:04:e2:f1:4c:1c:60:d5:29:dc:33:73:
         e7:86:73:e8:3c:e6:ac:4b:8b:3b:87:73:be:e5:09:46:1f:b1:
         9d:4d:43:c0:b0:fa:0f:19:e5:d0:80:e4:f3:1b:14:87:e6:df:
         2e:7c:4b:6c:a8:18:9a:a0:9a:0e:e6:bf:d8:b6:14:22:ba:97:
         5d:2a:c3:51:94:fe:a6:9f:13:a4:c8:23:01:50:d8:29:24:42:
         45:ec:08:15:fa:fe:25:c7:39:e6:5c:08:8a:6b:3c:9e:88:0c:
         eb:fe:a3:58:de:15:a8:a0:53:17:30:3a:68:23:56:36:f0:83:
         cb:af:35:07:84:6c:1d:c4:23:79:4e:c4:51:46:0b:89:72:b1:
         2a:65:3b:6b:89:94:d1:bf:8d:72:d5:aa:43:f7:de:ad:3d:5e:
         0f:d0:41:dd:db:76:ad:fe:3e:b0:77:8b:5c:e2:9a:ca:9d:f6:
         fc:8d:eb:84:46:56:cf:ed:26:77:37:2c:3b:8a:b3:b7:b6:da:
         69:8a:dd:cc:80:a8:6f:d2:77:15:76:e1:0c:8e:bf:99:db:15:
         27:a2:81:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBKstWFYsbEtnZ00Dq6SsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwN2E0ZDEyOTI0YjUzNTdlMzAyNjdhZmUzYzVjYzczNjQy
NDExNTgwHhcNMjYwMzI1MjIwMTUwWhcNMjYwMzI2MjIwMTUwWjAzMTEwLwYDVQQD
EygwMjE2ZWQ0Y2RhYzdiMmE1MTc2NzYyNmRlMzU3YmNmZDhmMTlmNjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldmgTE6K82xLoubB7gNbDMFXJhgy
SrAQH4R152oLTBUAH4D6FZMhTMftDSJUzQB1SMG34O3jjqA8kOc0Xs1ymCe7BUDS
XPHgbp5MgQsmdwlXoxnT45Uu4Qxi2IFDK+uRM6lZVmjmgLGK75d8+6ORnpND/8B3
2cgAdVl7y0y7PfVRlCxy5YvpEWmuyYo68CKdXZeTMnfv8YPj+g7cGPzpFho23Kfl
rnS8629dQhl1ozobTKbzs4I0z2SQulBSWp4yb8Kdyf9eHl64lIt2zGTrYwV6Q9SP
7tUX+Kmih31rPnWeQxrPS3fTs67BgO2lXgjEdPhKfWiK5zalw9sgLxa35wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAIW7Uzax7KlF2dibeNXvP2PGfaUMB8GA1UdIwQY
MBaAFJB6TRKSS1NX4wJnr+PFzHNkJBFYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEt
NjIxYTJiYjQwYzY2LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEtNjIxYTJiYjQwYzY2
LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhnodXUUP
6MmvfIYgo8+3dXD1d4nqe2+nh3KPrPPcJgyE8SUkFAv2xYd2tQTi8UwcYNUp3DNz
54Zz6DzmrEuLO4dzvuUJRh+xnU1DwLD6Dxnl0IDk8xsUh+bfLnxLbKgYmqCaDua/
2LYUIrqXXSrDUZT+pp8TpMgjAVDYKSRCRewIFfr+Jcc55lwIims8nogM6/6jWN4V
qKBTFzA6aCNWNvCDy681B4RsHcQjeU7EUUYLiXKxKmU7a4mU0b+NctWqQ/ferT1e
D9BB3dt2rf4+sHeLXOKayp32/I3rhEZWz+0mdzcsO4qzt7baaYrdzICob9J3FXbh
DI6/mdsVJ6KBTQ==
-----END CERTIFICATE-----