Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
File:                     pgkmXYlPp5_NZUL6zAujiXOMhFk.mft (raw, json)
Hash identifier:          CPb4MusGPsPURpz6AtQinw+t0ZY8aVKBItTC4MV9o3M=
Subject key identifier:   91:8F:61:F7:E7:D2:21:B2:BC:2E:00:20:90:8B:C3:3D:4C:BD:20:A4
Authority key identifier: A6:09:26:5D:89:4F:A7:9F:CD:65:42:FA:CC:0B:A3:89:73:8C:84:59
Certificate issuer:       /CN=a609265d894fa79fcd6542facc0ba389738c8459
Certificate serial:       019D28F27B15E1F5ECDB9B292BB5A054BACE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
Manifest number:          0B9F
Signing time:             Thu 26 Mar 2026 07:01:13 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:13 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:13 +0000
Files and hashes:         1: pgkmXYlPp5_NZUL6zAujiXOMhFk.crl (hash: btmNLdjN02Cnq2upY1uiWxjvCtbcDQj73/TIz2vy+G8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:7b:15:e1:f5:ec:db:9b:29:2b:b5:a0:54:ba:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a609265d894fa79fcd6542facc0ba389738c8459
        Validity
            Not Before: Mar 26 07:01:13 2026 GMT
            Not After : Mar 27 07:01:13 2026 GMT
        Subject: CN=918f61f7e7d221b2bc2e0020908bc33d4cbd20a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:c1:23:ac:ea:84:9e:18:9b:30:aa:ce:6a:e2:
                    0b:88:57:d6:f0:a7:a1:2e:26:ad:1e:47:f5:a6:c3:
                    b0:75:3d:02:db:24:44:ab:77:bd:f0:74:6f:1e:93:
                    8d:96:ff:b8:b9:12:5e:51:3e:f2:ab:57:7b:a3:1c:
                    e5:a0:be:78:2a:71:d0:de:34:cc:bd:5f:2b:24:4f:
                    dc:33:f7:6a:52:8e:1f:87:29:9e:88:dd:22:54:5d:
                    9f:4a:21:9c:75:14:a2:21:41:80:68:6e:c4:da:5f:
                    ac:90:8a:75:c5:5e:a4:b8:51:4d:35:59:d6:a1:c8:
                    1c:06:32:fd:b8:9c:ef:85:79:32:cf:4e:c6:84:09:
                    ed:01:1a:85:a1:06:4b:93:29:b9:62:06:46:96:02:
                    29:07:40:2d:d4:f3:87:3b:ab:95:be:1f:06:d4:37:
                    9d:73:70:99:ee:09:c7:f6:d1:5f:fb:53:58:5f:97:
                    b0:a5:56:28:af:26:27:4b:b6:c8:de:73:05:99:fd:
                    29:64:6c:28:08:ba:7a:e0:b1:9b:39:9f:cc:d3:9f:
                    29:db:8d:e2:3c:ab:21:52:50:1f:60:71:8b:da:c2:
                    23:ad:34:e4:74:e2:9d:23:fc:19:35:9f:bd:47:13:
                    b8:4b:53:45:74:fb:e7:8b:a5:71:b3:20:0c:9e:26:
                    a9:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:8F:61:F7:E7:D2:21:B2:BC:2E:00:20:90:8B:C3:3D:4C:BD:20:A4
            X509v3 Authority Key Identifier:
                keyid:A6:09:26:5D:89:4F:A7:9F:CD:65:42:FA:CC:0B:A3:89:73:8C:84:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:aa:f1:6a:1e:be:8a:39:86:0e:8e:0e:de:0b:05:78:56:2d:
         19:e0:5d:ec:75:f6:56:bb:b7:cf:64:ef:bd:38:50:5f:d0:45:
         29:18:6d:b5:c4:73:4c:db:3c:e5:6e:58:e9:c7:98:1a:5e:90:
         5b:4d:f5:cb:13:3a:4d:a2:df:01:f8:98:4d:cc:f7:7c:0d:57:
         3b:23:6f:3e:37:00:68:84:7c:91:1a:eb:35:1f:ec:f9:f6:be:
         35:3d:c2:ee:d2:b7:b7:aa:4f:90:e9:77:e5:5b:be:7c:c7:43:
         1f:e3:59:50:47:f2:3e:cc:42:e7:b7:64:c2:27:94:73:ae:72:
         28:2e:c2:74:25:a5:35:10:a5:83:35:1c:1b:a1:f3:c0:3d:3b:
         91:3b:00:ed:6b:6d:0c:55:ad:af:4e:86:67:16:d6:53:f2:b3:
         20:06:01:f4:aa:8e:79:38:e3:49:d8:17:7b:11:70:65:50:de:
         f9:c2:21:88:10:64:4f:8d:06:7d:3f:f1:b0:3a:a2:e7:58:e1:
         c6:bf:d0:92:71:3a:d5:42:e1:86:84:e5:c5:f7:9f:d9:7c:c5:
         46:02:e0:cd:6a:60:54:6d:a5:c3:ff:5b:a7:6a:78:fd:fe:d5:
         0f:ae:d6:a3:c1:35:fd:bc:a7:5c:e9:d5:26:fb:8e:df:58:3e:
         18:43:51:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8nsV4fXs25spK7WgVLrOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MDkyNjVkODk0ZmE3OWZjZDY1NDJmYWNjMGJhMzg5NzM4
Yzg0NTkwHhcNMjYwMzI2MDcwMTEzWhcNMjYwMzI3MDcwMTEzWjAzMTEwLwYDVQQD
Eyg5MThmNjFmN2U3ZDIyMWIyYmMyZTAwMjA5MDhiYzMzZDRjYmQyMGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcEjrOqEnhibMKrOauILiFfW8Keh
LiatHkf1psOwdT0C2yREq3e98HRvHpONlv+4uRJeUT7yq1d7oxzloL54KnHQ3jTM
vV8rJE/cM/dqUo4fhymeiN0iVF2fSiGcdRSiIUGAaG7E2l+skIp1xV6kuFFNNVnW
ocgcBjL9uJzvhXkyz07GhAntARqFoQZLkym5YgZGlgIpB0At1POHO6uVvh8G1Ded
c3CZ7gnH9tFf+1NYX5ewpVYoryYnS7bI3nMFmf0pZGwoCLp64LGbOZ/M058p243i
PKshUlAfYHGL2sIjrTTkdOKdI/wZNZ+9RxO4S1NFdPvni6VxsyAMniapUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJGPYffn0iGyvC4AIJCLwz1MvSCkMB8GA1UdIwQY
MBaAFKYJJl2JT6efzWVC+swLo4lzjIRZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS83MzBkNGQtZDRhYi00Mjc5LWIyMjUt
NmRjMGRhMWY1ZGVlLzEvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS83MzBkNGQtZDRhYi00Mjc5LWIyMjUtNmRjMGRhMWY1ZGVl
LzEvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX6rxah6+
ijmGDo4O3gsFeFYtGeBd7HX2Vru3z2TvvThQX9BFKRhttcRzTNs85W5Y6ceYGl6Q
W031yxM6TaLfAfiYTcz3fA1XOyNvPjcAaIR8kRrrNR/s+fa+NT3C7tK3t6pPkOl3
5Vu+fMdDH+NZUEfyPsxC57dkwieUc65yKC7CdCWlNRClgzUcG6HzwD07kTsA7Wtt
DFWtr06GZxbWU/KzIAYB9KqOeTjjSdgXexFwZVDe+cIhiBBkT40GfT/xsDqi51jh
xr/QknE61ULhhoTlxfef2XzFRgLgzWpgVG2lw/9bp2p4/f7VD67Wo8E1/bynXOnV
JvuO31g+GENRcA==
-----END CERTIFICATE-----