Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft
File:                     kjlpG6eScAY69DZNMIYxNl6QEWo.mft (raw, json)
Hash identifier:          hsXopLIkoX/IgfaZto+SFpnCU8ncp3kszGV5RIxomK0=
Subject key identifier:   27:88:F0:78:C2:ED:FF:AC:F3:60:86:F6:C2:8B:55:A9:46:44:2A:CA
Authority key identifier: 92:39:69:1B:A7:92:70:06:3A:F4:36:4D:30:86:31:36:5E:90:11:6A
Certificate issuer:       /CN=9239691ba79270063af4364d308631365e90116a
Certificate serial:       019D25F1957D175585BA7976128FE25BCC7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kjlpG6eScAY69DZNMIYxNl6QEWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft
Manifest number:          0FDF
Signing time:             Wed 25 Mar 2026 17:01:22 +0000
Manifest this update:     Wed 25 Mar 2026 17:01:22 +0000
Manifest next update:     Thu 26 Mar 2026 17:01:22 +0000
Files and hashes:         1: kjlpG6eScAY69DZNMIYxNl6QEWo.crl (hash: Kb0XYgs2kyiJE/kriuAaXQrQeFs1VumEtqIdFxPArn0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kjlpG6eScAY69DZNMIYxNl6QEWo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:f1:95:7d:17:55:85:ba:79:76:12:8f:e2:5b:cc:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9239691ba79270063af4364d308631365e90116a
        Validity
            Not Before: Mar 25 17:01:22 2026 GMT
            Not After : Mar 26 17:01:22 2026 GMT
        Subject: CN=2788f078c2edffacf36086f6c28b55a946442aca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:01:df:e7:bd:cf:dc:c4:59:2b:7e:3c:fc:9b:
                    d3:c3:ac:bd:ed:24:d4:14:6f:25:02:af:6a:ac:5c:
                    b0:f7:dd:97:3e:6f:74:b5:4d:26:7d:2d:70:4a:d5:
                    ae:9b:75:1a:66:a4:1d:1c:5f:ac:1e:7c:37:81:3e:
                    b7:13:62:25:60:ee:2f:d0:93:ee:16:85:48:c9:75:
                    72:d4:00:3d:c5:03:09:22:e9:cb:ef:6a:c4:75:20:
                    6a:88:b2:42:76:26:1d:e3:4b:71:9e:10:3d:09:e6:
                    f7:3c:17:f0:6a:aa:61:67:30:ce:3c:fc:70:ed:dd:
                    6e:40:03:37:4a:c3:47:ad:6f:0d:ba:ca:f0:18:b1:
                    48:0b:f1:ab:27:dd:91:7b:a0:08:45:cd:a7:8d:4f:
                    06:f6:bb:95:f1:e1:98:fa:ca:59:20:2d:ce:cb:e9:
                    a0:94:ca:dd:9f:46:a6:f3:e2:aa:38:5f:1b:e8:57:
                    90:bd:40:a5:69:eb:1f:da:a0:e8:01:8c:d7:1f:31:
                    67:28:d2:32:fc:23:9a:c9:60:cf:da:80:40:f7:49:
                    dd:e1:c6:7c:50:f7:88:37:a7:46:04:8e:13:fd:bb:
                    aa:03:53:30:d5:ba:cf:c6:1a:89:cf:a2:6c:08:89:
                    37:5c:c2:ed:fe:2f:3c:2c:cc:1e:42:3c:19:0b:57:
                    eb:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:88:F0:78:C2:ED:FF:AC:F3:60:86:F6:C2:8B:55:A9:46:44:2A:CA
            X509v3 Authority Key Identifier:
                keyid:92:39:69:1B:A7:92:70:06:3A:F4:36:4D:30:86:31:36:5E:90:11:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kjlpG6eScAY69DZNMIYxNl6QEWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:c3:98:0f:a8:43:93:86:f0:db:09:4a:52:87:e8:9f:a1:0e:
         14:8e:00:e1:8d:4f:02:7b:ee:59:13:1b:70:49:60:f3:84:d1:
         21:c0:37:d7:d8:82:00:61:e3:0e:35:e0:a8:8c:bf:05:89:c2:
         11:64:cb:42:a3:f5:45:8c:69:58:c3:a4:02:83:7a:a3:f2:f7:
         b2:fd:72:cc:fb:e7:e7:92:c1:13:cf:f8:d8:0a:1e:22:8e:1e:
         d1:b3:97:76:b1:fd:d3:64:ad:f2:35:83:c1:7e:a4:bb:b0:4f:
         d8:ef:2c:61:9b:4f:63:2f:e0:5d:75:34:17:2f:73:8b:03:35:
         d4:da:38:c0:4f:70:82:be:d7:fd:c9:46:15:d5:df:96:f4:69:
         37:e6:de:7f:7b:0f:dd:6d:5c:65:6d:b1:77:8d:cd:55:10:40:
         2b:10:03:60:f2:01:40:73:ae:c7:0f:2a:53:94:c9:82:b0:da:
         76:e9:b5:d0:e0:40:17:51:92:d9:9b:59:d4:76:e8:8f:ae:64:
         85:65:51:98:68:38:cb:ab:2d:0f:c2:50:a9:b6:b8:2e:c4:69:
         d2:0c:a7:8a:81:51:11:de:6a:66:2f:b3:de:23:d0:5d:24:df:
         6a:4d:9a:17:21:ff:74:3e:1d:12:23:fa:ca:bd:b6:30:05:99:
         ea:c8:a8:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8ZV9F1WFunl2Eo/iW8x6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMzk2OTFiYTc5MjcwMDYzYWY0MzY0ZDMwODYzMTM2NWU5
MDExNmEwHhcNMjYwMzI1MTcwMTIyWhcNMjYwMzI2MTcwMTIyWjAzMTEwLwYDVQQD
EygyNzg4ZjA3OGMyZWRmZmFjZjM2MDg2ZjZjMjhiNTVhOTQ2NDQyYWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAHf573P3MRZK348/JvTw6y97STU
FG8lAq9qrFyw992XPm90tU0mfS1wStWum3UaZqQdHF+sHnw3gT63E2IlYO4v0JPu
FoVIyXVy1AA9xQMJIunL72rEdSBqiLJCdiYd40txnhA9Ceb3PBfwaqphZzDOPPxw
7d1uQAM3SsNHrW8NusrwGLFIC/GrJ92Re6AIRc2njU8G9ruV8eGY+spZIC3Oy+mg
lMrdn0am8+KqOF8b6FeQvUClaesf2qDoAYzXHzFnKNIy/COayWDP2oBA90nd4cZ8
UPeIN6dGBI4T/buqA1Mw1brPxhqJz6JsCIk3XMLt/i88LMweQjwZC1friwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCeI8HjC7f+s82CG9sKLValGRCrKMB8GA1UdIwQY
MBaAFJI5aRunknAGOvQ2TTCGMTZekBFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2pscEc2ZVNjQVk2OURaTk1JWXhObDZRRVdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC84NmJkMDktMzJiMC00OTRjLTk3NTUt
ZjE3OTJiZDc3YTUzLzEva2pscEc2ZVNjQVk2OURaTk1JWXhObDZRRVdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC84NmJkMDktMzJiMC00OTRjLTk3NTUtZjE3OTJiZDc3YTUz
LzEva2pscEc2ZVNjQVk2OURaTk1JWXhObDZRRVdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe8OYD6hD
k4bw2wlKUofon6EOFI4A4Y1PAnvuWRMbcElg84TRIcA319iCAGHjDjXgqIy/BYnC
EWTLQqP1RYxpWMOkAoN6o/L3sv1yzPvn55LBE8/42AoeIo4e0bOXdrH902St8jWD
wX6ku7BP2O8sYZtPYy/gXXU0Fy9ziwM11No4wE9wgr7X/clGFdXflvRpN+bef3sP
3W1cZW2xd43NVRBAKxADYPIBQHOuxw8qU5TJgrDadum10OBAF1GS2ZtZ1Hboj65k
hWVRmGg4y6stD8JQqba4LsRp0gynioFREd5qZi+z3iPQXSTfak2aFyH/dD4dEiP6
yr22MAWZ6sioxQ==
-----END CERTIFICATE-----