Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/76ea77-1757-4db2-a083-d218fb3c137b/1/FK5SmozFunaS25UmkqCLVCJLvzY.mft
File:                     FK5SmozFunaS25UmkqCLVCJLvzY.mft (raw, json)
Hash identifier:          tD9HSf+RRWHcliTkzIc0sKH9gPDOAigz/K56gBfi0H0=
Subject key identifier:   3D:8A:17:E5:B1:15:56:8F:8F:79:D2:01:EA:2E:9F:AA:A9:46:29:4A
Authority key identifier: 14:AE:52:9A:8C:C5:BA:76:92:DB:95:26:92:A0:8B:54:22:4B:BF:36
Certificate issuer:       /CN=14ae529a8cc5ba7692db952692a08b54224bbf36
Certificate serial:       019D292956E2D5C6A10924F56FCEAA36A482
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FK5SmozFunaS25UmkqCLVCJLvzY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/76ea77-1757-4db2-a083-d218fb3c137b/1/FK5SmozFunaS25UmkqCLVCJLvzY.mft
Manifest number:          1883
Signing time:             Thu 26 Mar 2026 08:01:08 +0000
Manifest this update:     Thu 26 Mar 2026 08:01:08 +0000
Manifest next update:     Fri 27 Mar 2026 08:01:08 +0000
Files and hashes:         1: FK5SmozFunaS25UmkqCLVCJLvzY.crl (hash: 06Wbk/1ONFqKUt7jyuHjJOd84/rhKYcZzXjS8f0RPkk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/76ea77-1757-4db2-a083-d218fb3c137b/1/FK5SmozFunaS25UmkqCLVCJLvzY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/76ea77-1757-4db2-a083-d218fb3c137b/1/FK5SmozFunaS25UmkqCLVCJLvzY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FK5SmozFunaS25UmkqCLVCJLvzY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 08:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:29:56:e2:d5:c6:a1:09:24:f5:6f:ce:aa:36:a4:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14ae529a8cc5ba7692db952692a08b54224bbf36
        Validity
            Not Before: Mar 26 08:01:08 2026 GMT
            Not After : Mar 27 08:01:08 2026 GMT
        Subject: CN=3d8a17e5b115568f8f79d201ea2e9faaa946294a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:75:19:27:9e:48:1b:22:11:7f:10:ef:2a:c1:
                    fc:bd:19:fa:8b:d7:54:44:b1:50:0e:4d:23:e4:a4:
                    f5:5a:67:7e:c9:9c:a4:79:1e:49:e1:12:1b:25:f8:
                    da:11:24:20:5d:ac:0b:ba:d9:6e:cf:d2:39:b7:b5:
                    ee:7a:6e:53:f5:f7:41:6f:dc:ba:cc:4c:96:8e:7a:
                    75:f5:09:56:1d:51:51:ea:d0:fe:09:c9:74:42:3f:
                    8d:cd:1c:a2:e8:5f:69:a6:d6:f6:37:32:d5:48:eb:
                    2d:d3:c4:34:f3:c7:a9:8d:dd:a4:33:36:84:f4:70:
                    53:77:9e:ae:b8:e1:d3:16:0e:84:20:83:96:33:60:
                    c3:f3:5f:ed:df:e5:51:e2:0c:df:48:ed:f1:89:e4:
                    fc:c8:60:7e:af:0d:bb:7e:d7:39:8e:c9:93:11:fc:
                    a0:bf:35:8c:81:5e:99:fd:67:f3:26:50:e5:9f:6e:
                    5e:e0:9e:de:c6:b6:6c:fe:5d:3b:8c:af:db:48:0a:
                    ec:3d:65:1e:ca:f4:b0:ea:b4:cb:c2:75:ec:62:9e:
                    c2:c1:a8:e4:30:fd:41:b6:01:82:fe:6e:79:1a:df:
                    8f:6f:a6:d8:30:08:ad:9f:48:12:db:11:24:af:7a:
                    c8:7d:5c:8e:97:bf:ae:1f:42:f2:9c:f0:2d:1e:0a:
                    5c:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:8A:17:E5:B1:15:56:8F:8F:79:D2:01:EA:2E:9F:AA:A9:46:29:4A
            X509v3 Authority Key Identifier:
                keyid:14:AE:52:9A:8C:C5:BA:76:92:DB:95:26:92:A0:8B:54:22:4B:BF:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FK5SmozFunaS25UmkqCLVCJLvzY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/76ea77-1757-4db2-a083-d218fb3c137b/1/FK5SmozFunaS25UmkqCLVCJLvzY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/76ea77-1757-4db2-a083-d218fb3c137b/1/FK5SmozFunaS25UmkqCLVCJLvzY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:db:a4:4c:00:56:ac:ea:1f:44:13:24:4f:33:fa:ab:1b:17:
         55:eb:33:fe:99:26:a7:51:86:de:81:3d:3d:34:e7:6a:d4:48:
         f5:26:b0:36:d0:81:f8:2d:2e:1f:23:92:64:53:02:6e:88:ca:
         84:41:6c:64:b6:43:99:f0:ed:d5:ae:e9:81:7a:f1:fe:c3:4c:
         f8:77:d1:70:8c:ed:28:83:f9:7f:15:c0:16:df:66:05:34:e6:
         00:53:b0:9a:8b:3a:be:f5:48:93:83:59:a0:40:79:b9:35:00:
         7e:d3:c3:71:31:d4:ef:74:05:1a:be:31:f0:b3:a5:93:3d:a8:
         7d:29:6d:3d:e2:68:21:67:55:2b:0a:5e:4f:69:a2:50:c6:dc:
         b5:8f:63:b1:2b:e0:70:64:82:9e:6f:28:eb:9e:f6:27:bc:f3:
         6f:9d:f9:77:1e:4a:2f:80:53:67:c4:f6:dc:12:87:76:98:fb:
         48:54:48:92:d7:0b:eb:8f:34:b7:ae:09:9d:12:ef:a0:41:15:
         93:19:4e:23:f6:08:59:d8:1a:da:93:1e:8e:06:ad:5d:f7:51:
         49:6d:6d:9c:54:67:d6:53:13:55:1b:f1:33:2a:3f:f6:45:21:
         55:45:11:fa:2c:dc:ee:c4:47:2a:82:95:6c:ac:b0:be:ad:e7:
         fa:7a:a1:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKVbi1cahCST1b86qNqSCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YWU1MjlhOGNjNWJhNzY5MmRiOTUyNjkyYTA4YjU0MjI0
YmJmMzYwHhcNMjYwMzI2MDgwMTA4WhcNMjYwMzI3MDgwMTA4WjAzMTEwLwYDVQQD
EygzZDhhMTdlNWIxMTU1NjhmOGY3OWQyMDFlYTJlOWZhYWE5NDYyOTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXUZJ55IGyIRfxDvKsH8vRn6i9dU
RLFQDk0j5KT1Wmd+yZykeR5J4RIbJfjaESQgXawLutluz9I5t7Xuem5T9fdBb9y6
zEyWjnp19QlWHVFR6tD+Ccl0Qj+NzRyi6F9pptb2NzLVSOst08Q088epjd2kMzaE
9HBTd56uuOHTFg6EIIOWM2DD81/t3+VR4gzfSO3xieT8yGB+rw27ftc5jsmTEfyg
vzWMgV6Z/WfzJlDln25e4J7exrZs/l07jK/bSArsPWUeyvSw6rTLwnXsYp7Cwajk
MP1BtgGC/m55Gt+Pb6bYMAitn0gS2xEkr3rIfVyOl7+uH0LynPAtHgpcFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2KF+WxFVaPj3nSAeoun6qpRilKMB8GA1UdIwQY
MBaAFBSuUpqMxbp2ktuVJpKgi1QiS782MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRks1U21vekZ1bmFTMjVVbWtxQ0xWQ0pMdnpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83NmVhNzctMTc1Ny00ZGIyLWEwODMt
ZDIxOGZiM2MxMzdiLzEvRks1U21vekZ1bmFTMjVVbWtxQ0xWQ0pMdnpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83NmVhNzctMTc1Ny00ZGIyLWEwODMtZDIxOGZiM2MxMzdi
LzEvRks1U21vekZ1bmFTMjVVbWtxQ0xWQ0pMdnpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAANukTABW
rOofRBMkTzP6qxsXVesz/pkmp1GG3oE9PTTnatRI9SawNtCB+C0uHyOSZFMCbojK
hEFsZLZDmfDt1a7pgXrx/sNM+HfRcIztKIP5fxXAFt9mBTTmAFOwmos6vvVIk4NZ
oEB5uTUAftPDcTHU73QFGr4x8LOlkz2ofSltPeJoIWdVKwpeT2miUMbctY9jsSvg
cGSCnm8o6572J7zzb535dx5KL4BTZ8T23BKHdpj7SFRIktcL6480t64JnRLvoEEV
kxlOI/YIWdga2pMejgatXfdRSW1tnFRn1lMTVRvxMyo/9kUhVUUR+izc7sRHKoKV
bKywvq3n+nqhBw==
-----END CERTIFICATE-----