Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft
File:                     kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft (raw, json)
Hash identifier:          LDxhaFemrs7FqlbUKDCgOPovrO3/6NrmCGcWtP1Sq3U=
Subject key identifier:   88:C5:88:FD:9D:C3:59:30:76:C5:8C:38:F5:E2:3B:1B:69:F3:6D:65
Authority key identifier: 93:32:0E:8B:E7:C7:4C:A6:55:C7:C3:E9:78:BC:1A:A6:0F:D8:DB:44
Certificate issuer:       /CN=93320e8be7c74ca655c7c3e978bc1aa60fd8db44
Certificate serial:       019D2772066CAE9468C2128DACC60DA94F19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kzIOi-fHTKZVx8PpeLwapg_Y20Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft
Manifest number:          1816
Signing time:             Thu 26 Mar 2026 00:01:17 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:17 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:17 +0000
Files and hashes:         1: kzIOi-fHTKZVx8PpeLwapg_Y20Q.crl (hash: mSoxLkOXs542PVj74GbfYm/2ECY35hpCBrWxZb4YyNU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kzIOi-fHTKZVx8PpeLwapg_Y20Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:06:6c:ae:94:68:c2:12:8d:ac:c6:0d:a9:4f:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93320e8be7c74ca655c7c3e978bc1aa60fd8db44
        Validity
            Not Before: Mar 26 00:01:17 2026 GMT
            Not After : Mar 27 00:01:17 2026 GMT
        Subject: CN=88c588fd9dc3593076c58c38f5e23b1b69f36d65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:c1:03:f4:04:43:ee:55:23:87:30:8c:0f:76:
                    70:29:96:43:af:43:cd:17:22:7b:79:a2:14:05:ed:
                    a2:e6:4a:98:80:4c:b9:41:fc:09:0e:b2:9c:8f:cb:
                    03:07:25:c9:2a:9f:72:90:0d:f2:47:5a:61:d3:4e:
                    75:99:a4:3f:70:2f:77:65:67:04:8c:b9:1e:32:f2:
                    91:0e:0a:2b:0e:f9:10:d3:84:cb:de:af:14:fc:dc:
                    78:20:b7:b5:1c:93:45:3e:27:49:54:c1:b7:68:30:
                    c8:3f:32:2c:5b:8e:f0:41:2c:a5:0e:d4:f2:a5:24:
                    3a:4e:62:8e:b1:5d:12:93:54:c8:75:cd:b3:a8:26:
                    08:a6:6a:9c:3b:7a:02:c9:50:fe:f5:72:07:11:ff:
                    f9:02:60:fd:39:b0:2a:4d:6b:c2:a9:23:ae:d6:cc:
                    4c:a3:ed:83:4d:e4:95:b8:be:ca:3d:11:87:32:53:
                    65:f5:e5:4b:7b:94:b5:c6:a3:13:61:2d:a6:92:8b:
                    7e:db:5a:df:06:9f:74:8e:9c:a6:aa:fc:72:61:b3:
                    4c:2f:2f:a5:d4:1f:45:82:eb:e0:86:21:95:5b:d5:
                    26:c7:7c:13:b7:52:95:f9:75:71:d6:85:04:96:64:
                    ce:97:5f:4c:cb:fa:7a:07:9d:ff:55:b7:5f:50:e0:
                    f9:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:C5:88:FD:9D:C3:59:30:76:C5:8C:38:F5:E2:3B:1B:69:F3:6D:65
            X509v3 Authority Key Identifier:
                keyid:93:32:0E:8B:E7:C7:4C:A6:55:C7:C3:E9:78:BC:1A:A6:0F:D8:DB:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kzIOi-fHTKZVx8PpeLwapg_Y20Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:fd:de:2c:bf:49:0d:51:33:78:8f:53:2c:9b:d2:74:a1:e8:
         1c:37:64:7b:3a:f2:d9:56:c3:0a:77:01:86:d4:46:ae:45:10:
         88:40:7b:01:21:82:41:cd:d5:ad:7d:17:28:d3:98:c1:63:a6:
         c5:23:8d:9d:76:97:d9:37:ee:db:17:fe:f7:da:79:e4:d6:9c:
         72:2a:16:36:ad:80:00:36:fb:df:8a:93:a0:85:c5:42:cf:dc:
         ce:f0:7d:b7:4f:82:40:b7:48:7d:96:75:23:ed:81:e9:46:04:
         e9:a9:ee:75:bc:1b:90:92:e9:f3:0b:d1:4c:92:39:47:30:8e:
         0a:25:80:8c:95:02:23:d5:ab:3a:96:81:b3:e4:0e:ff:92:18:
         d8:26:2c:2d:03:0f:7b:59:eb:9c:4c:c9:16:2f:f2:6e:15:24:
         01:f7:51:ff:37:26:64:16:05:2d:11:96:2d:c7:2c:90:41:55:
         ff:8a:5a:be:27:33:b2:35:f0:97:35:4f:42:21:59:07:87:15:
         f3:5e:35:3f:2a:64:ae:5c:8e:cc:f2:a8:3c:60:9e:91:9d:f3:
         9f:85:51:ad:4a:21:1b:1c:bc:e4:b7:ae:94:15:c8:47:31:f9:
         e2:d7:71:77:1b:b0:5f:f4:5f:9d:6e:90:11:e1:05:37:12:76:
         07:48:dc:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncgZsrpRowhKNrMYNqU8ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMzIwZThiZTdjNzRjYTY1NWM3YzNlOTc4YmMxYWE2MGZk
OGRiNDQwHhcNMjYwMzI2MDAwMTE3WhcNMjYwMzI3MDAwMTE3WjAzMTEwLwYDVQQD
Eyg4OGM1ODhmZDlkYzM1OTMwNzZjNThjMzhmNWUyM2IxYjY5ZjM2ZDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8ED9ARD7lUjhzCMD3ZwKZZDr0PN
FyJ7eaIUBe2i5kqYgEy5QfwJDrKcj8sDByXJKp9ykA3yR1ph0051maQ/cC93ZWcE
jLkeMvKRDgorDvkQ04TL3q8U/Nx4ILe1HJNFPidJVMG3aDDIPzIsW47wQSylDtTy
pSQ6TmKOsV0Sk1TIdc2zqCYIpmqcO3oCyVD+9XIHEf/5AmD9ObAqTWvCqSOu1sxM
o+2DTeSVuL7KPRGHMlNl9eVLe5S1xqMTYS2mkot+21rfBp90jpymqvxyYbNMLy+l
1B9FguvghiGVW9Umx3wTt1KV+XVx1oUElmTOl19My/p6B53/VbdfUOD5EQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIjFiP2dw1kwdsWMOPXiOxtp821lMB8GA1UdIwQY
MBaAFJMyDovnx0ymVcfD6Xi8GqYP2NtEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3pJT2ktZkhUS1pWeDhQcGVMd2FwZ19ZMjBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lNmQzNzMtNDRjNi00OGY3LThiNzYt
ZmE5MWM3NWZiOWRjLzEva3pJT2ktZkhUS1pWeDhQcGVMd2FwZ19ZMjBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lNmQzNzMtNDRjNi00OGY3LThiNzYtZmE5MWM3NWZiOWRj
LzEva3pJT2ktZkhUS1pWeDhQcGVMd2FwZ19ZMjBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADv3eLL9J
DVEzeI9TLJvSdKHoHDdkezry2VbDCncBhtRGrkUQiEB7ASGCQc3VrX0XKNOYwWOm
xSONnXaX2Tfu2xf+99p55NaccioWNq2AADb734qToIXFQs/czvB9t0+CQLdIfZZ1
I+2B6UYE6anudbwbkJLp8wvRTJI5RzCOCiWAjJUCI9WrOpaBs+QO/5IY2CYsLQMP
e1nrnEzJFi/ybhUkAfdR/zcmZBYFLRGWLccskEFV/4paviczsjXwlzVPQiFZB4cV
8141PypkrlyOzPKoPGCekZ3zn4VRrUohGxy85LeulBXIRzH54tdxdxuwX/RfnW6Q
EeEFNxJ2B0jcPQ==
-----END CERTIFICATE-----