Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.mft
File:                     kNRNBKKqhYbulMejNTbDaBatoWM.mft (raw, json)
Hash identifier:          Y6hGWAPXpxf5hCiAtEujAbq6I08UCi8VdyCaAfekRco=
Subject key identifier:   15:F1:18:07:5B:5F:6C:57:15:25:45:14:73:2A:6E:43:B1:E8:6A:86
Authority key identifier: 90:D4:4D:04:A2:AA:85:86:EE:94:C7:A3:35:36:C3:68:16:AD:A1:63
Certificate issuer:       /CN=90d44d04a2aa8586ee94c7a33536c36816ada163
Certificate serial:       019D270478CFBD82E3DF67CC6FDC35C7BE6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kNRNBKKqhYbulMejNTbDaBatoWM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.mft
Manifest number:          1884
Signing time:             Wed 25 Mar 2026 22:01:37 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:37 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:37 +0000
Files and hashes:         1: kNRNBKKqhYbulMejNTbDaBatoWM.crl (hash: DUWaxawmIQDSb9dk0tEVxMPdAK7Ka8sc0I1hCRjUqN4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kNRNBKKqhYbulMejNTbDaBatoWM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:78:cf:bd:82:e3:df:67:cc:6f:dc:35:c7:be:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=90d44d04a2aa8586ee94c7a33536c36816ada163
        Validity
            Not Before: Mar 25 22:01:37 2026 GMT
            Not After : Mar 26 22:01:37 2026 GMT
        Subject: CN=15f118075b5f6c5715254514732a6e43b1e86a86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:a3:92:3a:e3:4a:82:c0:30:75:9f:55:fa:57:
                    af:e3:e7:6a:0d:f7:37:a9:30:f9:3e:86:7a:2a:46:
                    28:fb:ed:da:0e:90:4f:7e:10:e9:db:06:39:8b:c9:
                    7e:43:eb:9a:47:30:23:95:5e:68:1b:41:24:56:73:
                    25:de:b6:2c:1c:e6:f7:84:da:07:08:9e:98:ed:38:
                    d4:dd:9d:af:c7:95:bd:5b:43:8b:60:a8:5f:8d:36:
                    ac:04:87:1f:4b:e7:be:c1:25:32:37:4a:e1:1b:1b:
                    dc:63:85:ef:e3:1c:ff:50:18:68:ba:27:67:5f:6a:
                    96:5b:58:f6:b5:4e:b9:6c:70:5f:cc:bf:da:a0:21:
                    5c:f7:f1:24:72:90:db:55:73:0c:39:d2:f7:d7:16:
                    9b:81:92:eb:09:12:8a:6e:71:2f:14:e7:cf:c0:73:
                    6c:23:ab:30:a2:06:68:bd:bd:d7:b0:7c:51:c6:d3:
                    51:91:ac:ea:6e:0b:06:a2:1f:2d:cd:d3:a7:33:67:
                    8f:ae:9f:a0:3d:dc:c7:33:0d:30:1a:58:ef:5f:20:
                    ec:a9:4a:dd:c1:30:72:cb:ab:6c:1c:dd:2e:13:52:
                    af:96:2e:90:31:28:94:48:ad:90:b6:a4:52:7a:f0:
                    67:75:cf:0a:e7:bb:59:46:2f:cb:42:f8:a7:51:1c:
                    5b:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:F1:18:07:5B:5F:6C:57:15:25:45:14:73:2A:6E:43:B1:E8:6A:86
            X509v3 Authority Key Identifier:
                keyid:90:D4:4D:04:A2:AA:85:86:EE:94:C7:A3:35:36:C3:68:16:AD:A1:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNRNBKKqhYbulMejNTbDaBatoWM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:e2:41:50:ee:b8:ca:87:19:7c:10:30:77:29:18:49:70:68:
         b3:70:d7:e1:f3:d1:00:68:ca:98:6c:1a:a0:c1:02:d4:fa:33:
         99:0b:ae:60:de:f1:3d:84:8a:b7:eb:a4:ae:5a:18:68:9c:71:
         97:b1:69:79:6b:06:2c:c5:74:54:7c:e7:94:b3:bd:cf:26:4d:
         74:3b:28:17:f5:a9:ce:c8:ac:7a:c0:82:04:1f:5b:52:d4:38:
         de:50:25:38:25:34:4d:e2:4c:e2:5e:91:ba:29:51:8f:84:e3:
         4c:d0:41:c5:9a:b6:9a:a2:1a:e7:d1:c9:b2:cd:04:1c:66:c0:
         79:6b:34:77:c3:c1:63:71:ef:26:97:7e:44:e8:27:77:34:d2:
         ac:31:4f:0e:60:40:c1:d7:dd:34:fa:35:8f:c0:b2:a3:99:69:
         83:9c:80:ec:70:9a:16:1a:eb:56:5f:f7:9b:ac:f5:e4:0d:80:
         5e:e0:cd:aa:b4:da:ed:e6:40:c7:51:43:fb:32:48:84:ef:30:
         f1:3a:9a:a7:04:f7:04:58:c2:ff:b5:81:59:67:a0:a3:fb:d2:
         cb:b5:93:09:d8:46:44:04:09:46:82:9f:96:ac:c7:03:bc:4e:
         d7:47:67:0b:db:c4:fc:d5:8a:14:a0:07:f2:b6:da:3e:34:df:
         31:e2:81:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBHjPvYLj32fMb9w1x75tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZDQ0ZDA0YTJhYTg1ODZlZTk0YzdhMzM1MzZjMzY4MTZh
ZGExNjMwHhcNMjYwMzI1MjIwMTM3WhcNMjYwMzI2MjIwMTM3WjAzMTEwLwYDVQQD
EygxNWYxMTgwNzViNWY2YzU3MTUyNTQ1MTQ3MzJhNmU0M2IxZTg2YTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3aOSOuNKgsAwdZ9V+lev4+dqDfc3
qTD5PoZ6KkYo++3aDpBPfhDp2wY5i8l+Q+uaRzAjlV5oG0EkVnMl3rYsHOb3hNoH
CJ6Y7TjU3Z2vx5W9W0OLYKhfjTasBIcfS+e+wSUyN0rhGxvcY4Xv4xz/UBhouidn
X2qWW1j2tU65bHBfzL/aoCFc9/EkcpDbVXMMOdL31xabgZLrCRKKbnEvFOfPwHNs
I6swogZovb3XsHxRxtNRkazqbgsGoh8tzdOnM2ePrp+gPdzHMw0wGljvXyDsqUrd
wTByy6tsHN0uE1Kvli6QMSiUSK2QtqRSevBndc8K57tZRi/LQvinURxbwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBXxGAdbX2xXFSVFFHMqbkOx6GqGMB8GA1UdIwQY
MBaAFJDUTQSiqoWG7pTHozU2w2gWraFjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05STkJLS3FoWWJ1bE1lak5UYkRhQmF0b1dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9lN2M2OTItOTk0MS00YmMxLWI0YzIt
NmY4Y2FjYzEyMzM5LzEva05STkJLS3FoWWJ1bE1lak5UYkRhQmF0b1dNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9lN2M2OTItOTk0MS00YmMxLWI0YzItNmY4Y2FjYzEyMzM5
LzEva05STkJLS3FoWWJ1bE1lak5UYkRhQmF0b1dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAheJBUO64
yocZfBAwdykYSXBos3DX4fPRAGjKmGwaoMEC1PozmQuuYN7xPYSKt+ukrloYaJxx
l7FpeWsGLMV0VHznlLO9zyZNdDsoF/WpzsisesCCBB9bUtQ43lAlOCU0TeJM4l6R
uilRj4TjTNBBxZq2mqIa59HJss0EHGbAeWs0d8PBY3HvJpd+ROgndzTSrDFPDmBA
wdfdNPo1j8Cyo5lpg5yA7HCaFhrrVl/3m6z15A2AXuDNqrTa7eZAx1FD+zJIhO8w
8TqapwT3BFjC/7WBWWego/vSy7WTCdhGRAQJRoKflqzHA7xO10dnC9vE/NWKFKAH
8rbaPjTfMeKB6Q==
-----END CERTIFICATE-----