Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
File:                     FLklHG89i7aaegPOrN0q58LIzjc.mft (raw, json)
Hash identifier:          4CE+ru05jlFRUwoGPDJtbTFfWCBm7v4eVhBP7BkaTBo=
Subject key identifier:   5C:55:46:83:86:16:3B:E8:74:61:50:EB:3C:A0:7D:2F:3E:4D:AE:AC
Authority key identifier: 14:B9:25:1C:6F:3D:8B:B6:9A:7A:03:CE:AC:DD:2A:E7:C2:C8:CE:37
Certificate issuer:       /CN=14b9251c6f3d8bb69a7a03ceacdd2ae7c2c8ce37
Certificate serial:       019D27042230A7352388F4CA7BAC598919E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
Manifest number:          03F0
Signing time:             Wed 25 Mar 2026 22:01:15 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:15 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:15 +0000
Files and hashes:         1: FLklHG89i7aaegPOrN0q58LIzjc.crl (hash: vIqjUsCly37/gYX9BhELPlaZMeD900/Ld4HNUQP8o+I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:22:30:a7:35:23:88:f4:ca:7b:ac:59:89:19:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14b9251c6f3d8bb69a7a03ceacdd2ae7c2c8ce37
        Validity
            Not Before: Mar 25 22:01:15 2026 GMT
            Not After : Mar 26 22:01:15 2026 GMT
        Subject: CN=5c55468386163be8746150eb3ca07d2f3e4daeac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:63:ce:eb:25:6a:ef:a1:dc:08:21:d6:59:30:
                    78:03:fd:d0:2a:6e:1d:bf:4f:29:dc:7f:fd:4a:af:
                    77:f3:d4:32:9b:06:cd:2c:24:49:33:b1:c6:b4:9e:
                    c0:54:f7:12:90:66:d5:06:97:42:3d:88:fd:a1:ee:
                    8c:99:4c:dd:a6:9b:76:6b:7c:43:91:51:df:83:38:
                    53:fc:f7:f6:b8:49:4a:0b:2a:fe:a0:96:31:31:a8:
                    c4:32:78:68:bf:76:c9:54:f4:c3:1d:80:a8:9f:b4:
                    bf:42:2f:cf:db:0a:f3:e0:23:30:94:69:8d:b1:86:
                    de:0b:df:34:8a:68:c6:cc:43:7e:9c:b3:d7:a3:6d:
                    24:0b:fb:7f:bd:73:56:b6:bf:8e:fe:8b:de:b5:ae:
                    9d:93:0f:90:f0:74:9c:23:e2:04:13:b8:ea:3d:71:
                    26:fa:96:b0:b9:08:8c:a9:19:bb:d8:96:c1:56:95:
                    28:e1:09:ff:8e:69:5a:12:82:1a:34:ce:00:5d:14:
                    99:ba:08:0b:d8:80:2c:79:1f:d3:51:dd:c1:9c:57:
                    03:79:79:64:25:b9:f0:13:9b:77:cd:49:3f:28:63:
                    27:01:6c:70:7c:49:d8:36:eb:0d:c4:f4:dd:df:17:
                    3e:ed:2c:48:d2:55:33:1f:4f:3b:7c:69:a1:b5:8a:
                    02:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:55:46:83:86:16:3B:E8:74:61:50:EB:3C:A0:7D:2F:3E:4D:AE:AC
            X509v3 Authority Key Identifier:
                keyid:14:B9:25:1C:6F:3D:8B:B6:9A:7A:03:CE:AC:DD:2A:E7:C2:C8:CE:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:4f:1c:44:06:1e:20:91:2b:fe:21:75:61:83:a2:b9:50:7e:
         27:7e:fe:33:ed:86:71:1d:35:89:6b:ad:f6:2d:21:51:f3:98:
         8b:0d:e6:dc:d6:cb:d4:b3:ac:c0:1f:30:5e:54:aa:ce:8f:0b:
         ed:76:4c:16:b3:af:fb:28:74:ca:3f:bd:c6:6d:8a:61:42:f5:
         82:ae:25:55:86:d7:45:5b:16:be:00:84:fa:6b:6b:c2:1b:e0:
         10:d4:51:66:ce:d6:05:07:81:21:f4:cf:8e:7b:48:8f:de:c5:
         aa:26:69:8c:b6:e9:52:cf:b2:ac:d3:76:6a:3e:4e:30:22:65:
         e5:69:96:60:c4:3d:2e:67:c5:e9:19:d8:d1:72:66:ec:67:3b:
         75:52:45:10:89:0f:4b:08:12:b8:d5:9a:60:c9:9e:56:00:44:
         d0:12:cb:f5:42:1e:a5:ab:9d:3e:53:a0:a3:3b:60:cd:77:98:
         83:a1:bb:cd:fd:44:90:b3:7b:44:64:d1:c3:aa:05:d8:a5:93:
         46:62:cd:31:a3:2c:3b:6f:06:eb:88:07:6b:b2:f7:2f:40:b6:
         a7:d9:8d:2d:30:d7:c3:5f:7d:6e:90:d0:b2:80:a2:ad:31:6a:
         8d:0e:e5:a4:7b:86:00:17:f6:3b:23:84:86:fa:ce:99:9f:49:
         e4:c8:e9:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBCIwpzUjiPTKe6xZiRnpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YjkyNTFjNmYzZDhiYjY5YTdhMDNjZWFjZGQyYWU3YzJj
OGNlMzcwHhcNMjYwMzI1MjIwMTE1WhcNMjYwMzI2MjIwMTE1WjAzMTEwLwYDVQQD
Eyg1YzU1NDY4Mzg2MTYzYmU4NzQ2MTUwZWIzY2EwN2QyZjNlNGRhZWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmPO6yVq76HcCCHWWTB4A/3QKm4d
v08p3H/9Sq9389QymwbNLCRJM7HGtJ7AVPcSkGbVBpdCPYj9oe6MmUzdppt2a3xD
kVHfgzhT/Pf2uElKCyr+oJYxMajEMnhov3bJVPTDHYCon7S/Qi/P2wrz4CMwlGmN
sYbeC980imjGzEN+nLPXo20kC/t/vXNWtr+O/oveta6dkw+Q8HScI+IEE7jqPXEm
+pawuQiMqRm72JbBVpUo4Qn/jmlaEoIaNM4AXRSZuggL2IAseR/TUd3BnFcDeXlk
JbnwE5t3zUk/KGMnAWxwfEnYNusNxPTd3xc+7SxI0lUzH087fGmhtYoCfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFxVRoOGFjvodGFQ6zygfS8+Ta6sMB8GA1UdIwQY
MBaAFBS5JRxvPYu2mnoDzqzdKufCyM43MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9iMzBkNjYtOGZiMC00ZTlkLTk4ZWMt
YzJkOGE1OWIwMGQzLzEvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9iMzBkNjYtOGZiMC00ZTlkLTk4ZWMtYzJkOGE1OWIwMGQz
LzEvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvE8cRAYe
IJEr/iF1YYOiuVB+J37+M+2GcR01iWut9i0hUfOYiw3m3NbL1LOswB8wXlSqzo8L
7XZMFrOv+yh0yj+9xm2KYUL1gq4lVYbXRVsWvgCE+mtrwhvgENRRZs7WBQeBIfTP
jntIj97FqiZpjLbpUs+yrNN2aj5OMCJl5WmWYMQ9LmfF6RnY0XJm7Gc7dVJFEIkP
SwgSuNWaYMmeVgBE0BLL9UIepaudPlOgoztgzXeYg6G7zf1EkLN7RGTRw6oF2KWT
RmLNMaMsO28G64gHa7L3L0C2p9mNLTDXw199bpDQsoCirTFqjQ7lpHuGABf2OyOE
hvrOmZ9J5Mjpyg==
-----END CERTIFICATE-----