Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/fb34e4-ed61-4e1d-a46d-78a77f7a1342/1/fKnhWNylWE83ofg0myiaaBLbkko.mft
File:                     fKnhWNylWE83ofg0myiaaBLbkko.mft (raw, json)
Hash identifier:          hJ6RFqrq+XzHzQxWcLhEd1UdBXIB7xGLoALARa3nKUs=
Subject key identifier:   CC:77:B6:E5:A9:7E:43:17:35:2E:0B:B9:24:00:5A:8B:18:1B:DF:CE
Authority key identifier: 7C:A9:E1:58:DC:A5:58:4F:37:A1:F8:34:9B:28:9A:68:12:DB:92:4A
Certificate issuer:       /CN=7ca9e158dca5584f37a1f8349b289a6812db924a
Certificate serial:       019D2816FD1CC3CAD43ED50912B17689F1B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fKnhWNylWE83ofg0myiaaBLbkko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/fb34e4-ed61-4e1d-a46d-78a77f7a1342/1/fKnhWNylWE83ofg0myiaaBLbkko.mft
Manifest number:          0AF0
Signing time:             Thu 26 Mar 2026 03:01:28 +0000
Manifest this update:     Thu 26 Mar 2026 03:01:28 +0000
Manifest next update:     Fri 27 Mar 2026 03:01:28 +0000
Files and hashes:         1: fKnhWNylWE83ofg0myiaaBLbkko.crl (hash: YGHXeAES8VJ5goYZj3wU29iqmY/n4gJ8Sq1au0WgigE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/fb34e4-ed61-4e1d-a46d-78a77f7a1342/1/fKnhWNylWE83ofg0myiaaBLbkko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/fb34e4-ed61-4e1d-a46d-78a77f7a1342/1/fKnhWNylWE83ofg0myiaaBLbkko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fKnhWNylWE83ofg0myiaaBLbkko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 03:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:16:fd:1c:c3:ca:d4:3e:d5:09:12:b1:76:89:f1:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ca9e158dca5584f37a1f8349b289a6812db924a
        Validity
            Not Before: Mar 26 03:01:28 2026 GMT
            Not After : Mar 27 03:01:28 2026 GMT
        Subject: CN=cc77b6e5a97e4317352e0bb924005a8b181bdfce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:91:9c:cb:15:62:37:8d:a3:3d:4e:b6:b6:4a:
                    0a:d3:8f:94:ee:62:77:1a:1c:1c:7b:08:bb:59:d3:
                    62:f3:6c:d7:48:d2:f7:ed:0b:65:cb:10:b2:ff:f8:
                    37:2e:ba:76:cd:2b:20:95:35:db:63:08:63:ec:d7:
                    a7:d7:ea:d6:3a:5a:20:f3:26:c4:86:d6:40:20:ab:
                    33:7f:58:63:c9:67:46:50:54:7d:5e:bc:38:6f:53:
                    32:86:0a:15:3a:bb:32:09:d4:c0:b8:f5:ae:5d:c1:
                    d7:99:ff:63:cc:86:32:9f:80:4e:b1:82:fe:69:f0:
                    1f:56:8f:f1:47:49:d7:ee:2a:87:3d:d9:56:1e:25:
                    1f:09:3e:b9:75:00:d8:35:73:0c:66:1b:bd:ce:fa:
                    de:99:3b:e4:54:af:2a:58:44:05:7e:b9:02:4b:53:
                    72:2c:bb:7a:49:90:9a:cd:65:92:04:a3:2f:5a:4d:
                    4c:92:2a:1e:7b:0d:be:92:58:8c:85:c8:ba:7d:7a:
                    82:0a:7d:2e:ba:be:ee:4c:1d:7e:b7:5c:7e:fd:ef:
                    53:20:29:74:ea:19:29:23:44:1c:d4:3b:71:63:06:
                    0f:c7:b7:15:0c:0a:05:54:31:9d:74:02:22:f0:be:
                    98:a2:3e:31:4d:bb:c7:0b:74:40:cc:6f:65:ca:1b:
                    21:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:77:B6:E5:A9:7E:43:17:35:2E:0B:B9:24:00:5A:8B:18:1B:DF:CE
            X509v3 Authority Key Identifier:
                keyid:7C:A9:E1:58:DC:A5:58:4F:37:A1:F8:34:9B:28:9A:68:12:DB:92:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKnhWNylWE83ofg0myiaaBLbkko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/fb34e4-ed61-4e1d-a46d-78a77f7a1342/1/fKnhWNylWE83ofg0myiaaBLbkko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/fb34e4-ed61-4e1d-a46d-78a77f7a1342/1/fKnhWNylWE83ofg0myiaaBLbkko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:1e:8b:32:5c:0c:a0:1c:4d:22:90:c5:70:35:ab:7f:e4:e2:
         8f:ad:cf:02:6f:5e:f5:7e:60:5f:56:d2:e2:5d:81:81:00:0a:
         c9:0b:b3:3f:54:e8:ac:c0:d4:f7:af:24:99:70:77:35:ac:79:
         1e:07:d4:f3:1e:11:69:e9:94:01:0c:4f:43:ab:03:fd:62:f5:
         ef:ec:9a:1f:60:d7:d4:c4:f9:c6:2b:c7:04:7b:f0:2d:4a:e5:
         b1:f6:bf:69:49:fb:70:00:c8:99:e3:bc:17:0f:42:82:c8:91:
         54:58:e1:d2:ff:1d:c1:5b:af:38:f6:4d:38:93:71:2a:37:46:
         57:2c:b6:df:ca:ba:fb:dc:79:2a:01:67:65:b3:fa:93:00:dd:
         6d:ef:bb:55:7c:09:1b:b0:31:db:74:04:45:7e:72:c8:61:83:
         95:58:0c:d2:6f:de:3b:81:35:1e:82:c6:ec:50:90:38:4a:17:
         7c:23:da:e6:a0:99:f8:3a:9d:e6:03:ea:eb:1d:32:10:9e:ba:
         e4:f0:8d:66:7e:2d:52:42:f2:27:7d:0d:f3:10:0b:9b:78:b1:
         84:f4:81:d1:d1:00:51:6d:3c:07:ac:73:80:1f:48:49:f0:3c:
         e1:f7:64:27:f0:83:73:f1:9d:f3:e3:ff:49:fb:2d:7c:e8:12:
         a6:92:60:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFv0cw8rUPtUJErF2ifG1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjYTllMTU4ZGNhNTU4NGYzN2ExZjgzNDliMjg5YTY4MTJk
YjkyNGEwHhcNMjYwMzI2MDMwMTI4WhcNMjYwMzI3MDMwMTI4WjAzMTEwLwYDVQQD
EyhjYzc3YjZlNWE5N2U0MzE3MzUyZTBiYjkyNDAwNWE4YjE4MWJkZmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZGcyxViN42jPU62tkoK04+U7mJ3
Ghwcewi7WdNi82zXSNL37QtlyxCy//g3Lrp2zSsglTXbYwhj7Nen1+rWOlog8ybE
htZAIKszf1hjyWdGUFR9Xrw4b1MyhgoVOrsyCdTAuPWuXcHXmf9jzIYyn4BOsYL+
afAfVo/xR0nX7iqHPdlWHiUfCT65dQDYNXMMZhu9zvremTvkVK8qWEQFfrkCS1Ny
LLt6SZCazWWSBKMvWk1Mkioeew2+kliMhci6fXqCCn0uur7uTB1+t1x+/e9TICl0
6hkpI0Qc1DtxYwYPx7cVDAoFVDGddAIi8L6Yoj4xTbvHC3RAzG9lyhsh4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMx3tuWpfkMXNS4LuSQAWosYG9/OMB8GA1UdIwQY
MBaAFHyp4VjcpVhPN6H4NJsommgS25JKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZktuaFdOeWxXRTgzb2ZnMG15aWFhQkxia2tvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9mYjM0ZTQtZWQ2MS00ZTFkLWE0NmQt
NzhhNzdmN2ExMzQyLzEvZktuaFdOeWxXRTgzb2ZnMG15aWFhQkxia2tvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9mYjM0ZTQtZWQ2MS00ZTFkLWE0NmQtNzhhNzdmN2ExMzQy
LzEvZktuaFdOeWxXRTgzb2ZnMG15aWFhQkxia2tvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlh6LMlwM
oBxNIpDFcDWrf+Tij63PAm9e9X5gX1bS4l2BgQAKyQuzP1TorMDU968kmXB3Nax5
HgfU8x4RaemUAQxPQ6sD/WL17+yaH2DX1MT5xivHBHvwLUrlsfa/aUn7cADImeO8
Fw9CgsiRVFjh0v8dwVuvOPZNOJNxKjdGVyy238q6+9x5KgFnZbP6kwDdbe+7VXwJ
G7Ax23QERX5yyGGDlVgM0m/eO4E1HoLG7FCQOEoXfCPa5qCZ+Dqd5gPq6x0yEJ66
5PCNZn4tUkLyJ30N8xALm3ixhPSB0dEAUW08B6xzgB9ISfA84fdkJ/CDc/Gd8+P/
SfstfOgSppJgEQ==
-----END CERTIFICATE-----