Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft
File:                     ckWEKSHz0CDU2AReUrsQ_PV-r28.mft (raw, json)
Hash identifier:          RjQaIn1Pg/9JVYRwSx+b0dXr9AKzE2WNfwWMTO3afTU=
Subject key identifier:   B6:33:4E:26:96:23:60:53:E5:C0:66:53:68:0F:11:42:01:8E:82:EC
Authority key identifier: 72:45:84:29:21:F3:D0:20:D4:D8:04:5E:52:BB:10:FC:F5:7E:AF:6F
Certificate issuer:       /CN=7245842921f3d020d4d8045e52bb10fcf57eaf6f
Certificate serial:       019CADC7E660B84073C670402D2FEB24140C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft
Manifest number:          11C3
Signing time:             Mon 02 Mar 2026 09:01:24 +0000
Manifest this update:     Mon 02 Mar 2026 09:01:24 +0000
Manifest next update:     Tue 03 Mar 2026 09:01:24 +0000
Files and hashes:         1: ckWEKSHz0CDU2AReUrsQ_PV-r28.crl (hash: EUcQkTrbwnSTfsEa6bcx9+o2iDGDw94Sf1/AjpauWBw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:c7:e6:60:b8:40:73:c6:70:40:2d:2f:eb:24:14:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7245842921f3d020d4d8045e52bb10fcf57eaf6f
        Validity
            Not Before: Mar  2 09:01:24 2026 GMT
            Not After : Mar  3 09:01:24 2026 GMT
        Subject: CN=b6334e2696236053e5c06653680f1142018e82ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:6e:95:fe:34:c4:88:16:90:61:ef:68:38:6b:
                    f2:30:e6:bf:98:08:d7:9d:aa:e8:89:51:ff:26:bd:
                    18:4b:59:9c:3e:ed:6c:b4:6e:24:dc:85:84:6c:39:
                    04:4a:fe:68:a5:37:b5:38:08:3b:0b:f9:18:2b:5f:
                    c6:97:61:a6:df:25:7c:36:d2:47:2d:9f:69:61:0b:
                    ea:47:c9:8c:c2:8c:c0:a4:6a:67:52:12:29:f1:f2:
                    2f:db:39:4c:15:97:d0:7a:c8:93:9e:6d:ac:6c:ab:
                    b0:1e:16:1c:ae:7e:25:17:f9:a7:15:8f:12:fc:9d:
                    1d:bf:f1:2d:d5:ca:14:af:e9:55:d7:b8:ff:ad:7d:
                    f2:be:a3:4e:cc:21:8a:86:1b:09:f8:1c:1a:33:47:
                    f0:c4:ce:d9:0f:cd:e9:69:db:f3:a6:c9:2b:4b:8f:
                    76:5e:6a:12:2e:ae:2b:a5:3a:8b:46:97:cf:bd:6d:
                    ca:36:48:60:43:60:e0:b4:4e:a2:10:06:bd:a0:ce:
                    35:08:ff:4b:ba:49:84:1a:c9:75:50:cb:9b:c2:44:
                    fe:c0:89:90:b4:1c:a6:01:50:c9:eb:2c:5e:c4:91:
                    6a:59:66:b3:4d:59:a7:d2:26:83:fb:b1:13:62:a2:
                    c5:94:bc:1f:4e:43:40:bb:2f:3e:78:14:1f:f3:87:
                    e5:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:33:4E:26:96:23:60:53:E5:C0:66:53:68:0F:11:42:01:8E:82:EC
            X509v3 Authority Key Identifier:
                keyid:72:45:84:29:21:F3:D0:20:D4:D8:04:5E:52:BB:10:FC:F5:7E:AF:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:86:fc:34:80:38:1b:c0:a1:09:24:49:f7:4f:20:a0:21:39:
         72:b9:13:05:68:0e:34:33:34:63:1d:c0:88:41:5b:70:d7:39:
         00:1e:5e:9d:98:bb:c1:86:ef:58:83:18:a6:64:22:a7:bf:13:
         b8:57:08:c5:22:b9:95:20:1a:88:05:bc:eb:5f:d6:f3:ba:72:
         4a:56:0c:fa:60:2e:58:a7:8a:d2:11:72:f3:df:b4:82:e3:7b:
         23:55:37:1c:81:d3:2c:88:3b:63:88:27:f4:16:55:28:ea:67:
         6f:bb:12:e5:d4:e0:b2:0e:a5:82:39:af:b4:96:fa:3b:2e:d4:
         3a:0e:bc:e3:5e:5e:54:c7:cd:93:39:86:01:cb:f1:7e:09:d7:
         1f:04:7e:78:51:9e:8f:70:be:b0:9a:87:85:bc:1e:d1:39:d1:
         96:ce:6e:35:be:8e:25:13:1d:17:3b:9f:3c:a3:f1:47:1a:a2:
         06:d1:34:f8:e4:88:e4:cd:89:03:d2:a1:f2:67:60:a3:7a:b8:
         7a:45:ac:e7:73:2f:de:c7:a7:b6:60:c4:95:7d:75:06:1b:db:
         49:c0:62:e0:ea:b1:cf:25:97:c8:4e:7f:9e:c0:8c:75:61:c5:
         f0:02:76:a3:2e:76:52:bc:4f:cd:86:d0:39:a6:f7:19:56:8b:
         0d:1f:4a:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytx+ZguEBzxnBALS/rJBQMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNDU4NDI5MjFmM2QwMjBkNGQ4MDQ1ZTUyYmIxMGZjZjU3
ZWFmNmYwHhcNMjYwMzAyMDkwMTI0WhcNMjYwMzAzMDkwMTI0WjAzMTEwLwYDVQQD
EyhiNjMzNGUyNjk2MjM2MDUzZTVjMDY2NTM2ODBmMTE0MjAxOGU4MmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2W6V/jTEiBaQYe9oOGvyMOa/mAjX
naroiVH/Jr0YS1mcPu1stG4k3IWEbDkESv5opTe1OAg7C/kYK1/Gl2Gm3yV8NtJH
LZ9pYQvqR8mMwozApGpnUhIp8fIv2zlMFZfQesiTnm2sbKuwHhYcrn4lF/mnFY8S
/J0dv/Et1coUr+lV17j/rX3yvqNOzCGKhhsJ+BwaM0fwxM7ZD83padvzpskrS492
XmoSLq4rpTqLRpfPvW3KNkhgQ2DgtE6iEAa9oM41CP9LukmEGsl1UMubwkT+wImQ
tBymAVDJ6yxexJFqWWazTVmn0iaD+7ETYqLFlLwfTkNAuy8+eBQf84fl9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLYzTiaWI2BT5cBmU2gPEUIBjoLsMB8GA1UdIwQY
MBaAFHJFhCkh89Ag1NgEXlK7EPz1fq9vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS83MWY0MjItZTA5Mi00MTg5LThkM2Mt
OGUyNThlZmVkZmZhLzEvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS83MWY0MjItZTA5Mi00MTg5LThkM2MtOGUyNThlZmVkZmZh
LzEvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr4b8NIA4
G8ChCSRJ908goCE5crkTBWgONDM0Yx3AiEFbcNc5AB5enZi7wYbvWIMYpmQip78T
uFcIxSK5lSAaiAW861/W87pySlYM+mAuWKeK0hFy89+0guN7I1U3HIHTLIg7Y4gn
9BZVKOpnb7sS5dTgsg6lgjmvtJb6Oy7UOg68415eVMfNkzmGAcvxfgnXHwR+eFGe
j3C+sJqHhbwe0TnRls5uNb6OJRMdFzufPKPxRxqiBtE0+OSI5M2JA9Kh8mdgo3q4
ekWs53Mv3sentmDElX11BhvbScBi4OqxzyWXyE5/nsCMdWHF8AJ2oy52UrxPzYbQ
Oab3GVaLDR9KmA==
-----END CERTIFICATE-----