Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
File:                     kljqmCx9enWV6Dphx66z12GIlww.mft (raw, json)
Hash identifier:          2Ry9uULz5fFSqC+LElPKTa8QG8gvLXCl7ro0VVlGF30=
Subject key identifier:   FE:CE:D8:C4:4E:A4:F6:D1:73:91:33:61:57:DF:21:31:05:7F:AD:99
Authority key identifier: 92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C
Certificate issuer:       /CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
Certificate serial:       019CAEA3BDE10D7AE84A610922B62E62AF1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
Manifest number:          15ED
Signing time:             Mon 02 Mar 2026 13:01:32 +0000
Manifest this update:     Mon 02 Mar 2026 13:01:32 +0000
Manifest next update:     Tue 03 Mar 2026 13:01:32 +0000
Files and hashes:         1: kljqmCx9enWV6Dphx66z12GIlww.crl (hash: x6k1Tker7OGqgoOCQk57EvqpROqE45lxNEog0TuYPHo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 13:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ae:a3:bd:e1:0d:7a:e8:4a:61:09:22:b6:2e:62:af:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
        Validity
            Not Before: Mar  2 13:01:32 2026 GMT
            Not After : Mar  3 13:01:32 2026 GMT
        Subject: CN=feced8c44ea4f6d17391336157df2131057fad99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:1b:45:f6:73:17:f6:9e:f6:bf:55:79:8e:53:
                    29:2e:10:14:bf:b7:97:0f:25:f7:22:2b:05:7a:9c:
                    b7:cb:95:7d:d8:e5:01:52:07:f3:46:7e:08:26:d1:
                    81:75:e3:81:25:97:90:9f:a8:c8:5b:4d:41:e5:7f:
                    aa:d6:51:de:94:52:d8:ff:b5:b3:c7:a2:77:5f:43:
                    95:62:30:b8:da:ff:2d:c2:b8:d0:af:49:20:d2:25:
                    17:de:b4:17:35:16:93:e3:15:87:b0:6e:65:88:31:
                    5e:90:22:26:8e:75:ac:0b:d0:63:78:b2:59:b8:5a:
                    e7:ff:f7:9f:4b:5b:ca:12:e0:23:b9:bc:82:fe:a6:
                    94:df:4f:7f:ec:68:8a:15:b9:ae:65:87:fb:cc:9f:
                    a1:d1:5c:e3:55:d2:fa:d3:41:74:92:f7:b8:47:b3:
                    68:f9:4a:34:7e:fb:a7:0a:2a:ac:44:2a:fa:17:40:
                    d6:9c:a3:ae:11:09:cd:97:91:ec:90:ef:3c:68:1d:
                    c6:4f:02:2e:fc:25:55:00:e2:94:eb:8b:56:f1:e3:
                    bf:a3:3c:f1:c3:36:b3:5f:c4:c1:d1:ed:9b:e4:2a:
                    88:ce:67:f1:62:f6:4c:b8:78:91:ae:9f:f4:ef:1d:
                    bc:5f:38:81:2e:50:6c:ed:da:7f:0d:9c:0b:7f:bc:
                    e0:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:CE:D8:C4:4E:A4:F6:D1:73:91:33:61:57:DF:21:31:05:7F:AD:99
            X509v3 Authority Key Identifier:
                keyid:92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:46:f8:95:0e:b1:61:3c:4b:e4:80:62:03:f6:49:02:46:1e:
         fd:7f:82:1f:8a:b5:34:a5:e3:a4:55:df:3b:2f:66:35:5c:c7:
         ff:21:f1:8b:de:bf:0d:08:60:8e:70:b3:33:ea:1a:37:01:04:
         bc:f3:ee:65:19:43:10:e0:b6:73:18:3d:8a:c1:d8:b4:9b:5e:
         c7:d0:ad:f5:fe:e3:d5:d4:dc:f5:39:6b:80:a1:57:a5:64:f5:
         2a:54:90:09:c8:4f:ec:f5:6f:f5:a0:3c:b5:ca:0a:e4:04:23:
         f3:90:8e:08:b7:f3:62:96:bf:9f:31:bb:81:20:3b:b3:cf:65:
         ff:48:17:c5:f2:23:48:f3:a9:dd:85:0e:5f:2d:97:de:3d:a1:
         7c:ec:7d:07:c5:c1:52:3d:47:3c:de:af:93:75:79:a2:14:d1:
         c4:ff:d0:ae:b4:f0:4a:3f:43:1c:93:c8:d9:08:25:dd:99:ec:
         a2:77:9c:78:b6:50:8b:9f:64:99:3d:20:1d:f0:bc:bc:cf:5a:
         b9:68:80:1c:d0:8d:05:79:7d:c5:b7:2d:f4:b3:9a:36:fd:64:
         13:f1:34:60:c9:34:ec:22:1f:25:4a:1c:15:b8:ea:eb:4d:f7:
         40:4b:d3:99:72:07:4b:cc:4f:b9:69:fc:82:cd:c9:2c:d6:c3:
         db:4d:40:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuo73hDXroSmEJIrYuYq8bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNThlYTk4MmM3ZDdhNzU5NWU4M2E2MWM3YWViM2Q3NjE4
ODk3MGMwHhcNMjYwMzAyMTMwMTMyWhcNMjYwMzAzMTMwMTMyWjAzMTEwLwYDVQQD
EyhmZWNlZDhjNDRlYTRmNmQxNzM5MTMzNjE1N2RmMjEzMTA1N2ZhZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBtF9nMX9p72v1V5jlMpLhAUv7eX
DyX3IisFepy3y5V92OUBUgfzRn4IJtGBdeOBJZeQn6jIW01B5X+q1lHelFLY/7Wz
x6J3X0OVYjC42v8twrjQr0kg0iUX3rQXNRaT4xWHsG5liDFekCImjnWsC9BjeLJZ
uFrn//efS1vKEuAjubyC/qaU309/7GiKFbmuZYf7zJ+h0VzjVdL600F0kve4R7No
+Uo0fvunCiqsRCr6F0DWnKOuEQnNl5HskO88aB3GTwIu/CVVAOKU64tW8eO/ozzx
wzazX8TB0e2b5CqIzmfxYvZMuHiRrp/07x28XziBLlBs7dp/DZwLf7zg7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP7O2MROpPbRc5EzYVffITEFf62ZMB8GA1UdIwQY
MBaAFJJY6pgsfXp1leg6Yceus9dhiJcMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjct
OTExMDcwZjI3ZTM3LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjctOTExMDcwZjI3ZTM3
LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkkb4lQ6x
YTxL5IBiA/ZJAkYe/X+CH4q1NKXjpFXfOy9mNVzH/yHxi96/DQhgjnCzM+oaNwEE
vPPuZRlDEOC2cxg9isHYtJtex9Ct9f7j1dTc9TlrgKFXpWT1KlSQCchP7PVv9aA8
tcoK5AQj85COCLfzYpa/nzG7gSA7s89l/0gXxfIjSPOp3YUOXy2X3j2hfOx9B8XB
Uj1HPN6vk3V5ohTRxP/QrrTwSj9DHJPI2Qgl3ZnsoneceLZQi59kmT0gHfC8vM9a
uWiAHNCNBXl9xbct9LOaNv1kE/E0YMk07CIfJUocFbjq6033QEvTmXIHS8xPuWn8
gs3JLNbD201Aig==
-----END CERTIFICATE-----