Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/5dec06-8b1b-4c76-a54c-69b4b4fb9d12/1/kyZYOBNEfHvd61oBwydNjkHDAaI.mft
File:                     kyZYOBNEfHvd61oBwydNjkHDAaI.mft (raw, json)
Hash identifier:          ZaVDjrZfdx9r7WV3ie7I9s/Jb3OtYIS1ZfzgXHdSbmQ=
Subject key identifier:   8A:77:1E:67:0A:62:B2:23:0B:7E:FE:05:F2:F9:AD:D9:19:F0:16:5B
Authority key identifier: 93:26:58:38:13:44:7C:7B:DD:EB:5A:01:C3:27:4D:8E:41:C3:01:A2
Certificate issuer:       /CN=9326583813447c7bddeb5a01c3274d8e41c301a2
Certificate serial:       019CA9EB343093F24B42DDCAFD9DE0196E2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kyZYOBNEfHvd61oBwydNjkHDAaI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/5dec06-8b1b-4c76-a54c-69b4b4fb9d12/1/kyZYOBNEfHvd61oBwydNjkHDAaI.mft
Manifest number:          130C
Signing time:             Sun 01 Mar 2026 15:01:29 +0000
Manifest this update:     Sun 01 Mar 2026 15:01:29 +0000
Manifest next update:     Mon 02 Mar 2026 15:01:29 +0000
Files and hashes:         1: kyZYOBNEfHvd61oBwydNjkHDAaI.crl (hash: AtTg8BkBq71Sbsefa2u547hMi8weMTJeSDtcg4avLZk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/5dec06-8b1b-4c76-a54c-69b4b4fb9d12/1/kyZYOBNEfHvd61oBwydNjkHDAaI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/5dec06-8b1b-4c76-a54c-69b4b4fb9d12/1/kyZYOBNEfHvd61oBwydNjkHDAaI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kyZYOBNEfHvd61oBwydNjkHDAaI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:eb:34:30:93:f2:4b:42:dd:ca:fd:9d:e0:19:6e:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9326583813447c7bddeb5a01c3274d8e41c301a2
        Validity
            Not Before: Mar  1 15:01:29 2026 GMT
            Not After : Mar  2 15:01:29 2026 GMT
        Subject: CN=8a771e670a62b2230b7efe05f2f9add919f0165b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:8d:39:1a:5f:17:37:61:7f:8f:b0:ce:a7:f9:
                    cd:ef:53:5f:c7:1c:48:9d:7b:32:8e:50:18:96:62:
                    36:d1:3e:e0:20:a8:f4:22:ba:97:4b:1b:52:dc:a4:
                    8d:50:3c:e3:b0:f8:ef:a7:02:e6:ba:c5:1b:e1:58:
                    73:1d:23:81:fc:5d:0a:ba:d4:ca:06:c1:fa:00:e8:
                    f8:3f:4e:b0:cf:41:c5:9f:47:6c:87:cc:03:93:f6:
                    e9:16:56:0a:6a:43:10:ac:90:83:b1:bb:6e:4e:db:
                    5f:a2:4a:66:62:25:16:0e:69:3d:85:16:bd:7f:a0:
                    26:43:b9:3d:36:f5:22:9a:33:17:99:b0:cf:58:c9:
                    11:5c:fe:57:f5:2b:da:a9:86:2b:84:e3:6c:e5:0f:
                    af:95:94:a2:1d:ef:20:73:38:f2:9b:e7:5a:de:6c:
                    e8:57:a3:b9:64:5f:45:da:ba:e5:98:2e:a6:78:d7:
                    52:8c:03:3f:77:13:b0:b6:71:77:b0:22:74:d1:20:
                    5c:db:0c:8a:7a:c4:cf:ed:0f:4e:45:a6:90:ca:f7:
                    06:06:5c:74:f8:59:c9:f2:4f:92:17:46:9f:de:02:
                    f0:47:29:60:80:a3:7f:a6:7b:3f:44:ec:2f:00:9f:
                    d2:d2:8d:0b:f5:42:8c:94:23:44:12:8c:8e:a8:bf:
                    c7:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:77:1E:67:0A:62:B2:23:0B:7E:FE:05:F2:F9:AD:D9:19:F0:16:5B
            X509v3 Authority Key Identifier:
                keyid:93:26:58:38:13:44:7C:7B:DD:EB:5A:01:C3:27:4D:8E:41:C3:01:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kyZYOBNEfHvd61oBwydNjkHDAaI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5dec06-8b1b-4c76-a54c-69b4b4fb9d12/1/kyZYOBNEfHvd61oBwydNjkHDAaI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5dec06-8b1b-4c76-a54c-69b4b4fb9d12/1/kyZYOBNEfHvd61oBwydNjkHDAaI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:c7:98:11:1b:e4:c3:49:58:6e:95:70:63:3c:18:13:cd:5c:
         a4:e3:42:06:22:23:d0:05:66:95:80:0d:2b:5f:ed:12:05:5c:
         16:32:1a:97:41:ad:38:7e:96:2e:87:f7:2b:0f:30:0d:36:4e:
         4b:da:1b:7a:2c:c2:c0:cf:cf:e4:87:3d:78:a3:40:f8:5c:da:
         56:48:2f:27:19:92:fc:94:10:f1:27:57:e4:36:b2:e5:fe:a1:
         75:f8:5d:7b:98:95:0a:ff:a0:24:88:18:38:9b:2d:32:99:59:
         77:93:75:f3:ce:9e:36:ed:7e:0a:dd:b9:2d:b1:4d:07:76:f5:
         93:72:e5:93:fc:95:63:24:1d:32:bb:b5:3f:01:16:98:62:f8:
         a8:6f:14:92:5c:a5:b6:04:6a:30:8b:ef:57:d2:4c:b6:e2:46:
         f2:dc:1a:0f:6e:4d:4c:7c:9b:f7:c1:18:e4:57:ad:06:e4:8f:
         1c:1b:20:de:6a:4e:e2:55:4c:37:f8:56:ee:49:db:cf:5c:3b:
         77:aa:31:36:97:c3:c8:6e:65:45:0a:6a:d8:5d:0b:51:e1:38:
         f8:49:e6:fa:d1:7b:a1:e6:fe:cf:48:b3:5e:49:78:e7:3f:92:
         3d:20:48:f9:4c:7d:e2:d7:09:8d:d7:45:9e:ad:f8:4b:5a:b1:
         32:8f:a0:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyp6zQwk/JLQt3K/Z3gGW4sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMjY1ODM4MTM0NDdjN2JkZGViNWEwMWMzMjc0ZDhlNDFj
MzAxYTIwHhcNMjYwMzAxMTUwMTI5WhcNMjYwMzAyMTUwMTI5WjAzMTEwLwYDVQQD
Eyg4YTc3MWU2NzBhNjJiMjIzMGI3ZWZlMDVmMmY5YWRkOTE5ZjAxNjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlo05Gl8XN2F/j7DOp/nN71NfxxxI
nXsyjlAYlmI20T7gIKj0IrqXSxtS3KSNUDzjsPjvpwLmusUb4VhzHSOB/F0KutTK
BsH6AOj4P06wz0HFn0dsh8wDk/bpFlYKakMQrJCDsbtuTttfokpmYiUWDmk9hRa9
f6AmQ7k9NvUimjMXmbDPWMkRXP5X9SvaqYYrhONs5Q+vlZSiHe8gczjym+da3mzo
V6O5ZF9F2rrlmC6meNdSjAM/dxOwtnF3sCJ00SBc2wyKesTP7Q9ORaaQyvcGBlx0
+FnJ8k+SF0af3gLwRylggKN/pns/ROwvAJ/S0o0L9UKMlCNEEoyOqL/H6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIp3HmcKYrIjC37+BfL5rdkZ8BZbMB8GA1UdIwQY
MBaAFJMmWDgTRHx73etaAcMnTY5BwwGiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3laWU9CTkVmSHZkNjFvQnd5ZE5qa0hEQWFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81ZGVjMDYtOGIxYi00Yzc2LWE1NGMt
NjliNGI0ZmI5ZDEyLzEva3laWU9CTkVmSHZkNjFvQnd5ZE5qa0hEQWFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81ZGVjMDYtOGIxYi00Yzc2LWE1NGMtNjliNGI0ZmI5ZDEy
LzEva3laWU9CTkVmSHZkNjFvQnd5ZE5qa0hEQWFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABceYERvk
w0lYbpVwYzwYE81cpONCBiIj0AVmlYANK1/tEgVcFjIal0GtOH6WLof3Kw8wDTZO
S9obeizCwM/P5Ic9eKNA+FzaVkgvJxmS/JQQ8SdX5Day5f6hdfhde5iVCv+gJIgY
OJstMplZd5N1886eNu1+Ct25LbFNB3b1k3Llk/yVYyQdMru1PwEWmGL4qG8Uklyl
tgRqMIvvV9JMtuJG8twaD25NTHyb98EY5FetBuSPHBsg3mpO4lVMN/hW7knbz1w7
d6oxNpfDyG5lRQpq2F0LUeE4+Enm+tF7oeb+z0izXkl45z+SPSBI+Ux94tcJjddF
nq34S1qxMo+gtg==
-----END CERTIFICATE-----