Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/d35a1d-94e9-4eb4-83f4-020e1851e943/1/MFKpUR4ZpULAuyN4td6PT7RSHb4.mft
File:                     MFKpUR4ZpULAuyN4td6PT7RSHb4.mft (raw, json)
Hash identifier:          jZVOzoOSmfCVHJqEcbSaaocSM00jrB7VR2MgkWHj0xQ=
Subject key identifier:   74:41:5D:A7:6F:3D:CF:F5:AD:3F:A5:C2:FB:B5:AE:E7:25:D3:73:09
Authority key identifier: 30:52:A9:51:1E:19:A5:42:C0:BB:23:78:B5:DE:8F:4F:B4:52:1D:BE
Certificate issuer:       /CN=3052a9511e19a542c0bb2378b5de8f4fb4521dbe
Certificate serial:       019CAB3458CE1307CD9575E36ABBC651417C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MFKpUR4ZpULAuyN4td6PT7RSHb4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/d35a1d-94e9-4eb4-83f4-020e1851e943/1/MFKpUR4ZpULAuyN4td6PT7RSHb4.mft
Manifest number:          17D5
Signing time:             Sun 01 Mar 2026 21:01:00 +0000
Manifest this update:     Sun 01 Mar 2026 21:01:00 +0000
Manifest next update:     Mon 02 Mar 2026 21:01:00 +0000
Files and hashes:         1: MFKpUR4ZpULAuyN4td6PT7RSHb4.crl (hash: hVP6+p1gQ512v/y8h/t3AeKCrGQ5XgvlHTXLtanJzug=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/d35a1d-94e9-4eb4-83f4-020e1851e943/1/MFKpUR4ZpULAuyN4td6PT7RSHb4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/d35a1d-94e9-4eb4-83f4-020e1851e943/1/MFKpUR4ZpULAuyN4td6PT7RSHb4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MFKpUR4ZpULAuyN4td6PT7RSHb4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:34:58:ce:13:07:cd:95:75:e3:6a:bb:c6:51:41:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3052a9511e19a542c0bb2378b5de8f4fb4521dbe
        Validity
            Not Before: Mar  1 21:01:00 2026 GMT
            Not After : Mar  2 21:01:00 2026 GMT
        Subject: CN=74415da76f3dcff5ad3fa5c2fbb5aee725d37309
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:be:2f:9e:32:8b:9b:79:f9:e0:6c:ad:b4:d8:
                    98:78:5d:d1:2d:27:bb:dd:94:aa:de:b8:52:77:fc:
                    9b:d1:9d:d0:63:8f:1c:b4:3f:11:00:41:c3:4b:83:
                    c0:51:cc:0c:22:46:15:58:06:94:99:37:fd:5e:33:
                    b3:ca:b8:9a:68:2e:9b:8c:b8:ee:94:41:c7:01:d4:
                    dc:46:f5:5e:1e:c7:4c:2c:36:3d:04:c7:98:e0:e7:
                    e1:d0:a8:22:46:f1:4e:39:8e:bc:66:f0:f9:48:41:
                    9f:f4:0f:c0:95:8f:96:0c:5a:d1:d4:a8:df:d2:82:
                    3b:10:da:df:2a:64:3f:99:b3:e5:df:9a:00:c7:11:
                    ca:fa:50:ea:56:bc:61:da:ac:b0:af:b8:1d:8d:9c:
                    36:89:a6:15:c3:f1:15:7a:bb:21:86:e6:00:79:85:
                    73:af:6a:f8:85:d5:81:f6:18:29:13:08:85:b4:2a:
                    24:10:19:c8:13:42:5f:b4:41:b2:82:54:d1:5b:b5:
                    0a:ba:4c:81:90:65:34:fd:8d:12:c2:d3:c4:4d:c8:
                    60:42:ae:b9:76:3f:fd:db:1f:9f:2b:c5:be:8b:d4:
                    b1:48:ee:32:83:f5:13:3f:d3:22:75:54:d9:4c:31:
                    0a:bd:02:9c:8a:40:c9:e1:99:cc:7d:d9:e8:6f:50:
                    13:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:41:5D:A7:6F:3D:CF:F5:AD:3F:A5:C2:FB:B5:AE:E7:25:D3:73:09
            X509v3 Authority Key Identifier:
                keyid:30:52:A9:51:1E:19:A5:42:C0:BB:23:78:B5:DE:8F:4F:B4:52:1D:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MFKpUR4ZpULAuyN4td6PT7RSHb4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/d35a1d-94e9-4eb4-83f4-020e1851e943/1/MFKpUR4ZpULAuyN4td6PT7RSHb4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/d35a1d-94e9-4eb4-83f4-020e1851e943/1/MFKpUR4ZpULAuyN4td6PT7RSHb4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:bb:1c:bf:a3:5e:c3:2b:53:0e:df:d5:ac:70:ac:ff:e2:56:
         64:ca:1b:ed:82:e2:a1:53:0b:14:c9:77:72:a3:2c:24:dc:7b:
         a7:dd:e4:50:c4:8c:e6:74:7b:be:b9:d7:05:b9:b7:1b:ab:cf:
         8e:50:e8:68:2f:76:5b:be:d4:d2:70:39:71:77:40:7a:81:fc:
         b3:50:dc:d4:ef:fa:f1:7d:bd:7e:33:6e:8a:1b:19:2c:bd:dd:
         9b:1f:79:54:8c:51:b3:40:2c:fe:e8:02:dc:0f:1d:61:8c:0a:
         00:31:5b:e5:8f:1e:e8:3f:c6:a4:03:a8:cd:e1:57:9c:71:47:
         1c:ec:f2:6d:b1:62:58:4a:92:49:ac:df:3e:64:e7:5a:d0:19:
         3e:92:63:32:26:62:58:eb:4e:c1:33:f4:d5:ca:0b:8b:1c:6d:
         93:bf:b5:3d:fc:40:97:40:65:7f:08:70:60:f0:31:b3:4e:96:
         0f:c0:d1:d4:48:28:62:aa:7f:ea:3b:97:09:69:67:17:90:70:
         f0:bf:24:43:34:e7:af:58:aa:6f:32:4a:6e:2e:f3:75:a7:54:
         28:61:ca:4b:18:53:6d:2f:fe:5f:94:47:d4:20:b3:a4:48:48:
         a1:06:0b:df:92:23:4e:06:23:b4:31:15:0a:c3:4a:6c:db:d4:
         1e:2c:48:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrNFjOEwfNlXXjarvGUUF8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNTJhOTUxMWUxOWE1NDJjMGJiMjM3OGI1ZGU4ZjRmYjQ1
MjFkYmUwHhcNMjYwMzAxMjEwMTAwWhcNMjYwMzAyMjEwMTAwWjAzMTEwLwYDVQQD
Eyg3NDQxNWRhNzZmM2RjZmY1YWQzZmE1YzJmYmI1YWVlNzI1ZDM3MzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1L4vnjKLm3n54GyttNiYeF3RLSe7
3ZSq3rhSd/yb0Z3QY48ctD8RAEHDS4PAUcwMIkYVWAaUmTf9XjOzyriaaC6bjLju
lEHHAdTcRvVeHsdMLDY9BMeY4Ofh0KgiRvFOOY68ZvD5SEGf9A/AlY+WDFrR1Kjf
0oI7ENrfKmQ/mbPl35oAxxHK+lDqVrxh2qywr7gdjZw2iaYVw/EVershhuYAeYVz
r2r4hdWB9hgpEwiFtCokEBnIE0JftEGyglTRW7UKukyBkGU0/Y0SwtPETchgQq65
dj/92x+fK8W+i9SxSO4yg/UTP9MidVTZTDEKvQKcikDJ4ZnMfdnob1ATXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHRBXadvPc/1rT+lwvu1rucl03MJMB8GA1UdIwQY
MBaAFDBSqVEeGaVCwLsjeLXej0+0Uh2+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUZLcFVSNFpwVUxBdXlONHRkNlBUN1JTSGI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9kMzVhMWQtOTRlOS00ZWI0LTgzZjQt
MDIwZTE4NTFlOTQzLzEvTUZLcFVSNFpwVUxBdXlONHRkNlBUN1JTSGI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9kMzVhMWQtOTRlOS00ZWI0LTgzZjQtMDIwZTE4NTFlOTQz
LzEvTUZLcFVSNFpwVUxBdXlONHRkNlBUN1JTSGI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZLscv6Ne
wytTDt/VrHCs/+JWZMob7YLioVMLFMl3cqMsJNx7p93kUMSM5nR7vrnXBbm3G6vP
jlDoaC92W77U0nA5cXdAeoH8s1Dc1O/68X29fjNuihsZLL3dmx95VIxRs0As/ugC
3A8dYYwKADFb5Y8e6D/GpAOozeFXnHFHHOzybbFiWEqSSazfPmTnWtAZPpJjMiZi
WOtOwTP01coLixxtk7+1PfxAl0BlfwhwYPAxs06WD8DR1EgoYqp/6juXCWlnF5Bw
8L8kQzTnr1iqbzJKbi7zdadUKGHKSxhTbS/+X5RH1CCzpEhIoQYL35IjTgYjtDEV
CsNKbNvUHixI4A==
-----END CERTIFICATE-----