Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
File:                     kfikmw1lM9BnmVaH-u49tzqqCLE.mft (raw, json)
Hash identifier:          nk83t75FfM/irBf4j3iaU+erRBu9g+tbvr2MByrFg9A=
Subject key identifier:   49:35:46:F3:69:6A:C2:3E:43:39:5A:82:6B:E2:8A:93:03:44:83:DB
Authority key identifier: 91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1
Certificate issuer:       /CN=91f8a49b0d6533d067995687faee3db73aaa08b1
Certificate serial:       019D9AE2DBB67C73A4CD624A77D5A025BEC6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
Manifest number:          07D4
Signing time:             Fri 17 Apr 2026 10:00:51 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:51 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:51 +0000
Files and hashes:         1: kfikmw1lM9BnmVaH-u49tzqqCLE.crl (hash: tlBedUXplqHB58+Xoj32oc+j1DxgRNTEvGiBwHCNQyQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:db:b6:7c:73:a4:cd:62:4a:77:d5:a0:25:be:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91f8a49b0d6533d067995687faee3db73aaa08b1
        Validity
            Not Before: Apr 17 10:00:51 2026 GMT
            Not After : Apr 18 10:00:51 2026 GMT
        Subject: CN=493546f3696ac23e43395a826be28a93034483db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:0f:dc:17:13:d7:72:69:ab:9d:e1:bf:5e:40:
                    16:c5:f8:23:82:7c:09:42:90:fb:85:ac:3a:3b:06:
                    d0:d2:5c:b5:5e:67:8f:44:4f:f9:17:7e:87:f1:c7:
                    ac:a0:25:17:12:d0:97:fc:97:2d:d1:ab:cd:9c:d4:
                    72:d2:03:24:3a:11:47:4d:80:fc:56:d8:4f:88:dc:
                    e2:6e:86:c8:bf:a8:3a:a3:f9:c8:28:e4:6d:02:06:
                    9b:1a:b8:79:90:22:32:65:dd:5c:b8:2f:66:bc:d8:
                    ed:73:6f:9e:d3:e6:b8:15:fa:ee:8f:7a:00:66:91:
                    0c:45:04:b2:c4:70:b8:10:5c:70:f9:20:fc:b7:6b:
                    8b:57:1f:cc:c1:50:d7:1b:34:e6:cd:62:44:62:78:
                    8f:a5:0e:ff:10:b6:af:dd:a9:73:c6:92:dd:0f:5c:
                    f7:6a:39:ea:a3:60:03:93:0a:2c:85:f4:2e:5f:ed:
                    17:6e:af:0d:dc:87:30:26:70:3e:af:52:11:95:9b:
                    32:aa:01:f1:0d:29:6e:a7:4a:14:49:e0:ac:d0:d9:
                    6f:2a:75:6f:5e:a7:ed:1a:e4:df:76:dd:ef:4d:c5:
                    96:36:a5:41:13:5f:bb:09:4e:0c:3e:a4:3a:04:d9:
                    07:ba:19:15:e1:0f:3c:22:7a:69:b1:fb:ed:6f:9b:
                    d8:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:35:46:F3:69:6A:C2:3E:43:39:5A:82:6B:E2:8A:93:03:44:83:DB
            X509v3 Authority Key Identifier:
                keyid:91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:f8:83:47:10:00:43:88:af:f3:4f:a4:eb:70:49:d9:23:39:
         4f:19:51:e1:17:3c:cd:89:1d:56:61:80:e9:2b:93:05:cb:99:
         e5:a3:7a:7c:fa:dd:ce:73:2c:1b:b1:f5:a7:69:e1:67:5e:37:
         ce:87:ea:45:55:5b:95:07:50:a1:a1:8b:4a:0b:03:f8:47:8c:
         b2:66:f1:0b:ff:38:39:ee:26:cc:38:c0:5b:7e:60:8a:77:ec:
         78:60:33:57:cc:e2:fa:ce:43:d5:f0:16:0c:77:15:42:e9:e3:
         54:91:d1:28:28:54:06:a5:fe:0f:ce:51:54:d9:d5:97:a8:2d:
         80:cc:d8:f3:eb:66:a4:31:f5:5e:5c:4e:5b:60:42:a6:b6:4e:
         30:4f:5d:75:12:51:66:a0:6c:b9:9e:42:f4:e1:23:0f:92:e7:
         f7:95:36:bb:2e:d7:8e:d4:15:29:e5:14:99:85:6e:6b:1d:d8:
         31:63:db:6f:67:b6:58:23:58:34:b1:7c:1b:12:f5:34:fc:c8:
         ba:26:b6:d6:ab:cc:3b:b9:db:02:eb:b0:01:86:e7:88:cf:06:
         a0:e5:1e:80:d4:8a:05:69:5a:fe:cc:71:b5:22:94:bb:35:36:
         7e:9a:e3:d2:d4:09:d8:c0:82:48:07:c3:6f:61:36:c0:67:d1:
         10:38:ed:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4tu2fHOkzWJKd9WgJb7GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZjhhNDliMGQ2NTMzZDA2Nzk5NTY4N2ZhZWUzZGI3M2Fh
YTA4YjEwHhcNMjYwNDE3MTAwMDUxWhcNMjYwNDE4MTAwMDUxWjAzMTEwLwYDVQQD
Eyg0OTM1NDZmMzY5NmFjMjNlNDMzOTVhODI2YmUyOGE5MzAzNDQ4M2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Q/cFxPXcmmrneG/XkAWxfgjgnwJ
QpD7haw6OwbQ0ly1XmePRE/5F36H8cesoCUXEtCX/Jct0avNnNRy0gMkOhFHTYD8
VthPiNzibobIv6g6o/nIKORtAgabGrh5kCIyZd1cuC9mvNjtc2+e0+a4Ffruj3oA
ZpEMRQSyxHC4EFxw+SD8t2uLVx/MwVDXGzTmzWJEYniPpQ7/ELav3alzxpLdD1z3
ajnqo2ADkwoshfQuX+0Xbq8N3IcwJnA+r1IRlZsyqgHxDSlup0oUSeCs0NlvKnVv
XqftGuTfdt3vTcWWNqVBE1+7CU4MPqQ6BNkHuhkV4Q88Inppsfvtb5vY4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEk1RvNpasI+QzlagmviipMDRIPbMB8GA1UdIwQY
MBaAFJH4pJsNZTPQZ5lWh/ruPbc6qgixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYt
NDMyODQyOWJkMzc0LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYtNDMyODQyOWJkMzc0
LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAafiDRxAA
Q4iv80+k63BJ2SM5TxlR4Rc8zYkdVmGA6SuTBcuZ5aN6fPrdznMsG7H1p2nhZ143
zofqRVVblQdQoaGLSgsD+EeMsmbxC/84Oe4mzDjAW35ginfseGAzV8zi+s5D1fAW
DHcVQunjVJHRKChUBqX+D85RVNnVl6gtgMzY8+tmpDH1XlxOW2BCprZOME9ddRJR
ZqBsuZ5C9OEjD5Ln95U2uy7XjtQVKeUUmYVuax3YMWPbb2e2WCNYNLF8GxL1NPzI
uia21qvMO7nbAuuwAYbniM8GoOUegNSKBWla/sxxtSKUuzU2fprj0tQJ2MCCSAfD
b2E2wGfREDjtQA==
-----END CERTIFICATE-----