Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
File:                     kfikmw1lM9BnmVaH-u49tzqqCLE.mft (raw, json)
Hash identifier:          X+uIM4vK/jCcNm/X5i1iwp70b15vpAMZYaM1yGJg9NY=
Subject key identifier:   E4:7F:57:AC:1C:5B:91:BF:BB:BA:E2:97:F1:20:5A:8B:71:B4:C0:71
Authority key identifier: 91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1
Certificate issuer:       /CN=91f8a49b0d6533d067995687faee3db73aaa08b1
Certificate serial:       019CAB6B566236F375C8B44CC867C8A3977D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
Manifest number:          0758
Signing time:             Sun 01 Mar 2026 22:01:04 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:04 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:04 +0000
Files and hashes:         1: kfikmw1lM9BnmVaH-u49tzqqCLE.crl (hash: lNCTau9NGbtNFO4gPmtcYjGGpyOnWVyAJSBipx/mEko=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:56:62:36:f3:75:c8:b4:4c:c8:67:c8:a3:97:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91f8a49b0d6533d067995687faee3db73aaa08b1
        Validity
            Not Before: Mar  1 22:01:04 2026 GMT
            Not After : Mar  2 22:01:04 2026 GMT
        Subject: CN=e47f57ac1c5b91bfbbbae297f1205a8b71b4c071
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:c7:4f:78:36:bd:75:14:95:af:ec:20:79:7c:
                    46:d9:f6:ea:77:4d:04:b6:cb:21:85:69:e6:9f:42:
                    88:df:35:e1:c4:4f:b7:b3:ba:81:63:16:28:79:ea:
                    fe:2e:45:3f:e8:75:01:17:02:4d:0d:6e:65:b3:e6:
                    e6:81:59:51:d8:56:17:19:34:d5:86:d5:92:18:2e:
                    31:fa:7c:ba:c1:b3:bb:d9:09:bf:ed:99:79:8a:4a:
                    61:79:cc:a9:48:c0:b8:27:f5:f1:b7:12:11:7e:84:
                    08:43:62:2b:b2:4e:81:18:ab:3a:94:a9:68:52:85:
                    11:22:7e:e4:63:d0:0d:f9:67:06:ee:d1:32:e5:3e:
                    e0:28:7d:fa:f3:87:8c:dd:28:da:61:4b:d2:b0:6b:
                    64:c9:a9:31:f9:aa:02:db:c8:a8:4f:63:c6:40:ee:
                    f1:d8:2f:53:97:ad:a0:2c:ee:35:cc:78:ca:6e:2c:
                    42:f6:87:fd:63:28:a1:41:ce:5e:88:06:99:a2:01:
                    64:ae:b7:78:dd:2e:66:ad:95:cb:7c:d8:1e:1e:5b:
                    3f:6b:06:aa:94:79:b2:27:2a:e8:cf:e5:05:be:25:
                    cf:f1:96:92:27:a1:2d:44:db:88:18:9f:20:20:79:
                    15:d1:7c:ce:eb:ef:a1:6f:44:27:89:9f:bd:43:00:
                    2c:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:7F:57:AC:1C:5B:91:BF:BB:BA:E2:97:F1:20:5A:8B:71:B4:C0:71
            X509v3 Authority Key Identifier:
                keyid:91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:d0:3b:b3:18:d4:d9:a8:75:ca:c8:e7:aa:ad:fb:f3:b1:0f:
         33:36:51:15:6c:a4:1a:59:6b:2f:da:de:f4:47:ce:96:2b:ed:
         86:3d:00:ba:e0:39:5b:2a:34:cd:d7:96:29:3d:df:48:86:86:
         8e:53:f2:b8:21:ba:90:4d:a5:41:8c:08:6f:2f:73:63:56:59:
         d4:46:51:2a:c6:5b:af:74:d1:80:5e:af:cd:7d:b2:78:3a:87:
         f9:97:1e:13:dc:5f:e8:0a:73:0d:b0:14:c9:12:c7:7e:43:95:
         e9:2c:a8:54:af:94:04:2a:6d:44:58:bb:94:aa:37:d6:a3:80:
         4e:ab:e1:3d:29:74:4d:6a:ea:8b:b9:de:8d:49:51:d3:9a:1c:
         97:23:d6:48:8b:54:c7:4e:52:64:43:a3:e8:71:cd:1a:ab:34:
         3f:48:f0:be:a8:95:dd:67:26:92:ec:ca:54:ab:5f:87:cc:22:
         21:96:28:f0:49:1c:ee:ae:6c:9a:bf:71:0b:70:6d:16:44:8a:
         e7:5b:68:a5:0d:cc:fa:f9:6f:63:0f:ab:26:94:c6:f9:9c:81:
         05:50:8b:bb:38:c9:e8:54:e3:6c:03:66:1f:2e:bb:a4:91:27:
         8d:de:c8:a2:62:71:d0:9c:b0:7f:c4:fb:6a:05:9a:c5:27:08:
         f7:25:fd:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra1ZiNvN1yLRMyGfIo5d9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZjhhNDliMGQ2NTMzZDA2Nzk5NTY4N2ZhZWUzZGI3M2Fh
YTA4YjEwHhcNMjYwMzAxMjIwMTA0WhcNMjYwMzAyMjIwMTA0WjAzMTEwLwYDVQQD
EyhlNDdmNTdhYzFjNWI5MWJmYmJiYWUyOTdmMTIwNWE4YjcxYjRjMDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8dPeDa9dRSVr+wgeXxG2fbqd00E
tsshhWnmn0KI3zXhxE+3s7qBYxYoeer+LkU/6HUBFwJNDW5ls+bmgVlR2FYXGTTV
htWSGC4x+ny6wbO72Qm/7Zl5ikphecypSMC4J/XxtxIRfoQIQ2Irsk6BGKs6lKlo
UoURIn7kY9AN+WcG7tEy5T7gKH3684eM3SjaYUvSsGtkyakx+aoC28ioT2PGQO7x
2C9Tl62gLO41zHjKbixC9of9YyihQc5eiAaZogFkrrd43S5mrZXLfNgeHls/awaq
lHmyJyroz+UFviXP8ZaSJ6EtRNuIGJ8gIHkV0XzO6++hb0QniZ+9QwAsTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOR/V6wcW5G/u7ril/EgWotxtMBxMB8GA1UdIwQY
MBaAFJH4pJsNZTPQZ5lWh/ruPbc6qgixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYt
NDMyODQyOWJkMzc0LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYtNDMyODQyOWJkMzc0
LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeNA7sxjU
2ah1ysjnqq3787EPMzZRFWykGllrL9re9EfOlivthj0AuuA5Wyo0zdeWKT3fSIaG
jlPyuCG6kE2lQYwIby9zY1ZZ1EZRKsZbr3TRgF6vzX2yeDqH+ZceE9xf6ApzDbAU
yRLHfkOV6SyoVK+UBCptRFi7lKo31qOATqvhPSl0TWrqi7nejUlR05oclyPWSItU
x05SZEOj6HHNGqs0P0jwvqiV3WcmkuzKVKtfh8wiIZYo8Ekc7q5smr9xC3BtFkSK
51topQ3M+vlvYw+rJpTG+ZyBBVCLuzjJ6FTjbANmHy67pJEnjd7IomJx0Jywf8T7
agWaxScI9yX96Q==
-----END CERTIFICATE-----