Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft
File:                     kYaHyFQkQhcMxR71MW05Y2CXCNw.mft (raw, json)
Hash identifier:          nht5xw0fAYBLRFjtlsS6ix682OEfwbFVpRJrVRqr3dk=
Subject key identifier:   AC:69:C0:D0:B9:C9:D9:70:75:B9:D8:9F:B2:3E:AB:33:03:3C:E3:D4
Authority key identifier: 91:86:87:C8:54:24:42:17:0C:C5:1E:F5:31:6D:39:63:60:97:08:DC
Certificate issuer:       /CN=918687c8542442170cc51ef5316d3963609708dc
Certificate serial:       019CAB6B5D3AAC13E7EC46B6B5613AC8FFAB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft
Manifest number:          1452
Signing time:             Sun 01 Mar 2026 22:01:05 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:05 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:05 +0000
Files and hashes:         1: kYaHyFQkQhcMxR71MW05Y2CXCNw.crl (hash: 0xIAMyVfXCY3+nOWLROFo58yR1MT2P0WKyGu4HZVWcE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:5d:3a:ac:13:e7:ec:46:b6:b5:61:3a:c8:ff:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=918687c8542442170cc51ef5316d3963609708dc
        Validity
            Not Before: Mar  1 22:01:05 2026 GMT
            Not After : Mar  2 22:01:05 2026 GMT
        Subject: CN=ac69c0d0b9c9d97075b9d89fb23eab33033ce3d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:ab:1b:4b:dd:61:7a:14:61:b2:b5:0f:b7:52:
                    ff:83:17:07:5b:bf:33:99:4e:7e:16:d0:5c:62:19:
                    e5:24:c4:23:6a:08:5a:33:8f:7c:3e:80:9f:98:a1:
                    8b:a8:1e:06:10:55:43:f4:50:c0:83:6f:96:5c:ef:
                    0e:68:d5:31:5d:02:5a:c8:8b:f1:34:00:5c:d9:43:
                    2d:7d:04:1b:27:c3:67:0a:f4:5f:27:f5:fa:82:06:
                    36:0e:d5:b3:cd:2f:f2:b0:cf:fd:49:f3:eb:e1:52:
                    0e:4c:00:0a:d2:4d:41:a6:87:b4:96:5d:c4:30:73:
                    d0:45:25:c5:e8:f6:90:9a:e3:8c:c0:c6:6f:20:02:
                    03:c7:95:4e:e8:f0:b2:9e:4e:ef:ad:77:87:e8:8c:
                    ee:0e:73:2a:ec:bb:c0:87:00:f6:77:34:48:2e:db:
                    5c:9b:1b:cb:b5:24:87:de:f1:0f:c4:a2:c8:ab:35:
                    c5:09:71:aa:de:a4:38:7b:af:72:56:bf:bb:6f:c0:
                    d4:41:00:e9:06:96:48:8e:cf:75:63:17:0d:14:46:
                    63:b4:f2:91:03:07:2d:45:f1:11:19:98:f9:79:01:
                    f7:54:82:05:b6:45:81:c1:a6:12:99:fc:24:ff:e5:
                    21:37:d1:ae:1b:f9:18:0c:aa:5c:01:10:ef:57:be:
                    17:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:69:C0:D0:B9:C9:D9:70:75:B9:D8:9F:B2:3E:AB:33:03:3C:E3:D4
            X509v3 Authority Key Identifier:
                keyid:91:86:87:C8:54:24:42:17:0C:C5:1E:F5:31:6D:39:63:60:97:08:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:51:8a:69:49:c6:9e:90:91:1e:c4:d4:2a:23:fa:08:e1:9a:
         11:3b:ea:f5:80:41:0a:85:56:d2:dd:6d:95:7c:0b:ab:f7:9f:
         a0:28:c3:5e:a4:f5:8b:a7:b3:ee:32:d1:24:0f:8e:45:71:36:
         58:eb:e3:87:77:47:c9:41:04:04:6c:d1:cb:48:60:de:14:a6:
         2c:98:95:7c:c4:33:84:3c:70:d7:f2:0d:72:3f:3c:f0:30:b3:
         12:2e:48:2c:f7:2b:c4:bf:5e:95:79:ce:5e:cf:0c:d1:b5:e9:
         56:25:5b:b1:be:9e:7b:0c:be:72:a5:52:ef:6e:09:c2:5d:df:
         23:22:f6:39:7e:94:4a:db:ab:51:8f:32:66:83:d4:05:92:43:
         8f:2d:a0:77:2f:8c:77:91:f2:81:b8:bc:c0:31:10:e1:bb:e3:
         c3:96:29:bc:8a:df:59:f5:7f:9a:84:5f:75:b6:92:6f:62:9d:
         a5:3d:53:d4:b7:ac:cd:de:bb:3f:3d:67:b9:fd:25:59:74:34:
         e6:9f:bd:ce:9f:e3:11:60:11:0f:29:b2:f2:33:f8:1e:0d:b2:
         42:81:a8:6b:e3:4d:37:13:24:7b:97:6f:5a:31:27:0e:0a:6d:
         1e:dc:97:37:4a:36:00:c5:20:d7:1d:db:3f:33:f9:79:0a:c1:
         9e:cd:76:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra106rBPn7Ea2tWE6yP+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxODY4N2M4NTQyNDQyMTcwY2M1MWVmNTMxNmQzOTYzNjA5
NzA4ZGMwHhcNMjYwMzAxMjIwMTA1WhcNMjYwMzAyMjIwMTA1WjAzMTEwLwYDVQQD
EyhhYzY5YzBkMGI5YzlkOTcwNzViOWQ4OWZiMjNlYWIzMzAzM2NlM2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArasbS91hehRhsrUPt1L/gxcHW78z
mU5+FtBcYhnlJMQjaghaM498PoCfmKGLqB4GEFVD9FDAg2+WXO8OaNUxXQJayIvx
NABc2UMtfQQbJ8NnCvRfJ/X6ggY2DtWzzS/ysM/9SfPr4VIOTAAK0k1Bpoe0ll3E
MHPQRSXF6PaQmuOMwMZvIAIDx5VO6PCynk7vrXeH6IzuDnMq7LvAhwD2dzRILttc
mxvLtSSH3vEPxKLIqzXFCXGq3qQ4e69yVr+7b8DUQQDpBpZIjs91YxcNFEZjtPKR
AwctRfERGZj5eQH3VIIFtkWBwaYSmfwk/+UhN9GuG/kYDKpcARDvV74XrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKxpwNC5ydlwdbnYn7I+qzMDPOPUMB8GA1UdIwQY
MBaAFJGGh8hUJEIXDMUe9TFtOWNglwjcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi84MzIyNmEtNDI5MS00ZjAzLTliZTMt
ODllMzlhYzFlZDgxLzEva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi84MzIyNmEtNDI5MS00ZjAzLTliZTMtODllMzlhYzFlZDgx
LzEva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI1GKaUnG
npCRHsTUKiP6COGaETvq9YBBCoVW0t1tlXwLq/efoCjDXqT1i6ez7jLRJA+ORXE2
WOvjh3dHyUEEBGzRy0hg3hSmLJiVfMQzhDxw1/INcj888DCzEi5ILPcrxL9elXnO
Xs8M0bXpViVbsb6eewy+cqVS724Jwl3fIyL2OX6USturUY8yZoPUBZJDjy2gdy+M
d5Hygbi8wDEQ4bvjw5YpvIrfWfV/moRfdbaSb2KdpT1T1Leszd67Pz1nuf0lWXQ0
5p+9zp/jEWARDymy8jP4Hg2yQoGoa+NNNxMke5dvWjEnDgptHtyXN0o2AMUg1x3b
PzP5eQrBns128g==
-----END CERTIFICATE-----