Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
File:                     0kvL9emk_kMp8iPBFFBykFOPnMI.mft (raw, json)
Hash identifier:          SNrBexVS2wPt0QA7gGFEBvBWknEzYmS1bF31aHRTqss=
Subject key identifier:   A1:EE:D8:87:CA:B0:07:D8:CE:21:BF:9D:77:C3:8F:49:0F:CD:1D:FD
Authority key identifier: D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2
Certificate issuer:       /CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2
Certificate serial:       019CAD5929F6586A762EB2DE48717D9959B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
Manifest number:          1392
Signing time:             Mon 02 Mar 2026 07:00:27 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:27 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:27 +0000
Files and hashes:         1: 0kvL9emk_kMp8iPBFFBykFOPnMI.crl (hash: EFp6h6Tt0te8rVtVerDXnrZ9wFNffTAgO13h9SwRrkg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:29:f6:58:6a:76:2e:b2:de:48:71:7d:99:59:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2
        Validity
            Not Before: Mar  2 07:00:27 2026 GMT
            Not After : Mar  3 07:00:27 2026 GMT
        Subject: CN=a1eed887cab007d8ce21bf9d77c38f490fcd1dfd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:c2:9b:fb:83:78:61:49:96:6d:e1:83:24:dc:
                    08:91:8b:cf:f7:ce:ee:fe:7e:2e:84:11:c4:0a:44:
                    ee:03:3f:30:19:1f:b9:28:45:5c:63:09:2d:2c:3f:
                    0e:e7:8a:58:8f:6a:05:2e:b1:7b:a6:01:20:37:9f:
                    b8:c7:c1:67:46:20:e4:e5:68:67:11:25:15:fd:2d:
                    e8:65:ff:5b:1f:4c:2a:15:8f:68:34:04:d9:9f:d5:
                    fd:04:b8:34:6b:51:8e:f7:78:9b:28:a5:48:0b:d4:
                    ed:9c:0c:81:18:f1:3d:8c:55:d3:2b:8e:f9:a9:a7:
                    e8:0f:43:6c:b0:a7:63:47:4c:fd:45:75:3d:9a:5d:
                    66:f9:a1:3e:ed:d9:90:5b:e1:a4:6e:02:3f:9e:1f:
                    f2:47:10:4e:1c:a2:27:35:7e:b6:f2:f4:f2:47:c7:
                    eb:7e:0a:96:91:60:7d:8b:2d:e6:e9:a7:4d:cb:03:
                    12:09:56:fb:79:c9:4b:8c:83:d6:54:54:90:7a:eb:
                    1e:17:80:81:72:f0:9e:74:e4:0d:4f:cf:f0:8e:0c:
                    e6:07:4c:e6:c0:5b:19:17:84:51:ac:45:c4:6d:92:
                    a6:b3:39:de:87:5b:5e:5e:b1:71:03:68:1b:47:7f:
                    7a:f1:15:66:2e:81:5a:ab:3f:17:1c:98:dd:04:8d:
                    2f:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:EE:D8:87:CA:B0:07:D8:CE:21:BF:9D:77:C3:8F:49:0F:CD:1D:FD
            X509v3 Authority Key Identifier:
                keyid:D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:7b:5b:61:58:5a:0e:1a:a1:66:07:44:49:b8:10:bb:9e:49:
         f1:b9:43:d4:00:b2:46:b8:e4:83:f6:12:cf:90:24:b9:96:0e:
         87:b7:4b:15:b7:a8:b8:98:b1:ca:3a:a1:85:b7:d9:02:a6:51:
         e9:ab:85:ea:bc:e6:50:6e:f4:d2:db:79:75:23:48:7c:39:9d:
         4c:9d:ac:9a:7c:4d:dd:85:09:19:12:17:b3:65:41:2a:61:8b:
         f6:a8:0d:22:10:a5:b5:4b:9d:5b:8f:4e:c9:74:fc:ee:6a:2a:
         5a:97:77:51:6b:5e:53:02:97:8b:fa:80:08:c2:0a:2d:f9:9b:
         cb:15:3c:86:ea:7e:54:f0:9b:f2:fe:a3:ea:cd:aa:2d:b3:31:
         f9:c5:f2:ab:d2:94:b2:3b:33:a0:df:2c:10:de:40:59:94:84:
         cc:74:9f:8e:e1:98:9c:2f:7a:56:81:75:8f:e2:12:b2:10:70:
         60:13:74:9e:ea:c1:4b:b6:3b:92:b5:3f:e9:e5:06:e2:99:53:
         1d:4e:c5:9c:9e:ea:f7:62:70:1f:9a:f0:70:7b:3e:6c:8e:53:
         fc:62:91:6c:b9:f0:c1:c6:da:c1:ed:59:7c:de:63:26:fc:94:
         8a:55:d0:b3:0b:4b:c4:f1:73:14:68:c9:ed:07:7a:c0:29:28:
         4b:c5:86:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWSn2WGp2LrLeSHF9mVmxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNGJjYmY1ZTlhNGZlNDMyOWYyMjNjMTE0NTA3MjkwNTM4
ZjljYzIwHhcNMjYwMzAyMDcwMDI3WhcNMjYwMzAzMDcwMDI3WjAzMTEwLwYDVQQD
EyhhMWVlZDg4N2NhYjAwN2Q4Y2UyMWJmOWQ3N2MzOGY0OTBmY2QxZGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6cKb+4N4YUmWbeGDJNwIkYvP987u
/n4uhBHECkTuAz8wGR+5KEVcYwktLD8O54pYj2oFLrF7pgEgN5+4x8FnRiDk5Whn
ESUV/S3oZf9bH0wqFY9oNATZn9X9BLg0a1GO93ibKKVIC9TtnAyBGPE9jFXTK475
qafoD0NssKdjR0z9RXU9ml1m+aE+7dmQW+GkbgI/nh/yRxBOHKInNX628vTyR8fr
fgqWkWB9iy3m6adNywMSCVb7eclLjIPWVFSQeuseF4CBcvCedOQNT8/wjgzmB0zm
wFsZF4RRrEXEbZKmszneh1teXrFxA2gbR3968RVmLoFaqz8XHJjdBI0vvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKHu2IfKsAfYziG/nXfDj0kPzR39MB8GA1UdIwQY
MBaAFNJLy/XppP5DKfIjwRRQcpBTj5zCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUt
MmU2ZTVlNWY1ZDliLzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUtMmU2ZTVlNWY1ZDli
LzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjXtbYVha
DhqhZgdESbgQu55J8blD1ACyRrjkg/YSz5AkuZYOh7dLFbeouJixyjqhhbfZAqZR
6auF6rzmUG700tt5dSNIfDmdTJ2smnxN3YUJGRIXs2VBKmGL9qgNIhCltUudW49O
yXT87moqWpd3UWteUwKXi/qACMIKLfmbyxU8hup+VPCb8v6j6s2qLbMx+cXyq9KU
sjszoN8sEN5AWZSEzHSfjuGYnC96VoF1j+ISshBwYBN0nurBS7Y7krU/6eUG4plT
HU7FnJ7q92JwH5rwcHs+bI5T/GKRbLnwwcbawe1ZfN5jJvyUilXQswtLxPFzFGjJ
7Qd6wCkoS8WGSw==
-----END CERTIFICATE-----