Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft
File:                     KhQFaUht0XjbWDoKHklt8iMYXTU.mft (raw, json)
Hash identifier:          3kAoiNY83eFlDWmFimfoJxmzrR0DOlJ9Yd1SXqUhojQ=
Subject key identifier:   CE:03:9E:DE:89:FF:06:88:A6:4C:7D:DC:44:EF:20:E8:DA:12:33:08
Authority key identifier: 2A:14:05:69:48:6D:D1:78:DB:58:3A:0A:1E:49:6D:F2:23:18:5D:35
Certificate issuer:       /CN=2a140569486dd178db583a0a1e496df223185d35
Certificate serial:       019CABD9139FE5156C95B1182D926C5C07F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KhQFaUht0XjbWDoKHklt8iMYXTU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft
Manifest number:          0A8C
Signing time:             Mon 02 Mar 2026 00:00:56 +0000
Manifest this update:     Mon 02 Mar 2026 00:00:56 +0000
Manifest next update:     Tue 03 Mar 2026 00:00:56 +0000
Files and hashes:         1: KhQFaUht0XjbWDoKHklt8iMYXTU.crl (hash: N3pGzDpRxw7hSDkpYazHeuQ0O2OVPg/m69m/n7mVLuI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KhQFaUht0XjbWDoKHklt8iMYXTU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:13:9f:e5:15:6c:95:b1:18:2d:92:6c:5c:07:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a140569486dd178db583a0a1e496df223185d35
        Validity
            Not Before: Mar  2 00:00:56 2026 GMT
            Not After : Mar  3 00:00:56 2026 GMT
        Subject: CN=ce039ede89ff0688a64c7ddc44ef20e8da123308
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:65:2e:62:0c:61:21:de:98:45:51:23:64:41:
                    d7:c0:21:1f:c9:67:d4:df:40:1d:3a:5b:68:65:1f:
                    6d:74:35:f5:86:61:52:52:9b:4d:b6:e9:c8:c8:20:
                    ff:1d:b9:64:37:24:f2:ed:6b:10:5c:03:66:03:9b:
                    8b:e7:9d:cd:17:b6:39:88:08:e0:b9:12:6e:fa:f2:
                    cb:d1:77:b2:84:dd:9d:b8:65:37:4a:4a:e0:88:79:
                    91:c7:18:e0:0c:e3:a8:32:5b:1a:c0:e2:30:08:d9:
                    35:8a:56:4c:f8:6e:38:cf:4e:b0:59:80:b8:95:4f:
                    44:51:35:56:9e:dd:3a:51:15:6d:ca:df:1d:7c:5a:
                    ab:91:6d:8f:6a:e7:fe:aa:52:5e:74:0d:fb:6b:37:
                    f9:8b:10:b2:8a:a6:19:1f:a2:ed:a7:24:9e:6a:2e:
                    65:a3:82:1b:db:57:4a:92:c7:e7:9b:fb:8b:28:b6:
                    d8:da:59:43:1a:81:72:f5:6b:08:c5:8c:22:9b:69:
                    78:d0:e9:47:5b:54:20:21:6a:4e:dd:e3:84:14:5c:
                    0b:05:3d:0d:8b:79:37:60:2e:12:0c:32:1d:f5:c8:
                    10:97:d9:f3:6c:a4:d0:99:5e:ef:9d:dd:6e:85:a3:
                    43:b2:84:85:b7:be:b5:e6:94:a2:5a:a6:5d:78:19:
                    ea:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:03:9E:DE:89:FF:06:88:A6:4C:7D:DC:44:EF:20:E8:DA:12:33:08
            X509v3 Authority Key Identifier:
                keyid:2A:14:05:69:48:6D:D1:78:DB:58:3A:0A:1E:49:6D:F2:23:18:5D:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhQFaUht0XjbWDoKHklt8iMYXTU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:01:df:75:52:d0:3e:e3:da:e1:27:f5:fe:ad:b4:19:6c:7e:
         66:b2:35:df:aa:62:33:12:f8:c5:80:f7:99:21:cf:b9:49:d7:
         42:d9:9c:c9:05:d2:eb:2b:ef:86:63:70:e8:11:c9:14:35:df:
         a1:9a:58:dc:b8:d6:eb:37:f5:ef:85:97:0e:b3:80:47:62:30:
         5c:b5:65:35:df:6e:5c:a1:ca:3c:95:e5:25:9c:51:29:ac:da:
         72:6a:35:00:a8:b5:52:c3:8c:7f:09:d2:38:28:57:22:ed:d5:
         7f:07:99:ac:c0:09:8a:22:e5:03:af:3d:71:b6:0e:95:09:12:
         65:c5:ad:23:e4:75:f1:14:2b:d7:0c:f9:f8:66:16:a9:d5:2a:
         79:dd:58:8a:c9:8b:f1:50:71:14:e4:88:ed:bd:c1:31:08:39:
         59:c0:a0:9f:a0:c4:66:f3:85:ae:66:ba:8e:fa:91:fc:30:ba:
         e6:86:18:3c:1b:eb:a7:67:97:1f:f3:53:7e:63:13:29:5d:8a:
         06:24:07:2e:98:06:e9:1a:b0:d0:8f:71:6e:bd:8b:c2:ec:21:
         b8:69:63:25:e8:7d:9e:dc:4d:00:bd:33:18:a7:9d:65:23:9e:
         13:6b:85:60:1a:90:c4:d3:05:9b:b9:f6:a9:f6:ec:00:98:58:
         71:05:a4:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2ROf5RVslbEYLZJsXAf1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMTQwNTY5NDg2ZGQxNzhkYjU4M2EwYTFlNDk2ZGYyMjMx
ODVkMzUwHhcNMjYwMzAyMDAwMDU2WhcNMjYwMzAzMDAwMDU2WjAzMTEwLwYDVQQD
EyhjZTAzOWVkZTg5ZmYwNjg4YTY0YzdkZGM0NGVmMjBlOGRhMTIzMzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimUuYgxhId6YRVEjZEHXwCEfyWfU
30AdOltoZR9tdDX1hmFSUptNtunIyCD/HblkNyTy7WsQXANmA5uL553NF7Y5iAjg
uRJu+vLL0XeyhN2duGU3SkrgiHmRxxjgDOOoMlsawOIwCNk1ilZM+G44z06wWYC4
lU9EUTVWnt06URVtyt8dfFqrkW2Pauf+qlJedA37azf5ixCyiqYZH6LtpySeai5l
o4Ib21dKksfnm/uLKLbY2llDGoFy9WsIxYwim2l40OlHW1QgIWpO3eOEFFwLBT0N
i3k3YC4SDDId9cgQl9nzbKTQmV7vnd1uhaNDsoSFt7615pSiWqZdeBnqgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM4Dnt6J/waIpkx93ETvIOjaEjMIMB8GA1UdIwQY
MBaAFCoUBWlIbdF421g6Ch5JbfIjGF01MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2hRRmFVaHQwWGpiV0RvS0hrbHQ4aU1ZWFRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC81Njk1NzQtNDQxZS00MTViLTgwM2Yt
NTRiZDY0OWI0ODUyLzEvS2hRRmFVaHQwWGpiV0RvS0hrbHQ4aU1ZWFRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC81Njk1NzQtNDQxZS00MTViLTgwM2YtNTRiZDY0OWI0ODUy
LzEvS2hRRmFVaHQwWGpiV0RvS0hrbHQ4aU1ZWFRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmQHfdVLQ
PuPa4Sf1/q20GWx+ZrI136piMxL4xYD3mSHPuUnXQtmcyQXS6yvvhmNw6BHJFDXf
oZpY3LjW6zf174WXDrOAR2IwXLVlNd9uXKHKPJXlJZxRKazacmo1AKi1UsOMfwnS
OChXIu3VfweZrMAJiiLlA689cbYOlQkSZcWtI+R18RQr1wz5+GYWqdUqed1YismL
8VBxFOSI7b3BMQg5WcCgn6DEZvOFrma6jvqR/DC65oYYPBvrp2eXH/NTfmMTKV2K
BiQHLpgG6Rqw0I9xbr2LwuwhuGljJeh9ntxNAL0zGKedZSOeE2uFYBqQxNMFm7n2
qfbsAJhYcQWkzw==
-----END CERTIFICATE-----