Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
File:                     pukanXyu9IGGdMXWJigTYVyJ3lY.mft (raw, json)
Hash identifier:          T2MFU6dhg1R2z4LJ0VE77xr06SKQDZNJfE8/LltoPW8=
Subject key identifier:   B9:2B:AD:4F:F6:48:54:0F:33:78:85:18:15:1E:B1:F1:94:0C:AF:77
Authority key identifier: A6:E9:1A:9D:7C:AE:F4:81:86:74:C5:D6:26:28:13:61:5C:89:DE:56
Certificate issuer:       /CN=a6e91a9d7caef4818674c5d6262813615c89de56
Certificate serial:       019CAB6B958E845B7248A0137771DFDF8CFE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
Manifest number:          11B9
Signing time:             Sun 01 Mar 2026 22:01:20 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:20 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:20 +0000
Files and hashes:         1: pukanXyu9IGGdMXWJigTYVyJ3lY.crl (hash: NBGt9FJGAj181Ciac5xaZ/6bFCBBhazvzArTABRoKBY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:95:8e:84:5b:72:48:a0:13:77:71:df:df:8c:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6e91a9d7caef4818674c5d6262813615c89de56
        Validity
            Not Before: Mar  1 22:01:20 2026 GMT
            Not After : Mar  2 22:01:20 2026 GMT
        Subject: CN=b92bad4ff648540f33788518151eb1f1940caf77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:cd:a3:69:2d:90:9d:2e:2e:03:7e:a0:9d:3e:
                    d0:29:11:77:fc:01:a5:79:2f:20:63:a3:db:ce:63:
                    d7:e6:7b:2c:9e:0b:3a:a4:53:9f:e2:d8:cb:6f:1c:
                    13:c1:85:55:19:ba:1b:12:ec:1c:3f:51:57:1b:6b:
                    88:8a:9f:b2:cd:e7:1a:dc:64:df:31:88:45:19:bf:
                    5f:e0:1c:33:98:5b:05:84:27:ff:d5:34:c0:f6:b0:
                    91:3e:75:47:e3:70:48:43:74:43:79:f9:3c:72:e2:
                    87:22:26:32:f4:03:97:f0:71:e1:35:41:d2:9c:a0:
                    9d:e8:89:26:6e:af:ea:be:62:f1:c3:14:f5:c3:a3:
                    48:1e:16:c9:0c:ab:08:0d:a6:5c:87:af:25:08:7e:
                    d3:72:41:45:40:6b:60:ae:f8:97:c3:99:f0:90:0a:
                    46:57:a0:6c:9e:45:4a:e8:6c:f9:66:7f:e3:1f:ec:
                    26:77:64:c7:32:26:8f:f7:ee:b6:6b:38:92:cb:22:
                    9c:2b:f8:77:32:27:ce:4c:2d:75:ad:87:5c:a7:e7:
                    6c:04:30:e5:11:f1:b3:29:4a:1f:79:a6:4a:e7:ec:
                    36:b9:a6:37:77:a0:bb:3b:8b:aa:7c:e9:fa:f9:cb:
                    af:53:50:7c:da:1c:70:64:83:35:fd:d3:d4:c9:34:
                    75:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:2B:AD:4F:F6:48:54:0F:33:78:85:18:15:1E:B1:F1:94:0C:AF:77
            X509v3 Authority Key Identifier:
                keyid:A6:E9:1A:9D:7C:AE:F4:81:86:74:C5:D6:26:28:13:61:5C:89:DE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pukanXyu9IGGdMXWJigTYVyJ3lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/55de90-bcf6-41a6-a9e8-408229f0baf1/1/pukanXyu9IGGdMXWJigTYVyJ3lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:d9:40:6a:6d:2a:d4:a0:72:2a:6d:8a:9b:1e:87:ee:85:5b:
         2c:5a:c9:05:b2:a5:f6:06:e5:26:31:13:99:e4:f9:b9:08:40:
         44:61:7e:02:bc:63:b1:1d:92:7e:e0:48:46:6f:f2:c9:d2:88:
         ef:ba:4c:d7:48:8c:69:12:7d:34:e2:d3:b3:fb:e5:51:d7:b5:
         0e:f1:6a:b2:02:67:7c:ac:d6:db:3b:a8:ee:85:71:79:9d:f2:
         5c:4f:27:6e:1a:1d:64:48:ee:93:f4:7d:8c:12:a9:83:21:4a:
         97:26:57:d3:64:80:78:c5:b8:58:63:15:cf:c1:a0:f7:91:16:
         58:ad:fb:13:fa:0d:f7:2e:55:d4:74:ac:b8:6d:38:2f:c9:aa:
         61:1f:a6:c6:71:03:73:4f:35:fb:42:50:9f:2c:ee:fc:7f:19:
         62:54:58:15:9a:db:64:ba:43:e4:79:d8:67:a6:15:b9:a6:4e:
         0c:5a:eb:50:63:0d:41:34:1f:ff:98:70:2d:cc:94:d0:36:74:
         2d:90:0b:cd:2a:a9:6d:c5:0d:48:ee:97:46:99:62:96:8c:84:
         32:ca:3d:59:82:b0:9d:98:a1:33:2b:fe:dd:22:81:fc:d0:9c:
         04:48:a8:4b:be:05:bb:92:8d:c6:ba:a7:17:fc:94:6d:57:3a:
         46:fa:16:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra5WOhFtySKATd3Hf34z+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ZTkxYTlkN2NhZWY0ODE4Njc0YzVkNjI2MjgxMzYxNWM4
OWRlNTYwHhcNMjYwMzAxMjIwMTIwWhcNMjYwMzAyMjIwMTIwWjAzMTEwLwYDVQQD
EyhiOTJiYWQ0ZmY2NDg1NDBmMzM3ODg1MTgxNTFlYjFmMTk0MGNhZjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkc2jaS2QnS4uA36gnT7QKRF3/AGl
eS8gY6PbzmPX5nssngs6pFOf4tjLbxwTwYVVGbobEuwcP1FXG2uIip+yzeca3GTf
MYhFGb9f4BwzmFsFhCf/1TTA9rCRPnVH43BIQ3RDefk8cuKHIiYy9AOX8HHhNUHS
nKCd6Ikmbq/qvmLxwxT1w6NIHhbJDKsIDaZch68lCH7TckFFQGtgrviXw5nwkApG
V6BsnkVK6Gz5Zn/jH+wmd2THMiaP9+62aziSyyKcK/h3MifOTC11rYdcp+dsBDDl
EfGzKUofeaZK5+w2uaY3d6C7O4uqfOn6+cuvU1B82hxwZIM1/dPUyTR17QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLkrrU/2SFQPM3iFGBUesfGUDK93MB8GA1UdIwQY
MBaAFKbpGp18rvSBhnTF1iYoE2Fcid5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny81NWRlOTAtYmNmNi00MWE2LWE5ZTgt
NDA4MjI5ZjBiYWYxLzEvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny81NWRlOTAtYmNmNi00MWE2LWE5ZTgtNDA4MjI5ZjBiYWYx
LzEvcHVrYW5YeXU5SUdHZE1YV0ppZ1RZVnlKM2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABNlAam0q
1KByKm2Kmx6H7oVbLFrJBbKl9gblJjETmeT5uQhARGF+ArxjsR2SfuBIRm/yydKI
77pM10iMaRJ9NOLTs/vlUde1DvFqsgJnfKzW2zuo7oVxeZ3yXE8nbhodZEjuk/R9
jBKpgyFKlyZX02SAeMW4WGMVz8Gg95EWWK37E/oN9y5V1HSsuG04L8mqYR+mxnED
c081+0JQnyzu/H8ZYlRYFZrbZLpD5HnYZ6YVuaZODFrrUGMNQTQf/5hwLcyU0DZ0
LZALzSqpbcUNSO6XRpliloyEMso9WYKwnZihMyv+3SKB/NCcBEioS74Fu5KNxrqn
F/yUbVc6RvoWjA==
-----END CERTIFICATE-----