Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.mft
File:                     k-DpokYd9Py54i53cLJhOgckE4g.mft (raw, json)
Hash identifier:          g0tSyq/uXmOC+x9Fkhw24mLoGnQ827SzTyK9XnAzrO0=
Subject key identifier:   1D:3A:6B:35:C8:CA:21:96:CF:FE:96:EE:A5:20:37:A1:B6:0B:51:5A
Authority key identifier: 93:E0:E9:A2:46:1D:F4:FC:B9:E2:2E:77:70:B2:61:3A:07:24:13:88
Certificate issuer:       /CN=93e0e9a2461df4fcb9e22e7770b2613a07241388
Certificate serial:       019CAC10181E83512131AD372CA1A4C9B09F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k-DpokYd9Py54i53cLJhOgckE4g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.mft
Manifest number:          17D5
Signing time:             Mon 02 Mar 2026 01:01:01 +0000
Manifest this update:     Mon 02 Mar 2026 01:01:01 +0000
Manifest next update:     Tue 03 Mar 2026 01:01:01 +0000
Files and hashes:         1: k-DpokYd9Py54i53cLJhOgckE4g.crl (hash: ZXbCiStJUqOqUoDDf4xtAj1nusbtbs1z6yPFPaT7QwM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/k-DpokYd9Py54i53cLJhOgckE4g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:10:18:1e:83:51:21:31:ad:37:2c:a1:a4:c9:b0:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93e0e9a2461df4fcb9e22e7770b2613a07241388
        Validity
            Not Before: Mar  2 01:01:01 2026 GMT
            Not After : Mar  3 01:01:01 2026 GMT
        Subject: CN=1d3a6b35c8ca2196cffe96eea52037a1b60b515a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:6d:19:a8:51:dc:75:7d:86:86:ae:a5:d8:02:
                    83:f3:e5:c5:e8:2f:3e:cb:6e:e9:88:7a:60:3b:ef:
                    64:10:82:13:33:05:00:ed:42:60:7a:70:f4:61:95:
                    50:97:e7:98:9d:ca:81:52:4e:86:4b:7b:56:83:2c:
                    a6:b9:bd:49:b1:d6:d0:a1:ff:41:46:66:36:eb:b3:
                    64:70:0d:17:78:ad:84:84:35:5c:19:a6:5b:ad:f2:
                    70:f4:5d:1b:ed:89:35:4a:be:50:6c:cf:40:90:af:
                    b7:de:91:ea:0d:b4:a1:fb:3b:e3:79:5e:84:de:0a:
                    fa:44:b2:ba:d8:b5:62:e9:b2:1d:6c:70:e8:89:90:
                    43:56:b9:51:11:e3:0f:cd:51:de:85:09:89:12:d6:
                    74:7b:86:c3:7d:55:39:3a:64:58:13:86:2b:14:c8:
                    a7:ca:33:43:4c:bb:d8:d7:06:2c:c8:48:b3:41:98:
                    26:7b:4b:75:4a:84:22:36:62:45:e8:b0:ca:8e:e5:
                    f6:26:54:c9:44:ff:9e:83:96:97:20:18:cb:ac:c8:
                    35:f7:cb:5b:94:4d:01:d9:d1:43:99:23:38:40:90:
                    2d:71:c0:ed:9b:2d:53:9b:e8:c6:fc:20:27:aa:72:
                    1c:36:df:58:d0:e8:68:a4:11:f5:46:4c:84:c5:00:
                    b4:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:3A:6B:35:C8:CA:21:96:CF:FE:96:EE:A5:20:37:A1:B6:0B:51:5A
            X509v3 Authority Key Identifier:
                keyid:93:E0:E9:A2:46:1D:F4:FC:B9:E2:2E:77:70:B2:61:3A:07:24:13:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-DpokYd9Py54i53cLJhOgckE4g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:8d:dc:8b:ad:46:da:cb:73:7b:59:3a:25:b8:6b:0d:1c:ca:
         db:14:0e:34:c3:a6:8d:60:62:82:6a:7a:c6:95:89:44:53:36:
         4c:f2:5d:ca:2e:1f:62:f4:95:df:26:f1:9a:e0:46:33:67:55:
         b7:98:8f:c7:59:64:58:dd:73:9a:04:11:bd:b3:31:05:33:80:
         3d:5f:75:bc:a4:89:99:35:cd:e8:82:21:1a:da:ec:39:c5:62:
         44:c7:a3:e9:9d:3b:ce:6f:02:0b:42:5b:96:00:e9:d2:78:ee:
         64:c0:09:23:10:4d:16:f8:d2:23:4a:23:4f:4e:92:07:4e:e9:
         22:2f:a2:fd:22:cf:c8:eb:8b:53:6d:62:bb:e5:03:7e:cb:04:
         aa:dc:06:d7:02:34:68:bc:f5:b4:8c:9e:98:bf:02:1e:cc:19:
         06:e2:8a:db:94:83:9e:ed:8c:10:f9:63:a2:d5:92:62:2a:5a:
         c6:26:fc:93:48:e2:30:b8:dd:f5:c9:fc:20:05:b0:54:0d:8d:
         c2:8b:c2:b6:01:0c:f9:42:f0:85:2c:e5:67:33:40:16:55:c7:
         8a:19:ee:b8:3f:86:49:74:d4:09:87:b5:46:d5:da:5c:eb:83:
         52:7a:f6:f8:d5:8a:fd:c0:1c:e1:02:04:43:58:e9:2b:70:4d:
         68:97:a1:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysEBgeg1EhMa03LKGkybCfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZTBlOWEyNDYxZGY0ZmNiOWUyMmU3NzcwYjI2MTNhMDcy
NDEzODgwHhcNMjYwMzAyMDEwMTAxWhcNMjYwMzAzMDEwMTAxWjAzMTEwLwYDVQQD
EygxZDNhNmIzNWM4Y2EyMTk2Y2ZmZTk2ZWVhNTIwMzdhMWI2MGI1MTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtG0ZqFHcdX2Ghq6l2AKD8+XF6C8+
y27piHpgO+9kEIITMwUA7UJgenD0YZVQl+eYncqBUk6GS3tWgyymub1JsdbQof9B
RmY267NkcA0XeK2EhDVcGaZbrfJw9F0b7Yk1Sr5QbM9AkK+33pHqDbSh+zvjeV6E
3gr6RLK62LVi6bIdbHDoiZBDVrlREeMPzVHehQmJEtZ0e4bDfVU5OmRYE4YrFMin
yjNDTLvY1wYsyEizQZgme0t1SoQiNmJF6LDKjuX2JlTJRP+eg5aXIBjLrMg198tb
lE0B2dFDmSM4QJAtccDtmy1Tm+jG/CAnqnIcNt9Y0OhopBH1RkyExQC0hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB06azXIyiGWz/6W7qUgN6G2C1FaMB8GA1UdIwQY
MBaAFJPg6aJGHfT8ueIud3CyYToHJBOIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay1EcG9rWWQ5UHk1NGk1M2NMSmhPZ2NrRTRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC80MWU1ODQtOWNmNy00YzYyLTlmNjEt
MGUyZTM2MDE5ODQ5LzEvay1EcG9rWWQ5UHk1NGk1M2NMSmhPZ2NrRTRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC80MWU1ODQtOWNmNy00YzYyLTlmNjEtMGUyZTM2MDE5ODQ5
LzEvay1EcG9rWWQ5UHk1NGk1M2NMSmhPZ2NrRTRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqI3ci61G
2stze1k6JbhrDRzK2xQONMOmjWBigmp6xpWJRFM2TPJdyi4fYvSV3ybxmuBGM2dV
t5iPx1lkWN1zmgQRvbMxBTOAPV91vKSJmTXN6IIhGtrsOcViRMej6Z07zm8CC0Jb
lgDp0njuZMAJIxBNFvjSI0ojT06SB07pIi+i/SLPyOuLU21iu+UDfssEqtwG1wI0
aLz1tIyemL8CHswZBuKK25SDnu2MEPljotWSYipaxib8k0jiMLjd9cn8IAWwVA2N
wovCtgEM+ULwhSzlZzNAFlXHihnuuD+GSXTUCYe1RtXaXOuDUnr2+NWK/cAc4QIE
Q1jpK3BNaJeh9w==
-----END CERTIFICATE-----