Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft
File:                     kyIxLx0huzs4bKOqlzrGzSVLcDk.mft (raw, json)
Hash identifier:          ZDaB1Ig3qji31h8EMJcEYZ32Ty09vs12wF96Wfq1uXI=
Subject key identifier:   05:4A:DD:02:30:03:C9:AD:0C:72:91:9A:12:02:3F:7C:04:7D:1D:8B
Authority key identifier: 93:22:31:2F:1D:21:BB:3B:38:6C:A3:AA:97:3A:C6:CD:25:4B:70:39
Certificate issuer:       /CN=9322312f1d21bb3b386ca3aa973ac6cd254b7039
Certificate serial:       019CAC0FA2428F85B8032B6D0C607C550807
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kyIxLx0huzs4bKOqlzrGzSVLcDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft
Manifest number:          1842
Signing time:             Mon 02 Mar 2026 01:00:31 +0000
Manifest this update:     Mon 02 Mar 2026 01:00:31 +0000
Manifest next update:     Tue 03 Mar 2026 01:00:31 +0000
Files and hashes:         1: kyIxLx0huzs4bKOqlzrGzSVLcDk.crl (hash: vEVSNg4couAeKd/O91FKPSIlaZG0CsNGVt9f8rfWkYA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kyIxLx0huzs4bKOqlzrGzSVLcDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:0f:a2:42:8f:85:b8:03:2b:6d:0c:60:7c:55:08:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9322312f1d21bb3b386ca3aa973ac6cd254b7039
        Validity
            Not Before: Mar  2 01:00:31 2026 GMT
            Not After : Mar  3 01:00:31 2026 GMT
        Subject: CN=054add023003c9ad0c72919a12023f7c047d1d8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:e3:1e:71:22:d6:0b:70:d8:be:cd:12:5e:d5:
                    f8:c8:33:d0:3c:36:fc:01:d7:d6:76:6f:22:f3:cf:
                    02:d2:b9:63:38:ca:01:31:a0:6f:2a:ea:0d:62:f8:
                    cb:af:94:36:42:fc:fe:81:87:f2:18:6b:f3:60:9c:
                    2d:4b:8f:1c:7d:64:72:56:25:a0:5b:a1:7b:2f:79:
                    a4:49:69:e4:cd:d2:5d:fa:32:a7:7a:82:c7:09:0f:
                    63:57:66:87:27:7b:95:51:66:8f:dd:f4:e7:e1:2c:
                    2f:46:ed:52:06:ec:40:ea:3d:5a:4c:8a:ab:18:a7:
                    bb:fe:ed:e1:6f:e1:05:c1:cb:88:cc:02:84:6a:cd:
                    17:3c:32:3b:e5:fe:b1:bc:24:83:7f:77:f5:da:3f:
                    ab:30:e4:b2:71:b0:01:4e:26:a3:94:69:d4:cd:11:
                    53:ff:3a:e5:30:8e:4b:d7:48:8f:e4:10:5a:3f:2e:
                    ce:b5:c2:17:cc:53:a8:31:56:12:23:cf:05:8f:40:
                    c4:33:a9:31:c2:49:ae:9f:8b:98:3f:a0:d7:4f:3e:
                    4e:de:cd:6e:d1:42:78:bd:57:42:b4:e9:59:9c:57:
                    07:d4:72:c5:6f:8e:8d:0f:f6:af:e4:0d:f9:33:82:
                    76:e7:3d:61:85:3a:4b:70:99:ea:ca:cf:f6:41:76:
                    88:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:4A:DD:02:30:03:C9:AD:0C:72:91:9A:12:02:3F:7C:04:7D:1D:8B
            X509v3 Authority Key Identifier:
                keyid:93:22:31:2F:1D:21:BB:3B:38:6C:A3:AA:97:3A:C6:CD:25:4B:70:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kyIxLx0huzs4bKOqlzrGzSVLcDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:73:83:90:ac:6a:b4:da:6c:d6:d5:5e:f0:e5:55:5c:14:11:
         af:b5:36:ac:de:5d:43:4d:6c:5d:69:5f:17:c5:76:86:14:eb:
         83:83:99:69:30:79:ef:c6:46:f5:4c:60:d3:fb:f9:6d:6e:b7:
         8b:50:94:5c:3d:5d:6b:17:63:4a:87:a0:e9:7b:c2:d7:aa:3e:
         d8:74:35:e7:5b:42:9b:36:49:40:fd:e2:23:39:25:e8:32:bd:
         c3:e5:14:03:d3:39:08:46:d0:6e:4f:91:52:10:63:63:66:3c:
         aa:ef:c8:f8:7a:f9:cf:62:c1:8f:43:4d:4c:1e:78:06:a7:4e:
         e0:b0:c4:76:ee:fa:50:3a:bf:42:e0:e3:75:49:61:4e:ad:23:
         3c:84:e3:74:85:c8:70:09:9c:12:2e:09:c1:2b:ef:85:43:f8:
         c7:75:73:25:0b:cd:11:35:10:ac:1d:16:a1:ef:b1:61:31:2c:
         ee:eb:39:5f:ec:6a:40:cc:64:ae:7b:f4:bc:ff:fa:df:61:e9:
         aa:96:8f:3d:dd:b7:01:03:d6:11:a1:92:59:5f:4c:f7:61:e6:
         81:98:f5:9e:3f:2c:fe:75:c2:d6:7e:ae:bf:9f:93:95:8a:95:
         4b:19:08:a1:14:75:21:36:96:c7:4b:b8:29:40:94:37:b1:39:
         91:6c:27:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysD6JCj4W4AyttDGB8VQgHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMjIzMTJmMWQyMWJiM2IzODZjYTNhYTk3M2FjNmNkMjU0
YjcwMzkwHhcNMjYwMzAyMDEwMDMxWhcNMjYwMzAzMDEwMDMxWjAzMTEwLwYDVQQD
EygwNTRhZGQwMjMwMDNjOWFkMGM3MjkxOWExMjAyM2Y3YzA0N2QxZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5OMecSLWC3DYvs0SXtX4yDPQPDb8
AdfWdm8i888C0rljOMoBMaBvKuoNYvjLr5Q2Qvz+gYfyGGvzYJwtS48cfWRyViWg
W6F7L3mkSWnkzdJd+jKneoLHCQ9jV2aHJ3uVUWaP3fTn4SwvRu1SBuxA6j1aTIqr
GKe7/u3hb+EFwcuIzAKEas0XPDI75f6xvCSDf3f12j+rMOSycbABTiajlGnUzRFT
/zrlMI5L10iP5BBaPy7OtcIXzFOoMVYSI88Fj0DEM6kxwkmun4uYP6DXTz5O3s1u
0UJ4vVdCtOlZnFcH1HLFb46ND/av5A35M4J25z1hhTpLcJnqys/2QXaIxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAVK3QIwA8mtDHKRmhICP3wEfR2LMB8GA1UdIwQY
MBaAFJMiMS8dIbs7OGyjqpc6xs0lS3A5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3lJeEx4MGh1enM0YktPcWx6ckd6U1ZMY0RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82OTVkNzEtYmJhMS00MjVkLWI5ZjMt
YzI2Nzc4MDliNGE3LzEva3lJeEx4MGh1enM0YktPcWx6ckd6U1ZMY0RrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82OTVkNzEtYmJhMS00MjVkLWI5ZjMtYzI2Nzc4MDliNGE3
LzEva3lJeEx4MGh1enM0YktPcWx6ckd6U1ZMY0RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASXODkKxq
tNps1tVe8OVVXBQRr7U2rN5dQ01sXWlfF8V2hhTrg4OZaTB578ZG9Uxg0/v5bW63
i1CUXD1daxdjSoeg6XvC16o+2HQ151tCmzZJQP3iIzkl6DK9w+UUA9M5CEbQbk+R
UhBjY2Y8qu/I+Hr5z2LBj0NNTB54BqdO4LDEdu76UDq/QuDjdUlhTq0jPITjdIXI
cAmcEi4JwSvvhUP4x3VzJQvNETUQrB0Woe+xYTEs7us5X+xqQMxkrnv0vP/632Hp
qpaPPd23AQPWEaGSWV9M92HmgZj1nj8s/nXC1n6uv5+TlYqVSxkIoRR1ITaWx0u4
KUCUN7E5kWwnpw==
-----END CERTIFICATE-----