Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
File:                     Kf5mFpV0HYXP7c9v-890aZlZVp8.mft (raw, json)
Hash identifier:          9zveSnNkrgCVF/rwJ7EBTQKvcWRsh7fTv9tK4ZBh3CE=
Subject key identifier:   21:76:8B:D6:A6:D3:52:8B:66:24:32:1B:D7:D5:EB:EB:C9:48:72:84
Authority key identifier: 29:FE:66:16:95:74:1D:85:CF:ED:CF:6F:FB:CF:74:69:99:59:56:9F
Certificate issuer:       /CN=29fe661695741d85cfedcf6ffbcf74699959569f
Certificate serial:       019CAB3418E5175294E43F7D04D51012DFC4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
Manifest number:          1844
Signing time:             Sun 01 Mar 2026 21:00:43 +0000
Manifest this update:     Sun 01 Mar 2026 21:00:43 +0000
Manifest next update:     Mon 02 Mar 2026 21:00:43 +0000
Files and hashes:         1: Kf5mFpV0HYXP7c9v-890aZlZVp8.crl (hash: tpZKQTuDfZbfV4aRQX+tNaFd0UpOr2pj7M3+TZ6af6Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:34:18:e5:17:52:94:e4:3f:7d:04:d5:10:12:df:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29fe661695741d85cfedcf6ffbcf74699959569f
        Validity
            Not Before: Mar  1 21:00:43 2026 GMT
            Not After : Mar  2 21:00:43 2026 GMT
        Subject: CN=21768bd6a6d3528b6624321bd7d5ebebc9487284
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:44:76:23:35:a6:ee:67:47:2b:ac:3b:d2:a8:
                    fe:38:f5:64:d1:ae:ba:ab:2a:f6:3d:2e:f9:41:1f:
                    17:ea:00:f9:3d:75:9f:30:f7:9f:05:5a:2d:f7:0d:
                    06:d1:9c:1c:cb:a2:4b:45:4d:5a:f1:b4:84:fb:d4:
                    36:ad:d4:5b:e4:71:3f:d4:77:d5:80:5a:1e:d6:23:
                    41:fd:9f:a5:23:32:f6:aa:94:f3:c8:61:d9:bc:6d:
                    84:86:00:73:6a:16:f9:df:37:4f:ee:e8:5e:48:6c:
                    fd:75:d0:71:b1:b7:1c:88:47:22:e8:e9:8c:85:6e:
                    42:dd:d5:c0:4b:59:30:ea:ac:44:2b:8c:9a:ac:5c:
                    02:d0:d7:0a:d2:fe:63:c0:69:07:0a:72:4c:0b:dc:
                    ab:fe:90:71:6d:71:ea:03:53:68:43:e5:8f:b7:a1:
                    65:3d:8e:2c:ea:3e:7f:05:4b:8a:ba:87:b7:82:7e:
                    a0:71:8b:23:d0:67:ae:14:2d:51:ab:5b:38:15:fe:
                    1c:ac:9e:fa:27:2f:fe:77:eb:70:67:77:5f:d7:7a:
                    24:eb:ca:66:9e:fb:6a:3f:68:37:26:d5:06:fa:53:
                    b7:66:08:d5:f2:2c:a0:b9:d2:81:69:2b:31:86:04:
                    ac:00:8f:8b:3d:56:72:69:a1:b7:15:f6:2c:95:73:
                    d3:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:76:8B:D6:A6:D3:52:8B:66:24:32:1B:D7:D5:EB:EB:C9:48:72:84
            X509v3 Authority Key Identifier:
                keyid:29:FE:66:16:95:74:1D:85:CF:ED:CF:6F:FB:CF:74:69:99:59:56:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:ad:10:76:36:44:15:9a:43:df:46:d6:8d:18:0b:c9:ba:9a:
         6f:4f:09:9b:ff:10:9f:9a:22:8a:87:e8:36:ae:45:66:2d:8d:
         a7:32:fc:f0:27:4d:af:2f:a7:a0:16:1c:26:f9:8f:dc:5c:53:
         2d:4e:f2:2a:4b:92:60:05:4b:49:ff:d6:cf:22:e6:38:ac:ea:
         d1:62:76:4a:39:57:ec:62:a6:da:20:53:84:85:95:a9:a2:a0:
         08:77:40:95:68:e1:b5:f4:a9:12:59:cb:ee:4a:fd:4b:1f:63:
         61:f5:cf:bb:89:b5:03:89:06:a7:0f:e2:59:e1:04:39:b6:dd:
         a8:91:66:85:b1:0d:ee:c6:6a:a8:b0:2b:6b:b3:0c:fe:84:35:
         4a:55:24:bf:c2:f3:bf:b9:54:38:fa:a6:da:b3:78:f2:9b:d2:
         3e:5a:3d:bd:c4:e1:32:87:78:00:92:b3:c6:cc:7a:19:93:7c:
         f9:13:8f:ca:bd:2d:26:e7:99:32:db:26:d4:63:50:46:c8:f3:
         01:db:ff:69:55:76:9a:f5:bd:3a:85:9a:40:d4:c4:2d:62:13:
         45:25:19:04:69:11:e1:0e:4a:be:e1:7c:b6:1d:19:dd:df:78:
         f0:84:2f:6f:f5:5c:66:0e:96:f5:1d:ce:cb:f7:ad:ba:15:e1:
         62:90:06:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrNBjlF1KU5D99BNUQEt/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZmU2NjE2OTU3NDFkODVjZmVkY2Y2ZmZiY2Y3NDY5OTk1
OTU2OWYwHhcNMjYwMzAxMjEwMDQzWhcNMjYwMzAyMjEwMDQzWjAzMTEwLwYDVQQD
EygyMTc2OGJkNmE2ZDM1MjhiNjYyNDMyMWJkN2Q1ZWJlYmM5NDg3Mjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzER2IzWm7mdHK6w70qj+OPVk0a66
qyr2PS75QR8X6gD5PXWfMPefBVot9w0G0Zwcy6JLRU1a8bSE+9Q2rdRb5HE/1HfV
gFoe1iNB/Z+lIzL2qpTzyGHZvG2EhgBzahb53zdP7uheSGz9ddBxsbcciEci6OmM
hW5C3dXAS1kw6qxEK4yarFwC0NcK0v5jwGkHCnJMC9yr/pBxbXHqA1NoQ+WPt6Fl
PY4s6j5/BUuKuoe3gn6gcYsj0GeuFC1Rq1s4Ff4crJ76Jy/+d+twZ3df13ok68pm
nvtqP2g3JtUG+lO3ZgjV8iygudKBaSsxhgSsAI+LPVZyaaG3FfYslXPTGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCF2i9am01KLZiQyG9fV6+vJSHKEMB8GA1UdIwQY
MBaAFCn+ZhaVdB2Fz+3Pb/vPdGmZWVafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi81MWVjYzktNTY4MS00YjAyLTlkYjgt
MmU4ODBhN2E4MmNhLzEvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi81MWVjYzktNTY4MS00YjAyLTlkYjgtMmU4ODBhN2E4MmNh
LzEvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJK0QdjZE
FZpD30bWjRgLybqab08Jm/8Qn5oiiofoNq5FZi2NpzL88CdNry+noBYcJvmP3FxT
LU7yKkuSYAVLSf/WzyLmOKzq0WJ2SjlX7GKm2iBThIWVqaKgCHdAlWjhtfSpElnL
7kr9Sx9jYfXPu4m1A4kGpw/iWeEEObbdqJFmhbEN7sZqqLAra7MM/oQ1SlUkv8Lz
v7lUOPqm2rN48pvSPlo9vcThMod4AJKzxsx6GZN8+ROPyr0tJueZMtsm1GNQRsjz
Adv/aVV2mvW9OoWaQNTELWITRSUZBGkR4Q5KvuF8th0Z3d948IQvb/VcZg6W9R3O
y/etuhXhYpAGHw==
-----END CERTIFICATE-----