Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft
File:                     ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft (raw, json)
Hash identifier:          zeUjGBUABNRPADyRWO30oXpWH3HpXyPZUsY9OAL0w00=
Subject key identifier:   83:B5:2F:77:2A:7C:E0:15:6B:AC:95:65:8F:74:F3:F8:4A:3B:8B:82
Authority key identifier: 72:4F:14:18:9A:B7:10:56:20:37:5D:AF:9B:AA:81:4D:6D:D9:37:A2
Certificate issuer:       /CN=724f14189ab7105620375daf9baa814d6dd937a2
Certificate serial:       019CAD595EA214364F4C438EFA8D29D58C1C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ck8UGJq3EFYgN12vm6qBTW3ZN6I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft
Manifest number:          09B5
Signing time:             Mon 02 Mar 2026 07:00:40 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:40 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:40 +0000
Files and hashes:         1: ck8UGJq3EFYgN12vm6qBTW3ZN6I.crl (hash: W3yady8eYcaIoaDIrLKkw7lnNNjG2x/sKAgRJwPEgEc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ck8UGJq3EFYgN12vm6qBTW3ZN6I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:5e:a2:14:36:4f:4c:43:8e:fa:8d:29:d5:8c:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=724f14189ab7105620375daf9baa814d6dd937a2
        Validity
            Not Before: Mar  2 07:00:40 2026 GMT
            Not After : Mar  3 07:00:40 2026 GMT
        Subject: CN=83b52f772a7ce0156bac95658f74f3f84a3b8b82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ea:e7:2b:90:9d:2a:bb:21:1e:68:ad:86:2d:
                    fb:48:9a:60:c5:fd:bf:6d:e8:ce:a8:fe:9d:7e:f5:
                    e1:a7:1c:7f:df:69:61:4f:49:a7:eb:1f:a3:db:55:
                    20:3d:41:cd:32:f2:73:e3:f9:fc:13:5c:f2:f1:b1:
                    77:3e:32:ae:d1:45:94:8e:68:5e:da:20:b5:88:79:
                    e4:b2:25:d0:2f:1d:c8:05:81:a6:ec:6c:90:e6:27:
                    b8:52:c9:bb:d3:56:19:1f:c3:ac:42:8a:f5:1b:f3:
                    d9:d3:d0:e9:9e:cc:5b:c5:71:c6:0f:90:f4:fa:e9:
                    91:c3:c7:d7:50:40:fd:42:5d:e5:18:10:d7:95:8a:
                    73:8a:89:4f:a5:97:ef:1d:ed:54:38:3d:0b:77:f0:
                    d3:e0:b2:11:5c:5f:e8:c1:e2:86:c3:91:fc:5f:03:
                    0d:af:c2:00:8f:33:8e:41:10:07:8b:2a:d2:64:1a:
                    37:95:7d:1e:19:f7:f0:26:7e:0f:55:80:33:8d:8b:
                    44:79:30:55:69:4e:1e:c5:aa:b8:08:9b:3d:c8:41:
                    4d:e8:75:16:43:6a:cb:eb:c5:39:19:11:43:30:86:
                    e1:47:5e:a8:87:b1:ad:87:6c:90:99:69:26:23:27:
                    7a:37:64:3a:82:11:44:a1:b4:fb:7b:b0:d9:83:7b:
                    bb:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:B5:2F:77:2A:7C:E0:15:6B:AC:95:65:8F:74:F3:F8:4A:3B:8B:82
            X509v3 Authority Key Identifier:
                keyid:72:4F:14:18:9A:B7:10:56:20:37:5D:AF:9B:AA:81:4D:6D:D9:37:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ck8UGJq3EFYgN12vm6qBTW3ZN6I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:c0:ac:ed:eb:a8:fc:98:15:55:5d:c5:07:0a:b5:59:5f:97:
         81:eb:c6:74:23:d8:d5:25:d6:50:c9:0d:5c:68:18:38:42:da:
         19:9f:6d:4c:68:de:17:0a:ae:a0:bb:6d:25:56:86:00:ab:f6:
         6e:2d:7a:45:8f:d1:74:d4:c9:c2:b8:2b:27:0b:1e:76:41:ea:
         da:7a:92:c0:cc:af:e5:52:3b:25:1f:a9:1a:a5:95:15:a4:52:
         c3:3c:de:ea:b6:f4:72:ac:e7:14:59:7f:e2:c1:43:74:68:2a:
         7f:d3:3b:74:cd:0c:c5:e1:b9:ad:fa:9e:fa:1b:2d:de:78:a2:
         bb:b1:dc:06:8a:ed:cd:27:12:f7:7a:42:86:7d:e1:9c:3a:ce:
         de:09:02:e1:be:1b:b1:d3:a3:91:2d:eb:98:0a:10:1c:92:79:
         5d:57:77:64:cd:f1:ea:7e:fe:a7:16:29:31:e3:73:14:3e:84:
         7b:c1:b9:ca:f6:5a:e9:e3:8b:70:d3:d2:9e:90:70:9a:3d:80:
         ae:14:b8:59:23:ce:33:58:c3:ac:38:b0:79:80:d2:0b:6c:23:
         25:ef:ae:b6:ad:18:e7:a0:cb:31:34:5c:b3:d3:b2:a2:55:1f:
         c2:b5:15:b8:23:92:8d:4b:bb:ca:ec:a8:40:ba:67:d1:05:48:
         45:7c:e4:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWV6iFDZPTEOO+o0p1YwcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNGYxNDE4OWFiNzEwNTYyMDM3NWRhZjliYWE4MTRkNmRk
OTM3YTIwHhcNMjYwMzAyMDcwMDQwWhcNMjYwMzAzMDcwMDQwWjAzMTEwLwYDVQQD
Eyg4M2I1MmY3NzJhN2NlMDE1NmJhYzk1NjU4Zjc0ZjNmODRhM2I4YjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuurnK5CdKrshHmithi37SJpgxf2/
bejOqP6dfvXhpxx/32lhT0mn6x+j21UgPUHNMvJz4/n8E1zy8bF3PjKu0UWUjmhe
2iC1iHnksiXQLx3IBYGm7GyQ5ie4Usm701YZH8OsQor1G/PZ09DpnsxbxXHGD5D0
+umRw8fXUED9Ql3lGBDXlYpziolPpZfvHe1UOD0Ld/DT4LIRXF/oweKGw5H8XwMN
r8IAjzOOQRAHiyrSZBo3lX0eGffwJn4PVYAzjYtEeTBVaU4exaq4CJs9yEFN6HUW
Q2rL68U5GRFDMIbhR16oh7Gth2yQmWkmIyd6N2Q6ghFEobT7e7DZg3u7PwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIO1L3cqfOAVa6yVZY908/hKO4uCMB8GA1UdIwQY
MBaAFHJPFBiatxBWIDddr5uqgU1t2TeiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2s4VUdKcTNFRllnTjEydm02cUJUVzNaTjZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9jYmQ3MmItZjY0Yi00NTRlLWI1OGMt
MjcxNWViNzEwZTgwLzEvY2s4VUdKcTNFRllnTjEydm02cUJUVzNaTjZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9jYmQ3MmItZjY0Yi00NTRlLWI1OGMtMjcxNWViNzEwZTgw
LzEvY2s4VUdKcTNFRllnTjEydm02cUJUVzNaTjZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOcCs7euo
/JgVVV3FBwq1WV+XgevGdCPY1SXWUMkNXGgYOELaGZ9tTGjeFwquoLttJVaGAKv2
bi16RY/RdNTJwrgrJwsedkHq2nqSwMyv5VI7JR+pGqWVFaRSwzze6rb0cqznFFl/
4sFDdGgqf9M7dM0MxeG5rfqe+hst3niiu7HcBortzScS93pChn3hnDrO3gkC4b4b
sdOjkS3rmAoQHJJ5XVd3ZM3x6n7+pxYpMeNzFD6Ee8G5yvZa6eOLcNPSnpBwmj2A
rhS4WSPOM1jDrDiweYDSC2wjJe+utq0Y56DLMTRcs9OyolUfwrUVuCOSjUu7yuyo
QLpn0QVIRXzk8w==
-----END CERTIFICATE-----