Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
File:                     hFNK68PtnHkETCI8iyXgEdq_L98.mft (raw, json)
Hash identifier:          jwl8hvd+fGSxUB7KprZwSwWtbRJjXibmXlJVXRVZAD0=
Subject key identifier:   0F:80:A3:0C:47:ED:96:B6:F3:FC:80:C3:A5:26:BF:61:C0:01:D8:CC
Authority key identifier: 84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF
Certificate issuer:       /CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf
Certificate serial:       019CAA2187C4429B45CDDD3CA5DCF8E66E72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
Manifest number:          092A
Signing time:             Sun 01 Mar 2026 16:00:49 +0000
Manifest this update:     Sun 01 Mar 2026 16:00:49 +0000
Manifest next update:     Mon 02 Mar 2026 16:00:49 +0000
Files and hashes:         1: hFNK68PtnHkETCI8iyXgEdq_L98.crl (hash: 03NsIBU9RHNVBSeHfWkKtEOXd0wchSJc0K+g9IdRkDk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 16:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:21:87:c4:42:9b:45:cd:dd:3c:a5:dc:f8:e6:6e:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf
        Validity
            Not Before: Mar  1 16:00:49 2026 GMT
            Not After : Mar  2 16:00:49 2026 GMT
        Subject: CN=0f80a30c47ed96b6f3fc80c3a526bf61c001d8cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:92:d8:e4:8d:65:65:50:f3:da:55:fb:d9:96:
                    5b:60:03:77:36:19:b6:23:7c:4c:a3:57:dc:85:85:
                    ad:66:a6:a4:a8:1b:0c:5e:a9:f0:51:82:c1:46:6d:
                    60:0c:ec:cf:df:2f:6c:53:13:7f:68:cb:c0:c0:21:
                    fe:55:16:46:ac:bb:8b:20:7f:8a:e8:f5:0f:0d:3c:
                    7b:b3:27:7d:c0:d4:11:ec:82:54:9f:e8:45:d7:91:
                    16:d0:1c:85:dd:98:f3:3d:78:47:e9:22:57:ef:a2:
                    c0:cc:72:30:9f:e3:6c:6a:fc:ba:ed:7d:e6:96:a7:
                    5f:64:ad:36:6b:bd:d1:92:35:69:a5:b2:89:bc:f0:
                    dc:53:72:e6:e8:5d:a7:3b:0c:01:d9:d6:a2:0a:e3:
                    69:f4:a8:19:dc:ce:a0:5c:8a:00:ae:d1:d4:37:37:
                    07:3b:a5:8a:30:87:45:1e:23:a9:d9:a3:0e:ce:86:
                    2a:4a:5b:fb:8c:6e:f9:f7:1b:3d:1d:67:b7:a0:85:
                    15:15:c4:cd:9e:f5:24:6d:d7:27:3d:ba:88:ec:ff:
                    ef:6c:49:8e:46:79:f0:bc:f8:8a:4d:5d:05:de:45:
                    27:e2:0d:34:9f:90:3d:fc:1c:51:b5:ae:8c:f0:0e:
                    12:19:37:06:0e:eb:6c:ee:0c:ff:30:f9:ed:60:2f:
                    62:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:80:A3:0C:47:ED:96:B6:F3:FC:80:C3:A5:26:BF:61:C0:01:D8:CC
            X509v3 Authority Key Identifier:
                keyid:84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:a9:ed:d9:5c:c2:a9:04:28:11:44:ce:39:a7:72:2f:d4:8e:
         98:88:48:b8:89:58:ac:42:e5:68:1e:91:50:b9:cb:46:92:d9:
         f1:6b:36:2c:a6:1e:6d:f3:8b:b3:a9:4e:0d:45:1c:63:a5:c2:
         fe:d4:07:4f:60:5c:89:34:ec:43:9b:7c:8b:25:be:5e:08:12:
         cb:2e:75:50:bd:ad:76:98:b8:1e:8e:89:c5:fd:ac:97:98:18:
         32:d1:09:14:14:d0:52:cc:40:6c:7e:98:7d:3e:24:cc:fe:86:
         3f:92:71:35:0e:10:02:05:1f:80:ec:40:6c:fc:02:4d:54:f3:
         c5:7a:4e:9a:34:80:f7:cc:98:d8:3d:8d:68:52:42:f9:00:0b:
         a2:34:58:cc:a8:22:c1:ed:2f:77:e5:14:0d:62:68:ba:17:52:
         f1:8a:81:bf:51:28:47:83:55:3b:c5:58:ce:85:e8:9e:1f:e6:
         31:a8:11:46:9f:af:e7:8d:29:12:f3:ab:0e:7c:67:2a:12:8e:
         bd:8f:10:4e:1c:47:6e:37:b8:83:47:29:49:5e:fa:9f:e4:76:
         f8:58:05:fe:60:68:53:2c:86:d1:02:e7:22:a2:a5:4c:16:0c:
         10:a5:2f:bd:22:2c:c9:32:f3:d8:5f:32:70:a5:41:35:3e:6b:
         05:77:66:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIYfEQptFzd08pdz45m5yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NTM0YWViYzNlZDljNzkwNDRjMjIzYzhiMjVlMDExZGFi
ZjJmZGYwHhcNMjYwMzAxMTYwMDQ5WhcNMjYwMzAyMTYwMDQ5WjAzMTEwLwYDVQQD
EygwZjgwYTMwYzQ3ZWQ5NmI2ZjNmYzgwYzNhNTI2YmY2MWMwMDFkOGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZLY5I1lZVDz2lX72ZZbYAN3Nhm2
I3xMo1fchYWtZqakqBsMXqnwUYLBRm1gDOzP3y9sUxN/aMvAwCH+VRZGrLuLIH+K
6PUPDTx7syd9wNQR7IJUn+hF15EW0ByF3ZjzPXhH6SJX76LAzHIwn+Nsavy67X3m
lqdfZK02a73RkjVppbKJvPDcU3Lm6F2nOwwB2daiCuNp9KgZ3M6gXIoArtHUNzcH
O6WKMIdFHiOp2aMOzoYqSlv7jG759xs9HWe3oIUVFcTNnvUkbdcnPbqI7P/vbEmO
RnnwvPiKTV0F3kUn4g00n5A9/BxRta6M8A4SGTcGDuts7gz/MPntYC9iQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA+AowxH7Za28/yAw6Umv2HAAdjMMB8GA1UdIwQY
MBaAFIRTSuvD7Zx5BEwiPIsl4BHavy/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDct
ZWJkZTc0OTMzYzc3LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDctZWJkZTc0OTMzYzc3
LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB6nt2VzC
qQQoEUTOOadyL9SOmIhIuIlYrELlaB6RULnLRpLZ8Ws2LKYebfOLs6lODUUcY6XC
/tQHT2BciTTsQ5t8iyW+XggSyy51UL2tdpi4Ho6Jxf2sl5gYMtEJFBTQUsxAbH6Y
fT4kzP6GP5JxNQ4QAgUfgOxAbPwCTVTzxXpOmjSA98yY2D2NaFJC+QALojRYzKgi
we0vd+UUDWJouhdS8YqBv1EoR4NVO8VYzoXonh/mMagRRp+v540pEvOrDnxnKhKO
vY8QThxHbje4g0cpSV76n+R2+FgF/mBoUyyG0QLnIqKlTBYMEKUvvSIsyTLz2F8y
cKVBNT5rBXdmjg==
-----END CERTIFICATE-----