Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
File:                     kh2gU5IfUoNniBiPgvYt1aqXP-k.mft (raw, json)
Hash identifier:          0rOJf3AljuZQ2rnBj+QUUP3epqQXIMy32r6QnXbjITI=
Subject key identifier:   B8:17:7F:69:68:77:DB:1C:C5:80:2F:C3:5A:DB:0B:CA:ED:CD:75:43
Authority key identifier: 92:1D:A0:53:92:1F:52:83:67:88:18:8F:82:F6:2D:D5:AA:97:3F:E9
Certificate issuer:       /CN=921da053921f52836788188f82f62dd5aa973fe9
Certificate serial:       019CA9EB1D20D68AEE55AEF0D8F98D12CDA0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
Manifest number:          110A
Signing time:             Sun 01 Mar 2026 15:01:23 +0000
Manifest this update:     Sun 01 Mar 2026 15:01:23 +0000
Manifest next update:     Mon 02 Mar 2026 15:01:23 +0000
Files and hashes:         1: kh2gU5IfUoNniBiPgvYt1aqXP-k.crl (hash: hpOAOci7CZgrZ+Df004ziV3tEMBtgvpiOWNSj5YwDZk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:eb:1d:20:d6:8a:ee:55:ae:f0:d8:f9:8d:12:cd:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=921da053921f52836788188f82f62dd5aa973fe9
        Validity
            Not Before: Mar  1 15:01:23 2026 GMT
            Not After : Mar  2 15:01:23 2026 GMT
        Subject: CN=b8177f696877db1cc5802fc35adb0bcaedcd7543
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:93:5c:8a:74:98:d2:ce:be:a2:fb:a2:7f:2d:
                    86:5a:33:4c:80:72:f8:9c:54:f5:84:dd:22:6e:ee:
                    f0:71:92:0d:8f:d9:79:a3:4f:d0:1a:88:c3:93:ee:
                    bb:7d:52:8d:a8:98:38:0e:dc:62:6b:39:5b:94:ab:
                    af:6f:54:62:c2:d7:74:ff:e4:ee:b0:fe:9e:03:9f:
                    7c:9e:a6:34:6b:2f:65:a8:0f:41:68:1b:d8:eb:f6:
                    70:82:2a:25:c3:78:81:c4:f4:72:2c:1d:16:05:64:
                    8e:2d:b2:1d:cc:09:03:4c:2e:95:14:5b:d0:af:18:
                    88:9a:38:d1:26:28:c0:a5:09:a5:a3:d2:28:30:38:
                    fa:3d:10:31:e2:f9:41:06:2d:bc:3d:c2:3c:28:ef:
                    60:dd:10:c9:84:d0:99:17:fa:3e:48:81:41:bd:c2:
                    d9:27:81:92:ae:ad:ea:24:f3:f3:c4:64:75:ea:60:
                    8a:09:17:fd:11:e0:2e:28:0f:bd:4a:05:73:03:1b:
                    b1:dd:b8:b9:9c:59:58:08:e4:21:51:51:89:cd:e9:
                    76:44:05:c7:ec:fc:bb:cc:fb:50:e0:d0:80:41:3b:
                    b8:ae:e8:8b:bc:e2:f5:c6:11:44:cb:2e:9a:d7:8f:
                    14:cc:3d:05:97:17:15:1d:85:aa:b4:e6:a6:8f:31:
                    fd:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:17:7F:69:68:77:DB:1C:C5:80:2F:C3:5A:DB:0B:CA:ED:CD:75:43
            X509v3 Authority Key Identifier:
                keyid:92:1D:A0:53:92:1F:52:83:67:88:18:8F:82:F6:2D:D5:AA:97:3F:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:0e:18:68:11:13:be:54:e5:32:6e:7f:55:44:3b:c4:c1:51:
         5d:9d:e6:ff:66:e9:06:08:8e:55:c4:1f:a7:e9:e5:9f:64:e9:
         83:d1:1a:a9:f3:27:c5:f6:1c:c0:b8:fa:39:44:1d:64:ee:69:
         cc:33:4c:da:9f:d2:4c:79:18:4f:ef:de:82:60:77:42:96:16:
         39:5c:57:9d:a8:dc:f4:cb:71:a1:90:72:1d:37:56:90:d9:d9:
         0b:89:ea:a2:10:31:43:dc:48:6b:42:2d:a1:6a:f4:72:8f:ff:
         87:17:40:03:61:df:04:6e:5d:2d:ac:e6:5f:75:1f:ba:78:4d:
         11:13:4a:da:4e:c6:29:6d:19:db:e1:1a:a5:10:6f:eb:fa:9c:
         6f:d3:15:15:4f:3b:e9:e7:39:3b:85:1e:3a:38:3f:3e:e6:0e:
         7a:5d:98:a0:4b:e2:d8:20:af:13:ea:f2:f2:21:b1:ad:f5:bc:
         1d:22:db:00:d3:c4:93:93:2a:5b:46:cf:5c:a6:0a:f7:5b:0b:
         de:e7:44:d3:ca:7d:57:06:1d:c1:d7:4e:ba:75:82:2b:dc:97:
         dd:90:89:90:7d:61:26:7e:d7:a7:62:98:1c:82:ad:d2:d6:6f:
         ec:43:f0:b1:fb:db:26:af:16:65:22:26:37:03:23:00:d8:b3:
         6a:77:1a:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyp6x0g1oruVa7w2PmNEs2gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWRhMDUzOTIxZjUyODM2Nzg4MTg4ZjgyZjYyZGQ1YWE5
NzNmZTkwHhcNMjYwMzAxMTUwMTIzWhcNMjYwMzAyMTUwMTIzWjAzMTEwLwYDVQQD
EyhiODE3N2Y2OTY4NzdkYjFjYzU4MDJmYzM1YWRiMGJjYWVkY2Q3NTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJNcinSY0s6+ovuify2GWjNMgHL4
nFT1hN0ibu7wcZINj9l5o0/QGojDk+67fVKNqJg4DtxiazlblKuvb1Riwtd0/+Tu
sP6eA598nqY0ay9lqA9BaBvY6/Zwgiolw3iBxPRyLB0WBWSOLbIdzAkDTC6VFFvQ
rxiImjjRJijApQmlo9IoMDj6PRAx4vlBBi28PcI8KO9g3RDJhNCZF/o+SIFBvcLZ
J4GSrq3qJPPzxGR16mCKCRf9EeAuKA+9SgVzAxux3bi5nFlYCOQhUVGJzel2RAXH
7Py7zPtQ4NCAQTu4ruiLvOL1xhFEyy6a148UzD0FlxcVHYWqtOamjzH9lQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLgXf2lod9scxYAvw1rbC8rtzXVDMB8GA1UdIwQY
MBaAFJIdoFOSH1KDZ4gYj4L2LdWqlz/pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zZTZlYTUtMGQ0ZS00MzRmLWE2ZjMt
ZWIzNDZkOWNlOWUwLzEva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zZTZlYTUtMGQ0ZS00MzRmLWE2ZjMtZWIzNDZkOWNlOWUw
LzEva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgA4YaBET
vlTlMm5/VUQ7xMFRXZ3m/2bpBgiOVcQfp+nln2Tpg9EaqfMnxfYcwLj6OUQdZO5p
zDNM2p/STHkYT+/egmB3QpYWOVxXnajc9MtxoZByHTdWkNnZC4nqohAxQ9xIa0It
oWr0co//hxdAA2HfBG5dLazmX3UfunhNERNK2k7GKW0Z2+EapRBv6/qcb9MVFU87
6ec5O4UeOjg/PuYOel2YoEvi2CCvE+ry8iGxrfW8HSLbANPEk5MqW0bPXKYK91sL
3udE08p9VwYdwddOunWCK9yX3ZCJkH1hJn7Xp2KYHIKt0tZv7EPwsfvbJq8WZSIm
NwMjANizancaKg==
-----END CERTIFICATE-----