Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
File:                     MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft (raw, json)
Hash identifier:          eN0hqupEMevXRqY4Ki4JqHl5LGMf9P0vVlRbuiPBYUU=
Subject key identifier:   31:92:38:F3:8D:2F:16:66:9D:20:A1:D4:FD:69:99:85:EB:02:0B:AE
Authority key identifier: 30:AA:B0:2B:65:4E:91:5C:AD:CA:33:92:92:E2:8C:15:C4:7D:F8:58
Certificate issuer:       /CN=30aab02b654e915cadca339292e28c15c47df858
Certificate serial:       019CABD955E5E8B9869251C5F07F3869AC71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
Manifest number:          06A8
Signing time:             Mon 02 Mar 2026 00:01:13 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:13 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:13 +0000
Files and hashes:         1: MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl (hash: F4OzGc3ta9aCPkJhJeVAga0hyAt0N82/XPaik00a+3I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:55:e5:e8:b9:86:92:51:c5:f0:7f:38:69:ac:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30aab02b654e915cadca339292e28c15c47df858
        Validity
            Not Before: Mar  2 00:01:13 2026 GMT
            Not After : Mar  3 00:01:13 2026 GMT
        Subject: CN=319238f38d2f16669d20a1d4fd699985eb020bae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:3f:30:47:a7:7d:77:46:42:19:57:9d:cd:8f:
                    47:72:03:57:06:bd:34:b2:6f:30:73:d8:4a:fa:cd:
                    d4:23:68:98:56:f1:90:ee:ec:d6:f2:25:41:ff:af:
                    d1:f1:57:68:ea:61:8f:5b:94:83:6d:71:9b:7e:e9:
                    9d:7b:5d:0e:40:ec:5a:b5:48:c7:bb:d4:9a:0e:1d:
                    90:55:95:d7:3f:b7:f3:ba:5f:7f:41:d1:f0:dd:aa:
                    92:30:5b:16:55:e9:8b:34:be:ec:28:a6:d3:1d:d8:
                    9f:01:72:0b:da:a7:ed:22:23:b2:9c:f6:b3:55:e1:
                    3a:57:8d:4d:9e:09:4f:7b:ca:95:6b:36:75:7e:08:
                    a7:f6:92:24:df:ee:9e:42:c1:31:35:98:c2:a3:9d:
                    76:3f:de:7c:b7:4e:08:00:17:cd:77:30:a5:b0:69:
                    7b:2c:81:41:5d:cd:ab:9e:96:ee:7d:60:3f:af:7e:
                    4a:d9:29:e0:6f:7f:85:f9:77:15:b8:e2:09:23:c7:
                    47:44:84:c8:1e:a9:72:00:4d:04:c8:a4:af:3b:cb:
                    30:b7:6c:49:5d:6f:56:11:f1:3b:c5:74:87:11:73:
                    5a:09:e5:93:71:a5:dc:c5:b9:be:0e:f7:d0:39:6d:
                    87:06:79:9e:d3:78:a5:44:31:55:de:ab:5f:ee:07:
                    d1:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:92:38:F3:8D:2F:16:66:9D:20:A1:D4:FD:69:99:85:EB:02:0B:AE
            X509v3 Authority Key Identifier:
                keyid:30:AA:B0:2B:65:4E:91:5C:AD:CA:33:92:92:E2:8C:15:C4:7D:F8:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:17:81:23:7b:85:18:b8:35:49:90:90:25:8e:bf:b3:91:81:
         4b:1a:9c:8e:b5:26:86:01:fe:87:64:d9:a9:fd:c1:e9:d5:33:
         8f:51:5f:7c:8a:89:35:3e:28:5f:49:48:a7:2d:97:d5:3c:c5:
         ce:dd:84:aa:e4:48:8f:b4:07:07:53:ad:6b:08:28:ed:18:b9:
         6b:78:83:62:5f:87:b7:e4:00:da:88:88:43:5a:e0:58:f7:98:
         30:35:94:4b:31:30:66:12:4f:55:5d:00:d3:35:de:8d:98:99:
         94:4a:73:62:08:c1:dc:88:83:3e:61:2e:6f:e9:ef:5a:8e:b3:
         72:45:60:3c:74:df:51:0e:47:72:d1:44:33:a5:85:8a:ac:8c:
         47:d3:5d:ec:53:a1:f6:4b:0c:61:29:12:71:7f:e6:3a:e3:81:
         aa:d5:54:49:e1:89:44:a3:84:fb:50:fc:a5:77:3b:4f:6c:19:
         bd:5b:49:9a:29:a3:58:74:8c:65:8a:cc:79:5b:8a:b1:39:47:
         d8:04:54:f8:dc:60:5c:96:13:00:5a:31:d2:06:88:12:48:1d:
         44:a7:4a:e3:c3:79:ee:8d:03:73:13:57:d3:b4:83:84:6c:09:
         7f:20:8b:3a:14:3a:b8:33:6d:3e:b6:83:82:3a:02:5a:b4:8e:
         9d:58:3e:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2VXl6LmGklHF8H84aaxxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYWFiMDJiNjU0ZTkxNWNhZGNhMzM5MjkyZTI4YzE1YzQ3
ZGY4NTgwHhcNMjYwMzAyMDAwMTEzWhcNMjYwMzAzMDAwMTEzWjAzMTEwLwYDVQQD
EygzMTkyMzhmMzhkMmYxNjY2OWQyMGExZDRmZDY5OTk4NWViMDIwYmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqz8wR6d9d0ZCGVedzY9HcgNXBr00
sm8wc9hK+s3UI2iYVvGQ7uzW8iVB/6/R8Vdo6mGPW5SDbXGbfumde10OQOxatUjH
u9SaDh2QVZXXP7fzul9/QdHw3aqSMFsWVemLNL7sKKbTHdifAXIL2qftIiOynPaz
VeE6V41NnglPe8qVazZ1fgin9pIk3+6eQsExNZjCo512P958t04IABfNdzClsGl7
LIFBXc2rnpbufWA/r35K2Sngb3+F+XcVuOIJI8dHRITIHqlyAE0EyKSvO8swt2xJ
XW9WEfE7xXSHEXNaCeWTcaXcxbm+DvfQOW2HBnme03ilRDFV3qtf7gfRlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDGSOPONLxZmnSCh1P1pmYXrAguuMB8GA1UdIwQY
MBaAFDCqsCtlTpFcrcozkpLijBXEffhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS85YWZmNTQtNTk3MS00MDJmLWFiNjkt
YTQxOTY3MGQxN2UxLzEvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS85YWZmNTQtNTk3MS00MDJmLWFiNjktYTQxOTY3MGQxN2Ux
LzEvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASheBI3uF
GLg1SZCQJY6/s5GBSxqcjrUmhgH+h2TZqf3B6dUzj1FffIqJNT4oX0lIpy2X1TzF
zt2EquRIj7QHB1Otawgo7Ri5a3iDYl+Ht+QA2oiIQ1rgWPeYMDWUSzEwZhJPVV0A
0zXejZiZlEpzYgjB3IiDPmEub+nvWo6zckVgPHTfUQ5HctFEM6WFiqyMR9Nd7FOh
9ksMYSkScX/mOuOBqtVUSeGJRKOE+1D8pXc7T2wZvVtJmimjWHSMZYrMeVuKsTlH
2ARU+NxgXJYTAFox0gaIEkgdRKdK48N57o0DcxNX07SDhGwJfyCLOhQ6uDNtPraD
gjoCWrSOnVg+ug==
-----END CERTIFICATE-----