Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft
File:                     CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft (raw, json)
Hash identifier:          gcMbBQ2XH44yIgo3wMLeJPrqcq7GZ0/PHKCRRTq/lS0=
Subject key identifier:   0C:7D:3D:45:7B:EB:3F:20:00:9D:95:F5:4A:56:4C:B7:FA:0C:E2:47
Authority key identifier: 08:A8:B8:FE:0C:88:5A:45:F2:48:55:23:34:2E:9B:A8:DC:89:E6:8F
Certificate issuer:       /CN=08a8b8fe0c885a45f2485523342e9ba8dc89e68f
Certificate serial:       019CAD59EFD30E6867E0D1D9E7B19D2FA78D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CKi4_gyIWkXySFUjNC6bqNyJ5o8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft
Manifest number:          0656
Signing time:             Mon 02 Mar 2026 07:01:18 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:18 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:18 +0000
Files and hashes:         1: CKi4_gyIWkXySFUjNC6bqNyJ5o8.crl (hash: fWGMKxvKDiiWnNJJaHAGvYLqO3MZHZZ5NdSyGu/x7BE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CKi4_gyIWkXySFUjNC6bqNyJ5o8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:ef:d3:0e:68:67:e0:d1:d9:e7:b1:9d:2f:a7:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08a8b8fe0c885a45f2485523342e9ba8dc89e68f
        Validity
            Not Before: Mar  2 07:01:18 2026 GMT
            Not After : Mar  3 07:01:18 2026 GMT
        Subject: CN=0c7d3d457beb3f20009d95f54a564cb7fa0ce247
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:b8:a5:0f:0b:87:ea:5d:9b:48:bd:8d:ba:7f:
                    c7:09:f5:45:ab:bf:b3:d8:80:40:95:ea:e2:8c:71:
                    3c:94:ae:dd:5d:a7:39:28:ff:6f:39:0c:35:5e:dc:
                    98:45:0a:60:a2:30:b7:3b:02:2b:ed:1b:23:1e:73:
                    b6:bb:41:77:d5:a0:2f:78:1e:84:2e:37:88:1c:7b:
                    5e:11:86:10:0a:d5:28:fa:f6:02:bc:99:61:65:ec:
                    d9:1a:7a:b3:74:88:e5:0a:ba:b5:b5:52:92:3f:08:
                    82:75:7a:32:8e:62:ca:72:50:a3:57:60:e4:0e:40:
                    f2:ba:d5:3d:e3:96:85:b1:84:b7:97:a9:cd:41:32:
                    a1:c7:17:1f:4e:3b:dc:02:34:d2:f9:78:1e:fc:91:
                    53:90:f4:98:47:1c:2c:83:de:dc:14:a6:b2:e4:bf:
                    3e:7e:0c:27:6c:7a:da:79:c9:fa:01:7e:9e:3a:f0:
                    01:f6:67:34:51:0c:92:4f:c7:c6:68:69:8b:70:c6:
                    31:9a:a0:79:44:d1:58:9c:08:fd:34:1e:60:4b:98:
                    ed:51:15:93:74:b1:53:a4:82:11:1e:78:3c:93:21:
                    1b:d7:96:56:22:df:db:03:1b:cf:8d:e7:b2:bd:ef:
                    19:5a:f9:96:de:d1:cf:9b:ad:d9:a2:6f:fa:1b:8d:
                    3e:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:7D:3D:45:7B:EB:3F:20:00:9D:95:F5:4A:56:4C:B7:FA:0C:E2:47
            X509v3 Authority Key Identifier:
                keyid:08:A8:B8:FE:0C:88:5A:45:F2:48:55:23:34:2E:9B:A8:DC:89:E6:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKi4_gyIWkXySFUjNC6bqNyJ5o8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:f7:63:53:55:96:99:56:9c:f2:ce:8d:e1:93:9f:9d:81:8a:
         3c:0d:9f:d5:b9:de:9d:71:ae:b2:6b:0b:e8:b6:6e:ad:61:22:
         88:df:2a:9b:0e:92:b0:ba:46:f2:ac:15:e3:1c:ca:cc:4f:e7:
         c8:4a:e7:69:da:c5:45:9e:90:2f:50:8f:9d:96:90:ce:17:1c:
         a3:d1:67:0e:49:0d:d1:a3:84:ce:cf:0c:9f:e4:40:2a:e7:3a:
         fa:df:e7:77:44:7f:84:8a:4a:e1:89:d4:90:e3:f4:5d:99:0d:
         66:00:29:18:7d:a6:54:dc:34:15:39:ce:ac:df:db:bb:d7:74:
         e8:4f:ba:f3:0d:3a:4b:8d:44:aa:e4:a0:64:38:bf:7f:da:af:
         ed:32:6c:f1:00:e1:62:2d:ef:91:c1:20:7e:d0:e3:f2:4f:02:
         65:df:f9:32:e5:f0:af:92:64:8b:b6:07:2e:99:f3:66:51:95:
         dd:5d:3d:b5:0a:a8:7b:e6:ae:3f:e4:5d:b3:99:8b:fd:bc:34:
         6a:67:be:c5:62:72:bf:19:b9:9f:ef:c1:4f:3f:e4:9d:fb:89:
         c4:e5:2e:b1:2d:5d:be:09:14:fd:15:b2:6e:b6:1a:ab:17:b5:
         2b:d6:5a:01:d8:52:c0:f6:ba:48:8c:89:56:c9:ef:10:86:fd:
         15:9b:fd:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWe/TDmhn4NHZ57GdL6eNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YThiOGZlMGM4ODVhNDVmMjQ4NTUyMzM0MmU5YmE4ZGM4
OWU2OGYwHhcNMjYwMzAyMDcwMTE4WhcNMjYwMzAzMDcwMTE4WjAzMTEwLwYDVQQD
EygwYzdkM2Q0NTdiZWIzZjIwMDA5ZDk1ZjU0YTU2NGNiN2ZhMGNlMjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7ilDwuH6l2bSL2Nun/HCfVFq7+z
2IBAlerijHE8lK7dXac5KP9vOQw1XtyYRQpgojC3OwIr7RsjHnO2u0F31aAveB6E
LjeIHHteEYYQCtUo+vYCvJlhZezZGnqzdIjlCrq1tVKSPwiCdXoyjmLKclCjV2Dk
DkDyutU945aFsYS3l6nNQTKhxxcfTjvcAjTS+Xge/JFTkPSYRxwsg97cFKay5L8+
fgwnbHraecn6AX6eOvAB9mc0UQyST8fGaGmLcMYxmqB5RNFYnAj9NB5gS5jtURWT
dLFTpIIRHng8kyEb15ZWIt/bAxvPjeeyve8ZWvmW3tHPm63Zom/6G40+twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAx9PUV76z8gAJ2V9UpWTLf6DOJHMB8GA1UdIwQY
MBaAFAiouP4MiFpF8khVIzQum6jcieaPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tpNF9neUlXa1h5U0ZVak5DNmJxTnlKNW84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9mOGU1OTktYjU3YS00NGEyLTljMzUt
OWVlNTM0NDJjM2U5LzEvQ0tpNF9neUlXa1h5U0ZVak5DNmJxTnlKNW84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9mOGU1OTktYjU3YS00NGEyLTljMzUtOWVlNTM0NDJjM2U5
LzEvQ0tpNF9neUlXa1h5U0ZVak5DNmJxTnlKNW84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALPdjU1WW
mVac8s6N4ZOfnYGKPA2f1bnenXGusmsL6LZurWEiiN8qmw6SsLpG8qwV4xzKzE/n
yErnadrFRZ6QL1CPnZaQzhcco9FnDkkN0aOEzs8Mn+RAKuc6+t/nd0R/hIpK4YnU
kOP0XZkNZgApGH2mVNw0FTnOrN/bu9d06E+68w06S41EquSgZDi/f9qv7TJs8QDh
Yi3vkcEgftDj8k8CZd/5MuXwr5Jki7YHLpnzZlGV3V09tQqoe+auP+Rds5mL/bw0
ame+xWJyvxm5n+/BTz/knfuJxOUusS1dvgkU/RWybrYaqxe1K9ZaAdhSwPa6SIyJ
VsnvEIb9FZv9dw==
-----END CERTIFICATE-----