Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft
File:                     ckWEKSHz0CDU2AReUrsQ_PV-r28.mft (raw, json)
Hash identifier:          L/1x1rPTCSJC/5ZTOOQrIkVeZAcALpvf/Vd6uAUL1ns=
Subject key identifier:   3F:14:A2:8A:3D:53:6E:89:C4:8E:A9:C5:AB:92:93:FB:53:67:81:E2
Authority key identifier: 72:45:84:29:21:F3:D0:20:D4:D8:04:5E:52:BB:10:FC:F5:7E:AF:6F
Certificate issuer:       /CN=7245842921f3d020d4d8045e52bb10fcf57eaf6f
Certificate serial:       019D38D398A9E2B23AFE0C828C0E775BB927
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft
Manifest number:          120B
Signing time:             Sun 29 Mar 2026 09:01:24 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:24 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:24 +0000
Files and hashes:         1: ckWEKSHz0CDU2AReUrsQ_PV-r28.crl (hash: zjcLOhTthmwVK0Md2kRMbDkYiK20/CV+7wQ74MF1JWI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:98:a9:e2:b2:3a:fe:0c:82:8c:0e:77:5b:b9:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7245842921f3d020d4d8045e52bb10fcf57eaf6f
        Validity
            Not Before: Mar 29 09:01:24 2026 GMT
            Not After : Mar 30 09:01:24 2026 GMT
        Subject: CN=3f14a28a3d536e89c48ea9c5ab9293fb536781e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:f5:7f:64:96:0d:ce:d2:8b:d9:ca:dc:6e:73:
                    d8:d7:b6:78:0f:91:43:9a:9b:ea:fe:e5:8c:94:00:
                    0c:f4:4b:f0:8f:0e:20:95:58:65:c4:da:08:dc:b7:
                    c3:da:77:f8:ff:43:db:03:7e:db:3b:44:02:e2:4b:
                    aa:6c:6b:7c:5f:ba:04:df:e0:10:70:77:01:f4:62:
                    f3:ef:a9:f0:bc:71:d3:bd:94:bc:cc:d4:6a:db:d4:
                    5a:56:6a:b8:9b:59:55:cf:9f:1a:ae:1b:d1:ef:e8:
                    a1:21:cc:3c:23:3e:8b:27:47:73:06:2e:84:ef:aa:
                    b6:21:cb:65:b6:48:d6:ee:3a:3a:99:7b:69:30:e7:
                    8f:54:48:8e:8b:07:cb:42:42:c5:1f:a4:f4:b6:c8:
                    05:3e:9f:b5:dc:ec:c9:78:3a:3d:67:36:41:a7:9c:
                    af:4b:f4:92:3b:02:c8:cd:18:58:16:fc:fe:d7:79:
                    2d:eb:86:34:70:61:8c:89:6a:3d:9c:ac:10:cd:54:
                    97:d1:1b:80:0d:53:b8:1f:5e:a5:7b:f8:6c:49:3a:
                    cc:80:7c:f8:f3:71:dd:40:e9:14:01:c7:60:fc:74:
                    cd:15:aa:e3:ac:5a:9f:90:0c:b4:aa:9f:ba:33:a7:
                    35:a8:ba:12:53:a6:b8:9c:c3:96:a3:7c:1c:db:75:
                    1d:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:14:A2:8A:3D:53:6E:89:C4:8E:A9:C5:AB:92:93:FB:53:67:81:E2
            X509v3 Authority Key Identifier:
                keyid:72:45:84:29:21:F3:D0:20:D4:D8:04:5E:52:BB:10:FC:F5:7E:AF:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ckWEKSHz0CDU2AReUrsQ_PV-r28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/71f422-e092-4189-8d3c-8e258efedffa/1/ckWEKSHz0CDU2AReUrsQ_PV-r28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:5c:1b:1b:7c:1d:9d:12:61:80:25:0b:bb:1c:84:fc:45:af:
         28:35:c3:28:c4:8f:35:91:70:9b:b8:4f:a4:20:df:4f:57:b4:
         a2:83:b6:54:29:c0:31:d6:0d:57:ab:3b:a8:b7:0b:f1:9d:b8:
         56:52:98:d1:e9:b6:ab:64:55:5a:40:b2:36:49:3c:4e:83:a0:
         18:11:ce:1b:0e:20:3c:73:8f:76:cf:a3:51:23:3a:44:02:71:
         2b:38:8e:a2:4d:18:ef:1a:b4:f1:02:dc:87:6d:81:ea:54:9e:
         85:77:24:d7:d1:fb:aa:33:37:01:c6:75:d4:fa:1b:b4:bf:d4:
         22:55:1f:18:4c:df:49:43:83:f8:6d:a8:af:b3:22:0f:49:bf:
         f2:74:75:38:c0:2f:b1:3c:18:08:b7:b4:65:a1:3e:b3:5f:96:
         bb:a7:99:f3:9b:42:7f:a9:fa:5a:ff:30:69:52:50:c1:5c:f2:
         b0:17:97:48:1e:d9:ae:72:4d:80:0f:9f:14:b9:72:9c:d1:e0:
         fb:dc:a4:22:f7:49:12:3b:80:d1:76:55:09:29:9d:1b:a4:ec:
         22:8f:01:10:18:03:47:09:99:79:a0:70:08:85:bc:9c:5a:63:
         2d:f9:bd:16:ee:1a:35:a9:c2:70:ae:eb:0d:a9:e0:20:51:4b:
         0e:44:a7:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0405ip4rI6/gyCjA53W7knMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNDU4NDI5MjFmM2QwMjBkNGQ4MDQ1ZTUyYmIxMGZjZjU3
ZWFmNmYwHhcNMjYwMzI5MDkwMTI0WhcNMjYwMzMwMDkwMTI0WjAzMTEwLwYDVQQD
EygzZjE0YTI4YTNkNTM2ZTg5YzQ4ZWE5YzVhYjkyOTNmYjUzNjc4MWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvV/ZJYNztKL2crcbnPY17Z4D5FD
mpvq/uWMlAAM9Evwjw4glVhlxNoI3LfD2nf4/0PbA37bO0QC4kuqbGt8X7oE3+AQ
cHcB9GLz76nwvHHTvZS8zNRq29RaVmq4m1lVz58arhvR7+ihIcw8Iz6LJ0dzBi6E
76q2IctltkjW7jo6mXtpMOePVEiOiwfLQkLFH6T0tsgFPp+13OzJeDo9ZzZBp5yv
S/SSOwLIzRhYFvz+13kt64Y0cGGMiWo9nKwQzVSX0RuADVO4H16le/hsSTrMgHz4
83HdQOkUAcdg/HTNFarjrFqfkAy0qp+6M6c1qLoSU6a4nMOWo3wc23UdZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD8Uooo9U26JxI6pxauSk/tTZ4HiMB8GA1UdIwQY
MBaAFHJFhCkh89Ag1NgEXlK7EPz1fq9vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS83MWY0MjItZTA5Mi00MTg5LThkM2Mt
OGUyNThlZmVkZmZhLzEvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS83MWY0MjItZTA5Mi00MTg5LThkM2MtOGUyNThlZmVkZmZh
LzEvY2tXRUtTSHowQ0RVMkFSZVVyc1FfUFYtcjI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU1wbG3wd
nRJhgCULuxyE/EWvKDXDKMSPNZFwm7hPpCDfT1e0ooO2VCnAMdYNV6s7qLcL8Z24
VlKY0em2q2RVWkCyNkk8ToOgGBHOGw4gPHOPds+jUSM6RAJxKziOok0Y7xq08QLc
h22B6lSehXck19H7qjM3AcZ11PobtL/UIlUfGEzfSUOD+G2or7MiD0m/8nR1OMAv
sTwYCLe0ZaE+s1+Wu6eZ85tCf6n6Wv8waVJQwVzysBeXSB7ZrnJNgA+fFLlynNHg
+9ykIvdJEjuA0XZVCSmdG6TsIo8BEBgDRwmZeaBwCIW8nFpjLfm9Fu4aNanCcK7r
DangIFFLDkSnRQ==
-----END CERTIFICATE-----