Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft
File:                     MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft (raw, json)
Hash identifier:          t6mnwsoBL4h9zpoDVHf1XnA5nZsoNEBdeYTJ8C7E+ug=
Subject key identifier:   DA:CE:72:92:BE:B2:7A:4F:1D:26:0D:87:AD:3A:03:E1:CC:AD:2F:44
Authority key identifier: 30:A2:42:CF:6C:15:29:AA:A0:69:33:67:E4:4C:84:A0:7D:8B:0C:9F
Certificate issuer:       /CN=30a242cf6c1529aaa0693367e44c84a07d8b0c9f
Certificate serial:       019D3865F60AA2E152618C0E3ACB9882376C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft
Manifest number:          0C16
Signing time:             Sun 29 Mar 2026 07:01:39 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:39 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:39 +0000
Files and hashes:         1: MKJCz2wVKaqgaTNn5EyEoH2LDJ8.crl (hash: PHrktpKp7USq86WsDd//x9iPTldG08JJE+jjyfltlmg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:f6:0a:a2:e1:52:61:8c:0e:3a:cb:98:82:37:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30a242cf6c1529aaa0693367e44c84a07d8b0c9f
        Validity
            Not Before: Mar 29 07:01:39 2026 GMT
            Not After : Mar 30 07:01:39 2026 GMT
        Subject: CN=dace7292beb27a4f1d260d87ad3a03e1ccad2f44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:f7:e9:e9:d0:ee:42:9b:8b:f5:ec:17:6a:90:
                    31:10:be:f0:51:40:12:de:b8:1d:0c:e1:22:77:a9:
                    87:d6:f3:c4:0e:5f:b4:00:ff:1c:0e:f2:57:6f:36:
                    26:9d:45:1e:c3:76:48:96:e9:9c:1f:f2:30:bc:a7:
                    cc:4f:54:a9:af:e5:2c:01:af:83:74:3c:11:a8:a7:
                    ba:8b:37:86:90:0f:82:e3:0d:13:d9:cb:38:f6:4b:
                    ce:7c:02:db:5e:e1:87:e4:fe:b8:c3:e4:f7:c9:2a:
                    6b:2a:2c:13:d7:da:4c:29:0c:9c:0d:8d:48:ac:97:
                    32:f1:bb:a0:bc:16:41:ff:e7:d6:c3:c5:83:cb:9b:
                    26:2d:4f:d7:e1:4a:c1:ab:92:ab:d4:e5:4c:d7:bb:
                    2e:ba:00:08:7f:6a:f6:80:5a:b9:e1:9c:c9:b8:5b:
                    a5:33:ae:2a:3d:37:c0:f4:1e:69:53:0d:aa:c2:b1:
                    b1:f3:a5:2d:21:12:30:6d:05:bf:49:7e:1e:03:19:
                    6b:1c:45:e8:70:5f:e4:8d:60:0f:eb:36:31:aa:31:
                    a2:53:cc:9e:fd:0d:84:74:08:ff:50:ba:49:59:31:
                    4d:3d:e5:32:19:6f:29:f4:15:86:52:59:d6:54:3e:
                    ae:97:9f:dd:ca:b0:1d:ce:8a:41:30:22:b5:38:09:
                    38:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:CE:72:92:BE:B2:7A:4F:1D:26:0D:87:AD:3A:03:E1:CC:AD:2F:44
            X509v3 Authority Key Identifier:
                keyid:30:A2:42:CF:6C:15:29:AA:A0:69:33:67:E4:4C:84:A0:7D:8B:0C:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:d8:39:08:a2:ea:42:f1:bd:f2:ae:08:7c:97:bf:4c:90:11:
         ea:2a:44:ec:16:67:ee:24:ed:fc:d0:90:a6:bf:f6:d5:dd:57:
         63:27:58:a9:f6:93:f1:ba:fc:7c:b5:d4:ba:af:84:3b:aa:cf:
         a8:37:13:63:a2:36:a6:93:0a:4d:64:20:44:d9:54:1e:e1:c6:
         de:3b:75:ae:ab:ef:6c:05:6b:c8:5d:3a:a3:ec:9a:54:b2:b7:
         6a:92:56:2d:ec:f1:e7:e0:39:32:76:6d:18:e9:a5:a5:d7:70:
         ea:a9:f1:a0:cf:5e:10:0b:5e:e7:8c:84:b1:32:b6:47:05:09:
         03:08:0e:48:aa:47:2c:96:3c:5d:42:58:cb:0b:0b:e0:6f:31:
         bc:e6:5b:9e:e6:0e:be:42:70:27:70:f9:b4:fe:bc:bc:a9:4e:
         ab:5b:f6:07:e2:dd:5e:ab:ad:0f:97:e5:93:66:8f:ca:40:50:
         5d:cf:f7:ce:1e:f9:c6:c2:3c:d1:5b:68:bf:68:c7:82:bc:d0:
         60:4e:ce:40:73:9b:9d:87:3b:74:82:9a:b2:d5:df:e2:5e:26:
         0f:be:1f:53:4a:b6:20:36:8b:aa:da:ce:1a:7d:b3:08:d9:c3:
         41:48:f2:be:06:5b:2c:8d:4f:45:40:a6:4c:15:68:8f:ed:66:
         56:b4:89:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZfYKouFSYYwOOsuYgjdsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYTI0MmNmNmMxNTI5YWFhMDY5MzM2N2U0NGM4NGEwN2Q4
YjBjOWYwHhcNMjYwMzI5MDcwMTM5WhcNMjYwMzMwMDcwMTM5WjAzMTEwLwYDVQQD
EyhkYWNlNzI5MmJlYjI3YTRmMWQyNjBkODdhZDNhMDNlMWNjYWQyZjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuffp6dDuQpuL9ewXapAxEL7wUUAS
3rgdDOEid6mH1vPEDl+0AP8cDvJXbzYmnUUew3ZIlumcH/IwvKfMT1Spr+UsAa+D
dDwRqKe6izeGkA+C4w0T2cs49kvOfALbXuGH5P64w+T3ySprKiwT19pMKQycDY1I
rJcy8bugvBZB/+fWw8WDy5smLU/X4UrBq5Kr1OVM17suugAIf2r2gFq54ZzJuFul
M64qPTfA9B5pUw2qwrGx86UtIRIwbQW/SX4eAxlrHEXocF/kjWAP6zYxqjGiU8ye
/Q2EdAj/ULpJWTFNPeUyGW8p9BWGUlnWVD6ul5/dyrAdzopBMCK1OAk4rQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNrOcpK+snpPHSYNh606A+HMrS9EMB8GA1UdIwQY
MBaAFDCiQs9sFSmqoGkzZ+RMhKB9iwyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUtKQ3oyd1ZLYXFnYVRObjVFeUVvSDJMREo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xN2NkODYtN2ZiYi00MDhmLWEyOGMt
ZmEyNjc2ZmUzOGZkLzEvTUtKQ3oyd1ZLYXFnYVRObjVFeUVvSDJMREo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xN2NkODYtN2ZiYi00MDhmLWEyOGMtZmEyNjc2ZmUzOGZk
LzEvTUtKQ3oyd1ZLYXFnYVRObjVFeUVvSDJMREo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp9g5CKLq
QvG98q4IfJe/TJAR6ipE7BZn7iTt/NCQpr/21d1XYydYqfaT8br8fLXUuq+EO6rP
qDcTY6I2ppMKTWQgRNlUHuHG3jt1rqvvbAVryF06o+yaVLK3apJWLezx5+A5MnZt
GOmlpddw6qnxoM9eEAte54yEsTK2RwUJAwgOSKpHLJY8XUJYywsL4G8xvOZbnuYO
vkJwJ3D5tP68vKlOq1v2B+LdXqutD5flk2aPykBQXc/3zh75xsI80Vtov2jHgrzQ
YE7OQHObnYc7dIKastXf4l4mD74fU0q2IDaLqtrOGn2zCNnDQUjyvgZbLI1PRUCm
TBVoj+1mVrSJUA==
-----END CERTIFICATE-----