Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
File:                     kljqmCx9enWV6Dphx66z12GIlww.mft (raw, json)
Hash identifier:          qjtkQUVGk/gj7FzNaFaoJZBtEJsGkzNRnHgEl75B2Vo=
Subject key identifier:   94:3D:89:C1:28:28:27:A8:8E:24:48:1A:8C:B7:15:13:9D:DC:DC:36
Authority key identifier: 92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C
Certificate issuer:       /CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
Certificate serial:       019D39AE71B0D79B09FFA11473475D826453
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
Manifest number:          1635
Signing time:             Sun 29 Mar 2026 13:00:26 +0000
Manifest this update:     Sun 29 Mar 2026 13:00:26 +0000
Manifest next update:     Mon 30 Mar 2026 13:00:26 +0000
Files and hashes:         1: kljqmCx9enWV6Dphx66z12GIlww.crl (hash: MDWpSPu2aNaEVTZOvon9gkwKrn4RDtOqSV+6LyNRfTU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:ae:71:b0:d7:9b:09:ff:a1:14:73:47:5d:82:64:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
        Validity
            Not Before: Mar 29 13:00:26 2026 GMT
            Not After : Mar 30 13:00:26 2026 GMT
        Subject: CN=943d89c1282827a88e24481a8cb715139ddcdc36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:74:77:32:5b:cc:65:90:41:3d:1a:ac:d9:83:
                    35:75:78:d3:59:ea:d2:9f:c3:83:25:7c:ed:04:59:
                    8c:7d:c8:5c:46:5d:24:78:e5:1c:37:a6:b0:98:81:
                    87:e6:02:a3:a3:71:d6:cd:6c:03:bb:75:be:ad:26:
                    a7:76:b6:46:97:8f:c3:f5:1b:0b:ee:29:6c:12:bf:
                    32:ee:e2:b8:bd:22:91:03:6a:ec:82:84:57:ca:48:
                    4e:a8:90:ad:af:cb:3d:f3:63:de:1f:6d:4a:f7:8f:
                    c6:21:be:c0:cb:3f:cf:0c:0e:50:c5:02:69:b5:93:
                    db:12:94:17:51:b4:a6:ca:50:b8:20:04:ed:a4:f9:
                    7c:f6:42:7a:5e:14:17:ff:11:8e:54:57:02:81:41:
                    9a:28:17:d9:60:0b:e9:41:d6:c2:d4:fc:02:7a:30:
                    d1:63:90:0a:d1:74:22:ed:e8:be:06:aa:fc:a8:fe:
                    19:8d:fa:b8:41:44:06:ba:72:61:4d:e2:45:d5:6f:
                    ed:34:1a:b6:e0:4d:1c:4d:0a:a7:5d:19:99:a2:09:
                    95:55:c1:84:28:9b:02:89:79:e7:b3:b4:45:f2:34:
                    84:75:8a:5d:01:0d:83:83:eb:1d:61:39:39:98:b3:
                    fb:64:5b:e0:41:89:8a:73:d4:d6:e0:de:f0:ce:6d:
                    4d:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:3D:89:C1:28:28:27:A8:8E:24:48:1A:8C:B7:15:13:9D:DC:DC:36
            X509v3 Authority Key Identifier:
                keyid:92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:0f:a6:c3:72:6f:2a:9f:63:62:fb:3f:58:68:39:43:3d:a1:
         5d:a2:46:b2:76:5e:1d:08:a0:03:89:52:4b:ee:bd:e4:95:5a:
         50:8e:21:d1:9a:43:c9:76:d4:38:59:44:9f:d6:0e:23:94:2f:
         1f:68:67:23:f7:fa:7b:9c:5a:28:88:35:f7:da:5e:14:b2:55:
         2f:67:bf:0d:38:4c:66:9c:72:e2:a3:67:e3:21:73:29:7f:d7:
         ad:10:ce:82:88:8d:60:97:1c:89:04:36:20:1e:0f:f5:8d:a3:
         8c:7e:c1:c1:8f:e5:62:c0:a0:ad:60:a8:f1:cd:df:dc:a6:e1:
         1d:fc:28:ac:c0:fb:61:67:d0:85:68:d9:f3:32:d1:4c:6b:57:
         5c:42:14:50:a9:19:54:e2:15:1b:44:0a:02:a9:ed:cb:48:1d:
         08:8a:bd:c6:db:67:f6:a9:de:06:c9:63:c2:fa:f0:d6:0d:a7:
         1b:38:9d:cb:fb:25:6c:a6:a1:43:52:9b:2c:ad:9e:b2:b6:3f:
         9f:1c:23:dd:20:ad:8f:0e:2f:74:80:83:02:f1:48:5e:fd:4f:
         6b:b4:f5:7d:45:b6:84:ab:f7:d8:70:28:1f:3b:f1:8c:e1:94:
         57:42:af:cb:4a:83:3b:94:ed:e4:54:f9:1b:96:f1:50:64:73:
         7e:8a:c4:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rnGw15sJ/6EUc0ddgmRTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNThlYTk4MmM3ZDdhNzU5NWU4M2E2MWM3YWViM2Q3NjE4
ODk3MGMwHhcNMjYwMzI5MTMwMDI2WhcNMjYwMzMwMTMwMDI2WjAzMTEwLwYDVQQD
Eyg5NDNkODljMTI4MjgyN2E4OGUyNDQ4MWE4Y2I3MTUxMzlkZGNkYzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXR3MlvMZZBBPRqs2YM1dXjTWerS
n8ODJXztBFmMfchcRl0keOUcN6awmIGH5gKjo3HWzWwDu3W+rSandrZGl4/D9RsL
7ilsEr8y7uK4vSKRA2rsgoRXykhOqJCtr8s982PeH21K94/GIb7Ayz/PDA5QxQJp
tZPbEpQXUbSmylC4IATtpPl89kJ6XhQX/xGOVFcCgUGaKBfZYAvpQdbC1PwCejDR
Y5AK0XQi7ei+Bqr8qP4Zjfq4QUQGunJhTeJF1W/tNBq24E0cTQqnXRmZogmVVcGE
KJsCiXnns7RF8jSEdYpdAQ2Dg+sdYTk5mLP7ZFvgQYmKc9TW4N7wzm1NbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJQ9icEoKCeojiRIGoy3FROd3Nw2MB8GA1UdIwQY
MBaAFJJY6pgsfXp1leg6Yceus9dhiJcMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjct
OTExMDcwZjI3ZTM3LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjctOTExMDcwZjI3ZTM3
LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABQ+mw3Jv
Kp9jYvs/WGg5Qz2hXaJGsnZeHQigA4lSS+695JVaUI4h0ZpDyXbUOFlEn9YOI5Qv
H2hnI/f6e5xaKIg199peFLJVL2e/DThMZpxy4qNn4yFzKX/XrRDOgoiNYJcciQQ2
IB4P9Y2jjH7BwY/lYsCgrWCo8c3f3KbhHfworMD7YWfQhWjZ8zLRTGtXXEIUUKkZ
VOIVG0QKAqnty0gdCIq9xttn9qneBsljwvrw1g2nGzidy/slbKahQ1KbLK2esrY/
nxwj3SCtjw4vdICDAvFIXv1Pa7T1fUW2hKv32HAoHzvxjOGUV0Kvy0qDO5Tt5FT5
G5bxUGRzforEag==
-----END CERTIFICATE-----