Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.mft
File:                     fkL5qpHFODs-cnVy67GVWRqHYM4.mft (raw, json)
Hash identifier:          oVtS6e/7pwAGzHpAMCyQmYpCSCd4EBXLW2KTJm9dVXE=
Subject key identifier:   88:58:85:1D:AC:A8:68:14:99:32:E4:43:8A:95:84:75:99:55:4A:DC
Authority key identifier: 7E:42:F9:AA:91:C5:38:3B:3E:72:75:72:EB:B1:95:59:1A:87:60:CE
Certificate issuer:       /CN=7e42f9aa91c5383b3e727572ebb195591a8760ce
Certificate serial:       019D38662669B7A168B7D13DECB1A9E37C66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fkL5qpHFODs-cnVy67GVWRqHYM4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.mft
Manifest number:          0926
Signing time:             Sun 29 Mar 2026 07:01:51 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:51 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:51 +0000
Files and hashes:         1: fkL5qpHFODs-cnVy67GVWRqHYM4.crl (hash: GttSb8oLAYI1Q/1ofXOCsvlV5AETphOBysKlkeXu2uQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fkL5qpHFODs-cnVy67GVWRqHYM4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:26:69:b7:a1:68:b7:d1:3d:ec:b1:a9:e3:7c:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7e42f9aa91c5383b3e727572ebb195591a8760ce
        Validity
            Not Before: Mar 29 07:01:51 2026 GMT
            Not After : Mar 30 07:01:51 2026 GMT
        Subject: CN=8858851daca868149932e4438a95847599554adc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:5b:ad:e6:b3:a9:3e:38:94:e9:6e:78:67:4c:
                    0b:46:da:5c:ae:8b:0d:87:ba:10:fd:5e:63:85:30:
                    3d:e6:d6:26:58:7d:1a:5a:fd:09:01:c8:ea:44:a3:
                    7d:de:ca:38:d9:de:8b:af:3b:a4:ea:3b:d9:b6:1a:
                    8d:5e:20:fa:ca:01:8a:20:59:4c:e2:f8:53:76:af:
                    67:f1:ba:83:ee:95:35:04:e2:6d:5b:fd:c6:6a:71:
                    ab:a6:d3:b4:96:45:80:73:16:2b:3f:3a:d7:30:b9:
                    09:51:3b:aa:8c:ab:3a:76:8d:37:aa:6f:e7:c7:c7:
                    46:94:09:e2:62:83:71:94:0d:50:52:72:2c:67:46:
                    41:07:83:0a:3a:48:88:41:08:ac:26:9a:29:88:45:
                    e7:43:ed:59:c8:10:bf:bb:4f:30:08:d8:c3:a5:fa:
                    55:6d:02:e4:fd:fa:8f:95:60:bf:fe:b3:8a:d8:20:
                    98:15:af:7b:c6:ae:bf:93:5f:4b:eb:ed:27:76:f5:
                    e5:87:ab:d2:91:e7:6d:72:41:4f:3a:f9:fb:bc:94:
                    0f:91:67:f6:b5:68:a9:ac:b5:00:f2:cf:7c:ca:25:
                    bc:af:35:fb:ec:6c:97:9b:68:b3:2f:ed:53:ca:11:
                    8b:f0:27:f3:80:c3:89:ae:9d:f8:02:6d:e9:fa:b6:
                    ff:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:58:85:1D:AC:A8:68:14:99:32:E4:43:8A:95:84:75:99:55:4A:DC
            X509v3 Authority Key Identifier:
                keyid:7E:42:F9:AA:91:C5:38:3B:3E:72:75:72:EB:B1:95:59:1A:87:60:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fkL5qpHFODs-cnVy67GVWRqHYM4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:5e:ee:b6:d3:18:7d:22:94:16:87:99:8f:b3:fa:84:08:5c:
         83:ac:a4:a4:74:da:57:7c:a3:ea:b7:92:94:c2:2b:7a:ec:d6:
         a5:f0:a1:72:22:09:82:c7:b8:f7:ee:37:46:60:a4:a0:8e:f8:
         6b:27:b7:87:b9:49:ef:95:f8:8e:6b:93:e7:70:b4:99:71:67:
         49:75:b3:4b:f4:17:9f:91:54:fb:95:13:41:ae:8d:93:f3:60:
         ac:10:05:5d:bb:a6:d4:04:a0:61:6f:a7:31:55:db:68:54:36:
         56:c3:de:61:96:55:fc:dc:60:4c:93:76:b1:2e:28:81:ff:b8:
         ed:44:ac:fd:47:eb:3f:f0:d9:5e:50:7c:de:20:a9:f1:02:6a:
         24:19:89:c5:92:a8:14:e4:db:48:b4:63:76:a2:4b:e6:76:0d:
         79:65:99:9e:cb:b7:28:63:b1:eb:35:9b:7f:72:43:5c:58:aa:
         4d:fe:ec:70:78:e4:a2:84:7c:08:80:02:69:ac:89:34:d4:f7:
         19:7e:f6:3e:1d:fc:af:45:b8:5d:3a:0a:2e:b0:77:88:b3:9e:
         8e:74:cd:2b:42:84:7f:91:a0:61:b5:f3:33:e5:c8:32:f2:59:
         a5:16:28:98:78:fc:77:9c:5e:16:38:96:68:ec:17:39:2c:04:
         19:03:35:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZiZpt6Fot9E97LGp43xmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlNDJmOWFhOTFjNTM4M2IzZTcyNzU3MmViYjE5NTU5MWE4
NzYwY2UwHhcNMjYwMzI5MDcwMTUxWhcNMjYwMzMwMDcwMTUxWjAzMTEwLwYDVQQD
Eyg4ODU4ODUxZGFjYTg2ODE0OTkzMmU0NDM4YTk1ODQ3NTk5NTU0YWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1ut5rOpPjiU6W54Z0wLRtpcrosN
h7oQ/V5jhTA95tYmWH0aWv0JAcjqRKN93so42d6Lrzuk6jvZthqNXiD6ygGKIFlM
4vhTdq9n8bqD7pU1BOJtW/3GanGrptO0lkWAcxYrPzrXMLkJUTuqjKs6do03qm/n
x8dGlAniYoNxlA1QUnIsZ0ZBB4MKOkiIQQisJpopiEXnQ+1ZyBC/u08wCNjDpfpV
bQLk/fqPlWC//rOK2CCYFa97xq6/k19L6+0ndvXlh6vSkedtckFPOvn7vJQPkWf2
tWiprLUA8s98yiW8rzX77GyXm2izL+1TyhGL8CfzgMOJrp34Am3p+rb/PQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIhYhR2sqGgUmTLkQ4qVhHWZVUrcMB8GA1UdIwQY
MBaAFH5C+aqRxTg7PnJ1cuuxlVkah2DOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmtMNXFwSEZPRHMtY25WeTY3R1ZXUnFIWU00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC84MWQ4ZGQtNGNkMy00Mzc4LWIwNjct
N2NkNDcyODY0YmY4LzEvZmtMNXFwSEZPRHMtY25WeTY3R1ZXUnFIWU00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC84MWQ4ZGQtNGNkMy00Mzc4LWIwNjctN2NkNDcyODY0YmY4
LzEvZmtMNXFwSEZPRHMtY25WeTY3R1ZXUnFIWU00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARl7uttMY
fSKUFoeZj7P6hAhcg6ykpHTaV3yj6reSlMIreuzWpfChciIJgse49+43RmCkoI74
aye3h7lJ75X4jmuT53C0mXFnSXWzS/QXn5FU+5UTQa6Nk/NgrBAFXbum1ASgYW+n
MVXbaFQ2VsPeYZZV/NxgTJN2sS4ogf+47USs/UfrP/DZXlB83iCp8QJqJBmJxZKo
FOTbSLRjdqJL5nYNeWWZnsu3KGOx6zWbf3JDXFiqTf7scHjkooR8CIACaayJNNT3
GX72Ph38r0W4XToKLrB3iLOejnTNK0KEf5GgYbXzM+XIMvJZpRYomHj8d5xeFjiW
aOwXOSwEGQM17g==
-----END CERTIFICATE-----