Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft
File:                     FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft (raw, json)
Hash identifier:          jKB9qn78qSODehH+M5JBN8AAz10eJ+DOM4Zqlek4od4=
Subject key identifier:   23:0F:ED:67:D6:2F:61:D7:48:CC:A6:0E:D3:92:80:CE:73:50:FD:14
Authority key identifier: 14:C2:EA:B6:A2:96:05:06:04:6A:1D:A4:31:27:73:D9:8E:97:CD:5A
Certificate issuer:       /CN=14c2eab6a2960506046a1da4312773d98e97cd5a
Certificate serial:       019D3866936FF45EF0E50A73DB759A6E191E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FMLqtqKWBQYEah2kMSdz2Y6XzVo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft
Manifest number:          0D31
Signing time:             Sun 29 Mar 2026 07:02:19 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:19 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:19 +0000
Files and hashes:         1: FMLqtqKWBQYEah2kMSdz2Y6XzVo.crl (hash: 1kxEMXn2UKsHmnjPxOIYo8cbo7S/sJTzDPzQOf7we6g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FMLqtqKWBQYEah2kMSdz2Y6XzVo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:93:6f:f4:5e:f0:e5:0a:73:db:75:9a:6e:19:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14c2eab6a2960506046a1da4312773d98e97cd5a
        Validity
            Not Before: Mar 29 07:02:19 2026 GMT
            Not After : Mar 30 07:02:19 2026 GMT
        Subject: CN=230fed67d62f61d748cca60ed39280ce7350fd14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:72:e6:7c:99:69:87:46:62:37:3a:a0:10:98:
                    01:70:1b:9b:39:ea:9c:94:54:8a:62:f0:f9:6f:d7:
                    77:be:14:a2:23:de:d8:44:6d:46:c3:98:74:38:fe:
                    89:a5:bf:bc:cc:9d:15:2f:1b:fe:3c:32:ce:a6:b9:
                    57:74:22:8d:29:2b:51:41:0f:05:1b:aa:b3:22:0c:
                    a9:ac:ea:06:6e:f9:61:94:d3:8b:69:54:aa:45:15:
                    6b:5a:b5:cc:a1:7b:1f:ed:9a:1d:c1:5c:92:06:49:
                    8b:b7:c2:69:f5:78:f3:8d:55:a6:0f:fe:64:62:73:
                    73:47:c5:bf:4b:cc:6a:e7:a6:fe:00:c6:b2:26:48:
                    fb:b3:45:67:af:62:99:9c:ae:20:9c:95:96:18:11:
                    4f:f3:52:b3:84:1c:e3:f2:c2:4f:0e:2e:dc:38:33:
                    6a:20:a8:b0:9b:7f:b7:bb:7f:2f:5b:ed:ce:77:45:
                    14:6a:00:43:32:b9:d5:6d:5e:ab:bd:e5:e6:88:ed:
                    45:10:a4:fd:8a:77:1d:8c:3a:5f:39:fe:d1:b2:43:
                    ba:5d:5e:c1:02:85:77:22:f7:72:f4:81:25:78:b0:
                    be:90:a7:89:bc:08:2d:d5:f7:84:26:71:3d:4e:fa:
                    34:9e:c8:66:16:68:53:31:21:01:56:eb:fd:c6:a9:
                    e0:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:0F:ED:67:D6:2F:61:D7:48:CC:A6:0E:D3:92:80:CE:73:50:FD:14
            X509v3 Authority Key Identifier:
                keyid:14:C2:EA:B6:A2:96:05:06:04:6A:1D:A4:31:27:73:D9:8E:97:CD:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FMLqtqKWBQYEah2kMSdz2Y6XzVo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:5d:d7:5e:78:70:a2:ee:a1:36:69:a0:e1:39:c3:31:90:9d:
         c0:2a:fb:fe:df:20:e8:2c:c9:94:3e:74:ae:f2:32:c0:fe:86:
         8f:96:2c:9a:55:5e:5a:30:28:48:25:ee:54:9a:c5:1e:30:bf:
         53:b5:ad:05:e1:d5:11:19:41:0d:3b:ef:64:5d:68:b1:2b:7b:
         46:5e:01:12:82:b7:9e:91:2f:ba:ff:a5:ec:29:4d:bb:24:9e:
         b1:47:09:e0:ff:88:73:83:79:01:d3:85:6e:6d:30:04:3d:60:
         68:be:07:f0:e9:0a:68:c9:97:49:40:94:9d:d7:e1:78:a1:3c:
         cc:00:0b:56:9a:81:24:81:9e:e3:34:a9:e8:1e:3c:e6:0a:f6:
         28:41:e6:fb:61:93:3a:7d:41:02:89:05:3b:d0:0e:62:a7:72:
         97:af:35:6e:83:39:62:d0:7f:85:60:cf:ca:1a:ca:f8:9d:71:
         50:90:17:24:a6:b1:74:a0:54:81:a7:04:1a:2e:d4:e1:af:bf:
         e5:04:0b:c5:23:a7:3b:ac:39:24:e4:e6:86:94:29:d3:76:7b:
         dd:f8:6e:33:6a:95:14:32:76:6c:55:bd:78:ab:9c:37:1c:e5:
         94:ac:09:cc:b3:6b:9a:e0:71:f3:d8:90:f1:46:d2:25:f9:5c:
         b2:cb:52:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZpNv9F7w5Qpz23WabhkeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YzJlYWI2YTI5NjA1MDYwNDZhMWRhNDMxMjc3M2Q5OGU5
N2NkNWEwHhcNMjYwMzI5MDcwMjE5WhcNMjYwMzMwMDcwMjE5WjAzMTEwLwYDVQQD
EygyMzBmZWQ2N2Q2MmY2MWQ3NDhjY2E2MGVkMzkyODBjZTczNTBmZDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23LmfJlph0ZiNzqgEJgBcBubOeqc
lFSKYvD5b9d3vhSiI97YRG1Gw5h0OP6Jpb+8zJ0VLxv+PDLOprlXdCKNKStRQQ8F
G6qzIgyprOoGbvlhlNOLaVSqRRVrWrXMoXsf7ZodwVySBkmLt8Jp9XjzjVWmD/5k
YnNzR8W/S8xq56b+AMayJkj7s0Vnr2KZnK4gnJWWGBFP81KzhBzj8sJPDi7cODNq
IKiwm3+3u38vW+3Od0UUagBDMrnVbV6rveXmiO1FEKT9incdjDpfOf7RskO6XV7B
AoV3Ivdy9IEleLC+kKeJvAgt1feEJnE9Tvo0nshmFmhTMSEBVuv9xqngQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCMP7WfWL2HXSMymDtOSgM5zUP0UMB8GA1UdIwQY
MBaAFBTC6railgUGBGodpDEnc9mOl81aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk1McXRxS1dCUVlFYWgya01TZHoyWTZYelZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS80YjRkN2EtY2U0OC00N2E0LWEzYzQt
NjExZTU3ZGE5NWMwLzEvRk1McXRxS1dCUVlFYWgya01TZHoyWTZYelZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS80YjRkN2EtY2U0OC00N2E0LWEzYzQtNjExZTU3ZGE5NWMw
LzEvRk1McXRxS1dCUVlFYWgya01TZHoyWTZYelZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiV3XXnhw
ou6hNmmg4TnDMZCdwCr7/t8g6CzJlD50rvIywP6Gj5YsmlVeWjAoSCXuVJrFHjC/
U7WtBeHVERlBDTvvZF1osSt7Rl4BEoK3npEvuv+l7ClNuySesUcJ4P+Ic4N5AdOF
bm0wBD1gaL4H8OkKaMmXSUCUndfheKE8zAALVpqBJIGe4zSp6B485gr2KEHm+2GT
On1BAokFO9AOYqdyl681boM5YtB/hWDPyhrK+J1xUJAXJKaxdKBUgacEGi7U4a+/
5QQLxSOnO6w5JOTmhpQp03Z73fhuM2qVFDJ2bFW9eKucNxzllKwJzLNrmuBx89iQ
8UbSJflcsstSjQ==
-----END CERTIFICATE-----