Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
File:                     kfikmw1lM9BnmVaH-u49tzqqCLE.mft (raw, json)
Hash identifier:          zVPiSWRyUiN0gXI5yYMDetAm0you4i3Q2kyzQo3LQvQ=
Subject key identifier:   0C:6F:91:4C:17:CA:E7:1A:D7:92:47:C6:1F:A3:60:56:A5:FF:0B:0F
Authority key identifier: 91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1
Certificate issuer:       /CN=91f8a49b0d6533d067995687faee3db73aaa08b1
Certificate serial:       019D3865EE04C901A33E0D98372C33119F32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
Manifest number:          07A1
Signing time:             Sun 29 Mar 2026 07:01:37 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:37 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:37 +0000
Files and hashes:         1: kfikmw1lM9BnmVaH-u49tzqqCLE.crl (hash: 6FIXKXhMNzF2JhHsgFgwBUvereZY3ayHPFJ5Qahsa/I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:ee:04:c9:01:a3:3e:0d:98:37:2c:33:11:9f:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91f8a49b0d6533d067995687faee3db73aaa08b1
        Validity
            Not Before: Mar 29 07:01:37 2026 GMT
            Not After : Mar 30 07:01:37 2026 GMT
        Subject: CN=0c6f914c17cae71ad79247c61fa36056a5ff0b0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:3f:ec:db:3e:89:3a:66:e5:e2:3f:34:cc:2c:
                    1b:85:36:b4:d7:57:a8:5b:10:e0:9a:29:64:3d:2c:
                    54:d5:49:67:5d:95:ab:32:4c:f8:f2:e3:9c:33:61:
                    ce:ca:fd:f8:31:c2:1d:65:02:f6:74:b5:a2:a5:49:
                    85:07:66:99:1b:af:02:e5:18:63:31:fa:e5:8a:fe:
                    8c:70:fa:e3:26:fa:25:60:df:b7:3a:b3:90:25:70:
                    f5:af:cd:4d:eb:7c:9b:ac:5f:1c:59:f0:cd:15:ab:
                    4c:1c:2c:5c:d5:78:78:83:b9:00:b3:39:47:d6:bf:
                    7b:d2:12:ba:16:ca:bf:07:57:05:5a:6b:54:3b:1e:
                    3e:9a:43:8f:0e:71:58:2e:b2:ca:ff:cd:83:ad:57:
                    fb:82:57:0b:44:65:da:f0:4f:f6:d5:84:f0:71:3f:
                    e2:39:a4:bf:13:bc:be:c7:f6:88:ab:d7:6f:e1:22:
                    08:a4:67:c1:96:b5:51:c1:ac:11:47:88:df:d5:15:
                    e5:e4:4e:8c:01:63:ee:30:b4:e6:89:8b:89:ba:dd:
                    e2:61:c9:a6:33:f0:1e:e1:76:dd:42:fa:bb:f0:3f:
                    97:d1:23:cc:b9:dc:af:66:28:ed:1f:d2:fa:d1:01:
                    aa:3b:fb:9a:8f:e2:8e:66:8d:46:e4:6b:83:43:f9:
                    d4:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:6F:91:4C:17:CA:E7:1A:D7:92:47:C6:1F:A3:60:56:A5:FF:0B:0F
            X509v3 Authority Key Identifier:
                keyid:91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:b8:8a:63:92:56:d5:e8:7b:37:65:40:02:6a:e5:6d:57:36:
         2e:0b:d2:37:cf:c2:d7:b8:11:7c:6c:bc:5b:3f:1b:3d:cf:ff:
         9f:13:1b:d3:b1:6a:bb:33:86:89:c9:c7:39:48:00:db:2c:44:
         15:3a:c8:db:a2:f9:34:4f:d3:71:4b:d5:8d:a8:f6:41:b9:28:
         0c:64:58:eb:e1:c7:61:40:ab:ca:f0:b1:84:52:9b:77:97:d3:
         d1:b2:35:9d:23:99:42:cc:85:50:44:d5:35:ea:56:c8:ff:81:
         5b:29:bf:a7:c3:c3:1f:45:8e:44:0d:04:bf:b8:74:c1:72:f0:
         c0:d8:80:32:93:70:55:82:a9:e7:0e:74:7e:e1:0e:7f:6b:a5:
         1a:8f:b0:a6:f8:8b:67:de:e5:27:7c:2f:07:11:e6:80:2e:01:
         80:cb:46:08:ee:b0:50:13:27:13:38:a0:60:f9:c0:40:0b:71:
         6b:68:0a:43:76:22:e8:a1:60:c2:97:58:6f:45:8d:0f:87:25:
         67:ec:da:a7:b2:fe:e9:61:f5:07:43:56:e0:24:9b:c9:1d:c6:
         29:ab:b7:e5:7c:5e:c8:38:b3:90:3b:23:f9:ec:47:1e:20:f7:
         74:2c:b1:a4:03:ab:76:93:83:c2:ac:bf:7c:8d:79:7d:a7:e6:
         32:b2:5e:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Ze4EyQGjPg2YNywzEZ8yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZjhhNDliMGQ2NTMzZDA2Nzk5NTY4N2ZhZWUzZGI3M2Fh
YTA4YjEwHhcNMjYwMzI5MDcwMTM3WhcNMjYwMzMwMDcwMTM3WjAzMTEwLwYDVQQD
EygwYzZmOTE0YzE3Y2FlNzFhZDc5MjQ3YzYxZmEzNjA1NmE1ZmYwYjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqj/s2z6JOmbl4j80zCwbhTa011eo
WxDgmilkPSxU1UlnXZWrMkz48uOcM2HOyv34McIdZQL2dLWipUmFB2aZG68C5Rhj
Mfrliv6McPrjJvolYN+3OrOQJXD1r81N63ybrF8cWfDNFatMHCxc1Xh4g7kAszlH
1r970hK6Fsq/B1cFWmtUOx4+mkOPDnFYLrLK/82DrVf7glcLRGXa8E/21YTwcT/i
OaS/E7y+x/aIq9dv4SIIpGfBlrVRwawRR4jf1RXl5E6MAWPuMLTmiYuJut3iYcmm
M/Ae4XbdQvq78D+X0SPMudyvZijtH9L60QGqO/uaj+KOZo1G5GuDQ/nUgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAxvkUwXyuca15JHxh+jYFal/wsPMB8GA1UdIwQY
MBaAFJH4pJsNZTPQZ5lWh/ruPbc6qgixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYt
NDMyODQyOWJkMzc0LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYtNDMyODQyOWJkMzc0
LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeLiKY5JW
1eh7N2VAAmrlbVc2LgvSN8/C17gRfGy8Wz8bPc//nxMb07FquzOGicnHOUgA2yxE
FTrI26L5NE/TcUvVjaj2QbkoDGRY6+HHYUCryvCxhFKbd5fT0bI1nSOZQsyFUETV
NepWyP+BWym/p8PDH0WORA0Ev7h0wXLwwNiAMpNwVYKp5w50fuEOf2ulGo+wpviL
Z97lJ3wvBxHmgC4BgMtGCO6wUBMnEzigYPnAQAtxa2gKQ3Yi6KFgwpdYb0WND4cl
Z+zap7L+6WH1B0NW4CSbyR3GKau35XxeyDizkDsj+exHHiD3dCyxpAOrdpODwqy/
fI15fafmMrJeXA==
-----END CERTIFICATE-----