Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft
File:                     kYaHyFQkQhcMxR71MW05Y2CXCNw.mft (raw, json)
Hash identifier:          iVJReQaO8vM2uaf7G2rN9t9qisrtD9WZR7BIe0VqtbU=
Subject key identifier:   E2:65:BF:4B:7A:97:CC:DB:C0:F4:BA:9A:07:F2:80:BA:A1:A8:EC:43
Authority key identifier: 91:86:87:C8:54:24:42:17:0C:C5:1E:F5:31:6D:39:63:60:97:08:DC
Certificate issuer:       /CN=918687c8542442170cc51ef5316d3963609708dc
Certificate serial:       019D3865748056CF25E40EB146FCE824118B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft
Manifest number:          149B
Signing time:             Sun 29 Mar 2026 07:01:06 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:06 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:06 +0000
Files and hashes:         1: kYaHyFQkQhcMxR71MW05Y2CXCNw.crl (hash: I+L7g1g4sB1aax2wK0lWLz6CmEMNwbFPVuhlJrQhgds=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:74:80:56:cf:25:e4:0e:b1:46:fc:e8:24:11:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=918687c8542442170cc51ef5316d3963609708dc
        Validity
            Not Before: Mar 29 07:01:06 2026 GMT
            Not After : Mar 30 07:01:06 2026 GMT
        Subject: CN=e265bf4b7a97ccdbc0f4ba9a07f280baa1a8ec43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:d4:d5:31:df:f4:c7:66:21:61:02:37:a9:49:
                    fd:fb:d5:5e:db:07:ac:82:34:59:6a:7c:8a:03:5f:
                    0d:9e:65:3e:e0:fc:b2:17:92:3b:7e:09:f6:e2:a6:
                    fb:4f:0f:b0:8b:68:40:db:49:3c:6f:9d:8a:73:e0:
                    31:3b:98:de:50:11:03:8a:d9:d7:62:96:8a:fc:a1:
                    28:b9:62:05:43:bd:5a:37:c4:a3:81:84:5f:6e:eb:
                    d2:de:b2:17:1c:c1:c1:6e:99:c7:de:18:c2:43:aa:
                    56:7d:82:51:9b:5a:24:79:e9:b7:c2:56:b1:ad:aa:
                    8b:51:51:a7:3f:ef:e8:4e:52:c2:e6:f3:bf:a8:28:
                    c0:6c:65:83:a3:66:6f:00:ea:92:81:78:4c:63:0e:
                    71:da:8f:49:e8:e0:30:31:80:69:b9:98:5e:ee:85:
                    24:45:d8:02:88:82:ab:29:92:ae:0a:88:10:4e:9e:
                    a4:9f:83:54:cf:aa:70:a7:79:6e:8f:97:43:53:32:
                    1a:61:49:b1:16:ea:71:da:d2:91:f6:ff:51:30:a4:
                    96:3a:10:42:81:31:bf:31:2b:72:a1:5f:b5:ff:6c:
                    7b:71:81:8d:28:69:d3:b8:0d:48:64:2f:3d:82:29:
                    aa:b3:b0:84:75:17:06:04:71:ea:f6:b3:d4:48:9e:
                    4a:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:65:BF:4B:7A:97:CC:DB:C0:F4:BA:9A:07:F2:80:BA:A1:A8:EC:43
            X509v3 Authority Key Identifier:
                keyid:91:86:87:C8:54:24:42:17:0C:C5:1E:F5:31:6D:39:63:60:97:08:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:11:a9:b9:36:70:4c:bb:2f:3c:ce:ef:6b:26:28:f8:9b:dd:
         fb:6a:bb:62:c7:4d:e9:d0:e3:02:c5:12:f4:be:91:b5:37:43:
         71:17:41:04:06:4a:cb:05:20:e1:77:4f:ea:2a:e2:de:13:a0:
         e1:8f:0e:82:e2:aa:d9:65:1e:c5:95:66:ce:ac:d2:89:8e:41:
         00:14:b5:07:04:d7:09:c6:90:7b:e6:33:1c:0d:94:7b:43:8f:
         37:49:ba:32:1f:d6:8b:6d:75:39:52:04:ed:56:38:de:b1:94:
         cf:6c:74:f4:54:1e:e9:93:37:39:8c:90:b4:6e:11:7e:41:c2:
         bc:f8:f7:14:d6:0a:d0:b9:51:cd:6e:3c:01:9c:08:4b:9d:06:
         45:01:34:48:8e:53:01:c0:62:e3:c2:46:a9:97:e9:70:3b:39:
         84:c0:54:59:67:53:c5:d2:e8:10:51:7b:e3:7f:fc:22:a8:17:
         c1:50:a3:3a:bc:ea:89:ce:ea:fa:af:05:24:a2:b1:db:6c:02:
         2a:8d:13:8c:cd:32:1b:d4:45:fb:64:2c:48:b6:e5:40:b8:42:
         0d:16:d9:a1:15:37:c9:5e:99:03:b3:16:2a:12:6d:51:a9:08:
         d9:ee:0d:0e:87:41:22:c0:88:ef:7b:8a:8d:3d:00:3d:99:7c:
         7b:3a:d0:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZXSAVs8l5A6xRvzoJBGLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxODY4N2M4NTQyNDQyMTcwY2M1MWVmNTMxNmQzOTYzNjA5
NzA4ZGMwHhcNMjYwMzI5MDcwMTA2WhcNMjYwMzMwMDcwMTA2WjAzMTEwLwYDVQQD
EyhlMjY1YmY0YjdhOTdjY2RiYzBmNGJhOWEwN2YyODBiYWExYThlYzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNTVMd/0x2YhYQI3qUn9+9Ve2wes
gjRZanyKA18NnmU+4PyyF5I7fgn24qb7Tw+wi2hA20k8b52Kc+AxO5jeUBEDitnX
YpaK/KEouWIFQ71aN8SjgYRfbuvS3rIXHMHBbpnH3hjCQ6pWfYJRm1okeem3wlax
raqLUVGnP+/oTlLC5vO/qCjAbGWDo2ZvAOqSgXhMYw5x2o9J6OAwMYBpuZhe7oUk
RdgCiIKrKZKuCogQTp6kn4NUz6pwp3luj5dDUzIaYUmxFupx2tKR9v9RMKSWOhBC
gTG/MStyoV+1/2x7cYGNKGnTuA1IZC89gimqs7CEdRcGBHHq9rPUSJ5KpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOJlv0t6l8zbwPS6mgfygLqhqOxDMB8GA1UdIwQY
MBaAFJGGh8hUJEIXDMUe9TFtOWNglwjcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi84MzIyNmEtNDI5MS00ZjAzLTliZTMt
ODllMzlhYzFlZDgxLzEva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi84MzIyNmEtNDI5MS00ZjAzLTliZTMtODllMzlhYzFlZDgx
LzEva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOBGpuTZw
TLsvPM7vayYo+Jvd+2q7YsdN6dDjAsUS9L6RtTdDcRdBBAZKywUg4XdP6iri3hOg
4Y8OguKq2WUexZVmzqzSiY5BABS1BwTXCcaQe+YzHA2Ue0OPN0m6Mh/Wi211OVIE
7VY43rGUz2x09FQe6ZM3OYyQtG4RfkHCvPj3FNYK0LlRzW48AZwIS50GRQE0SI5T
AcBi48JGqZfpcDs5hMBUWWdTxdLoEFF743/8IqgXwVCjOrzqic7q+q8FJKKx22wC
Ko0TjM0yG9RF+2QsSLblQLhCDRbZoRU3yV6ZA7MWKhJtUakI2e4NDodBIsCI73uK
jT0APZl8ezrQrw==
-----END CERTIFICATE-----