Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
File:                     0kvL9emk_kMp8iPBFFBykFOPnMI.mft (raw, json)
Hash identifier:          4Nb+EJOUfr1TSuYc8QHbOtPmn7ZrcnP0Y107WdGPfyc=
Subject key identifier:   F3:2D:8F:4C:26:A9:30:F3:FA:DD:9B:04:A9:F8:C7:B5:0D:8E:21:3A
Authority key identifier: D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2
Certificate issuer:       /CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2
Certificate serial:       019E2F96903E92E9477F0D989E90E18BFAFC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
Manifest number:          145A
Signing time:             Sat 16 May 2026 07:00:56 +0000
Manifest this update:     Sat 16 May 2026 07:00:56 +0000
Manifest next update:     Sun 17 May 2026 07:00:56 +0000
Files and hashes:         1: 0kvL9emk_kMp8iPBFFBykFOPnMI.crl (hash: nsKzXAq4Hn0T/kAToGDJ5sSUqk1oQmy9DLETPw6GABc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 07:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:96:90:3e:92:e9:47:7f:0d:98:9e:90:e1:8b:fa:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2
        Validity
            Not Before: May 16 07:00:56 2026 GMT
            Not After : May 17 07:00:56 2026 GMT
        Subject: CN=f32d8f4c26a930f3fadd9b04a9f8c7b50d8e213a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:b9:47:6d:0f:64:f4:b7:e3:d2:65:a0:8f:9c:
                    26:51:66:72:07:80:e6:5f:5c:93:79:e8:e7:2e:65:
                    2a:b5:b2:65:10:59:d1:58:67:6c:2c:d0:d0:02:1a:
                    d6:8e:9b:75:9a:eb:45:07:ad:6b:1f:13:ef:bd:17:
                    5f:f0:76:d7:37:14:33:d9:1b:e6:3a:25:35:e4:b1:
                    5a:62:2b:6c:1d:54:11:4c:7f:d5:5e:24:a6:7b:a4:
                    be:8d:55:ab:65:73:2f:f3:c7:ea:20:02:5d:53:12:
                    41:1b:b4:f8:a4:8b:1e:9a:d2:67:37:a3:f0:6f:bb:
                    cf:78:b2:1e:13:2f:59:45:9e:c2:15:42:dc:95:e1:
                    03:79:f5:c7:38:5b:c7:71:16:09:c3:4b:1f:13:9e:
                    07:b5:a5:e5:5b:88:11:1a:ea:07:e0:b6:f6:47:e5:
                    a1:3b:ce:85:13:9b:b4:56:a0:67:87:49:67:4f:73:
                    fd:33:28:9e:56:29:64:85:e4:ce:ca:78:e2:dd:6c:
                    a5:cd:8d:a1:06:3b:76:00:79:02:c8:a6:99:8d:d0:
                    c7:73:2c:50:fa:51:21:80:67:90:76:d6:be:bc:91:
                    26:ea:ff:77:e4:d0:c2:69:b0:f5:0a:67:fa:3e:b1:
                    aa:33:fe:67:91:ef:60:7c:7a:03:64:0e:f7:43:c5:
                    e4:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:2D:8F:4C:26:A9:30:F3:FA:DD:9B:04:A9:F8:C7:B5:0D:8E:21:3A
            X509v3 Authority Key Identifier:
                keyid:D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:f6:51:4d:6f:c7:9f:11:00:8e:cb:63:4b:2c:20:42:e8:92:
         54:5d:4c:0e:18:30:98:12:8c:64:a5:88:df:36:28:26:9c:74:
         b0:54:09:ab:22:2e:3b:94:21:34:87:6a:48:93:c5:62:fd:97:
         0c:de:92:38:64:45:7c:60:c2:2d:bd:85:09:e3:fb:50:c7:ae:
         da:97:c9:6d:b0:b6:82:ea:79:f1:09:c3:80:d6:e3:e2:fa:55:
         c2:de:d2:5e:ae:0f:91:ba:d7:ed:f8:9f:ce:6a:7d:41:39:05:
         ad:75:9d:c4:fa:5d:f0:62:4b:1d:0d:ef:c1:47:c3:be:67:31:
         64:92:37:5a:94:03:fd:ab:fb:0b:ed:a1:1c:29:2a:e3:5e:c3:
         75:89:37:07:92:26:40:bd:2e:81:32:8f:8a:a8:22:26:14:1f:
         81:ca:4d:4f:ad:a4:eb:0b:95:ed:b2:c4:cb:4a:5f:64:1a:5d:
         ab:81:eb:8a:bb:42:e5:79:c8:c3:3e:17:7c:7e:da:8d:2f:f0:
         0d:31:9a:c9:84:22:66:b3:21:07:0d:c4:78:f6:2b:69:75:60:
         f2:67:e4:3d:04:e4:3b:97:d5:9e:eb:4b:a0:5c:85:e2:2e:9d:
         69:99:07:a2:00:c7:6d:d5:5c:db:77:13:9b:b9:2f:66:cc:53:
         c1:ba:41:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vlpA+kulHfw2YnpDhi/r8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNGJjYmY1ZTlhNGZlNDMyOWYyMjNjMTE0NTA3MjkwNTM4
ZjljYzIwHhcNMjYwNTE2MDcwMDU2WhcNMjYwNTE3MDcwMDU2WjAzMTEwLwYDVQQD
EyhmMzJkOGY0YzI2YTkzMGYzZmFkZDliMDRhOWY4YzdiNTBkOGUyMTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7lHbQ9k9Lfj0mWgj5wmUWZyB4Dm
X1yTeejnLmUqtbJlEFnRWGdsLNDQAhrWjpt1mutFB61rHxPvvRdf8HbXNxQz2Rvm
OiU15LFaYitsHVQRTH/VXiSme6S+jVWrZXMv88fqIAJdUxJBG7T4pIsemtJnN6Pw
b7vPeLIeEy9ZRZ7CFULcleEDefXHOFvHcRYJw0sfE54HtaXlW4gRGuoH4Lb2R+Wh
O86FE5u0VqBnh0lnT3P9MyieVilkheTOynji3WylzY2hBjt2AHkCyKaZjdDHcyxQ
+lEhgGeQdta+vJEm6v935NDCabD1Cmf6PrGqM/5nke9gfHoDZA73Q8XkowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPMtj0wmqTDz+t2bBKn4x7UNjiE6MB8GA1UdIwQY
MBaAFNJLy/XppP5DKfIjwRRQcpBTj5zCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUt
MmU2ZTVlNWY1ZDliLzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUtMmU2ZTVlNWY1ZDli
LzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmPZRTW/H
nxEAjstjSywgQuiSVF1MDhgwmBKMZKWI3zYoJpx0sFQJqyIuO5QhNIdqSJPFYv2X
DN6SOGRFfGDCLb2FCeP7UMeu2pfJbbC2gup58QnDgNbj4vpVwt7SXq4PkbrX7fif
zmp9QTkFrXWdxPpd8GJLHQ3vwUfDvmcxZJI3WpQD/av7C+2hHCkq417DdYk3B5Im
QL0ugTKPiqgiJhQfgcpNT62k6wuV7bLEy0pfZBpdq4HrirtC5XnIwz4XfH7ajS/w
DTGayYQiZrMhBw3EePYraXVg8mfkPQTkO5fVnutLoFyF4i6daZkHogDHbdVc23cT
m7kvZsxTwbpBbA==
-----END CERTIFICATE-----