Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft
File:                     001KO3R_ynAQOxfz29xQRcrOMt8.mft (raw, json)
Hash identifier:          TmZI2Y3k1Z4Ub6RQwa0f9dO3c4FAo6B2L7MItfL4Sms=
Subject key identifier:   1C:93:B8:52:B7:9F:58:76:29:72:EF:5E:FB:DA:AF:60:34:C9:A8:90
Authority key identifier: D3:4D:4A:3B:74:7F:CA:70:10:3B:17:F3:DB:DC:50:45:CA:CE:32:DF
Certificate issuer:       /CN=d34d4a3b747fca70103b17f3dbdc5045cace32df
Certificate serial:       019D37F6E75E5BB3514502BE72DA471F9814
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft
Manifest number:          1890
Signing time:             Sun 29 Mar 2026 05:00:20 +0000
Manifest this update:     Sun 29 Mar 2026 05:00:20 +0000
Manifest next update:     Mon 30 Mar 2026 05:00:20 +0000
Files and hashes:         1: 001KO3R_ynAQOxfz29xQRcrOMt8.crl (hash: EdEyHMyGUEnnM2Xy9/YuONc5k6EOQPK/sOKKJMHXE+A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 05:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:f6:e7:5e:5b:b3:51:45:02:be:72:da:47:1f:98:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d34d4a3b747fca70103b17f3dbdc5045cace32df
        Validity
            Not Before: Mar 29 05:00:20 2026 GMT
            Not After : Mar 30 05:00:20 2026 GMT
        Subject: CN=1c93b852b79f58762972ef5efbdaaf6034c9a890
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:da:13:a6:ab:57:3d:67:da:c0:a3:a0:55:02:
                    2e:f4:dd:21:1e:19:fd:09:78:15:f0:fa:c1:c1:60:
                    80:e1:8b:2b:7f:13:0a:fd:21:08:a8:0e:fa:57:73:
                    81:7a:c1:ab:6f:4d:d1:b7:0c:89:3e:1c:9a:a3:0d:
                    03:2b:ca:27:9e:8d:f8:72:eb:40:74:ef:44:68:93:
                    21:15:e8:e4:8c:ff:56:f6:bb:24:35:88:71:38:86:
                    fd:f0:04:81:b8:66:bd:eb:b6:2b:34:00:c8:35:59:
                    bc:ea:75:d7:59:5c:5c:af:4e:63:2f:81:60:34:b5:
                    39:19:20:9d:95:94:7c:0f:cc:d4:b8:53:e6:2a:19:
                    db:b2:04:0f:fe:0e:5c:87:7c:54:0a:9b:aa:23:a5:
                    c0:da:bf:b0:4b:08:a3:6c:e5:e6:83:94:11:86:88:
                    f1:c0:6b:6d:15:10:2f:e4:7e:15:49:98:db:96:00:
                    54:77:94:1b:46:1c:d6:93:91:18:3d:bf:02:97:ce:
                    34:1e:20:2c:4d:82:42:e2:25:8e:89:cf:d6:30:35:
                    a9:18:d5:ea:f0:77:f2:b2:b7:cb:c8:30:13:f8:04:
                    44:23:b6:b9:f1:b1:95:4c:16:e7:23:53:16:8b:cf:
                    32:84:95:8f:1d:2e:95:28:e8:57:a4:f2:b4:17:9b:
                    73:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:93:B8:52:B7:9F:58:76:29:72:EF:5E:FB:DA:AF:60:34:C9:A8:90
            X509v3 Authority Key Identifier:
                keyid:D3:4D:4A:3B:74:7F:CA:70:10:3B:17:F3:DB:DC:50:45:CA:CE:32:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:68:5d:8d:a4:c9:ec:27:72:2c:cc:7e:9a:ab:84:dd:b1:75:
         fb:64:b3:f4:a6:53:06:a2:70:ae:cd:97:73:3b:4c:b6:a7:d2:
         0d:a1:3a:56:c0:25:d1:1d:29:e8:cc:e9:c6:5d:36:57:e5:1e:
         37:30:46:d6:c0:62:47:39:f3:bd:f8:db:87:34:79:b7:33:42:
         d0:75:28:b1:fe:5c:f2:9d:8f:40:1e:3c:6b:3b:d3:2a:00:1d:
         e2:76:f7:b7:0f:9a:b4:50:0e:b4:73:02:b1:a2:90:3b:2c:56:
         1b:e1:59:53:9f:1f:9a:de:41:63:8c:88:f1:50:94:2e:9d:5b:
         ac:51:14:85:ae:13:aa:64:ac:21:f0:9a:76:0b:22:74:dd:8d:
         37:4b:77:a0:0b:f7:90:72:63:f1:b7:78:d1:17:56:6a:dd:df:
         a6:d0:b3:d9:91:94:fe:79:6b:9a:f2:a2:9e:a7:b4:a0:9b:39:
         95:4e:b6:42:b4:94:1c:54:97:09:68:5c:78:3c:14:b7:b3:89:
         23:20:2c:80:9c:89:4f:3f:df:0c:49:75:33:c0:35:28:8e:bb:
         06:ca:b9:43:ce:45:46:38:81:41:86:ec:d7:9a:1f:cd:b3:d3:
         b5:ac:01:27:a8:18:5e:a3:ee:70:f8:83:39:6e:a2:cc:a6:f7:
         20:f9:30:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ039udeW7NRRQK+ctpHH5gUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNGQ0YTNiNzQ3ZmNhNzAxMDNiMTdmM2RiZGM1MDQ1Y2Fj
ZTMyZGYwHhcNMjYwMzI5MDUwMDIwWhcNMjYwMzMwMDUwMDIwWjAzMTEwLwYDVQQD
EygxYzkzYjg1MmI3OWY1ODc2Mjk3MmVmNWVmYmRhYWY2MDM0YzlhODkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdoTpqtXPWfawKOgVQIu9N0hHhn9
CXgV8PrBwWCA4YsrfxMK/SEIqA76V3OBesGrb03RtwyJPhyaow0DK8onno34cutA
dO9EaJMhFejkjP9W9rskNYhxOIb98ASBuGa967YrNADINVm86nXXWVxcr05jL4Fg
NLU5GSCdlZR8D8zUuFPmKhnbsgQP/g5ch3xUCpuqI6XA2r+wSwijbOXmg5QRhojx
wGttFRAv5H4VSZjblgBUd5QbRhzWk5EYPb8Cl840HiAsTYJC4iWOic/WMDWpGNXq
8HfysrfLyDAT+AREI7a58bGVTBbnI1MWi88yhJWPHS6VKOhXpPK0F5tzGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFByTuFK3n1h2KXLvXvvar2A0yaiQMB8GA1UdIwQY
MBaAFNNNSjt0f8pwEDsX89vcUEXKzjLfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi84ZDgzNzItZTA3OS00ODMxLWFmZDIt
NDM3OTM0YzU4NDUzLzEvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi84ZDgzNzItZTA3OS00ODMxLWFmZDItNDM3OTM0YzU4NDUz
LzEvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB2hdjaTJ
7CdyLMx+mquE3bF1+2Sz9KZTBqJwrs2XcztMtqfSDaE6VsAl0R0p6Mzpxl02V+Ue
NzBG1sBiRznzvfjbhzR5tzNC0HUosf5c8p2PQB48azvTKgAd4nb3tw+atFAOtHMC
saKQOyxWG+FZU58fmt5BY4yI8VCULp1brFEUha4TqmSsIfCadgsidN2NN0t3oAv3
kHJj8bd40RdWat3fptCz2ZGU/nlrmvKinqe0oJs5lU62QrSUHFSXCWhceDwUt7OJ
IyAsgJyJTz/fDEl1M8A1KI67Bsq5Q85FRjiBQYbs15ofzbPTtawBJ6gYXqPucPiD
OW6izKb3IPkwhQ==
-----END CERTIFICATE-----