Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.mft
File:                     pKgNKvhhtwo37AUOAT5t-6lMiz0.mft (raw, json)
Hash identifier:          d6R0YBKVe0Mp0hRZ754x5MbGPtpRLg9A7rz909aUDcA=
Subject key identifier:   FA:97:CE:C6:1D:B0:94:E1:06:84:24:AC:27:10:95:4A:15:EA:CF:86
Authority key identifier: A4:A8:0D:2A:F8:61:B7:0A:37:EC:05:0E:01:3E:6D:FB:A9:4C:8B:3D
Certificate issuer:       /CN=a4a80d2af861b70a37ec050e013e6dfba94c8b3d
Certificate serial:       019D3866411FC0A13FB8BEF6D87E996F956B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pKgNKvhhtwo37AUOAT5t-6lMiz0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.mft
Manifest number:          1133
Signing time:             Sun 29 Mar 2026 07:01:58 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:58 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:58 +0000
Files and hashes:         1: pKgNKvhhtwo37AUOAT5t-6lMiz0.crl (hash: hFu/BxdWJ4IBZLJo8W88uB6tmQM3SMX+SZaocoh4+V4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pKgNKvhhtwo37AUOAT5t-6lMiz0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:41:1f:c0:a1:3f:b8:be:f6:d8:7e:99:6f:95:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4a80d2af861b70a37ec050e013e6dfba94c8b3d
        Validity
            Not Before: Mar 29 07:01:58 2026 GMT
            Not After : Mar 30 07:01:58 2026 GMT
        Subject: CN=fa97cec61db094e1068424ac2710954a15eacf86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:66:2b:26:a6:1f:7a:7c:ac:1f:ad:23:2b:da:
                    44:d5:02:2d:6e:63:99:dd:57:4a:45:14:e9:7f:6d:
                    a0:91:ef:46:6b:f3:dc:99:a7:6e:00:bb:10:c8:0d:
                    0c:57:bb:b4:5e:a4:d1:f6:3a:f0:26:c9:44:87:f5:
                    ba:9f:2c:fa:36:db:e7:b5:59:fc:c9:e7:42:96:a0:
                    9d:14:7c:da:98:37:36:74:39:1f:96:8c:a0:4f:49:
                    47:8f:8a:c0:60:e7:64:80:70:f2:56:2b:76:98:c0:
                    95:63:6c:82:f8:b5:26:24:bb:27:9a:de:02:8e:2d:
                    81:f2:89:28:52:7b:f9:87:e5:62:4b:e3:a0:a8:9d:
                    3e:0d:eb:03:83:e1:f0:c4:19:21:ef:bb:45:64:3f:
                    10:34:cf:d9:5c:01:26:06:e3:6d:02:91:a8:ab:57:
                    d2:4d:73:81:92:b5:84:e9:26:84:f0:71:11:ef:ce:
                    19:9d:39:56:c5:98:d1:b8:1a:ee:a8:48:80:03:94:
                    81:35:19:3b:03:9e:4c:08:0c:66:b5:0a:b5:f1:a1:
                    a6:d8:9a:3b:41:e4:18:92:0d:c7:73:b0:5d:05:a8:
                    6f:c7:c1:38:69:df:0b:a8:81:39:d4:ab:ca:70:eb:
                    55:ff:c1:dd:e5:00:b1:50:08:97:19:15:d7:dc:43:
                    ec:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:97:CE:C6:1D:B0:94:E1:06:84:24:AC:27:10:95:4A:15:EA:CF:86
            X509v3 Authority Key Identifier:
                keyid:A4:A8:0D:2A:F8:61:B7:0A:37:EC:05:0E:01:3E:6D:FB:A9:4C:8B:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pKgNKvhhtwo37AUOAT5t-6lMiz0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:f7:d0:6f:a2:a6:21:1b:29:80:09:cb:03:3e:e8:e3:d4:ef:
         55:1f:91:3b:40:bc:3f:a7:f1:44:b7:e8:74:43:44:6f:06:16:
         f6:a0:15:75:f7:95:2b:ef:ae:a5:a3:72:e9:6d:fb:2c:f2:e6:
         c5:a1:8b:b8:91:a6:6f:e1:9a:ac:69:53:db:d4:ff:5f:e6:a0:
         7f:88:6a:53:43:8c:c2:3d:eb:61:01:97:89:b1:9a:58:3e:c8:
         30:6a:6b:64:c0:05:e8:be:7a:69:d3:d5:52:00:d0:80:2f:dd:
         3b:1e:52:a2:7e:0a:38:f5:d3:fd:f3:79:18:7e:c1:84:d7:91:
         be:cc:24:e7:55:b4:b6:44:6e:4a:86:fa:76:fe:1e:58:cb:0e:
         59:46:3c:35:c4:1a:ef:d4:68:2b:55:2c:ee:66:48:7b:65:9f:
         e2:a9:a7:9b:a5:06:2d:04:39:90:03:24:38:6f:10:4d:b1:55:
         cf:5f:bc:bc:e0:e1:8c:cd:27:bc:18:22:07:7a:72:9f:5d:ee:
         ec:40:3a:08:13:3b:bc:38:c5:cf:e6:86:f0:04:ae:5c:34:00:
         d6:0b:65:d8:67:ee:84:0d:24:99:c6:95:b7:67:5f:50:03:e4:
         ee:da:3e:cf:e3:06:87:d8:b8:eb:dd:49:cf:32:00:fb:54:34:
         60:b5:a8:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZkEfwKE/uL722H6Zb5VrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YTgwZDJhZjg2MWI3MGEzN2VjMDUwZTAxM2U2ZGZiYTk0
YzhiM2QwHhcNMjYwMzI5MDcwMTU4WhcNMjYwMzMwMDcwMTU4WjAzMTEwLwYDVQQD
EyhmYTk3Y2VjNjFkYjA5NGUxMDY4NDI0YWMyNzEwOTU0YTE1ZWFjZjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGYrJqYfenysH60jK9pE1QItbmOZ
3VdKRRTpf22gke9Ga/PcmaduALsQyA0MV7u0XqTR9jrwJslEh/W6nyz6NtvntVn8
yedClqCdFHzamDc2dDkfloygT0lHj4rAYOdkgHDyVit2mMCVY2yC+LUmJLsnmt4C
ji2B8okoUnv5h+ViS+OgqJ0+DesDg+HwxBkh77tFZD8QNM/ZXAEmBuNtApGoq1fS
TXOBkrWE6SaE8HER784ZnTlWxZjRuBruqEiAA5SBNRk7A55MCAxmtQq18aGm2Jo7
QeQYkg3Hc7BdBahvx8E4ad8LqIE51KvKcOtV/8Hd5QCxUAiXGRXX3EPsIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqXzsYdsJThBoQkrCcQlUoV6s+GMB8GA1UdIwQY
MBaAFKSoDSr4YbcKN+wFDgE+bfupTIs9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEtnTkt2aGh0d28zN0FVT0FUNXQtNmxNaXowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lYzYyMjUtZDZhNy00MThhLWIwMmYt
NjIzNGVhMDllMTg2LzEvcEtnTkt2aGh0d28zN0FVT0FUNXQtNmxNaXowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lYzYyMjUtZDZhNy00MThhLWIwMmYtNjIzNGVhMDllMTg2
LzEvcEtnTkt2aGh0d28zN0FVT0FUNXQtNmxNaXowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOPfQb6Km
IRspgAnLAz7o49TvVR+RO0C8P6fxRLfodENEbwYW9qAVdfeVK++upaNy6W37LPLm
xaGLuJGmb+GarGlT29T/X+agf4hqU0OMwj3rYQGXibGaWD7IMGprZMAF6L56adPV
UgDQgC/dOx5Son4KOPXT/fN5GH7BhNeRvswk51W0tkRuSob6dv4eWMsOWUY8NcQa
79RoK1Us7mZIe2Wf4qmnm6UGLQQ5kAMkOG8QTbFVz1+8vODhjM0nvBgiB3pyn13u
7EA6CBM7vDjFz+aG8ASuXDQA1gtl2GfuhA0kmcaVt2dfUAPk7to+z+MGh9i4691J
zzIA+1Q0YLWosA==
-----END CERTIFICATE-----