Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.mft
File:                     rkyfGKFH6zVjDiNFxUAOFop8icE.mft (raw, json)
Hash identifier:          k30TVRqtPwB/bTkv/YtZR+o2LOXkC8GM/sHlvPo7K4c=
Subject key identifier:   72:19:82:EB:AD:A9:37:FF:85:C3:29:35:76:4C:49:71:F3:0D:B0:83
Authority key identifier: AE:4C:9F:18:A1:47:EB:35:63:0E:23:45:C5:40:0E:16:8A:7C:89:C1
Certificate issuer:       /CN=ae4c9f18a147eb35630e2345c5400e168a7c89c1
Certificate serial:       019D3A1C2FAF2CED18A02EC9668B14024F80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rkyfGKFH6zVjDiNFxUAOFop8icE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.mft
Manifest number:          0DD7
Signing time:             Sun 29 Mar 2026 15:00:18 +0000
Manifest this update:     Sun 29 Mar 2026 15:00:18 +0000
Manifest next update:     Mon 30 Mar 2026 15:00:18 +0000
Files and hashes:         1: rkyfGKFH6zVjDiNFxUAOFop8icE.crl (hash: 1cpkYuqf52zRX9JSggNVWCnD5KvJCrQZ3y1kbyZ2bDE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rkyfGKFH6zVjDiNFxUAOFop8icE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:1c:2f:af:2c:ed:18:a0:2e:c9:66:8b:14:02:4f:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae4c9f18a147eb35630e2345c5400e168a7c89c1
        Validity
            Not Before: Mar 29 15:00:18 2026 GMT
            Not After : Mar 30 15:00:18 2026 GMT
        Subject: CN=721982ebada937ff85c32935764c4971f30db083
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:10:f9:9c:6a:11:17:5e:8a:02:50:ba:08:78:
                    50:ce:3e:50:1d:3a:1f:1b:b5:2d:ff:6e:49:11:7e:
                    ca:f6:ba:99:d6:3a:aa:cc:6f:55:1f:da:cc:b1:ca:
                    82:1a:e8:e2:0f:87:21:66:09:f3:fd:89:3a:97:05:
                    4c:7b:68:17:21:c2:3b:5d:33:41:04:74:a4:32:37:
                    8f:98:03:93:a6:9e:02:9b:92:66:87:78:3c:0a:13:
                    0d:0b:2a:2e:2f:44:07:b3:50:4c:a6:7b:47:cb:88:
                    c1:48:ef:65:1b:5c:87:f1:07:23:75:2b:65:18:8b:
                    bf:65:72:9e:c0:66:aa:fd:c3:57:f5:cc:a0:91:23:
                    e4:6e:f4:db:f3:d3:af:65:45:8c:d9:75:b1:11:84:
                    bb:7d:ce:c2:6c:6c:c5:a4:80:9a:b6:76:a9:5b:18:
                    08:60:c0:a1:d1:60:a3:9d:ed:ce:a2:c6:fb:33:32:
                    65:4e:98:6a:60:b0:ae:f4:fe:e6:36:30:e3:1b:05:
                    01:fb:92:e0:e2:f6:39:05:f9:ba:ba:a1:29:34:a2:
                    3b:f1:02:49:b9:17:ac:d8:b1:8b:82:c5:8c:48:80:
                    6c:d9:2a:69:30:96:d8:80:ac:3c:f9:88:b1:3a:31:
                    71:2d:98:1f:35:32:48:16:29:9a:c9:3c:84:f3:9e:
                    49:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:19:82:EB:AD:A9:37:FF:85:C3:29:35:76:4C:49:71:F3:0D:B0:83
            X509v3 Authority Key Identifier:
                keyid:AE:4C:9F:18:A1:47:EB:35:63:0E:23:45:C5:40:0E:16:8A:7C:89:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rkyfGKFH6zVjDiNFxUAOFop8icE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d96b82-58dd-4dda-bfd3-da05b37c8e24/1/rkyfGKFH6zVjDiNFxUAOFop8icE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:df:9d:d2:9c:71:49:5f:96:24:cf:8f:e0:19:28:1c:95:ad:
         a5:5b:36:b3:9d:da:bd:76:95:83:12:9e:be:25:99:f5:bb:8c:
         9c:a6:46:7b:5e:ea:e2:72:04:b6:b8:62:2c:fa:6a:ac:62:59:
         d0:47:c7:5d:d2:a3:49:2d:45:66:f4:36:92:2f:c5:c8:32:81:
         b9:45:ba:bf:f1:72:b9:4e:04:8e:02:38:74:c8:93:da:f0:38:
         89:ab:3a:f2:b7:36:7d:5b:5a:73:cc:0e:f9:8b:bc:3f:e0:e3:
         df:60:47:51:d7:2f:4c:83:ba:bd:a9:44:7b:6f:83:b4:f3:5b:
         72:dd:b4:a2:d6:a8:ed:0a:e5:2b:3b:1d:a8:4a:8d:0b:16:0b:
         51:73:c0:35:7f:60:21:4b:b6:5c:74:52:6c:f0:48:9d:9d:70:
         f1:40:a6:fa:ac:5a:5d:c9:7c:64:f8:a0:d7:61:02:f2:62:6c:
         84:d7:d4:fd:9e:24:04:50:52:8a:03:87:d5:b4:96:e5:48:41:
         8d:ea:e9:2a:1f:80:92:b7:43:77:bf:08:24:c1:06:59:a1:e7:
         fb:6c:40:46:f7:3f:62:f1:e2:4e:9d:1f:d8:a7:91:d6:68:81:
         d0:df:c1:5e:99:78:01:e9:bb:9e:70:93:78:c0:53:64:54:8d:
         f7:af:fd:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06HC+vLO0YoC7JZosUAk+AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNGM5ZjE4YTE0N2ViMzU2MzBlMjM0NWM1NDAwZTE2OGE3
Yzg5YzEwHhcNMjYwMzI5MTUwMDE4WhcNMjYwMzMwMTUwMDE4WjAzMTEwLwYDVQQD
Eyg3MjE5ODJlYmFkYTkzN2ZmODVjMzI5MzU3NjRjNDk3MWYzMGRiMDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRD5nGoRF16KAlC6CHhQzj5QHTof
G7Ut/25JEX7K9rqZ1jqqzG9VH9rMscqCGujiD4chZgnz/Yk6lwVMe2gXIcI7XTNB
BHSkMjePmAOTpp4Cm5Jmh3g8ChMNCyouL0QHs1BMpntHy4jBSO9lG1yH8QcjdStl
GIu/ZXKewGaq/cNX9cygkSPkbvTb89OvZUWM2XWxEYS7fc7CbGzFpICatnapWxgI
YMCh0WCjne3Oosb7MzJlTphqYLCu9P7mNjDjGwUB+5Lg4vY5Bfm6uqEpNKI78QJJ
uRes2LGLgsWMSIBs2SppMJbYgKw8+YixOjFxLZgfNTJIFimayTyE855JSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHIZguutqTf/hcMpNXZMSXHzDbCDMB8GA1UdIwQY
MBaAFK5MnxihR+s1Yw4jRcVADhaKfInBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmt5ZkdLRkg2elZqRGlORnhVQU9Gb3A4aWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9kOTZiODItNThkZC00ZGRhLWJmZDMt
ZGEwNWIzN2M4ZTI0LzEvcmt5ZkdLRkg2elZqRGlORnhVQU9Gb3A4aWNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9kOTZiODItNThkZC00ZGRhLWJmZDMtZGEwNWIzN2M4ZTI0
LzEvcmt5ZkdLRkg2elZqRGlORnhVQU9Gb3A4aWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALt+d0pxx
SV+WJM+P4BkoHJWtpVs2s53avXaVgxKeviWZ9buMnKZGe17q4nIEtrhiLPpqrGJZ
0EfHXdKjSS1FZvQ2ki/FyDKBuUW6v/FyuU4EjgI4dMiT2vA4ias68rc2fVtac8wO
+Yu8P+Dj32BHUdcvTIO6valEe2+DtPNbct20otao7QrlKzsdqEqNCxYLUXPANX9g
IUu2XHRSbPBInZ1w8UCm+qxaXcl8ZPig12EC8mJshNfU/Z4kBFBSigOH1bSW5UhB
jerpKh+AkrdDd78IJMEGWaHn+2xARvc/YvHiTp0f2KeR1miB0N/BXpl4Aem7nnCT
eMBTZFSN96/9+Q==
-----END CERTIFICATE-----