Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.mft
File:                     knaysJMpLF-nXm4UwqSZrIR-QWs.mft (raw, json)
Hash identifier:          RSXbrOaKPjh6x7+HEKRQlamyhQ3RjobTYtwxQxtyc5M=
Subject key identifier:   D9:A1:B3:A4:E2:A3:01:9E:16:67:BB:50:04:66:44:46:66:D2:43:33
Authority key identifier: 92:76:B2:B0:93:29:2C:5F:A7:5E:6E:14:C2:A4:99:AC:84:7E:41:6B
Certificate issuer:       /CN=9276b2b093292c5fa75e6e14c2a499ac847e416b
Certificate serial:       019D386594726D751108EF4319BE58904FE3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/knaysJMpLF-nXm4UwqSZrIR-QWs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.mft
Manifest number:          165F
Signing time:             Sun 29 Mar 2026 07:01:14 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:14 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:14 +0000
Files and hashes:         1: knaysJMpLF-nXm4UwqSZrIR-QWs.crl (hash: GxGY66HSoTsSF7cFV2iGkmArlCjYzQ886wi+SITQAU4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/knaysJMpLF-nXm4UwqSZrIR-QWs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:94:72:6d:75:11:08:ef:43:19:be:58:90:4f:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9276b2b093292c5fa75e6e14c2a499ac847e416b
        Validity
            Not Before: Mar 29 07:01:14 2026 GMT
            Not After : Mar 30 07:01:14 2026 GMT
        Subject: CN=d9a1b3a4e2a3019e1667bb500466444666d24333
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:c1:ab:73:47:a2:55:0d:73:b7:05:b3:76:ba:
                    ad:39:3b:d8:dd:e3:7f:2c:3a:b1:33:ca:86:be:06:
                    67:d1:57:9f:d0:c8:b8:80:34:9d:03:dc:2f:fe:e2:
                    8e:0b:04:92:b4:8c:f7:86:ba:66:a4:b5:70:47:09:
                    63:ff:01:a3:9c:f2:3c:61:42:7f:57:ea:92:41:7a:
                    c7:c4:dc:42:e6:a0:44:c5:19:ef:cb:fc:f4:2b:fb:
                    33:d6:af:99:6e:c6:2a:2e:64:54:4b:ec:6d:a5:e5:
                    23:18:1d:34:3f:87:1c:09:27:a5:20:69:cc:ac:51:
                    78:76:af:31:c1:1a:63:b6:e6:ef:42:9b:70:80:39:
                    bd:ec:35:27:be:0e:04:cb:e1:6a:1d:eb:02:6e:ec:
                    f7:ad:30:d4:6b:34:cf:07:af:c7:32:a9:1d:95:63:
                    bb:36:3c:5d:96:19:e6:41:20:19:b0:0c:13:df:ef:
                    32:ab:80:80:32:78:41:1e:7c:99:27:74:53:6a:14:
                    b9:e7:fa:b7:6f:a6:9e:dc:b7:37:ca:7c:55:b6:e6:
                    e6:62:8e:eb:0f:53:0a:e0:1b:6a:5d:ec:3b:1d:5f:
                    8f:2d:ee:da:37:97:24:30:e5:49:ac:c2:d3:c1:0d:
                    e0:b5:cd:66:dc:8d:ba:67:fa:2a:ec:08:1a:50:9d:
                    58:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:A1:B3:A4:E2:A3:01:9E:16:67:BB:50:04:66:44:46:66:D2:43:33
            X509v3 Authority Key Identifier:
                keyid:92:76:B2:B0:93:29:2C:5F:A7:5E:6E:14:C2:A4:99:AC:84:7E:41:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/knaysJMpLF-nXm4UwqSZrIR-QWs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:a9:99:9c:c9:86:bb:53:1b:46:a5:11:9e:9f:d7:62:9b:43:
         b6:d4:ca:60:77:3b:19:fe:90:34:80:37:37:ba:78:54:c6:e5:
         84:33:e5:ae:92:90:e2:0c:01:0e:ef:2d:75:62:97:f6:4e:8a:
         f9:29:a1:9e:4b:98:be:58:43:d8:f7:3e:70:01:51:91:90:c2:
         bb:f3:7f:62:76:b1:c8:74:63:74:0a:ed:a5:0c:6c:23:49:54:
         a2:fd:54:04:b7:a4:a5:2c:f9:ce:3b:84:3f:3b:ee:17:7d:a0:
         fa:a5:34:d2:4f:05:ea:db:e5:20:bd:57:ea:74:89:63:12:c5:
         61:4f:c3:d1:3b:35:64:59:82:79:b4:00:9f:3a:b0:62:1e:fd:
         8f:2a:ed:2e:ac:e2:55:e2:15:d5:cd:9f:38:1e:2b:57:87:1f:
         25:c2:ab:55:4e:4b:46:d7:04:c3:88:84:95:09:90:56:d1:cf:
         ca:5c:b6:07:78:97:6f:ee:6b:89:87:9e:93:84:0c:41:28:79:
         26:d7:8b:cd:b8:86:3f:75:88:41:25:19:b5:2e:7a:4b:cf:9f:
         64:25:15:cb:69:0c:ac:7e:13:f8:d6:c2:f2:a9:2c:e0:7b:94:
         1b:27:d8:db:35:7a:25:ba:5e:6e:d4:8b:8c:84:e5:fe:26:47:
         48:bd:be:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZZRybXURCO9DGb5YkE/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNzZiMmIwOTMyOTJjNWZhNzVlNmUxNGMyYTQ5OWFjODQ3
ZTQxNmIwHhcNMjYwMzI5MDcwMTE0WhcNMjYwMzMwMDcwMTE0WjAzMTEwLwYDVQQD
EyhkOWExYjNhNGUyYTMwMTllMTY2N2JiNTAwNDY2NDQ0NjY2ZDI0MzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMGrc0eiVQ1ztwWzdrqtOTvY3eN/
LDqxM8qGvgZn0Vef0Mi4gDSdA9wv/uKOCwSStIz3hrpmpLVwRwlj/wGjnPI8YUJ/
V+qSQXrHxNxC5qBExRnvy/z0K/sz1q+ZbsYqLmRUS+xtpeUjGB00P4ccCSelIGnM
rFF4dq8xwRpjtubvQptwgDm97DUnvg4Ey+FqHesCbuz3rTDUazTPB6/HMqkdlWO7
NjxdlhnmQSAZsAwT3+8yq4CAMnhBHnyZJ3RTahS55/q3b6ae3Lc3ynxVtubmYo7r
D1MK4BtqXew7HV+PLe7aN5ckMOVJrMLTwQ3gtc1m3I26Z/oq7AgaUJ1YQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNmhs6TiowGeFme7UARmREZm0kMzMB8GA1UdIwQY
MBaAFJJ2srCTKSxfp15uFMKkmayEfkFrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva25heXNKTXBMRi1uWG00VXdxU1pySVItUVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8zZmE5MmYtY2FiZC00MTNiLWFlNWMt
NjliNzMzY2JjNTI4LzEva25heXNKTXBMRi1uWG00VXdxU1pySVItUVdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8zZmE5MmYtY2FiZC00MTNiLWFlNWMtNjliNzMzY2JjNTI4
LzEva25heXNKTXBMRi1uWG00VXdxU1pySVItUVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACKmZnMmG
u1MbRqURnp/XYptDttTKYHc7Gf6QNIA3N7p4VMblhDPlrpKQ4gwBDu8tdWKX9k6K
+SmhnkuYvlhD2Pc+cAFRkZDCu/N/YnaxyHRjdArtpQxsI0lUov1UBLekpSz5zjuE
PzvuF32g+qU00k8F6tvlIL1X6nSJYxLFYU/D0Ts1ZFmCebQAnzqwYh79jyrtLqzi
VeIV1c2fOB4rV4cfJcKrVU5LRtcEw4iElQmQVtHPyly2B3iXb+5riYeek4QMQSh5
JteLzbiGP3WIQSUZtS56S8+fZCUVy2kMrH4T+NbC8qks4HuUGyfY2zV6JbpebtSL
jITl/iZHSL2+LA==
-----END CERTIFICATE-----