Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
File:                     FLklHG89i7aaegPOrN0q58LIzjc.mft (raw, json)
Hash identifier:          DTTCmCMH8cqC/PUImT7793VbXoafwkjBFGC4IXUgIRU=
Subject key identifier:   09:4A:78:5A:77:6D:DF:1E:46:43:ED:1C:01:4E:A4:44:16:B9:3F:9D
Authority key identifier: 14:B9:25:1C:6F:3D:8B:B6:9A:7A:03:CE:AC:DD:2A:E7:C2:C8:CE:37
Certificate issuer:       /CN=14b9251c6f3d8bb69a7a03ceacdd2ae7c2c8ce37
Certificate serial:       019D3A543F8ED0888168B016325B59980FCF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
Manifest number:          03FA
Signing time:             Sun 29 Mar 2026 16:01:32 +0000
Manifest this update:     Sun 29 Mar 2026 16:01:32 +0000
Manifest next update:     Mon 30 Mar 2026 16:01:32 +0000
Files and hashes:         1: FLklHG89i7aaegPOrN0q58LIzjc.crl (hash: iEarG5Rdfl85UAQhqhyTFeaNC+grYJloc+/Iy6FFehg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:54:3f:8e:d0:88:81:68:b0:16:32:5b:59:98:0f:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14b9251c6f3d8bb69a7a03ceacdd2ae7c2c8ce37
        Validity
            Not Before: Mar 29 16:01:32 2026 GMT
            Not After : Mar 30 16:01:32 2026 GMT
        Subject: CN=094a785a776ddf1e4643ed1c014ea44416b93f9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:37:8f:f2:d2:0f:bd:25:fa:f9:29:cd:7b:4d:
                    fb:96:90:8a:dc:a9:57:55:68:a3:ac:21:70:33:7c:
                    ec:ad:85:ca:c6:c5:fa:6f:2a:81:3a:b6:27:4e:ff:
                    1e:05:01:b5:23:a4:50:d6:52:91:1d:71:5c:7c:36:
                    50:23:97:5a:c6:90:49:c3:ec:97:91:1f:f4:81:e0:
                    cb:cf:b8:f3:1d:a4:c4:b2:9d:0b:ac:c7:7a:e1:c5:
                    86:32:e1:72:ed:00:ad:b0:9d:60:7e:57:7d:2b:ba:
                    f0:60:cb:77:4d:57:ad:16:b5:0e:9e:8a:e8:a8:c5:
                    a4:ec:c6:5d:1c:4d:6c:59:ea:51:9c:a5:74:ae:0e:
                    07:fd:fb:2a:10:69:94:00:2c:ad:e3:57:90:cc:99:
                    7f:89:88:ba:79:51:1c:10:fe:d5:a5:76:8b:1f:e7:
                    01:8b:8b:d1:dd:2c:d1:19:4f:f3:4b:0e:4b:5f:08:
                    6f:40:c9:ce:55:89:ec:c9:fa:3d:eb:d8:38:a7:b0:
                    04:c2:8f:ec:4c:61:a7:8e:ac:82:3c:90:29:39:a0:
                    0a:96:54:22:96:30:c8:ca:63:8b:8e:74:a4:be:89:
                    d7:d6:59:78:53:4e:be:4b:35:1b:56:b3:92:85:28:
                    44:9b:8a:65:c1:1f:3e:88:42:15:40:9f:65:c2:3c:
                    ce:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:4A:78:5A:77:6D:DF:1E:46:43:ED:1C:01:4E:A4:44:16:B9:3F:9D
            X509v3 Authority Key Identifier:
                keyid:14:B9:25:1C:6F:3D:8B:B6:9A:7A:03:CE:AC:DD:2A:E7:C2:C8:CE:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FLklHG89i7aaegPOrN0q58LIzjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b30d66-8fb0-4e9d-98ec-c2d8a59b00d3/1/FLklHG89i7aaegPOrN0q58LIzjc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:fb:a2:29:7f:b0:02:7c:5e:61:7b:99:97:7b:a6:4d:1a:9f:
         be:c3:ed:03:18:93:00:e6:b4:b4:dd:86:91:37:72:f6:a3:20:
         4a:9d:d7:56:d3:7c:cc:5e:ab:cd:ad:b7:94:16:de:86:7e:b6:
         e2:b3:cf:be:c9:19:27:92:25:1a:f7:0a:e7:db:d5:c5:b1:13:
         b9:c4:43:09:6a:b6:23:60:b0:cd:f5:d0:8b:67:5a:a2:2b:02:
         90:b6:65:09:51:f0:85:0f:89:6e:f6:58:78:5b:33:9d:7a:52:
         b3:28:3a:24:ba:e3:f4:c1:00:7a:ef:9d:16:59:25:18:1d:c5:
         32:fb:13:a5:00:8c:b0:5f:26:81:71:d5:a8:68:e8:0e:58:7e:
         c8:5c:b8:19:de:4c:2f:4a:57:a2:d6:e8:20:96:5c:80:c2:63:
         04:a1:f9:ee:8c:38:11:45:59:7f:7b:38:59:0e:31:2c:77:14:
         cc:85:f9:ea:3f:21:3d:99:73:25:8f:ce:5f:2b:96:01:94:39:
         99:43:0b:31:c7:5c:8a:4f:2c:5b:c8:d9:8a:05:ac:f9:11:be:
         13:30:38:80:67:ba:8f:e1:6e:ae:6e:0a:eb:9f:35:b4:47:9f:
         82:bc:20:88:4f:d4:be:fa:cd:83:60:83:db:85:5e:0b:3b:da:
         b3:bb:28:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VD+O0IiBaLAWMltZmA/PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YjkyNTFjNmYzZDhiYjY5YTdhMDNjZWFjZGQyYWU3YzJj
OGNlMzcwHhcNMjYwMzI5MTYwMTMyWhcNMjYwMzMwMTYwMTMyWjAzMTEwLwYDVQQD
EygwOTRhNzg1YTc3NmRkZjFlNDY0M2VkMWMwMTRlYTQ0NDE2YjkzZjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDeP8tIPvSX6+SnNe037lpCK3KlX
VWijrCFwM3zsrYXKxsX6byqBOrYnTv8eBQG1I6RQ1lKRHXFcfDZQI5daxpBJw+yX
kR/0geDLz7jzHaTEsp0LrMd64cWGMuFy7QCtsJ1gfld9K7rwYMt3TVetFrUOnoro
qMWk7MZdHE1sWepRnKV0rg4H/fsqEGmUACyt41eQzJl/iYi6eVEcEP7VpXaLH+cB
i4vR3SzRGU/zSw5LXwhvQMnOVYnsyfo969g4p7AEwo/sTGGnjqyCPJApOaAKllQi
ljDIymOLjnSkvonX1ll4U06+SzUbVrOShShEm4plwR8+iEIVQJ9lwjzOqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAlKeFp3bd8eRkPtHAFOpEQWuT+dMB8GA1UdIwQY
MBaAFBS5JRxvPYu2mnoDzqzdKufCyM43MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9iMzBkNjYtOGZiMC00ZTlkLTk4ZWMt
YzJkOGE1OWIwMGQzLzEvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9iMzBkNjYtOGZiMC00ZTlkLTk4ZWMtYzJkOGE1OWIwMGQz
LzEvRkxrbEhHODlpN2FhZWdQT3JOMHE1OExJempjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAafuiKX+w
AnxeYXuZl3umTRqfvsPtAxiTAOa0tN2GkTdy9qMgSp3XVtN8zF6rza23lBbehn62
4rPPvskZJ5IlGvcK59vVxbETucRDCWq2I2CwzfXQi2daoisCkLZlCVHwhQ+JbvZY
eFsznXpSsyg6JLrj9MEAeu+dFlklGB3FMvsTpQCMsF8mgXHVqGjoDlh+yFy4Gd5M
L0pXotboIJZcgMJjBKH57ow4EUVZf3s4WQ4xLHcUzIX56j8hPZlzJY/OXyuWAZQ5
mUMLMcdcik8sW8jZigWs+RG+EzA4gGe6j+Furm4K6581tEefgrwgiE/UvvrNg2CD
24VeCzvas7soFg==
-----END CERTIFICATE-----