Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft
File:                     ksrhHed02u8FJ0JGPOlU9SHG0nI.mft (raw, json)
Hash identifier:          h9W6CRs4/wTO37kLVnLTRoHTYYMU6g2GRBH9bPpcv3c=
Subject key identifier:   81:31:B4:6A:EA:AF:63:5D:4D:6F:2B:41:26:28:36:01:2E:62:10:96
Authority key identifier: 92:CA:E1:1D:E7:74:DA:EF:05:27:42:46:3C:E9:54:F5:21:C6:D2:72
Certificate issuer:       /CN=92cae11de774daef052742463ce954f521c6d272
Certificate serial:       019D3A545A535EE716B3FEA30486E8451848
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ksrhHed02u8FJ0JGPOlU9SHG0nI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft
Manifest number:          1288
Signing time:             Sun 29 Mar 2026 16:01:39 +0000
Manifest this update:     Sun 29 Mar 2026 16:01:39 +0000
Manifest next update:     Mon 30 Mar 2026 16:01:39 +0000
Files and hashes:         1: ksrhHed02u8FJ0JGPOlU9SHG0nI.crl (hash: IG4UYzq+ZqA8E0KX5TEA/w/j8AEtpF4XlL84UKX2BF4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ksrhHed02u8FJ0JGPOlU9SHG0nI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:54:5a:53:5e:e7:16:b3:fe:a3:04:86:e8:45:18:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92cae11de774daef052742463ce954f521c6d272
        Validity
            Not Before: Mar 29 16:01:39 2026 GMT
            Not After : Mar 30 16:01:39 2026 GMT
        Subject: CN=8131b46aeaaf635d4d6f2b41262836012e621096
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:e3:1c:25:e0:7b:c6:4e:96:04:2e:cf:e0:df:
                    4a:8e:03:4b:31:68:c1:79:4c:a7:2f:6f:14:74:ce:
                    b5:8f:e6:03:0e:82:e4:48:97:5d:5f:d8:28:23:56:
                    8e:7a:59:db:50:9c:55:9f:df:78:ab:2e:00:6b:cf:
                    bc:82:53:cf:fa:1e:a4:72:6d:9f:30:ad:33:91:f4:
                    d1:75:c7:56:4a:42:d0:f1:c3:28:59:48:52:0f:25:
                    37:fa:60:ac:25:53:62:47:25:c5:d6:02:c5:d2:bd:
                    8e:56:bd:7f:1b:06:55:9e:71:63:35:4e:85:ee:f3:
                    c9:ba:40:eb:05:56:7d:e5:90:15:87:ef:11:3e:20:
                    7c:96:1e:1a:07:15:4f:43:8c:9b:2f:d2:86:cb:d2:
                    4b:31:67:f2:a3:1f:ec:4d:11:10:3f:c6:c0:e1:e9:
                    0f:da:8f:84:b6:5e:60:94:66:72:09:e7:27:21:5c:
                    10:1a:26:b2:ba:ae:f9:91:f4:33:33:46:02:bf:e3:
                    37:6e:bd:48:d5:84:ac:13:6a:51:b1:2c:21:69:50:
                    72:ac:cb:4d:2a:b5:85:74:8e:c6:fe:9b:27:ca:96:
                    93:ed:5c:6c:19:4f:a0:5a:a6:8a:91:47:35:9e:38:
                    b8:51:c4:7e:e7:09:7b:ef:e1:93:b7:ea:46:d8:8e:
                    a9:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:31:B4:6A:EA:AF:63:5D:4D:6F:2B:41:26:28:36:01:2E:62:10:96
            X509v3 Authority Key Identifier:
                keyid:92:CA:E1:1D:E7:74:DA:EF:05:27:42:46:3C:E9:54:F5:21:C6:D2:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ksrhHed02u8FJ0JGPOlU9SHG0nI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:0e:c5:62:7c:30:47:1a:af:8b:bd:4f:18:c5:50:24:65:fa:
         6a:00:d9:77:73:9c:62:62:58:93:c3:99:7c:f5:6b:6b:d4:dc:
         4d:f7:5e:8e:9e:3f:77:bb:a5:b1:62:4b:15:59:89:4a:29:b2:
         56:6e:ee:ad:4e:d3:fd:66:c1:b0:0c:9d:50:fc:05:b7:39:b7:
         44:5b:2b:b5:ba:a8:71:db:f2:1f:5f:6c:9e:6d:53:da:22:72:
         27:b6:54:30:84:4d:2d:0b:a1:69:51:37:79:fa:db:67:49:33:
         d7:53:ed:ff:5d:ee:03:cf:d4:4c:6d:2b:84:f3:aa:04:c2:3d:
         89:f2:37:1b:12:a9:8e:02:d2:72:74:c0:c8:7b:e6:53:51:c3:
         3a:b6:b8:dc:ed:34:f4:46:18:df:c8:62:73:0d:b7:b7:ab:c5:
         0c:4e:23:58:46:93:fe:57:00:70:c9:d5:e8:fb:46:10:39:59:
         be:09:99:31:28:48:37:e5:44:6c:a0:27:fd:e1:4b:67:ad:74:
         6a:3d:24:11:cf:56:7e:21:97:a1:1b:71:a4:ab:cc:4f:34:7b:
         00:e2:4f:c3:af:d4:19:ce:95:2b:df:45:49:c0:9c:1b:b1:a1:
         4f:72:39:2b:09:37:36:cd:f9:66:39:7c:f7:e6:7b:7f:e3:bc:
         7d:be:79:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VFpTXucWs/6jBIboRRhIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyY2FlMTFkZTc3NGRhZWYwNTI3NDI0NjNjZTk1NGY1MjFj
NmQyNzIwHhcNMjYwMzI5MTYwMTM5WhcNMjYwMzMwMTYwMTM5WjAzMTEwLwYDVQQD
Eyg4MTMxYjQ2YWVhYWY2MzVkNGQ2ZjJiNDEyNjI4MzYwMTJlNjIxMDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuMcJeB7xk6WBC7P4N9KjgNLMWjB
eUynL28UdM61j+YDDoLkSJddX9goI1aOelnbUJxVn994qy4Aa8+8glPP+h6kcm2f
MK0zkfTRdcdWSkLQ8cMoWUhSDyU3+mCsJVNiRyXF1gLF0r2OVr1/GwZVnnFjNU6F
7vPJukDrBVZ95ZAVh+8RPiB8lh4aBxVPQ4ybL9KGy9JLMWfyox/sTREQP8bA4ekP
2o+Etl5glGZyCecnIVwQGiayuq75kfQzM0YCv+M3br1I1YSsE2pRsSwhaVByrMtN
KrWFdI7G/psnypaT7VxsGU+gWqaKkUc1nji4UcR+5wl77+GTt+pG2I6pmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIExtGrqr2NdTW8rQSYoNgEuYhCWMB8GA1UdIwQY
MBaAFJLK4R3ndNrvBSdCRjzpVPUhxtJyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3NyaEhlZDAydThGSjBKR1BPbFU5U0hHMG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9lZGY0MzUtMWFiZi00NzBlLWJhNmQt
ZWZmNmZkN2QzYjI4LzEva3NyaEhlZDAydThGSjBKR1BPbFU5U0hHMG5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9lZGY0MzUtMWFiZi00NzBlLWJhNmQtZWZmNmZkN2QzYjI4
LzEva3NyaEhlZDAydThGSjBKR1BPbFU5U0hHMG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHg7FYnww
Rxqvi71PGMVQJGX6agDZd3OcYmJYk8OZfPVra9TcTfdejp4/d7ulsWJLFVmJSimy
Vm7urU7T/WbBsAydUPwFtzm3RFsrtbqocdvyH19snm1T2iJyJ7ZUMIRNLQuhaVE3
efrbZ0kz11Pt/13uA8/UTG0rhPOqBMI9ifI3GxKpjgLScnTAyHvmU1HDOra43O00
9EYY38hicw23t6vFDE4jWEaT/lcAcMnV6PtGEDlZvgmZMShIN+VEbKAn/eFLZ610
aj0kEc9WfiGXoRtxpKvMTzR7AOJPw6/UGc6VK99FScCcG7GhT3I5Kwk3Ns35Zjl8
9+Z7f+O8fb557A==
-----END CERTIFICATE-----