Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
File:                     MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft (raw, json)
Hash identifier:          3cfpg1OFw0DTzJQXa6k8EUC7chvfp0cUPlX0k5lSiRY=
Subject key identifier:   D3:62:86:EF:73:5B:A4:85:24:8B:FE:76:81:0D:E8:29:10:69:65:87
Authority key identifier: 30:AA:B0:2B:65:4E:91:5C:AD:CA:33:92:92:E2:8C:15:C4:7D:F8:58
Certificate issuer:       /CN=30aab02b654e915cadca339292e28c15c47df858
Certificate serial:       019D38D32B5D29D9CC263D8E0378136E3977
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
Manifest number:          06F1
Signing time:             Sun 29 Mar 2026 09:00:56 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:56 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:56 +0000
Files and hashes:         1: MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl (hash: 7K8U1TRkJ6tzVLOCFedX0jsr1xLUSjvOxKk5fOp4xy0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:2b:5d:29:d9:cc:26:3d:8e:03:78:13:6e:39:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30aab02b654e915cadca339292e28c15c47df858
        Validity
            Not Before: Mar 29 09:00:56 2026 GMT
            Not After : Mar 30 09:00:56 2026 GMT
        Subject: CN=d36286ef735ba485248bfe76810de82910696587
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:16:b5:f4:76:63:6e:0c:19:a2:cb:11:a2:38:
                    f6:87:82:4e:8d:2b:f4:0c:5c:69:c7:7b:0e:c2:9f:
                    ba:2e:fd:56:2c:7a:78:aa:59:6e:4d:a8:52:62:45:
                    0a:0e:1f:19:24:7a:cd:dd:73:fa:e1:12:de:8e:65:
                    46:9d:da:b0:26:32:ec:a1:0f:a3:d2:32:86:51:03:
                    8d:30:e0:c7:66:f8:a3:38:7c:ed:99:af:4f:8f:e1:
                    8e:cd:a8:a1:f8:57:9b:6e:27:48:9b:b6:19:e8:bb:
                    7e:c4:17:83:50:8b:6b:b3:92:39:a0:81:e9:a2:4f:
                    73:0e:f3:10:ac:0d:ac:d5:94:c4:a5:0a:47:d6:6b:
                    79:32:41:2d:38:96:31:3b:60:86:dc:38:8a:db:50:
                    30:a2:c7:8c:f0:0b:a8:30:2e:30:a2:a5:30:26:4b:
                    74:82:4e:fc:e7:f8:e3:ca:f8:09:d1:8b:17:22:e0:
                    c6:9e:4e:2a:0f:70:f7:d3:c7:ac:33:27:77:57:f3:
                    10:e4:f9:3d:9a:dd:f1:2b:25:d1:c6:42:e5:48:26:
                    a3:c7:25:14:21:9c:c8:d9:c2:49:eb:bd:ee:7f:94:
                    19:e9:88:3b:c8:7c:a6:de:03:33:c1:8e:51:a8:6c:
                    34:ac:40:23:0b:cc:ff:6f:38:b7:5f:84:ea:85:09:
                    cc:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:62:86:EF:73:5B:A4:85:24:8B:FE:76:81:0D:E8:29:10:69:65:87
            X509v3 Authority Key Identifier:
                keyid:30:AA:B0:2B:65:4E:91:5C:AD:CA:33:92:92:E2:8C:15:C4:7D:F8:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:6a:bf:2f:a1:eb:d9:d0:f3:94:1f:f3:64:69:47:a6:5f:48:
         24:14:f0:35:22:ae:c2:f8:5a:47:d0:38:14:8c:4b:a6:0c:b9:
         f3:27:27:6e:a4:90:ff:d0:50:aa:62:2c:9f:67:3b:c9:23:4e:
         17:70:9c:41:1a:b8:be:ef:06:5a:74:03:fb:09:aa:f4:75:d7:
         a9:60:10:1e:7a:6e:b6:35:b0:48:ac:66:e6:ce:24:40:88:a0:
         9b:ce:b9:38:d3:3a:8d:fd:39:03:9f:6b:5e:85:b8:a9:c4:c3:
         83:00:bc:5d:6e:46:40:a2:5b:93:e1:01:5c:4f:11:7c:da:12:
         ae:c1:77:e0:3e:f1:83:33:a7:f3:c0:03:63:11:a6:2c:d1:9e:
         a7:f1:59:05:6b:5f:f8:41:5c:6d:20:3e:80:e1:63:c6:ce:04:
         0a:e5:7d:e0:ea:0e:57:f4:9e:d8:f2:23:6c:87:fc:32:19:70:
         31:e3:46:d7:89:9a:d4:09:ec:ff:55:4d:92:cb:51:46:e9:f5:
         c1:f7:06:07:5f:2a:86:4d:67:6e:90:cd:68:20:a1:53:4d:ef:
         ba:12:20:6d:b6:3e:e4:51:df:38:9f:75:20:0b:8c:db:5b:ae:
         29:e0:63:75:11:48:34:97:ff:a1:58:66:e4:fd:b4:ee:3f:e9:
         4a:26:16:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040ytdKdnMJj2OA3gTbjl3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYWFiMDJiNjU0ZTkxNWNhZGNhMzM5MjkyZTI4YzE1YzQ3
ZGY4NTgwHhcNMjYwMzI5MDkwMDU2WhcNMjYwMzMwMDkwMDU2WjAzMTEwLwYDVQQD
EyhkMzYyODZlZjczNWJhNDg1MjQ4YmZlNzY4MTBkZTgyOTEwNjk2NTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxa19HZjbgwZossRojj2h4JOjSv0
DFxpx3sOwp+6Lv1WLHp4qlluTahSYkUKDh8ZJHrN3XP64RLejmVGndqwJjLsoQ+j
0jKGUQONMODHZvijOHztma9Pj+GOzaih+FebbidIm7YZ6Lt+xBeDUItrs5I5oIHp
ok9zDvMQrA2s1ZTEpQpH1mt5MkEtOJYxO2CG3DiK21AwoseM8AuoMC4woqUwJkt0
gk785/jjyvgJ0YsXIuDGnk4qD3D308esMyd3V/MQ5Pk9mt3xKyXRxkLlSCajxyUU
IZzI2cJJ673uf5QZ6Yg7yHym3gMzwY5RqGw0rEAjC8z/bzi3X4TqhQnMEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNNihu9zW6SFJIv+doEN6CkQaWWHMB8GA1UdIwQY
MBaAFDCqsCtlTpFcrcozkpLijBXEffhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS85YWZmNTQtNTk3MS00MDJmLWFiNjkt
YTQxOTY3MGQxN2UxLzEvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS85YWZmNTQtNTk3MS00MDJmLWFiNjktYTQxOTY3MGQxN2Ux
LzEvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfWq/L6Hr
2dDzlB/zZGlHpl9IJBTwNSKuwvhaR9A4FIxLpgy58ycnbqSQ/9BQqmIsn2c7ySNO
F3CcQRq4vu8GWnQD+wmq9HXXqWAQHnputjWwSKxm5s4kQIigm865ONM6jf05A59r
XoW4qcTDgwC8XW5GQKJbk+EBXE8RfNoSrsF34D7xgzOn88ADYxGmLNGep/FZBWtf
+EFcbSA+gOFjxs4ECuV94OoOV/Se2PIjbIf8MhlwMeNG14ma1Ans/1VNkstRRun1
wfcGB18qhk1nbpDNaCChU03vuhIgbbY+5FHfOJ91IAuM21uuKeBjdRFINJf/oVhm
5P207j/pSiYWDw==
-----END CERTIFICATE-----