Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/a94c18-15ca-4b9e-8380-2afc98afdcc7/1/kc04OOdPhNIERp3vJ7j-ehQAFLo.mft
File:                     kc04OOdPhNIERp3vJ7j-ehQAFLo.mft (raw, json)
Hash identifier:          mdaEGO6iDLuACyyN85T4mDsRIq9vX1FN1IIvEzk9NzM=
Subject key identifier:   C4:BC:F5:0F:62:7E:19:89:72:A0:77:9F:41:23:43:9B:19:5E:50:1D
Authority key identifier: 91:CD:38:38:E7:4F:84:D2:04:46:9D:EF:27:B8:FE:7A:14:00:14:BA
Certificate issuer:       /CN=91cd3838e74f84d204469def27b8fe7a140014ba
Certificate serial:       019D37C0AA434013F4D245DD7F0E3B71BD04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kc04OOdPhNIERp3vJ7j-ehQAFLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/a94c18-15ca-4b9e-8380-2afc98afdcc7/1/kc04OOdPhNIERp3vJ7j-ehQAFLo.mft
Manifest number:          0208
Signing time:             Sun 29 Mar 2026 04:01:06 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:06 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:06 +0000
Files and hashes:         1: kc04OOdPhNIERp3vJ7j-ehQAFLo.crl (hash: adisbvBLvz/JZKl9uJklsf+ajyZvwG90HRQB55vGInE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/a94c18-15ca-4b9e-8380-2afc98afdcc7/1/kc04OOdPhNIERp3vJ7j-ehQAFLo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/a94c18-15ca-4b9e-8380-2afc98afdcc7/1/kc04OOdPhNIERp3vJ7j-ehQAFLo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kc04OOdPhNIERp3vJ7j-ehQAFLo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:aa:43:40:13:f4:d2:45:dd:7f:0e:3b:71:bd:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91cd3838e74f84d204469def27b8fe7a140014ba
        Validity
            Not Before: Mar 29 04:01:06 2026 GMT
            Not After : Mar 30 04:01:06 2026 GMT
        Subject: CN=c4bcf50f627e198972a0779f4123439b195e501d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:ad:f6:8c:55:ca:e6:cb:00:be:b9:5c:c1:76:
                    7f:a9:ed:9d:f5:5a:02:65:b8:0d:88:d8:da:d2:90:
                    fe:84:2e:28:79:f6:9d:d2:4a:bd:18:05:a3:f5:1e:
                    cc:0d:9e:5e:0c:fa:85:06:25:43:5a:05:0f:a8:cb:
                    2b:ab:02:80:35:6a:b8:35:c7:b0:54:db:71:38:d5:
                    84:ff:f8:89:db:77:fb:d3:a1:33:a0:84:36:35:4d:
                    ea:c6:ac:d9:58:46:20:fb:2b:67:6e:cd:6c:b3:e9:
                    3a:df:40:0a:43:09:9f:9b:23:61:12:bd:9c:0b:00:
                    2a:38:fb:c0:20:9a:01:d8:2f:29:29:94:be:22:de:
                    4d:d6:e2:15:c4:1f:14:9d:61:6f:a5:1e:80:9a:05:
                    06:0a:46:b6:b9:9f:32:45:01:49:f7:95:ad:0c:92:
                    45:b9:19:5d:3b:28:87:d5:e2:bc:06:61:b3:ee:2c:
                    0d:83:56:53:1f:97:c5:83:dc:7f:93:2e:f7:a6:a4:
                    e6:4b:b3:d1:57:cf:53:50:96:87:ee:1b:0c:1d:e2:
                    61:19:dc:0a:21:ed:c3:f6:fc:d3:84:a4:5e:04:cc:
                    44:40:f1:f9:2d:78:bc:ff:8b:09:2c:1d:7d:f5:49:
                    9f:b8:53:d6:82:14:f4:8b:e2:67:df:7d:14:4b:40:
                    e0:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:BC:F5:0F:62:7E:19:89:72:A0:77:9F:41:23:43:9B:19:5E:50:1D
            X509v3 Authority Key Identifier:
                keyid:91:CD:38:38:E7:4F:84:D2:04:46:9D:EF:27:B8:FE:7A:14:00:14:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kc04OOdPhNIERp3vJ7j-ehQAFLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/a94c18-15ca-4b9e-8380-2afc98afdcc7/1/kc04OOdPhNIERp3vJ7j-ehQAFLo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/a94c18-15ca-4b9e-8380-2afc98afdcc7/1/kc04OOdPhNIERp3vJ7j-ehQAFLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:7c:f0:6c:aa:a7:95:0c:55:84:17:73:d5:07:ca:01:d5:d1:
         ed:b0:d0:15:e6:d9:48:58:17:89:23:01:6f:19:0d:6a:a9:c3:
         95:de:c8:e6:de:63:06:e2:7b:a0:29:a8:7b:3f:ca:1b:a2:42:
         28:7a:da:a2:19:c3:13:ec:d5:cb:d7:b9:17:55:0a:9a:1a:84:
         8b:bb:7c:5c:6f:df:53:fa:e1:4c:a4:a4:5d:f6:73:cd:b8:24:
         ed:09:41:42:63:3e:7d:97:f0:d7:8b:8d:b8:61:0a:3e:c5:24:
         2d:ce:d8:ed:9e:14:bc:07:4c:7b:85:3e:4d:d4:d9:a2:58:be:
         48:cf:bc:46:7f:1c:a8:12:07:a1:24:a8:81:09:98:87:6e:cf:
         8e:dd:d2:99:5b:28:bd:cc:cf:24:e5:d7:e8:27:ab:2a:8b:52:
         17:fc:00:7d:1f:44:21:2d:48:53:aa:3e:b0:08:90:87:c2:fe:
         02:d2:c9:9e:37:aa:27:b0:1e:89:1e:0c:92:c3:6f:f5:f5:43:
         6a:63:da:3b:fe:69:59:2c:b0:d0:0c:ff:28:6c:c9:f1:cf:b5:
         da:af:a3:36:af:17:a6:c4:88:a9:b9:7b:74:13:47:48:3a:90:
         59:b6:3c:be:41:41:a5:51:d8:73:e0:ab:45:a9:2d:19:eb:d5:
         35:22:23:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wKpDQBP00kXdfw47cb0EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxY2QzODM4ZTc0Zjg0ZDIwNDQ2OWRlZjI3YjhmZTdhMTQw
MDE0YmEwHhcNMjYwMzI5MDQwMTA2WhcNMjYwMzMwMDQwMTA2WjAzMTEwLwYDVQQD
EyhjNGJjZjUwZjYyN2UxOTg5NzJhMDc3OWY0MTIzNDM5YjE5NWU1MDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAva32jFXK5ssAvrlcwXZ/qe2d9VoC
ZbgNiNja0pD+hC4oefad0kq9GAWj9R7MDZ5eDPqFBiVDWgUPqMsrqwKANWq4Ncew
VNtxONWE//iJ23f706EzoIQ2NU3qxqzZWEYg+ytnbs1ss+k630AKQwmfmyNhEr2c
CwAqOPvAIJoB2C8pKZS+It5N1uIVxB8UnWFvpR6AmgUGCka2uZ8yRQFJ95WtDJJF
uRldOyiH1eK8BmGz7iwNg1ZTH5fFg9x/ky73pqTmS7PRV89TUJaH7hsMHeJhGdwK
Ie3D9vzThKReBMxEQPH5LXi8/4sJLB199UmfuFPWghT0i+Jn330US0DgZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMS89Q9ifhmJcqB3n0EjQ5sZXlAdMB8GA1UdIwQY
MBaAFJHNODjnT4TSBEad7ye4/noUABS6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2MwNE9PZFBoTklFUnAzdko3ai1laFFBRkxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9hOTRjMTgtMTVjYS00YjllLTgzODAt
MmFmYzk4YWZkY2M3LzEva2MwNE9PZFBoTklFUnAzdko3ai1laFFBRkxvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9hOTRjMTgtMTVjYS00YjllLTgzODAtMmFmYzk4YWZkY2M3
LzEva2MwNE9PZFBoTklFUnAzdko3ai1laFFBRkxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE3zwbKqn
lQxVhBdz1QfKAdXR7bDQFebZSFgXiSMBbxkNaqnDld7I5t5jBuJ7oCmoez/KG6JC
KHraohnDE+zVy9e5F1UKmhqEi7t8XG/fU/rhTKSkXfZzzbgk7QlBQmM+fZfw14uN
uGEKPsUkLc7Y7Z4UvAdMe4U+TdTZoli+SM+8Rn8cqBIHoSSogQmYh27Pjt3SmVso
vczPJOXX6CerKotSF/wAfR9EIS1IU6o+sAiQh8L+AtLJnjeqJ7AeiR4MksNv9fVD
amPaO/5pWSyw0Az/KGzJ8c+12q+jNq8XpsSIqbl7dBNHSDqQWbY8vkFBpVHYc+Cr
RaktGevVNSIj9Q==
-----END CERTIFICATE-----