Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/807e35-88f7-435b-84a8-d14bd3d77822/1/rK67C7Ozijz0QMgf97PhaTMqpm0.mft
File:                     rK67C7Ozijz0QMgf97PhaTMqpm0.mft (raw, json)
Hash identifier:          Wq1Dkrv59rxCAIvmWy46SBEkt6glBO2Ac0EUwzRd7H0=
Subject key identifier:   60:47:39:F0:E6:95:8D:BA:76:B8:75:43:C6:02:91:08:2F:6E:04:6A
Authority key identifier: AC:AE:BB:0B:B3:B3:8A:3C:F4:40:C8:1F:F7:B3:E1:69:33:2A:A6:6D
Certificate issuer:       /CN=acaebb0bb3b38a3cf440c81ff7b3e169332aa66d
Certificate serial:       019D38658C5B775ADC844DADB99795EFB45E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rK67C7Ozijz0QMgf97PhaTMqpm0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/807e35-88f7-435b-84a8-d14bd3d77822/1/rK67C7Ozijz0QMgf97PhaTMqpm0.mft
Manifest number:          1496
Signing time:             Sun 29 Mar 2026 07:01:12 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:12 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:12 +0000
Files and hashes:         1: rK67C7Ozijz0QMgf97PhaTMqpm0.crl (hash: EmY40AZqAHA/aZMluBVIuW3oXAYXFyvNvLXNguMA/fw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/807e35-88f7-435b-84a8-d14bd3d77822/1/rK67C7Ozijz0QMgf97PhaTMqpm0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/807e35-88f7-435b-84a8-d14bd3d77822/1/rK67C7Ozijz0QMgf97PhaTMqpm0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rK67C7Ozijz0QMgf97PhaTMqpm0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:8c:5b:77:5a:dc:84:4d:ad:b9:97:95:ef:b4:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=acaebb0bb3b38a3cf440c81ff7b3e169332aa66d
        Validity
            Not Before: Mar 29 07:01:12 2026 GMT
            Not After : Mar 30 07:01:12 2026 GMT
        Subject: CN=604739f0e6958dba76b87543c60291082f6e046a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:01:6c:bd:85:55:c6:dc:93:ed:66:27:21:db:
                    67:7b:95:a1:3e:c7:d1:4a:1c:1c:a3:64:3b:6a:eb:
                    6e:c6:14:e4:5f:ca:8c:13:48:41:78:78:82:fd:9f:
                    e0:91:95:5b:f9:ed:6a:13:78:13:f2:75:61:5c:4e:
                    57:b4:b7:7c:8c:94:d1:2d:f2:d8:72:9e:ea:7a:97:
                    95:d6:8f:30:46:52:b5:3a:ab:c1:a6:2b:d9:72:2d:
                    c3:fb:99:79:ff:9a:6c:05:7d:b3:44:07:3d:dc:53:
                    fb:4b:56:48:d4:4b:aa:35:3d:28:3c:3f:e3:2e:0b:
                    56:13:9e:5c:65:47:42:ab:72:4b:0d:b1:a8:11:50:
                    21:41:66:ac:23:0a:4e:6d:c3:8a:b4:b5:ef:04:ae:
                    53:dc:f2:3e:18:f2:bf:ef:70:25:5b:5f:17:a4:df:
                    5b:28:1c:3a:77:13:da:4c:8b:05:71:56:80:3b:01:
                    53:da:ab:fe:40:05:11:7c:0c:13:95:49:0f:df:77:
                    2b:4f:25:8e:41:e0:9d:a6:71:9d:8a:6c:76:98:fd:
                    0a:8b:70:b9:12:01:86:f9:0d:2c:d1:e7:bf:b0:5b:
                    f2:d6:cc:29:8f:dd:f1:20:54:96:8a:41:cb:2d:b9:
                    4e:29:04:25:f1:e0:f2:d0:2f:7c:20:75:11:70:76:
                    72:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:47:39:F0:E6:95:8D:BA:76:B8:75:43:C6:02:91:08:2F:6E:04:6A
            X509v3 Authority Key Identifier:
                keyid:AC:AE:BB:0B:B3:B3:8A:3C:F4:40:C8:1F:F7:B3:E1:69:33:2A:A6:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rK67C7Ozijz0QMgf97PhaTMqpm0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/807e35-88f7-435b-84a8-d14bd3d77822/1/rK67C7Ozijz0QMgf97PhaTMqpm0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/807e35-88f7-435b-84a8-d14bd3d77822/1/rK67C7Ozijz0QMgf97PhaTMqpm0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:71:5e:1e:8e:da:c1:3f:b1:8e:22:5f:16:41:38:ca:d5:d0:
         4e:85:d5:34:8b:dc:1b:e2:51:40:05:ab:c3:1f:2a:d3:59:59:
         5f:6b:c7:5c:65:2b:7f:02:a7:6a:1c:6f:3b:75:71:14:b4:70:
         52:cc:ab:26:b0:f4:14:1e:5d:93:a0:8e:61:0e:dd:3c:37:3b:
         94:1b:7e:e5:1d:52:f7:04:56:4e:5b:97:c8:1e:78:71:82:68:
         4d:33:5b:ea:ca:eb:15:08:fc:64:64:a6:14:a9:cd:39:7b:d2:
         04:e1:91:8c:3d:ca:89:69:3a:ed:f1:d4:82:b3:c0:00:f2:b8:
         1d:c2:c0:31:4f:87:a6:95:f6:73:57:52:0a:f9:8f:53:12:e8:
         c5:bc:01:21:c9:ae:86:25:e2:c7:22:e8:32:60:a3:11:80:fa:
         b6:c6:e1:b5:95:ea:12:ad:7a:a6:f9:f2:a3:6d:d3:cb:30:a4:
         ea:94:a1:42:ee:56:0f:15:61:64:d3:d0:d4:3c:99:b5:09:7a:
         e7:43:b7:60:96:8a:03:65:9d:c7:c1:41:08:8c:09:13:7f:58:
         57:12:3c:29:e1:cd:a2:a4:84:03:35:b6:5c:8f:12:9d:dc:9a:
         98:53:53:0a:c4:b3:00:cb:58:04:84:2a:f7:b9:a7:81:77:33:
         b4:07:f7:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZYxbd1rchE2tuZeV77ReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYWViYjBiYjNiMzhhM2NmNDQwYzgxZmY3YjNlMTY5MzMy
YWE2NmQwHhcNMjYwMzI5MDcwMTEyWhcNMjYwMzMwMDcwMTEyWjAzMTEwLwYDVQQD
Eyg2MDQ3MzlmMGU2OTU4ZGJhNzZiODc1NDNjNjAyOTEwODJmNmUwNDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQFsvYVVxtyT7WYnIdtne5WhPsfR
Shwco2Q7autuxhTkX8qME0hBeHiC/Z/gkZVb+e1qE3gT8nVhXE5XtLd8jJTRLfLY
cp7qepeV1o8wRlK1OqvBpivZci3D+5l5/5psBX2zRAc93FP7S1ZI1EuqNT0oPD/j
LgtWE55cZUdCq3JLDbGoEVAhQWasIwpObcOKtLXvBK5T3PI+GPK/73AlW18XpN9b
KBw6dxPaTIsFcVaAOwFT2qv+QAURfAwTlUkP33crTyWOQeCdpnGdimx2mP0Ki3C5
EgGG+Q0s0ee/sFvy1swpj93xIFSWikHLLblOKQQl8eDy0C98IHURcHZyKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGBHOfDmlY26drh1Q8YCkQgvbgRqMB8GA1UdIwQY
MBaAFKyuuwuzs4o89EDIH/ez4WkzKqZtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcks2N0M3T3ppanowUU1nZjk3UGhhVE1xcG0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS84MDdlMzUtODhmNy00MzViLTg0YTgt
ZDE0YmQzZDc3ODIyLzEvcks2N0M3T3ppanowUU1nZjk3UGhhVE1xcG0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS84MDdlMzUtODhmNy00MzViLTg0YTgtZDE0YmQzZDc3ODIy
LzEvcks2N0M3T3ppanowUU1nZjk3UGhhVE1xcG0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI3FeHo7a
wT+xjiJfFkE4ytXQToXVNIvcG+JRQAWrwx8q01lZX2vHXGUrfwKnahxvO3VxFLRw
UsyrJrD0FB5dk6COYQ7dPDc7lBt+5R1S9wRWTluXyB54cYJoTTNb6srrFQj8ZGSm
FKnNOXvSBOGRjD3KiWk67fHUgrPAAPK4HcLAMU+HppX2c1dSCvmPUxLoxbwBIcmu
hiXixyLoMmCjEYD6tsbhtZXqEq16pvnyo23TyzCk6pShQu5WDxVhZNPQ1DyZtQl6
50O3YJaKA2Wdx8FBCIwJE39YVxI8KeHNoqSEAzW2XI8SndyamFNTCsSzAMtYBIQq
97mngXcztAf3IA==
-----END CERTIFICATE-----