Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
File:                     KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft (raw, json)
Hash identifier:          zy5Dd4wKCuRBf+itYQIfLSOu0Q3WySYf9QZ2MEFCZSA=
Subject key identifier:   A7:B3:97:29:7B:FF:EC:CC:C6:B3:7F:45:08:8E:71:74:B0:FF:D7:65
Authority key identifier: 29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39
Certificate issuer:       /CN=29b1210ec9105c717d098f9f0d00d9dea2322539
Certificate serial:       019D38D3A29E94DE822F8820A185339148DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
Manifest number:          1561
Signing time:             Sun 29 Mar 2026 09:01:26 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:26 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:26 +0000
Files and hashes:         1: KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl (hash: 6b013AFA5jSutv63QkFBDEAEY20/9HDhIs3mAi8id0A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:a2:9e:94:de:82:2f:88:20:a1:85:33:91:48:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29b1210ec9105c717d098f9f0d00d9dea2322539
        Validity
            Not Before: Mar 29 09:01:26 2026 GMT
            Not After : Mar 30 09:01:26 2026 GMT
        Subject: CN=a7b397297bffecccc6b37f45088e7174b0ffd765
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:a7:42:ad:a2:b8:2e:c7:1d:87:bb:4c:57:25:
                    99:7f:01:a5:9f:c2:aa:64:ec:e6:12:10:a8:4c:c9:
                    7a:18:d7:56:85:92:60:ba:57:96:a6:38:5e:8e:9d:
                    4c:50:cc:08:97:8b:6c:e1:f9:ea:d1:28:bc:1c:98:
                    76:72:07:75:e8:92:ba:7a:37:b0:e8:25:65:4c:63:
                    d3:30:23:97:05:19:52:bb:40:b6:39:04:52:37:25:
                    d2:35:48:66:88:2f:32:6a:d7:26:6f:f0:65:cc:27:
                    59:b4:d0:ea:00:dc:37:66:87:2c:15:38:26:bf:01:
                    7a:19:b5:7b:2f:8f:20:75:0a:79:90:5c:ba:eb:b0:
                    b6:73:79:d7:d9:02:b4:d6:db:2c:e3:a5:fb:da:a7:
                    5f:42:53:99:91:e8:82:f2:0d:ad:93:5c:4a:08:0c:
                    0f:c7:84:99:37:23:dc:bb:15:59:1b:0b:c2:2d:31:
                    1e:fb:43:81:7d:16:07:8a:72:6c:bd:9c:29:de:a9:
                    75:c9:16:0a:01:7f:d0:bf:54:ba:ea:62:cb:35:0a:
                    5a:4d:85:4c:bc:3a:04:33:fd:74:c9:6e:f4:1c:cf:
                    c4:90:c4:9f:15:72:bc:af:be:8f:3b:c1:44:a8:24:
                    82:a3:84:ea:a9:44:48:fd:f9:00:e8:0d:04:75:e2:
                    55:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:B3:97:29:7B:FF:EC:CC:C6:B3:7F:45:08:8E:71:74:B0:FF:D7:65
            X509v3 Authority Key Identifier:
                keyid:29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:c9:1c:4b:fb:2f:9d:19:27:10:06:4b:53:f3:70:3d:5e:63:
         64:85:d3:4a:0d:f2:43:a2:74:0e:45:fb:89:0f:ed:40:5c:2e:
         60:13:af:bf:69:7d:0f:b3:5f:fd:4d:b2:69:cd:7e:c4:ed:54:
         d9:a7:19:f0:1a:5e:e9:58:be:3d:db:73:15:bc:96:f0:f5:ec:
         d6:b1:4b:29:b3:b4:f4:da:c2:43:51:63:38:a0:9f:44:d7:58:
         32:d8:1e:80:ab:bb:8e:41:54:be:a7:80:a4:df:a2:74:03:ea:
         48:3e:b6:85:02:58:cc:c6:aa:d3:2f:b6:a8:f8:5e:1b:96:78:
         f4:10:7d:9c:48:ac:41:09:df:c7:09:a6:77:d3:12:af:8d:dd:
         40:f4:8b:fe:a0:f4:15:02:5d:92:92:6b:b5:dc:e3:2a:13:40:
         45:c9:f5:ce:95:87:16:34:bc:a5:fb:7d:87:80:b3:3a:f9:ba:
         f2:3a:07:9c:8e:ba:5a:10:1b:83:af:19:31:4a:b2:74:6c:71:
         96:66:a8:1d:fe:01:45:57:06:fc:e5:ff:98:01:be:eb:00:a7:
         77:eb:03:6e:e5:f1:a2:12:22:61:97:20:29:7c:a7:ad:6c:fc:
         26:d1:78:d4:79:63:f4:64:77:d8:72:59:38:b0:e9:0d:5b:b1:
         22:e9:69:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0406KelN6CL4ggoYUzkUjcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjEyMTBlYzkxMDVjNzE3ZDA5OGY5ZjBkMDBkOWRlYTIz
MjI1MzkwHhcNMjYwMzI5MDkwMTI2WhcNMjYwMzMwMDkwMTI2WjAzMTEwLwYDVQQD
EyhhN2IzOTcyOTdiZmZlY2NjYzZiMzdmNDUwODhlNzE3NGIwZmZkNzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqdCraK4Lscdh7tMVyWZfwGln8Kq
ZOzmEhCoTMl6GNdWhZJguleWpjhejp1MUMwIl4ts4fnq0Si8HJh2cgd16JK6ejew
6CVlTGPTMCOXBRlSu0C2OQRSNyXSNUhmiC8yatcmb/BlzCdZtNDqANw3ZocsFTgm
vwF6GbV7L48gdQp5kFy667C2c3nX2QK01tss46X72qdfQlOZkeiC8g2tk1xKCAwP
x4SZNyPcuxVZGwvCLTEe+0OBfRYHinJsvZwp3ql1yRYKAX/Qv1S66mLLNQpaTYVM
vDoEM/10yW70HM/EkMSfFXK8r76PO8FEqCSCo4TqqURI/fkA6A0EdeJVFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKezlyl7/+zMxrN/RQiOcXSw/9dlMB8GA1UdIwQY
MBaAFCmxIQ7JEFxxfQmPnw0A2d6iMiU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2Yt
MGU0NjRjYTM5ZTc1LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2YtMGU0NjRjYTM5ZTc1
LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm8kcS/sv
nRknEAZLU/NwPV5jZIXTSg3yQ6J0DkX7iQ/tQFwuYBOvv2l9D7Nf/U2yac1+xO1U
2acZ8Bpe6Vi+PdtzFbyW8PXs1rFLKbO09NrCQ1FjOKCfRNdYMtgegKu7jkFUvqeA
pN+idAPqSD62hQJYzMaq0y+2qPheG5Z49BB9nEisQQnfxwmmd9MSr43dQPSL/qD0
FQJdkpJrtdzjKhNARcn1zpWHFjS8pft9h4CzOvm68joHnI66WhAbg68ZMUqydGxx
lmaoHf4BRVcG/OX/mAG+6wCnd+sDbuXxohIiYZcgKXynrWz8JtF41Hlj9GR32HJZ
OLDpDVuxIulpDQ==
-----END CERTIFICATE-----