Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft
File:                     Kn-4HcfsycpmKnTuO347rS6k3nE.mft (raw, json)
Hash identifier:          VTAQHCle82J0/8Xcr3MTpwxDWlKjKxMT40ujYuQPcbA=
Subject key identifier:   EA:75:60:3B:7A:C2:7A:09:EB:94:A7:3F:24:C7:AA:0B:28:F4:37:FF
Authority key identifier: 2A:7F:B8:1D:C7:EC:C9:CA:66:2A:74:EE:3B:7E:3B:AD:2E:A4:DE:71
Certificate issuer:       /CN=2a7fb81dc7ecc9ca662a74ee3b7e3bad2ea4de71
Certificate serial:       019D37F7719DAA5C47239FEB9A22D5BAD621
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kn-4HcfsycpmKnTuO347rS6k3nE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft
Manifest number:          027D
Signing time:             Sun 29 Mar 2026 05:00:56 +0000
Manifest this update:     Sun 29 Mar 2026 05:00:56 +0000
Manifest next update:     Mon 30 Mar 2026 05:00:56 +0000
Files and hashes:         1: Kn-4HcfsycpmKnTuO347rS6k3nE.crl (hash: Ax3BbAraqPBN1zHyXD84nRA7zS40C9tcTVgCmTUlGcE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kn-4HcfsycpmKnTuO347rS6k3nE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:f7:71:9d:aa:5c:47:23:9f:eb:9a:22:d5:ba:d6:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a7fb81dc7ecc9ca662a74ee3b7e3bad2ea4de71
        Validity
            Not Before: Mar 29 05:00:56 2026 GMT
            Not After : Mar 30 05:00:56 2026 GMT
        Subject: CN=ea75603b7ac27a09eb94a73f24c7aa0b28f437ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:f1:2d:7e:27:91:99:dc:09:fd:04:9a:18:2e:
                    cc:b6:0b:2f:e2:85:bd:73:a5:9a:ce:80:17:d9:58:
                    6e:8d:e7:10:a4:eb:e1:6d:34:96:50:14:1d:b4:3d:
                    e1:c9:35:d2:a4:b2:49:f4:d0:a2:8d:39:38:69:53:
                    2a:57:23:59:cc:aa:6d:b8:e2:c8:95:0b:e4:68:b9:
                    c9:d8:20:90:97:18:3d:2f:5c:f9:8a:3f:15:f1:6b:
                    d2:36:f6:05:ef:79:76:62:fa:92:98:15:c7:a5:5b:
                    1a:b8:cf:12:bb:ce:43:69:d1:cd:c4:0a:55:52:41:
                    39:1c:f5:67:b1:1d:15:d2:4e:82:75:ea:d3:24:5b:
                    8a:01:db:66:b4:b3:bb:1d:2a:a8:b1:a3:fb:8d:e0:
                    0b:8a:9d:82:75:1e:9d:5b:51:44:5d:e7:d4:18:38:
                    a3:e1:c1:36:ba:75:3b:b3:07:a5:14:23:fa:6f:7c:
                    66:ea:43:62:7f:3f:64:36:25:40:60:f5:0c:3b:b1:
                    e7:03:76:2a:b8:bf:50:6f:08:0c:ee:32:27:81:4c:
                    7f:b5:b1:26:40:ba:a0:27:14:0f:d2:6c:f8:c9:4f:
                    67:18:9c:85:1d:60:92:29:34:87:83:55:69:62:8e:
                    b9:3a:0c:b6:c2:49:d8:17:4a:87:e9:37:ad:28:6f:
                    bc:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:75:60:3B:7A:C2:7A:09:EB:94:A7:3F:24:C7:AA:0B:28:F4:37:FF
            X509v3 Authority Key Identifier:
                keyid:2A:7F:B8:1D:C7:EC:C9:CA:66:2A:74:EE:3B:7E:3B:AD:2E:A4:DE:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kn-4HcfsycpmKnTuO347rS6k3nE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:4a:15:fe:19:20:35:4c:d6:69:72:99:fe:82:b7:83:97:c4:
         cc:12:c8:01:42:78:67:d1:cc:64:ce:6b:70:8d:c3:27:b5:8d:
         8b:52:3b:ea:34:42:bb:d1:7b:4b:1f:ec:0d:f2:18:4b:85:cc:
         6d:1a:a8:f2:60:7d:cc:2f:cf:9a:c4:29:c9:3e:b9:b7:25:39:
         55:6e:29:83:b1:0e:3e:b6:9a:ec:72:c6:26:f9:cc:01:bc:9a:
         c1:70:34:b0:3c:33:02:a9:c4:a6:26:84:95:ea:df:8e:9e:71:
         22:c5:7b:64:9e:1e:f4:f9:aa:3a:f2:2f:65:ab:17:72:d4:14:
         92:1f:05:ce:9a:0b:8f:c9:98:3d:79:d9:99:d5:88:21:71:ec:
         05:ed:b5:72:f3:54:18:54:d1:7e:95:1d:65:a6:ee:93:6b:58:
         55:e5:e1:d1:3f:44:5e:89:6a:5b:a9:52:08:c7:dc:87:7e:62:
         38:69:6e:5c:e9:4d:a9:6f:9b:4e:ee:4a:0d:7b:38:df:00:b6:
         17:0e:46:8a:7b:b4:7f:28:12:a7:07:d9:37:55:d2:7c:82:aa:
         7b:b6:28:d0:25:85:7d:38:fd:1b:2c:33:aa:a1:8f:ec:da:30:
         fb:b7:88:13:88:59:b9:dc:27:a2:87:3d:e5:53:6d:5b:c6:36:
         52:50:4d:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0393GdqlxHI5/rmiLVutYhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhN2ZiODFkYzdlY2M5Y2E2NjJhNzRlZTNiN2UzYmFkMmVh
NGRlNzEwHhcNMjYwMzI5MDUwMDU2WhcNMjYwMzMwMDUwMDU2WjAzMTEwLwYDVQQD
EyhlYTc1NjAzYjdhYzI3YTA5ZWI5NGE3M2YyNGM3YWEwYjI4ZjQzN2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofEtfieRmdwJ/QSaGC7Mtgsv4oW9
c6WazoAX2VhujecQpOvhbTSWUBQdtD3hyTXSpLJJ9NCijTk4aVMqVyNZzKptuOLI
lQvkaLnJ2CCQlxg9L1z5ij8V8WvSNvYF73l2YvqSmBXHpVsauM8Su85DadHNxApV
UkE5HPVnsR0V0k6CderTJFuKAdtmtLO7HSqosaP7jeALip2CdR6dW1FEXefUGDij
4cE2unU7swelFCP6b3xm6kNifz9kNiVAYPUMO7HnA3YquL9QbwgM7jIngUx/tbEm
QLqgJxQP0mz4yU9nGJyFHWCSKTSHg1VpYo65Ogy2wknYF0qH6TetKG+8cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOp1YDt6wnoJ65SnPyTHqgso9Df/MB8GA1UdIwQY
MBaAFCp/uB3H7MnKZip07jt+O60upN5xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS24tNEhjZnN5Y3BtS25UdU8zNDdyUzZrM25FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9kODFiZDktN2Q1OC00MzgwLTk3MDct
NDViOGI4NTczNDE5LzEvS24tNEhjZnN5Y3BtS25UdU8zNDdyUzZrM25FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9kODFiZDktN2Q1OC00MzgwLTk3MDctNDViOGI4NTczNDE5
LzEvS24tNEhjZnN5Y3BtS25UdU8zNDdyUzZrM25FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD0oV/hkg
NUzWaXKZ/oK3g5fEzBLIAUJ4Z9HMZM5rcI3DJ7WNi1I76jRCu9F7Sx/sDfIYS4XM
bRqo8mB9zC/PmsQpyT65tyU5VW4pg7EOPraa7HLGJvnMAbyawXA0sDwzAqnEpiaE
lerfjp5xIsV7ZJ4e9PmqOvIvZasXctQUkh8FzpoLj8mYPXnZmdWIIXHsBe21cvNU
GFTRfpUdZabuk2tYVeXh0T9EXolqW6lSCMfch35iOGluXOlNqW+bTu5KDXs43wC2
Fw5Ginu0fygSpwfZN1XSfIKqe7Yo0CWFfTj9GywzqqGP7Now+7eIE4hZudwnooc9
5VNtW8Y2UlBNnA==
-----END CERTIFICATE-----