Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft
File:                     kbDB4HajRpZoEluN05XzBN-i55Q.mft (raw, json)
Hash identifier:          GhDx/SMX9A28IpaTS2Pe9KwLynFpP1rRMgTw/uv/nG0=
Subject key identifier:   DE:82:C0:E0:BC:79:E1:0B:6F:D3:CE:0F:95:42:0D:9E:D4:3A:49:7C
Authority key identifier: 91:B0:C1:E0:76:A3:46:96:68:12:5B:8D:D3:95:F3:04:DF:A2:E7:94
Certificate issuer:       /CN=91b0c1e076a3469668125b8dd395f304dfa2e794
Certificate serial:       019D3866848B0A320CFEDA9F422DBAF1B831
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kbDB4HajRpZoEluN05XzBN-i55Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft
Manifest number:          028B
Signing time:             Sun 29 Mar 2026 07:02:15 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:15 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:15 +0000
Files and hashes:         1: kbDB4HajRpZoEluN05XzBN-i55Q.crl (hash: md1/3ZmbBDXRsqP2w8NbWxfEwlhwNz58150cM9DDX+g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kbDB4HajRpZoEluN05XzBN-i55Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:84:8b:0a:32:0c:fe:da:9f:42:2d:ba:f1:b8:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91b0c1e076a3469668125b8dd395f304dfa2e794
        Validity
            Not Before: Mar 29 07:02:15 2026 GMT
            Not After : Mar 30 07:02:15 2026 GMT
        Subject: CN=de82c0e0bc79e10b6fd3ce0f95420d9ed43a497c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:de:20:82:31:b3:62:19:57:c7:cb:64:2c:ae:
                    ec:34:12:8a:0c:97:19:cc:eb:46:8d:99:73:59:f8:
                    8a:1a:df:81:8a:81:6c:59:4e:8e:0e:36:af:5e:42:
                    e2:43:d5:53:fc:5c:69:62:ba:c1:ee:92:4c:ad:9e:
                    a5:95:bf:ec:a9:2d:8f:91:bb:c5:61:49:6f:cf:8e:
                    26:18:d7:b4:68:41:94:67:58:31:f1:e0:bf:0c:91:
                    01:7c:b1:96:78:48:3b:b6:58:4a:99:e9:38:b3:e3:
                    f0:26:c4:fd:6a:40:74:18:f0:2d:33:14:17:53:02:
                    20:cc:c6:bb:12:c9:97:77:6e:54:5d:4b:86:e7:3f:
                    49:c0:8c:16:10:5e:a0:b7:4e:4e:eb:aa:ae:16:0c:
                    ab:67:39:88:f2:66:93:dd:26:c7:7a:60:4e:2f:e3:
                    71:f6:88:c7:3e:43:fc:67:92:b0:ca:26:49:3f:f6:
                    78:ce:a9:0b:e0:f2:f8:20:bf:12:ad:7d:f3:76:58:
                    99:1b:34:d4:50:fa:bb:0d:2f:f0:ca:eb:34:22:aa:
                    36:d4:50:ef:ef:42:67:95:92:95:69:64:0c:1b:2a:
                    c4:0f:da:e2:e4:51:59:8a:01:b7:f1:ad:d4:b1:17:
                    ef:be:55:65:fc:5f:29:58:6c:35:f4:b9:f6:5d:bb:
                    0d:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:82:C0:E0:BC:79:E1:0B:6F:D3:CE:0F:95:42:0D:9E:D4:3A:49:7C
            X509v3 Authority Key Identifier:
                keyid:91:B0:C1:E0:76:A3:46:96:68:12:5B:8D:D3:95:F3:04:DF:A2:E7:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kbDB4HajRpZoEluN05XzBN-i55Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:8e:5e:5d:a4:f6:5c:5b:2f:ac:16:fa:7f:d2:8d:df:f9:fd:
         c9:3f:6d:0e:35:76:ab:ca:39:76:c6:b1:51:15:f2:28:31:3c:
         4e:03:21:06:ba:44:1e:de:08:6a:b1:31:21:95:28:bd:46:48:
         66:77:d0:c7:9d:89:1e:37:12:1b:50:50:6b:7e:34:9f:ad:69:
         7a:48:bc:ea:85:c5:f0:9c:3c:ea:4c:51:f3:6d:7f:d0:e2:2a:
         bc:9b:f9:14:cc:3c:da:a4:6f:5c:5c:fa:ca:4e:57:7f:d3:2b:
         65:bd:68:19:a3:d5:a9:a3:41:58:91:49:46:11:10:90:5b:56:
         2a:9d:4a:aa:8f:2b:63:0f:3e:49:25:e2:0f:9c:f8:a8:e1:f5:
         87:37:00:d6:2d:01:17:72:4a:3c:6f:56:2c:8e:55:12:cc:db:
         3a:2a:83:3c:11:33:f2:71:bd:31:4f:7b:5b:52:ae:f2:17:d3:
         21:e5:64:e9:9e:68:af:01:24:33:1a:ce:cd:51:2f:ba:a2:ab:
         4a:c8:09:d5:49:d0:e6:95:88:42:a9:f5:70:49:43:67:96:40:
         df:34:3c:52:1c:c9:02:80:50:c9:a9:57:8f:ac:40:e1:33:80:
         12:4f:54:67:b9:65:1e:98:ed:eb:bc:14:9f:2b:19:6c:c8:16:
         4e:a8:4d:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZoSLCjIM/tqfQi268bgxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYjBjMWUwNzZhMzQ2OTY2ODEyNWI4ZGQzOTVmMzA0ZGZh
MmU3OTQwHhcNMjYwMzI5MDcwMjE1WhcNMjYwMzMwMDcwMjE1WjAzMTEwLwYDVQQD
EyhkZTgyYzBlMGJjNzllMTBiNmZkM2NlMGY5NTQyMGQ5ZWQ0M2E0OTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAot4ggjGzYhlXx8tkLK7sNBKKDJcZ
zOtGjZlzWfiKGt+BioFsWU6ODjavXkLiQ9VT/FxpYrrB7pJMrZ6llb/sqS2PkbvF
YUlvz44mGNe0aEGUZ1gx8eC/DJEBfLGWeEg7tlhKmek4s+PwJsT9akB0GPAtMxQX
UwIgzMa7EsmXd25UXUuG5z9JwIwWEF6gt05O66quFgyrZzmI8maT3SbHemBOL+Nx
9ojHPkP8Z5KwyiZJP/Z4zqkL4PL4IL8SrX3zdliZGzTUUPq7DS/wyus0Iqo21FDv
70JnlZKVaWQMGyrED9ri5FFZigG38a3UsRfvvlVl/F8pWGw19Ln2XbsNywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN6CwOC8eeELb9POD5VCDZ7UOkl8MB8GA1UdIwQY
MBaAFJGwweB2o0aWaBJbjdOV8wTfoueUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2JEQjRIYWpScFpvRWx1TjA1WHpCTi1pNTVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC83NWM5NjQtMzU0ZS00NmEzLWIzOWUt
ZWQ4MjM3OWNmYTMyLzEva2JEQjRIYWpScFpvRWx1TjA1WHpCTi1pNTVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC83NWM5NjQtMzU0ZS00NmEzLWIzOWUtZWQ4MjM3OWNmYTMy
LzEva2JEQjRIYWpScFpvRWx1TjA1WHpCTi1pNTVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl45eXaT2
XFsvrBb6f9KN3/n9yT9tDjV2q8o5dsaxURXyKDE8TgMhBrpEHt4IarExIZUovUZI
ZnfQx52JHjcSG1BQa340n61peki86oXF8Jw86kxR821/0OIqvJv5FMw82qRvXFz6
yk5Xf9MrZb1oGaPVqaNBWJFJRhEQkFtWKp1Kqo8rYw8+SSXiD5z4qOH1hzcA1i0B
F3JKPG9WLI5VEszbOiqDPBEz8nG9MU97W1Ku8hfTIeVk6Z5orwEkMxrOzVEvuqKr
SsgJ1UnQ5pWIQqn1cElDZ5ZA3zQ8UhzJAoBQyalXj6xA4TOAEk9UZ7llHpjt67wU
nysZbMgWTqhNhQ==
-----END CERTIFICATE-----