Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft
File:                     KyO4dALEaK1icsN77YjlzcbkwGE.mft (raw, json)
Hash identifier:          YvyhN3wLwJZ7Lqx4iqR2/oaa5g2KwnnZyCMQsRRbBO0=
Subject key identifier:   CE:74:9A:ED:8A:8D:C2:46:B2:1E:AF:A4:57:C2:07:63:DB:51:D4:95
Authority key identifier: 2B:23:B8:74:02:C4:68:AD:62:72:C3:7B:ED:88:E5:CD:C6:E4:C0:61
Certificate issuer:       /CN=2b23b87402c468ad6272c37bed88e5cdc6e4c061
Certificate serial:       019D37527FC33AAA85A039764FC5654F2E51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft
Manifest number:          0363
Signing time:             Sun 29 Mar 2026 02:00:46 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:46 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:46 +0000
Files and hashes:         1: KyO4dALEaK1icsN77YjlzcbkwGE.crl (hash: ecNtTPZnUPRzn3EHpHrbqzaCr9TikdYatJI0RSvK+q8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:7f:c3:3a:aa:85:a0:39:76:4f:c5:65:4f:2e:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b23b87402c468ad6272c37bed88e5cdc6e4c061
        Validity
            Not Before: Mar 29 02:00:46 2026 GMT
            Not After : Mar 30 02:00:46 2026 GMT
        Subject: CN=ce749aed8a8dc246b21eafa457c20763db51d495
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:62:03:29:35:19:1c:a7:b1:b1:25:53:ee:ed:
                    a8:33:06:1e:c9:67:37:b3:7b:b1:85:a8:94:12:d7:
                    3b:b5:37:fb:e0:50:b1:3e:10:5b:dd:83:9f:f0:4b:
                    22:18:3f:46:84:6f:0b:26:4e:23:07:c9:d6:ee:4e:
                    e6:33:13:fe:cc:4e:2f:73:fd:be:f3:bd:e6:7f:63:
                    c3:d3:d8:59:f2:4b:45:9e:cd:92:15:3b:eb:a7:ef:
                    1e:79:c6:3c:f6:f4:8d:62:0c:e9:8f:7d:04:84:64:
                    e7:44:08:d3:76:e4:1f:ea:e9:9a:c5:1d:f5:48:fd:
                    44:35:d0:c2:6a:30:54:9e:04:4d:ba:e9:a7:67:a0:
                    52:e8:2a:6f:43:be:3e:42:00:5c:fe:5f:62:78:44:
                    cb:27:c7:dc:eb:4c:44:51:81:be:ac:08:25:ce:5b:
                    36:94:a7:39:f7:ff:3d:3a:75:2d:e4:79:b7:7a:3f:
                    cd:69:c5:df:17:4b:a9:da:b8:97:45:8d:de:5e:cd:
                    9d:78:a5:79:a0:e7:24:65:3e:b3:32:3b:c3:b2:37:
                    5e:4a:01:e0:b5:82:b9:01:8a:c5:70:93:a6:df:b9:
                    05:a9:cc:c4:18:0e:f3:aa:b3:46:f5:da:84:ed:0f:
                    c3:d0:b4:55:95:b5:52:82:ae:de:c0:c9:2a:b2:0b:
                    ac:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:74:9A:ED:8A:8D:C2:46:B2:1E:AF:A4:57:C2:07:63:DB:51:D4:95
            X509v3 Authority Key Identifier:
                keyid:2B:23:B8:74:02:C4:68:AD:62:72:C3:7B:ED:88:E5:CD:C6:E4:C0:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:cd:9c:4c:dd:9c:9c:6c:8a:1e:cf:0e:ce:ad:be:9e:17:7b:
         41:d4:60:14:ec:53:2a:1c:0d:58:bb:a4:18:b9:4a:ed:55:ed:
         6a:35:fa:0a:32:63:c6:d0:d9:6b:9b:62:de:fc:fe:b1:24:45:
         90:ef:87:2c:5b:e7:00:41:b3:88:af:e6:bb:34:e1:86:40:f6:
         c5:cf:16:de:1a:11:19:98:38:48:d9:47:e0:b7:af:b9:f2:c2:
         4e:79:f9:ce:33:6f:5c:73:26:ca:eb:37:c9:68:fe:2e:54:b0:
         bd:28:71:b6:3b:04:8c:2f:b3:f5:26:a9:c9:4d:f1:0c:8c:9c:
         bb:a8:95:bf:3b:f1:15:66:b5:7a:63:39:b2:90:7f:f7:84:99:
         bd:63:d2:0b:3f:97:96:5d:e6:99:eb:dd:df:25:86:f0:07:f5:
         a6:f6:75:45:8f:c6:bd:3b:7a:c6:9a:27:64:78:ba:49:ab:14:
         13:b0:8e:2d:ed:ec:18:0d:a5:b4:94:28:91:17:3a:52:b9:30:
         ce:26:9e:93:c9:8c:fe:ca:a4:b3:80:eb:50:2b:a9:42:0d:c0:
         2e:b5:1a:d9:ab:5a:c5:57:d2:c4:b8:f6:b9:f0:27:de:d5:f2:
         f8:46:cf:22:a7:98:68:2d:50:09:2e:5b:4a:2f:3a:84:ad:bd:
         c5:77:f0:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Un/DOqqFoDl2T8VlTy5RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMjNiODc0MDJjNDY4YWQ2MjcyYzM3YmVkODhlNWNkYzZl
NGMwNjEwHhcNMjYwMzI5MDIwMDQ2WhcNMjYwMzMwMDIwMDQ2WjAzMTEwLwYDVQQD
EyhjZTc0OWFlZDhhOGRjMjQ2YjIxZWFmYTQ1N2MyMDc2M2RiNTFkNDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGIDKTUZHKexsSVT7u2oMwYeyWc3
s3uxhaiUEtc7tTf74FCxPhBb3YOf8EsiGD9GhG8LJk4jB8nW7k7mMxP+zE4vc/2+
873mf2PD09hZ8ktFns2SFTvrp+8eecY89vSNYgzpj30EhGTnRAjTduQf6umaxR31
SP1ENdDCajBUngRNuumnZ6BS6CpvQ74+QgBc/l9ieETLJ8fc60xEUYG+rAglzls2
lKc59/89OnUt5Hm3ej/NacXfF0up2riXRY3eXs2deKV5oOckZT6zMjvDsjdeSgHg
tYK5AYrFcJOm37kFqczEGA7zqrNG9dqE7Q/D0LRVlbVSgq7ewMkqsgusSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM50mu2KjcJGsh6vpFfCB2PbUdSVMB8GA1UdIwQY
MBaAFCsjuHQCxGitYnLDe+2I5c3G5MBhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS84NTQ2NjAtNWZhNi00MjdlLWE1ZTgt
NjU0ZGE4YjQwNzE2LzEvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS84NTQ2NjAtNWZhNi00MjdlLWE1ZTgtNjU0ZGE4YjQwNzE2
LzEvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACs2cTN2c
nGyKHs8Ozq2+nhd7QdRgFOxTKhwNWLukGLlK7VXtajX6CjJjxtDZa5ti3vz+sSRF
kO+HLFvnAEGziK/muzThhkD2xc8W3hoRGZg4SNlH4LevufLCTnn5zjNvXHMmyus3
yWj+LlSwvShxtjsEjC+z9SapyU3xDIycu6iVvzvxFWa1emM5spB/94SZvWPSCz+X
ll3mmevd3yWG8Af1pvZ1RY/GvTt6xponZHi6SasUE7COLe3sGA2ltJQokRc6Urkw
ziaek8mM/sqks4DrUCupQg3ALrUa2ataxVfSxLj2ufAn3tXy+EbPIqeYaC1QCS5b
Si86hK29xXfw2A==
-----END CERTIFICATE-----