Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft
File:                     KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft (raw, json)
Hash identifier:          2TL+BwNIe0SzLXB7ap1j508KbuB2CBKwc1gWKZV7Pr4=
Subject key identifier:   F5:93:CA:0F:AF:70:1E:A1:18:02:47:F7:E3:2F:D4:B0:49:B9:CE:ED
Authority key identifier: 29:F4:34:0D:F7:17:60:57:48:08:30:0C:B1:4F:C1:76:0F:AE:CC:F9
Certificate issuer:       /CN=29f4340df71760574808300cb14fc1760faeccf9
Certificate serial:       019D38655779B18613BFD53F8ABDBD17A357
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft
Manifest number:          0343
Signing time:             Sun 29 Mar 2026 07:00:58 +0000
Manifest this update:     Sun 29 Mar 2026 07:00:58 +0000
Manifest next update:     Mon 30 Mar 2026 07:00:58 +0000
Files and hashes:         1: KfQ0DfcXYFdICDAMsU_Bdg-uzPk.crl (hash: TKX+Mu5UBnbG1xEkw9V7pwko69r09vWx5CuDCW2XDwA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:57:79:b1:86:13:bf:d5:3f:8a:bd:bd:17:a3:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29f4340df71760574808300cb14fc1760faeccf9
        Validity
            Not Before: Mar 29 07:00:58 2026 GMT
            Not After : Mar 30 07:00:58 2026 GMT
        Subject: CN=f593ca0faf701ea1180247f7e32fd4b049b9ceed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:97:b4:80:5c:ef:0f:26:9f:71:17:e5:fc:6e:
                    17:f1:54:6f:f8:9e:9b:b9:52:be:79:ab:0e:c6:70:
                    b8:18:3d:e2:f1:79:9a:e8:79:89:b6:19:03:73:9e:
                    02:cd:c8:ec:3c:a9:ac:cf:a2:5a:32:db:10:1a:44:
                    a1:d5:ce:d6:e3:19:a7:09:48:f1:b3:68:a4:fb:93:
                    4b:d4:5b:dd:fb:c4:9c:db:f5:9e:db:4c:04:df:9a:
                    1d:ed:f5:d3:ee:96:ec:a9:bb:cf:11:db:d2:7e:c6:
                    df:29:77:90:9b:15:ae:04:ad:1e:a0:74:2b:9c:18:
                    df:b3:e6:22:fe:3c:56:1d:12:41:f7:b8:60:97:c6:
                    96:de:e6:1f:a3:60:44:e1:05:d5:b5:f2:42:bc:0e:
                    0e:83:23:30:a9:be:7b:94:3c:45:ec:bd:e3:52:4b:
                    73:63:60:02:79:b9:d4:be:90:d3:91:cd:b2:cf:36:
                    fc:53:7d:15:52:db:24:e8:b1:6e:59:f8:5e:3b:bf:
                    0b:1f:97:b2:30:13:eb:8b:74:84:21:70:2f:df:b6:
                    08:21:b8:68:90:f0:1c:c9:c3:cf:9c:9d:f2:45:30:
                    de:44:a8:e2:7d:0b:3b:27:a2:f8:aa:fb:26:fd:e4:
                    90:f3:50:cb:34:6e:5d:66:40:7d:4c:0d:62:7a:ad:
                    3f:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:93:CA:0F:AF:70:1E:A1:18:02:47:F7:E3:2F:D4:B0:49:B9:CE:ED
            X509v3 Authority Key Identifier:
                keyid:29:F4:34:0D:F7:17:60:57:48:08:30:0C:B1:4F:C1:76:0F:AE:CC:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:b9:09:5f:da:90:24:7c:75:64:56:77:9f:08:1c:91:2a:54:
         ad:eb:26:d7:8d:cf:97:5b:77:0d:24:02:66:a6:61:3d:98:07:
         fb:2e:e7:0a:ca:64:b2:80:33:7c:97:89:10:fa:d7:d7:63:a9:
         1b:8d:2d:2a:fb:dc:24:3f:54:fc:40:4d:d8:95:1a:79:d8:b7:
         12:c3:75:26:4a:91:16:0c:6e:51:d9:e1:fd:3e:37:8a:6f:e4:
         9b:ed:32:fe:a9:25:c0:df:dc:12:2a:76:cb:61:83:06:db:c5:
         bb:38:43:bc:3e:08:d2:c1:7b:c0:1e:a4:86:8d:24:11:50:65:
         79:8c:b2:b0:87:41:bb:be:19:6b:a1:a3:5e:1f:29:7d:6e:1b:
         e3:06:21:cd:5e:99:d7:04:e7:f8:f9:0d:4e:f2:af:94:f6:f8:
         b3:7d:eb:3e:35:cc:5a:15:6c:cc:30:63:c5:99:9a:f1:f5:b4:
         7f:bf:5c:ec:33:77:87:ed:20:b2:4d:ef:45:e7:28:a1:f4:fe:
         0f:81:2b:2d:0f:10:12:56:22:68:4a:2e:50:62:a0:06:bd:d0:
         a4:7c:e8:94:d0:a6:17:a7:c8:27:11:84:bc:d5:f2:34:ca:c8:
         ef:43:ea:4f:7d:67:19:1b:d4:f2:b3:d0:50:4b:06:4d:d2:46:
         b2:2b:17:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZVd5sYYTv9U/ir29F6NXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjQzNDBkZjcxNzYwNTc0ODA4MzAwY2IxNGZjMTc2MGZh
ZWNjZjkwHhcNMjYwMzI5MDcwMDU4WhcNMjYwMzMwMDcwMDU4WjAzMTEwLwYDVQQD
EyhmNTkzY2EwZmFmNzAxZWExMTgwMjQ3ZjdlMzJmZDRiMDQ5YjljZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJe0gFzvDyafcRfl/G4X8VRv+J6b
uVK+easOxnC4GD3i8Xma6HmJthkDc54CzcjsPKmsz6JaMtsQGkSh1c7W4xmnCUjx
s2ik+5NL1Fvd+8Sc2/We20wE35od7fXT7pbsqbvPEdvSfsbfKXeQmxWuBK0eoHQr
nBjfs+Yi/jxWHRJB97hgl8aW3uYfo2BE4QXVtfJCvA4OgyMwqb57lDxF7L3jUktz
Y2ACebnUvpDTkc2yzzb8U30VUtsk6LFuWfheO78LH5eyMBPri3SEIXAv37YIIbho
kPAcycPPnJ3yRTDeRKjifQs7J6L4qvsm/eSQ81DLNG5dZkB9TA1ieq0/dQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPWTyg+vcB6hGAJH9+Mv1LBJuc7tMB8GA1UdIwQY
MBaAFCn0NA33F2BXSAgwDLFPwXYPrsz5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZRMERmY1hZRmRJQ0RBTXNVX0JkZy11elBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC83MDY2OWUtNTc0NC00NDc3LTg2YmEt
Nzk1YzNhNjEyZThiLzEvS2ZRMERmY1hZRmRJQ0RBTXNVX0JkZy11elBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC83MDY2OWUtNTc0NC00NDc3LTg2YmEtNzk1YzNhNjEyZThi
LzEvS2ZRMERmY1hZRmRJQ0RBTXNVX0JkZy11elBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZLkJX9qQ
JHx1ZFZ3nwgckSpUresm143Pl1t3DSQCZqZhPZgH+y7nCspksoAzfJeJEPrX12Op
G40tKvvcJD9U/EBN2JUaedi3EsN1JkqRFgxuUdnh/T43im/km+0y/qklwN/cEip2
y2GDBtvFuzhDvD4I0sF7wB6kho0kEVBleYyysIdBu74Za6GjXh8pfW4b4wYhzV6Z
1wTn+PkNTvKvlPb4s33rPjXMWhVszDBjxZma8fW0f79c7DN3h+0gsk3vRecoofT+
D4ErLQ8QElYiaEouUGKgBr3QpHzolNCmF6fIJxGEvNXyNMrI70PqT31nGRvU8rPQ
UEsGTdJGsisXzQ==
-----END CERTIFICATE-----