Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
File:                     KLwbPQy41cqsOntK0XlF--9QWKU.mft (raw, json)
Hash identifier:          PTEa57gUWy9FUQOwBvXxnXW+V+xLXvdmyUE6yqMGCic=
Subject key identifier:   61:B4:AF:3F:7A:C8:A3:ED:9D:B6:C0:C3:CA:FE:92:12:E5:A3:9E:A5
Authority key identifier: 28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5
Certificate issuer:       /CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5
Certificate serial:       019D38D309C4F74080C6D78F985A98237BA3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
Manifest number:          049E
Signing time:             Sun 29 Mar 2026 09:00:47 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:47 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:47 +0000
Files and hashes:         1: KLwbPQy41cqsOntK0XlF--9QWKU.crl (hash: eMcLNk6YlkIyaxhCb9X6RamaFv2c7vdpdRqO1abOQOQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:09:c4:f7:40:80:c6:d7:8f:98:5a:98:23:7b:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5
        Validity
            Not Before: Mar 29 09:00:47 2026 GMT
            Not After : Mar 30 09:00:47 2026 GMT
        Subject: CN=61b4af3f7ac8a3ed9db6c0c3cafe9212e5a39ea5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:1c:bb:8d:1e:dc:b3:1d:85:3d:d8:91:95:1b:
                    e9:86:63:6f:a1:f9:d0:ba:01:6e:21:b0:5d:c4:82:
                    85:de:0a:cf:14:4f:6b:15:c9:81:60:98:a3:c7:e9:
                    b3:6f:43:34:db:88:0f:f5:d1:20:2c:10:4a:f1:f2:
                    a9:62:64:22:9c:d1:80:40:40:43:8e:c4:43:77:4b:
                    9a:ba:e8:bc:da:75:f3:07:2b:50:8c:eb:1a:f9:da:
                    1b:46:eb:2b:af:5f:bd:f1:74:91:98:df:a4:a2:6f:
                    b1:89:20:39:24:c4:0c:23:80:08:6d:3d:22:f3:88:
                    7f:74:79:c2:99:3f:cb:22:1a:9b:8d:e2:27:b9:d4:
                    60:05:e5:05:86:6b:f1:54:87:33:4c:3a:4d:b1:a0:
                    54:22:19:a4:76:e5:56:1d:fd:b2:53:ae:03:23:d2:
                    ef:94:7a:21:eb:88:3d:a2:47:a5:59:c4:6c:89:93:
                    38:de:29:a2:38:5b:fa:2c:d3:1c:fc:e6:f5:00:0e:
                    bc:ef:e9:8f:3f:4e:06:25:ea:de:78:3d:5e:5a:c2:
                    0d:24:21:52:6f:01:51:bb:09:08:54:00:5b:f8:59:
                    16:70:78:3c:94:6b:f3:21:f5:0a:e2:68:89:ba:2f:
                    87:f2:46:86:37:c7:8e:b1:45:b3:48:0c:53:2d:e0:
                    89:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:B4:AF:3F:7A:C8:A3:ED:9D:B6:C0:C3:CA:FE:92:12:E5:A3:9E:A5
            X509v3 Authority Key Identifier:
                keyid:28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:07:9c:a0:06:99:22:78:89:68:dc:59:16:10:02:04:ae:08:
         aa:5a:3c:ae:df:fb:88:7f:39:45:c4:ba:7d:b3:66:10:b2:76:
         5c:5b:d5:b2:8d:3d:04:a9:e7:fc:35:68:72:0b:ef:94:a0:1a:
         86:dd:f2:48:92:a0:f2:5c:49:c7:eb:43:d1:6a:9d:35:33:65:
         3b:85:3f:56:a2:f0:39:27:bf:f0:ee:f5:fc:18:bb:d6:f8:6a:
         3c:5d:02:69:e7:e9:bc:5c:29:44:f8:4f:3b:ce:d6:c3:f0:0d:
         a3:14:a2:48:63:c9:b8:5f:a0:6c:fc:de:3e:24:57:48:75:59:
         d8:2f:0d:f8:b8:e4:8e:9c:1d:cf:16:75:45:b4:d3:45:d5:2c:
         56:c2:13:21:e4:c5:99:2d:80:8b:4f:6d:44:8d:22:2d:58:7a:
         a2:f0:fb:4e:c6:a9:db:17:b8:a0:23:ea:59:2b:26:99:22:0b:
         b8:e8:7b:bc:16:ea:02:10:be:05:65:dd:c2:bd:18:b9:fc:2f:
         fa:41:59:0c:0d:6d:50:a1:7a:d3:b2:0e:2e:4c:37:ec:0d:60:
         84:1f:45:c5:e1:42:ea:d7:ba:ea:40:f7:ce:71:b5:56:71:4b:
         c5:2a:0f:b0:08:78:d4:19:6b:7b:05:1b:21:62:0e:06:9d:2d:
         ae:54:35:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040wnE90CAxtePmFqYI3ujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmMxYjNkMGNiOGQ1Y2FhYzNhN2I0YWQxNzk0NWZiZWY1
MDU4YTUwHhcNMjYwMzI5MDkwMDQ3WhcNMjYwMzMwMDkwMDQ3WjAzMTEwLwYDVQQD
Eyg2MWI0YWYzZjdhYzhhM2VkOWRiNmMwYzNjYWZlOTIxMmU1YTM5ZWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6By7jR7csx2FPdiRlRvphmNvofnQ
ugFuIbBdxIKF3grPFE9rFcmBYJijx+mzb0M024gP9dEgLBBK8fKpYmQinNGAQEBD
jsRDd0uauui82nXzBytQjOsa+dobRusrr1+98XSRmN+kom+xiSA5JMQMI4AIbT0i
84h/dHnCmT/LIhqbjeInudRgBeUFhmvxVIczTDpNsaBUIhmkduVWHf2yU64DI9Lv
lHoh64g9okelWcRsiZM43imiOFv6LNMc/Ob1AA687+mPP04GJereeD1eWsINJCFS
bwFRuwkIVABb+FkWcHg8lGvzIfUK4miJui+H8kaGN8eOsUWzSAxTLeCJvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGG0rz96yKPtnbbAw8r+khLlo56lMB8GA1UdIwQY
MBaAFCi8Gz0MuNXKrDp7StF5RfvvUFilMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjIt
MzY1OTg1NDA5YmZhLzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjItMzY1OTg1NDA5YmZh
LzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYgecoAaZ
IniJaNxZFhACBK4Iqlo8rt/7iH85RcS6fbNmELJ2XFvVso09BKnn/DVocgvvlKAa
ht3ySJKg8lxJx+tD0WqdNTNlO4U/VqLwOSe/8O71/Bi71vhqPF0CaefpvFwpRPhP
O87Ww/ANoxSiSGPJuF+gbPzePiRXSHVZ2C8N+LjkjpwdzxZ1RbTTRdUsVsITIeTF
mS2Ai09tRI0iLVh6ovD7Tsap2xe4oCPqWSsmmSILuOh7vBbqAhC+BWXdwr0Yufwv
+kFZDA1tUKF607IOLkw37A1ghB9FxeFC6te66kD3znG1VnFLxSoPsAh41BlrewUb
IWIOBp0trlQ1Nw==
-----END CERTIFICATE-----