Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/ecfafc-9115-4ec2-ae11-07f1259feb13/1/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.mft
File:                     kwk3JGTFmj3Y7NYyFbAYGXBlWKY.mft (raw, json)
Hash identifier:          NEj0cmyh3P4JorX1rQr9Y74SqZLJR9mDHSdp+sl8ew8=
Subject key identifier:   8F:DC:DF:83:5D:9F:F0:4E:02:14:A5:C7:F1:4E:D6:36:98:0A:C3:DB
Authority key identifier: 93:09:37:24:64:C5:9A:3D:D8:EC:D6:32:15:B0:18:19:70:65:58:A6
Certificate issuer:       /CN=9309372464c59a3dd8ecd63215b01819706558a6
Certificate serial:       019D38D33640E54241E2DB893A62C1EFBF1C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/ecfafc-9115-4ec2-ae11-07f1259feb13/1/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.mft
Manifest number:          08B9
Signing time:             Sun 29 Mar 2026 09:00:59 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:59 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:59 +0000
Files and hashes:         1: kwk3JGTFmj3Y7NYyFbAYGXBlWKY.crl (hash: ldqBEpzdXiZObAuF0GBwuWMD312C5W3jvZ5Hc6mTpcA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/ecfafc-9115-4ec2-ae11-07f1259feb13/1/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/ecfafc-9115-4ec2-ae11-07f1259feb13/1/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:36:40:e5:42:41:e2:db:89:3a:62:c1:ef:bf:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9309372464c59a3dd8ecd63215b01819706558a6
        Validity
            Not Before: Mar 29 09:00:59 2026 GMT
            Not After : Mar 30 09:00:59 2026 GMT
        Subject: CN=8fdcdf835d9ff04e0214a5c7f14ed636980ac3db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:23:9a:da:60:0b:48:b1:54:79:07:83:d1:84:
                    79:3a:53:34:3e:2a:66:f3:2f:1e:5c:b8:77:9a:0e:
                    e3:75:ef:3f:10:64:89:e7:ea:25:76:d8:26:02:67:
                    8b:0a:f2:f5:e5:ba:60:af:64:f4:a2:24:af:d9:ea:
                    ee:e2:0e:31:2f:86:d5:34:0a:95:1d:6b:18:e2:6d:
                    b7:86:36:1a:06:81:d6:51:db:98:27:d2:cb:d5:77:
                    c9:0c:b8:57:78:e3:ff:09:21:7e:af:7c:ca:3e:9e:
                    d8:ef:c8:04:f1:da:1e:34:5e:7c:44:54:95:bf:5f:
                    ee:0e:98:13:a7:9e:64:ea:5f:ef:de:b2:cb:e1:9f:
                    af:2c:42:09:f0:e3:30:d9:58:74:1e:c9:ed:2a:66:
                    2f:83:7e:02:4d:aa:b9:93:fc:4e:d6:df:75:6a:41:
                    09:3d:41:7e:2e:d3:99:99:27:f5:c6:ff:c7:7d:f9:
                    a6:57:b3:65:aa:d5:41:94:98:60:d9:d9:be:ce:2d:
                    63:2f:1e:5d:cc:a1:09:61:7b:a5:32:54:6c:4c:a5:
                    a4:63:6d:e1:6c:2b:73:62:fd:1f:c2:98:a1:42:b0:
                    e8:5c:5d:59:6c:df:42:95:59:05:3e:aa:41:de:f8:
                    11:54:f8:83:ec:85:8c:ce:ef:1a:36:ef:6a:34:56:
                    ec:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:DC:DF:83:5D:9F:F0:4E:02:14:A5:C7:F1:4E:D6:36:98:0A:C3:DB
            X509v3 Authority Key Identifier:
                keyid:93:09:37:24:64:C5:9A:3D:D8:EC:D6:32:15:B0:18:19:70:65:58:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/ecfafc-9115-4ec2-ae11-07f1259feb13/1/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/ecfafc-9115-4ec2-ae11-07f1259feb13/1/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:04:a4:67:80:3b:77:24:d3:3c:ea:15:88:23:81:5e:37:8a:
         3f:e9:1d:c3:a5:dc:7c:ed:a4:f9:91:7e:05:3f:5b:10:65:4a:
         de:ac:f7:4e:1e:e3:fc:c2:46:f7:af:81:fb:9c:c0:99:ae:e5:
         a9:fa:a6:e2:65:1c:b0:06:d3:c4:ca:ca:62:4e:fd:64:7f:a9:
         e3:6a:e6:36:e6:ce:ab:12:95:f4:d8:51:d2:f1:3e:bf:6a:58:
         f6:b0:00:89:bf:53:ac:e3:f2:ad:35:61:be:93:42:93:4a:34:
         7b:17:31:d9:f2:1a:83:45:66:94:92:69:e4:56:09:c3:dc:f6:
         b7:d3:88:d4:14:0c:9b:2c:2f:ee:c2:c0:0e:66:56:6c:2d:06:
         78:62:77:56:f1:f4:00:d8:af:d3:96:02:3d:52:1e:87:ca:63:
         86:83:c7:f6:5c:1f:88:c6:b1:60:78:a6:9b:cd:96:6b:88:99:
         43:98:b3:df:4d:e2:6f:70:ad:75:c6:ba:54:76:04:31:98:41:
         16:b7:2a:30:fd:f1:87:db:5b:d2:90:6e:51:8f:98:08:5f:88:
         5e:a5:4d:64:70:ea:72:69:49:a5:c3:81:93:13:99:2d:9e:6a:
         b7:5f:ec:a9:4e:70:b6:3e:5b:97:46:f2:38:b4:2d:da:f9:79:
         fa:19:ad:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040zZA5UJB4tuJOmLB778cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMDkzNzI0NjRjNTlhM2RkOGVjZDYzMjE1YjAxODE5NzA2
NTU4YTYwHhcNMjYwMzI5MDkwMDU5WhcNMjYwMzMwMDkwMDU5WjAzMTEwLwYDVQQD
Eyg4ZmRjZGY4MzVkOWZmMDRlMDIxNGE1YzdmMTRlZDYzNjk4MGFjM2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyOa2mALSLFUeQeD0YR5OlM0Pipm
8y8eXLh3mg7jde8/EGSJ5+oldtgmAmeLCvL15bpgr2T0oiSv2eru4g4xL4bVNAqV
HWsY4m23hjYaBoHWUduYJ9LL1XfJDLhXeOP/CSF+r3zKPp7Y78gE8doeNF58RFSV
v1/uDpgTp55k6l/v3rLL4Z+vLEIJ8OMw2Vh0HsntKmYvg34CTaq5k/xO1t91akEJ
PUF+LtOZmSf1xv/HffmmV7NlqtVBlJhg2dm+zi1jLx5dzKEJYXulMlRsTKWkY23h
bCtzYv0fwpihQrDoXF1ZbN9ClVkFPqpB3vgRVPiD7IWMzu8aNu9qNFbsxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI/c34Ndn/BOAhSlx/FO1jaYCsPbMB8GA1UdIwQY
MBaAFJMJNyRkxZo92OzWMhWwGBlwZVimMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3drM0pHVEZtajNZN05ZeUZiQVlHWEJsV0tZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lY2ZhZmMtOTExNS00ZWMyLWFlMTEt
MDdmMTI1OWZlYjEzLzEva3drM0pHVEZtajNZN05ZeUZiQVlHWEJsV0tZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lY2ZhZmMtOTExNS00ZWMyLWFlMTEtMDdmMTI1OWZlYjEz
LzEva3drM0pHVEZtajNZN05ZeUZiQVlHWEJsV0tZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWgSkZ4A7
dyTTPOoViCOBXjeKP+kdw6XcfO2k+ZF+BT9bEGVK3qz3Th7j/MJG96+B+5zAma7l
qfqm4mUcsAbTxMrKYk79ZH+p42rmNubOqxKV9NhR0vE+v2pY9rAAib9TrOPyrTVh
vpNCk0o0excx2fIag0VmlJJp5FYJw9z2t9OI1BQMmywv7sLADmZWbC0GeGJ3VvH0
ANiv05YCPVIeh8pjhoPH9lwfiMaxYHimm82Wa4iZQ5iz303ib3Ctdca6VHYEMZhB
FrcqMP3xh9tb0pBuUY+YCF+IXqVNZHDqcmlJpcOBkxOZLZ5qt1/sqU5wtj5bl0by
OLQt2vl5+hmt0g==
-----END CERTIFICATE-----