Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
File:                     KdIywSew2DMQPDH7UlTsuZVrDEw.mft (raw, json)
Hash identifier:          DaGXw7ysI2tHGsZaMfCGD8/c8DDAxDzr+TRScqejb0Q=
Subject key identifier:   33:7C:1F:AC:83:80:86:46:0F:52:12:9D:42:A4:B1:29:2D:3D:60:92
Authority key identifier: 29:D2:32:C1:27:B0:D8:33:10:3C:31:FB:52:54:EC:B9:95:6B:0C:4C
Certificate issuer:       /CN=29d232c127b0d833103c31fb5254ecb9956b0c4c
Certificate serial:       019D390A066A514A78EA06349117BD89D957
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
Manifest number:          043B
Signing time:             Sun 29 Mar 2026 10:00:51 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:51 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:51 +0000
Files and hashes:         1: KdIywSew2DMQPDH7UlTsuZVrDEw.crl (hash: isbvL5Nd4o6QyOUph4pFPvmebDzJn7Sh27feHSGr4W8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:0a:06:6a:51:4a:78:ea:06:34:91:17:bd:89:d9:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29d232c127b0d833103c31fb5254ecb9956b0c4c
        Validity
            Not Before: Mar 29 10:00:51 2026 GMT
            Not After : Mar 30 10:00:51 2026 GMT
        Subject: CN=337c1fac838086460f52129d42a4b1292d3d6092
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:eb:da:d3:58:6f:28:f9:d5:09:a5:a4:83:8e:
                    27:d9:df:84:82:fa:f7:9d:09:80:ff:19:af:c6:2d:
                    6b:72:be:d3:28:c7:ca:23:eb:1e:12:c8:69:ce:67:
                    15:71:84:ac:a4:c0:f7:29:5f:7f:85:23:2a:da:16:
                    b9:51:b5:5e:1c:d6:24:5f:8c:b9:9c:f4:ff:6f:74:
                    f0:a3:d8:65:2a:fd:00:0a:16:58:1a:fe:e0:b5:e5:
                    ad:64:ba:75:cb:f2:7d:97:ed:46:46:31:9d:fd:c6:
                    f1:85:38:88:44:d6:e6:00:89:c2:3a:b7:a0:2c:14:
                    e7:e8:b1:42:f0:9e:df:21:43:04:7e:4b:c9:d5:43:
                    16:2a:8a:4d:86:9d:d9:76:c0:c4:46:8b:42:39:d6:
                    10:ac:22:a3:df:20:1a:4e:60:d3:20:2f:40:ed:32:
                    b6:a1:d3:4f:ab:19:46:ee:03:23:9f:69:b4:92:f0:
                    65:69:e0:35:a8:48:b7:20:c6:c1:9e:53:39:2c:0a:
                    92:e8:30:46:9f:08:0e:e9:83:07:93:aa:be:a1:d7:
                    27:43:20:47:6a:9a:4c:75:eb:95:94:19:df:cc:74:
                    33:7e:5e:03:2f:f0:96:29:fb:48:03:cd:e9:d6:6c:
                    62:e4:80:40:dd:11:54:66:2a:32:f1:64:c0:d8:e9:
                    31:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:7C:1F:AC:83:80:86:46:0F:52:12:9D:42:A4:B1:29:2D:3D:60:92
            X509v3 Authority Key Identifier:
                keyid:29:D2:32:C1:27:B0:D8:33:10:3C:31:FB:52:54:EC:B9:95:6B:0C:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:fa:36:1c:0a:dc:da:ed:89:09:59:46:f2:b3:ec:aa:2e:4c:
         bf:99:63:1f:d5:70:8f:78:fa:59:4d:a6:18:d6:a3:a4:67:9a:
         97:54:12:07:4e:6b:c6:78:09:41:5c:48:2f:2e:a0:75:49:a4:
         1c:34:54:4e:73:79:a6:cf:5c:a9:db:3e:64:b4:b8:24:44:91:
         b1:1e:3c:a8:81:28:56:82:5f:d8:9d:b2:a7:fb:79:32:58:83:
         3d:3b:cd:d7:4c:6e:bd:45:93:e4:38:f7:c2:6d:2e:46:bc:ce:
         03:28:9a:04:30:23:0c:74:77:61:bd:ce:a2:36:9d:bb:82:8f:
         6b:5e:1b:e7:1c:51:d6:fc:59:b7:54:36:47:1e:31:3b:38:ef:
         5f:54:ef:1c:a6:6b:d2:e0:f3:97:77:12:64:3f:87:f3:15:48:
         b7:54:b1:a1:31:73:a1:34:f5:d2:11:ce:7a:d8:51:36:d8:c2:
         87:e0:7c:c1:42:d1:59:15:d0:60:2c:d1:61:d9:ac:d0:d0:77:
         a8:fd:ec:15:cc:46:43:2d:de:dc:2b:ba:d3:3c:b2:bd:dd:77:
         9f:08:48:e0:5a:fa:02:ee:0d:6a:f5:c0:d7:ce:51:c2:e2:98:
         5e:92:d0:a0:8c:19:c0:3e:a5:da:4b:4c:a5:1d:cd:8e:fe:9f:
         0c:51:33:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CgZqUUp46gY0kRe9idlXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDIzMmMxMjdiMGQ4MzMxMDNjMzFmYjUyNTRlY2I5OTU2
YjBjNGMwHhcNMjYwMzI5MTAwMDUxWhcNMjYwMzMwMTAwMDUxWjAzMTEwLwYDVQQD
EygzMzdjMWZhYzgzODA4NjQ2MGY1MjEyOWQ0MmE0YjEyOTJkM2Q2MDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOva01hvKPnVCaWkg44n2d+Egvr3
nQmA/xmvxi1rcr7TKMfKI+seEshpzmcVcYSspMD3KV9/hSMq2ha5UbVeHNYkX4y5
nPT/b3Two9hlKv0AChZYGv7gteWtZLp1y/J9l+1GRjGd/cbxhTiIRNbmAInCOreg
LBTn6LFC8J7fIUMEfkvJ1UMWKopNhp3ZdsDERotCOdYQrCKj3yAaTmDTIC9A7TK2
odNPqxlG7gMjn2m0kvBlaeA1qEi3IMbBnlM5LAqS6DBGnwgO6YMHk6q+odcnQyBH
appMdeuVlBnfzHQzfl4DL/CWKftIA83p1mxi5IBA3RFUZioy8WTA2OkxqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDN8H6yDgIZGD1ISnUKksSktPWCSMB8GA1UdIwQY
MBaAFCnSMsEnsNgzEDwx+1JU7LmVawxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS81OTc5NzUtNzExNy00NGY2LTk0MDAt
ZTE2MDZiZTkyYjk4LzEvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS81OTc5NzUtNzExNy00NGY2LTk0MDAtZTE2MDZiZTkyYjk4
LzEvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVfo2HArc
2u2JCVlG8rPsqi5Mv5ljH9Vwj3j6WU2mGNajpGeal1QSB05rxngJQVxILy6gdUmk
HDRUTnN5ps9cqds+ZLS4JESRsR48qIEoVoJf2J2yp/t5MliDPTvN10xuvUWT5Dj3
wm0uRrzOAyiaBDAjDHR3Yb3Oojadu4KPa14b5xxR1vxZt1Q2Rx4xOzjvX1TvHKZr
0uDzl3cSZD+H8xVIt1SxoTFzoTT10hHOethRNtjCh+B8wULRWRXQYCzRYdms0NB3
qP3sFcxGQy3e3Cu60zyyvd13nwhI4Fr6Au4NavXA185RwuKYXpLQoIwZwD6l2ktM
pR3Njv6fDFEzAg==
-----END CERTIFICATE-----