Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.mft
File:                     kWV5napb3fL1Nt2BtybPrtDmCFs.mft (raw, json)
Hash identifier:          GFZFQeq4ijBynzkLfg0QykBmkhgI5ntyKGLXtNJLYgE=
Subject key identifier:   A6:2E:A7:98:C9:45:C3:71:59:AF:A0:9B:B9:34:3B:11:60:92:43:1E
Authority key identifier: 91:65:79:9D:AA:5B:DD:F2:F5:36:DD:81:B7:26:CF:AE:D0:E6:08:5B
Certificate issuer:       /CN=9165799daa5bddf2f536dd81b726cfaed0e6085b
Certificate serial:       019D3866810658BC1B9073311656D5FF9499
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kWV5napb3fL1Nt2BtybPrtDmCFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.mft
Manifest number:          0308
Signing time:             Sun 29 Mar 2026 07:02:14 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:14 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:14 +0000
Files and hashes:         1: kWV5napb3fL1Nt2BtybPrtDmCFs.crl (hash: JJiL8WofLw15gFGwmppLvLQ/0fXLar0b5socWbZrb84=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kWV5napb3fL1Nt2BtybPrtDmCFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:81:06:58:bc:1b:90:73:31:16:56:d5:ff:94:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9165799daa5bddf2f536dd81b726cfaed0e6085b
        Validity
            Not Before: Mar 29 07:02:14 2026 GMT
            Not After : Mar 30 07:02:14 2026 GMT
        Subject: CN=a62ea798c945c37159afa09bb9343b116092431e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:39:6e:20:f3:4f:4b:31:a8:8d:59:6d:cc:31:
                    c2:d2:69:d4:65:d4:19:03:b1:fa:ad:5f:5a:0d:37:
                    4c:c6:ee:60:45:cd:c8:6c:1c:8c:2d:ab:d6:c4:1e:
                    7e:09:78:76:0d:bf:82:ab:08:c6:7a:c2:78:aa:58:
                    08:4c:11:49:20:26:59:f9:d1:2d:09:5e:ea:69:dd:
                    c9:27:25:77:12:d9:c4:49:2e:86:c4:3d:d0:f0:77:
                    b2:62:c6:42:f3:31:1b:86:3f:8a:60:45:77:97:97:
                    b2:63:01:2e:7b:eb:6f:38:90:1c:9d:8f:f7:6e:84:
                    e4:d1:3a:ce:a3:32:24:63:d5:1a:e9:27:9a:8b:eb:
                    69:db:9c:8f:95:0f:70:af:c4:13:75:85:5b:67:98:
                    35:5c:54:bf:5f:c7:d6:25:b9:fd:9c:fa:aa:e7:d7:
                    79:d8:f3:35:29:a6:f0:b9:fd:65:68:c5:3a:1d:25:
                    77:9e:46:1b:15:00:7b:fc:39:65:30:f4:06:a4:d8:
                    0a:b4:bc:c5:78:e8:9f:b5:f0:1c:9e:2b:6a:6e:5a:
                    27:2e:f1:3c:68:0e:3b:f5:cf:24:2c:93:cc:b7:b0:
                    3f:87:c4:71:d4:71:43:c7:ae:e6:a2:38:2f:f7:4c:
                    57:29:a4:c8:69:ed:dd:f2:58:09:ed:32:87:a6:71:
                    07:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:2E:A7:98:C9:45:C3:71:59:AF:A0:9B:B9:34:3B:11:60:92:43:1E
            X509v3 Authority Key Identifier:
                keyid:91:65:79:9D:AA:5B:DD:F2:F5:36:DD:81:B7:26:CF:AE:D0:E6:08:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kWV5napb3fL1Nt2BtybPrtDmCFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:95:04:e2:d3:48:da:d8:15:12:b0:b3:b3:ff:f7:04:dc:e0:
         87:c3:52:3e:f4:b7:8c:40:22:8e:98:a1:01:06:41:fd:cd:77:
         cd:be:e8:d8:4f:46:b8:6c:1a:3e:e0:32:8e:7e:be:b6:a9:72:
         7d:05:f8:58:d9:08:b2:1b:69:ab:f8:86:78:b7:87:8e:b5:cc:
         22:7c:34:3d:84:28:42:f9:98:32:5e:98:59:d0:b4:d1:27:4e:
         6c:58:b8:57:49:f1:49:88:1e:a9:7f:4e:d6:a4:cf:9f:84:c9:
         63:f0:df:8c:bf:0d:34:5d:aa:6e:f4:60:04:74:e9:8c:67:cf:
         30:74:10:53:50:a3:8a:f1:1c:cf:cf:a8:c2:9f:f6:97:4f:3a:
         ad:75:e1:a8:1e:06:0a:9e:85:22:ec:32:d0:37:42:62:25:60:
         18:cb:61:b1:bd:94:b2:9d:3c:62:03:3b:11:f8:1a:2d:43:68:
         64:1e:94:bd:cc:a8:e8:25:3c:8b:de:0c:f0:31:26:9c:a1:a6:
         2f:28:99:b6:5c:c4:02:04:d1:54:10:cc:79:f0:60:83:5f:9c:
         ae:f4:5c:63:44:19:b0:31:90:bf:4f:c3:78:b2:f6:d3:4f:8c:
         17:cf:dc:8d:68:7b:6d:10:c1:fe:51:11:b0:aa:80:53:1e:06:
         a7:fa:ce:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZoEGWLwbkHMxFlbV/5SZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNjU3OTlkYWE1YmRkZjJmNTM2ZGQ4MWI3MjZjZmFlZDBl
NjA4NWIwHhcNMjYwMzI5MDcwMjE0WhcNMjYwMzMwMDcwMjE0WjAzMTEwLwYDVQQD
EyhhNjJlYTc5OGM5NDVjMzcxNTlhZmEwOWJiOTM0M2IxMTYwOTI0MzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjluIPNPSzGojVltzDHC0mnUZdQZ
A7H6rV9aDTdMxu5gRc3IbByMLavWxB5+CXh2Db+CqwjGesJ4qlgITBFJICZZ+dEt
CV7qad3JJyV3EtnESS6GxD3Q8HeyYsZC8zEbhj+KYEV3l5eyYwEue+tvOJAcnY/3
boTk0TrOozIkY9Ua6Seai+tp25yPlQ9wr8QTdYVbZ5g1XFS/X8fWJbn9nPqq59d5
2PM1Kabwuf1laMU6HSV3nkYbFQB7/DllMPQGpNgKtLzFeOiftfAcnitqblonLvE8
aA479c8kLJPMt7A/h8Rx1HFDx67mojgv90xXKaTIae3d8lgJ7TKHpnEHJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKYup5jJRcNxWa+gm7k0OxFgkkMeMB8GA1UdIwQY
MBaAFJFleZ2qW93y9Tbdgbcmz67Q5ghbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1dWNW5hcGIzZkwxTnQyQnR5YlBydERtQ0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi81YTgxYTktMmQ0ZC00YjI2LTkxZDEt
ZWExN2RhMjI4NGZmLzEva1dWNW5hcGIzZkwxTnQyQnR5YlBydERtQ0ZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi81YTgxYTktMmQ0ZC00YjI2LTkxZDEtZWExN2RhMjI4NGZm
LzEva1dWNW5hcGIzZkwxTnQyQnR5YlBydERtQ0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ5UE4tNI
2tgVErCzs//3BNzgh8NSPvS3jEAijpihAQZB/c13zb7o2E9GuGwaPuAyjn6+tqly
fQX4WNkIshtpq/iGeLeHjrXMInw0PYQoQvmYMl6YWdC00SdObFi4V0nxSYgeqX9O
1qTPn4TJY/DfjL8NNF2qbvRgBHTpjGfPMHQQU1CjivEcz8+owp/2l086rXXhqB4G
Cp6FIuwy0DdCYiVgGMthsb2Usp08YgM7EfgaLUNoZB6Uvcyo6CU8i94M8DEmnKGm
LyiZtlzEAgTRVBDMefBgg1+crvRcY0QZsDGQv0/DeLL200+MF8/cjWh7bRDB/lER
sKqAUx4Gp/rOnw==
-----END CERTIFICATE-----