Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
File:                     KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft (raw, json)
Hash identifier:          L+7gd38UfjrHPBQ1l0P/YxLmJlj8GQdLLVT1jIjVAeg=
Subject key identifier:   9A:08:61:7D:9D:0B:00:62:C6:EF:1A:73:F4:E8:D6:C0:DF:9C:8B:81
Authority key identifier: 29:62:E6:A1:33:4C:9C:A9:C9:3E:D5:7F:F4:AD:72:D9:9C:E9:1A:D0
Certificate issuer:       /CN=2962e6a1334c9ca9c93ed57ff4ad72d99ce91ad0
Certificate serial:       019D3752225A54193710732FD835E5C835FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
Manifest number:          0973
Signing time:             Sun 29 Mar 2026 02:00:22 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:22 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:22 +0000
Files and hashes:         1: KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl (hash: Ivz1p5dLewGMgfMgNYvb7NoWdMeTrNN541uYoDBXLoA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:22:5a:54:19:37:10:73:2f:d8:35:e5:c8:35:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2962e6a1334c9ca9c93ed57ff4ad72d99ce91ad0
        Validity
            Not Before: Mar 29 02:00:22 2026 GMT
            Not After : Mar 30 02:00:22 2026 GMT
        Subject: CN=9a08617d9d0b0062c6ef1a73f4e8d6c0df9c8b81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:7b:7f:69:8b:79:b7:10:fc:0d:43:fa:84:d4:
                    5d:cf:6d:0f:24:82:ad:62:b6:b1:02:eb:59:a9:7b:
                    c9:29:19:8c:f8:6e:34:7d:53:df:5e:02:2e:66:fd:
                    3d:02:f6:8c:b5:83:b1:1b:37:6b:d1:68:a9:c5:3e:
                    fb:eb:e7:1b:22:01:8d:76:d6:fd:94:c4:91:e6:93:
                    35:6e:fb:c5:89:3a:d8:1b:a5:e4:95:de:bf:20:82:
                    3b:55:a3:73:85:ff:a4:0f:08:eb:fe:17:df:54:e3:
                    68:09:6c:ee:7e:99:bb:42:36:4b:57:eb:97:b9:ab:
                    05:21:fd:ea:6a:2e:07:c4:00:c0:f5:51:2d:25:7a:
                    fc:c1:e6:aa:8c:27:13:ef:27:dc:db:4a:85:b3:a3:
                    db:83:9f:4c:1b:10:bd:f2:d3:9b:da:f5:d0:76:cf:
                    9d:f8:bf:00:27:33:15:a9:15:c7:bb:16:c1:53:fb:
                    cd:84:57:7b:07:f1:8a:1d:55:fa:44:85:37:96:d4:
                    7a:33:08:29:e6:d8:49:b1:e6:c1:8a:76:1e:65:47:
                    a0:c9:45:3b:70:39:a6:6b:58:d2:aa:b5:9b:c0:0b:
                    2b:0c:ad:53:95:7a:a2:31:5f:58:07:50:89:33:e2:
                    62:f9:14:ab:41:7c:ac:a0:83:be:57:03:25:71:24:
                    57:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:08:61:7D:9D:0B:00:62:C6:EF:1A:73:F4:E8:D6:C0:DF:9C:8B:81
            X509v3 Authority Key Identifier:
                keyid:29:62:E6:A1:33:4C:9C:A9:C9:3E:D5:7F:F4:AD:72:D9:9C:E9:1A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:ac:4b:ec:3d:a0:7b:f2:9f:49:8a:ee:44:9f:66:5b:89:15:
         4b:33:c5:67:62:36:ec:28:63:7a:b7:29:3b:de:03:c4:e2:6e:
         c7:5a:c9:ee:58:63:88:5a:e3:cb:13:21:f0:ff:2b:b0:50:24:
         0d:be:8d:ed:5a:38:dd:73:93:d8:30:32:f9:88:36:6d:4e:79:
         73:b3:c8:06:74:cd:0b:90:f1:52:b9:37:d2:b3:a2:e2:35:fb:
         d2:8b:79:91:c5:bf:75:be:ca:7d:9e:3c:5b:b6:62:73:53:62:
         39:89:6a:6e:e4:ad:52:bf:8d:80:fa:a5:37:db:31:09:a4:ae:
         63:48:24:d6:b2:65:44:d9:6e:d4:d5:6d:df:7f:9f:f0:21:2a:
         6b:91:08:85:2e:03:fa:6d:a7:00:21:a2:45:04:1c:46:a5:94:
         2b:45:55:aa:39:dc:aa:63:7a:89:64:19:d0:3c:fc:b0:b5:0f:
         43:cd:e1:6d:41:0d:12:db:97:d2:77:91:35:13:eb:c8:c7:15:
         85:67:c4:8c:f0:db:db:23:00:55:48:c2:43:61:d7:b5:ad:12:
         80:94:b7:0f:c9:a2:80:94:ed:ec:8d:dc:87:93:55:40:b6:7e:
         79:31:a9:2c:1a:7e:86:8c:3f:c1:65:4b:27:64:8d:e8:c1:72:
         5a:1a:28:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UiJaVBk3EHMv2DXlyDX6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjJlNmExMzM0YzljYTljOTNlZDU3ZmY0YWQ3MmQ5OWNl
OTFhZDAwHhcNMjYwMzI5MDIwMDIyWhcNMjYwMzMwMDIwMDIyWjAzMTEwLwYDVQQD
Eyg5YTA4NjE3ZDlkMGIwMDYyYzZlZjFhNzNmNGU4ZDZjMGRmOWM4YjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnt/aYt5txD8DUP6hNRdz20PJIKt
YraxAutZqXvJKRmM+G40fVPfXgIuZv09AvaMtYOxGzdr0WipxT776+cbIgGNdtb9
lMSR5pM1bvvFiTrYG6Xkld6/III7VaNzhf+kDwjr/hffVONoCWzufpm7QjZLV+uX
uasFIf3qai4HxADA9VEtJXr8weaqjCcT7yfc20qFs6Pbg59MGxC98tOb2vXQds+d
+L8AJzMVqRXHuxbBU/vNhFd7B/GKHVX6RIU3ltR6Mwgp5thJsebBinYeZUegyUU7
cDmma1jSqrWbwAsrDK1TlXqiMV9YB1CJM+Ji+RSrQXysoIO+VwMlcSRXsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJoIYX2dCwBixu8ac/To1sDfnIuBMB8GA1UdIwQY
MBaAFCli5qEzTJypyT7Vf/Stctmc6RrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iZGU4MTgtYzBlZC00OTI0LThkN2It
NmVjNDBjODVhMmFlLzEvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iZGU4MTgtYzBlZC00OTI0LThkN2ItNmVjNDBjODVhMmFl
LzEvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH6xL7D2g
e/KfSYruRJ9mW4kVSzPFZ2I27ChjercpO94DxOJux1rJ7lhjiFrjyxMh8P8rsFAk
Db6N7Vo43XOT2DAy+Yg2bU55c7PIBnTNC5DxUrk30rOi4jX70ot5kcW/db7KfZ48
W7Zic1NiOYlqbuStUr+NgPqlN9sxCaSuY0gk1rJlRNlu1NVt33+f8CEqa5EIhS4D
+m2nACGiRQQcRqWUK0VVqjncqmN6iWQZ0Dz8sLUPQ83hbUENEtuX0neRNRPryMcV
hWfEjPDb2yMAVUjCQ2HXta0SgJS3D8migJTt7I3ch5NVQLZ+eTGpLBp+how/wWVL
J2SN6MFyWhoouQ==
-----END CERTIFICATE-----