Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.mft
File:                     KAYV5gBqhh9mz3MH0w_JNQx2994.mft (raw, json)
Hash identifier:          ImKnR2MBmQvogJDDFLqqcu9Z/mrweqNkW+06PnGfmWM=
Subject key identifier:   D4:65:E0:C7:60:7E:3B:34:72:4B:01:B7:FD:B6:BE:17:D2:0F:24:E0
Authority key identifier: 28:06:15:E6:00:6A:86:1F:66:CF:73:07:D3:0F:C9:35:0C:76:F7:DE
Certificate issuer:       /CN=280615e6006a861f66cf7307d30fc9350c76f7de
Certificate serial:       019D38D3A5EC477C1E411489C9ECA1A84C61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KAYV5gBqhh9mz3MH0w_JNQx2994.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 09:01:27 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:27 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:27 +0000
Files and hashes:         1: KAYV5gBqhh9mz3MH0w_JNQx2994.crl (hash: WXPyxidYUl8BUWMhXRZzMouWZnofV8NHPdeaYJyDXSg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KAYV5gBqhh9mz3MH0w_JNQx2994.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:a5:ec:47:7c:1e:41:14:89:c9:ec:a1:a8:4c:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=280615e6006a861f66cf7307d30fc9350c76f7de
        Validity
            Not Before: Mar 29 09:01:27 2026 GMT
            Not After : Mar 30 09:01:27 2026 GMT
        Subject: CN=d465e0c7607e3b34724b01b7fdb6be17d20f24e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:8c:cc:8a:79:d3:41:21:14:93:48:3b:7e:6c:
                    67:ad:e9:52:59:72:80:0f:4b:a4:a5:12:0f:c9:da:
                    a7:f3:70:5f:b4:d4:3f:79:48:6d:43:b5:7f:cb:72:
                    07:8d:31:bd:39:23:56:51:90:88:1e:ee:18:5f:cd:
                    bd:81:16:d0:e4:cb:b9:0e:de:bb:ea:c4:4b:3f:0c:
                    87:f3:90:34:99:a0:ac:89:4b:92:05:7f:7f:23:10:
                    f4:f6:7e:0c:43:06:b8:aa:12:f8:93:d3:d6:c9:a0:
                    5c:57:f3:68:9f:ff:a0:ec:f3:49:9d:06:47:69:ca:
                    bb:eb:1c:e2:be:7b:72:66:f2:a5:b9:27:59:49:98:
                    23:dc:a1:e9:3b:f7:03:6c:46:e9:38:70:52:00:ac:
                    1f:d4:9f:dd:b6:61:04:3a:57:ab:71:88:5d:bc:88:
                    2d:95:a7:c0:9b:df:15:3c:66:21:29:d8:07:f3:83:
                    b1:2f:af:de:c1:51:b5:0c:ca:b8:0b:8e:6c:6a:03:
                    46:e0:28:84:92:70:5a:86:df:42:a5:68:4b:15:4d:
                    f2:cd:dc:38:af:c4:4d:4b:1d:47:b3:d1:98:8c:82:
                    cd:bd:ef:20:e3:49:48:38:52:10:97:f7:7b:87:bb:
                    ea:45:d3:c0:d6:ed:c6:94:fd:ac:c3:f7:b6:98:d9:
                    3b:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:65:E0:C7:60:7E:3B:34:72:4B:01:B7:FD:B6:BE:17:D2:0F:24:E0
            X509v3 Authority Key Identifier:
                keyid:28:06:15:E6:00:6A:86:1F:66:CF:73:07:D3:0F:C9:35:0C:76:F7:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KAYV5gBqhh9mz3MH0w_JNQx2994.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:14:d5:85:a2:35:02:1c:80:bd:8c:8b:43:e6:8d:b7:c2:30:
         fd:b4:83:9c:96:2c:44:e0:6c:96:b7:e9:21:f9:86:8f:f1:7c:
         7b:de:c0:39:44:b1:db:a5:55:bb:6d:06:ec:55:f6:97:bc:0f:
         b3:b0:f4:e4:75:e0:ce:ac:cb:80:e6:94:6c:78:c0:4c:03:9b:
         81:5b:54:aa:25:c4:f3:02:30:8b:c9:d3:14:dd:7f:1e:aa:aa:
         fc:94:a5:09:10:2a:f4:e3:61:07:dc:67:60:4d:67:20:e9:66:
         73:89:f1:c9:7e:e2:c0:7d:9f:51:76:06:8d:e1:91:63:67:91:
         50:c9:21:7e:ef:80:4c:53:ed:5e:24:72:03:82:51:13:1d:ee:
         cf:73:f2:84:d9:22:6d:3e:07:e9:c8:a5:08:d6:05:da:f2:bc:
         a4:37:d7:5f:59:e7:f0:04:09:a4:e7:0a:f4:c3:b8:43:25:7a:
         1b:81:cc:a0:1c:9c:64:e2:1f:28:81:05:59:b5:95:e1:b1:dc:
         82:e1:b5:de:0b:e2:64:71:d4:a8:b4:3b:62:f8:3b:33:40:ed:
         79:e3:77:ad:74:1d:1e:66:f8:c8:6c:79:05:4b:6c:b0:44:cb:
         7e:f7:39:75:50:14:83:dd:f3:d9:2f:61:94:d7:52:9f:b0:36:
         f4:0a:44:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0406XsR3weQRSJyeyhqExhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MDYxNWU2MDA2YTg2MWY2NmNmNzMwN2QzMGZjOTM1MGM3
NmY3ZGUwHhcNMjYwMzI5MDkwMTI3WhcNMjYwMzMwMDkwMTI3WjAzMTEwLwYDVQQD
EyhkNDY1ZTBjNzYwN2UzYjM0NzI0YjAxYjdmZGI2YmUxN2QyMGYyNGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhozMinnTQSEUk0g7fmxnrelSWXKA
D0ukpRIPydqn83BftNQ/eUhtQ7V/y3IHjTG9OSNWUZCIHu4YX829gRbQ5Mu5Dt67
6sRLPwyH85A0maCsiUuSBX9/IxD09n4MQwa4qhL4k9PWyaBcV/Non/+g7PNJnQZH
acq76xzivntyZvKluSdZSZgj3KHpO/cDbEbpOHBSAKwf1J/dtmEEOlercYhdvIgt
lafAm98VPGYhKdgH84OxL6/ewVG1DMq4C45sagNG4CiEknBaht9CpWhLFU3yzdw4
r8RNSx1Hs9GYjILNve8g40lIOFIQl/d7h7vqRdPA1u3GlP2sw/e2mNk7/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNRl4Mdgfjs0cksBt/22vhfSDyTgMB8GA1UdIwQY
MBaAFCgGFeYAaoYfZs9zB9MPyTUMdvfeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0FZVjVnQnFoaDltejNNSDB3X0pOUXgyOTk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNzRhYWQtYzk0Ny00MzExLWFmZjEt
YWU5MmI2YWUxYmZlLzEvS0FZVjVnQnFoaDltejNNSDB3X0pOUXgyOTk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNzRhYWQtYzk0Ny00MzExLWFmZjEtYWU5MmI2YWUxYmZl
LzEvS0FZVjVnQnFoaDltejNNSDB3X0pOUXgyOTk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXhTVhaI1
AhyAvYyLQ+aNt8Iw/bSDnJYsROBslrfpIfmGj/F8e97AOUSx26VVu20G7FX2l7wP
s7D05HXgzqzLgOaUbHjATAObgVtUqiXE8wIwi8nTFN1/Hqqq/JSlCRAq9ONhB9xn
YE1nIOlmc4nxyX7iwH2fUXYGjeGRY2eRUMkhfu+ATFPtXiRyA4JREx3uz3PyhNki
bT4H6cilCNYF2vK8pDfXX1nn8AQJpOcK9MO4QyV6G4HMoBycZOIfKIEFWbWV4bHc
guG13gviZHHUqLQ7Yvg7M0DteeN3rXQdHmb4yGx5BUtssETLfvc5dVAUg93z2S9h
lNdSn7A29ApE8Q==
-----END CERTIFICATE-----