Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
File:                     KGURKILY5sctAiwsPaF7UsKtsHs.mft (raw, json)
Hash identifier:          MO58O32X+aBI59QtLWlIPXRldvAx1h13VeCWqmNbuA8=
Subject key identifier:   BA:07:C3:F9:A6:33:9A:D0:B4:0E:01:AF:08:3F:30:92:D8:A1:B7:8D
Authority key identifier: 28:65:11:28:82:D8:E6:C7:2D:02:2C:2C:3D:A1:7B:52:C2:AD:B0:7B
Certificate issuer:       /CN=2865112882d8e6c72d022c2c3da17b52c2adb07b
Certificate serial:       019D38664D7918AA278B24B6993990F48163
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
Manifest number:          0B5C
Signing time:             Sun 29 Mar 2026 07:02:01 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:01 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:01 +0000
Files and hashes:         1: KGURKILY5sctAiwsPaF7UsKtsHs.crl (hash: JjQP7hmSSlJJxodRhXnhO/g8/34tC5WaAkcKuZgHDOQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:4d:79:18:aa:27:8b:24:b6:99:39:90:f4:81:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2865112882d8e6c72d022c2c3da17b52c2adb07b
        Validity
            Not Before: Mar 29 07:02:01 2026 GMT
            Not After : Mar 30 07:02:01 2026 GMT
        Subject: CN=ba07c3f9a6339ad0b40e01af083f3092d8a1b78d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:e0:0b:7f:d2:56:56:c0:0e:69:c4:51:da:07:
                    cb:1e:55:fa:62:e1:08:1c:b0:41:5d:b0:cc:5c:7a:
                    77:2e:59:15:3d:d7:70:20:69:1d:57:85:9f:fe:d8:
                    a4:76:85:e1:54:85:3c:2e:ca:f2:c1:ac:b2:2e:ae:
                    56:0a:fe:9d:12:89:41:d4:c6:6d:5c:c1:7b:1a:ee:
                    a2:28:8f:b7:e8:be:1c:a7:8d:8e:5c:41:32:48:06:
                    e5:bf:d1:09:52:4e:b7:63:e4:5d:a0:72:cd:e3:dc:
                    3f:f4:6a:a1:47:3d:65:b0:06:26:6c:c0:cb:43:18:
                    5d:59:e4:5a:87:e8:34:4c:e8:de:01:e7:71:11:3a:
                    9f:74:da:6c:32:13:e6:3e:28:a8:d6:98:19:94:76:
                    80:f9:e6:f4:14:06:1c:e9:93:75:9f:d3:21:c9:93:
                    e5:da:37:b1:56:bc:57:17:5a:7a:88:d5:bf:18:9a:
                    9d:e5:04:b4:49:62:59:61:b4:bc:b7:2f:b4:c3:c3:
                    14:5f:f1:fb:60:4c:f4:b2:a2:79:ee:72:f0:b5:77:
                    49:53:73:59:be:c7:9d:cc:b6:95:81:3d:df:fe:ee:
                    2e:0c:27:d6:f0:d7:39:b3:20:e5:28:0a:5a:cf:89:
                    e2:82:12:ee:8b:c1:28:12:61:b6:ac:c3:ab:a7:83:
                    04:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:07:C3:F9:A6:33:9A:D0:B4:0E:01:AF:08:3F:30:92:D8:A1:B7:8D
            X509v3 Authority Key Identifier:
                keyid:28:65:11:28:82:D8:E6:C7:2D:02:2C:2C:3D:A1:7B:52:C2:AD:B0:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:f7:54:89:a2:d8:fe:cd:86:c5:10:14:45:33:32:b5:c3:71:
         d6:cc:52:1a:38:49:49:a6:76:10:18:84:fa:fb:6a:1c:4a:9e:
         14:de:70:c6:52:b7:0e:ad:86:94:86:21:27:da:94:fa:12:84:
         9a:b2:88:bb:57:ca:b7:31:01:e5:8b:eb:43:4d:2e:e1:09:54:
         c9:93:23:f5:ea:33:ba:cb:5c:1b:18:b2:1f:bf:da:bc:d8:77:
         cc:bd:0a:08:d4:02:4d:6c:33:22:45:20:fc:cd:43:a7:fd:4b:
         ac:b8:3f:1c:af:27:e2:89:50:bf:ee:e5:ab:ff:69:53:d2:40:
         c4:eb:54:ca:32:e9:31:bb:84:e8:99:61:a8:ef:75:91:89:18:
         4c:88:ab:93:d2:0b:13:9e:d2:85:f7:7a:b8:3b:c4:05:25:b9:
         c5:46:f0:e4:28:b5:0e:b0:7b:0c:0b:91:5a:76:7b:f2:17:f9:
         39:01:21:02:be:1c:ba:25:6c:c3:de:74:12:1e:c9:f3:ce:46:
         7e:64:bc:ad:82:01:76:9c:fb:75:da:a5:79:39:dd:91:28:61:
         5c:ce:8f:08:82:b8:25:4a:9b:af:96:6c:6e:99:59:24:28:c8:
         d0:a7:36:1c:3b:3f:44:61:05:ce:7c:69:36:16:88:15:17:f3:
         84:97:89:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zk15GKoniyS2mTmQ9IFjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NjUxMTI4ODJkOGU2YzcyZDAyMmMyYzNkYTE3YjUyYzJh
ZGIwN2IwHhcNMjYwMzI5MDcwMjAxWhcNMjYwMzMwMDcwMjAxWjAzMTEwLwYDVQQD
EyhiYTA3YzNmOWE2MzM5YWQwYjQwZTAxYWYwODNmMzA5MmQ4YTFiNzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOALf9JWVsAOacRR2gfLHlX6YuEI
HLBBXbDMXHp3LlkVPddwIGkdV4Wf/tikdoXhVIU8LsrywayyLq5WCv6dEolB1MZt
XMF7Gu6iKI+36L4cp42OXEEySAblv9EJUk63Y+RdoHLN49w/9GqhRz1lsAYmbMDL
QxhdWeRah+g0TOjeAedxETqfdNpsMhPmPiio1pgZlHaA+eb0FAYc6ZN1n9MhyZPl
2jexVrxXF1p6iNW/GJqd5QS0SWJZYbS8ty+0w8MUX/H7YEz0sqJ57nLwtXdJU3NZ
vsedzLaVgT3f/u4uDCfW8Nc5syDlKApaz4nighLui8EoEmG2rMOrp4MEzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLoHw/mmM5rQtA4Brwg/MJLYobeNMB8GA1UdIwQY
MBaAFChlESiC2ObHLQIsLD2he1LCrbB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9hZDhkMDktMzllOS00MDhmLWEzNzAt
OWJiM2Y1N2MwZWYwLzEvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9hZDhkMDktMzllOS00MDhmLWEzNzAtOWJiM2Y1N2MwZWYw
LzEvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANfdUiaLY
/s2GxRAURTMytcNx1sxSGjhJSaZ2EBiE+vtqHEqeFN5wxlK3Dq2GlIYhJ9qU+hKE
mrKIu1fKtzEB5YvrQ00u4QlUyZMj9eozustcGxiyH7/avNh3zL0KCNQCTWwzIkUg
/M1Dp/1LrLg/HK8n4olQv+7lq/9pU9JAxOtUyjLpMbuE6JlhqO91kYkYTIirk9IL
E57Shfd6uDvEBSW5xUbw5Ci1DrB7DAuRWnZ78hf5OQEhAr4cuiVsw950Eh7J885G
fmS8rYIBdpz7ddqleTndkShhXM6PCIK4JUqbr5ZsbplZJCjI0Kc2HDs/RGEFznxp
NhaIFRfzhJeJWQ==
-----END CERTIFICATE-----