Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/b1acab-9a8b-423e-b0bc-f45a2a634704/1/KPpFbRwjZ4YhlU_79JOjI94sRIQ.mft
File:                     KPpFbRwjZ4YhlU_79JOjI94sRIQ.mft (raw, json)
Hash identifier:          4f+MHNWpVFfydHlKmGWcZy6AO+jehz2gfeSooVyoppo=
Subject key identifier:   08:70:18:F8:D4:B4:AD:68:57:A7:CF:3E:DF:3B:7D:30:E6:FD:9F:33
Authority key identifier: 28:FA:45:6D:1C:23:67:86:21:95:4F:FB:F4:93:A3:23:DE:2C:44:84
Certificate issuer:       /CN=28fa456d1c23678621954ffbf493a323de2c4484
Certificate serial:       019D38669424A3EA7864D08ECE66E9B2EAC4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KPpFbRwjZ4YhlU_79JOjI94sRIQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/b1acab-9a8b-423e-b0bc-f45a2a634704/1/KPpFbRwjZ4YhlU_79JOjI94sRIQ.mft
Manifest number:          0DCA
Signing time:             Sun 29 Mar 2026 07:02:19 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:19 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:19 +0000
Files and hashes:         1: KPpFbRwjZ4YhlU_79JOjI94sRIQ.crl (hash: +j72T2dPGECKXSIeEa7Xh8GhmEZBDCj0tUBTFCh6zQU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/b1acab-9a8b-423e-b0bc-f45a2a634704/1/KPpFbRwjZ4YhlU_79JOjI94sRIQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/b1acab-9a8b-423e-b0bc-f45a2a634704/1/KPpFbRwjZ4YhlU_79JOjI94sRIQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KPpFbRwjZ4YhlU_79JOjI94sRIQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:94:24:a3:ea:78:64:d0:8e:ce:66:e9:b2:ea:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28fa456d1c23678621954ffbf493a323de2c4484
        Validity
            Not Before: Mar 29 07:02:19 2026 GMT
            Not After : Mar 30 07:02:19 2026 GMT
        Subject: CN=087018f8d4b4ad6857a7cf3edf3b7d30e6fd9f33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:4c:b7:7f:9c:8e:b2:76:b1:62:40:6b:37:ad:
                    20:9a:ef:1a:5d:c4:e1:8a:d5:f3:cd:6f:14:de:7f:
                    c3:10:c4:dd:bb:74:7b:64:47:34:f1:b6:66:d0:68:
                    be:03:08:4a:bf:c5:ac:24:10:d0:de:ae:5e:e2:17:
                    21:13:b2:8c:c9:59:dd:2e:38:7a:5d:23:e3:51:a0:
                    ed:b9:92:dc:5f:d0:51:d4:9d:da:b6:0c:40:98:1e:
                    81:ff:a0:51:d7:e6:18:40:f3:6a:2c:71:6c:3e:78:
                    50:a7:7b:b8:02:20:f7:f8:5d:25:cd:09:17:8c:98:
                    44:b3:3b:06:de:cc:c3:90:0b:d3:82:db:44:66:73:
                    23:14:41:c3:19:73:89:c0:5e:08:04:31:22:c9:ce:
                    f8:4e:87:e1:42:77:42:62:93:46:da:6d:42:63:6d:
                    64:e9:6d:bb:66:23:bd:48:8a:9b:e2:94:50:4c:cf:
                    21:49:14:67:ce:ce:a1:4b:3e:e3:8d:a4:97:d0:32:
                    2a:ed:c2:24:25:cf:cf:e5:b3:be:05:53:1e:5c:a8:
                    da:54:30:0e:13:74:05:20:3b:3a:2c:c6:d2:a9:58:
                    b5:f6:10:41:54:7a:e6:4c:b0:1f:0c:49:8d:b6:f2:
                    6f:df:0b:e0:fb:70:04:7e:2a:e6:38:a4:45:38:1f:
                    3a:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:70:18:F8:D4:B4:AD:68:57:A7:CF:3E:DF:3B:7D:30:E6:FD:9F:33
            X509v3 Authority Key Identifier:
                keyid:28:FA:45:6D:1C:23:67:86:21:95:4F:FB:F4:93:A3:23:DE:2C:44:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KPpFbRwjZ4YhlU_79JOjI94sRIQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b1acab-9a8b-423e-b0bc-f45a2a634704/1/KPpFbRwjZ4YhlU_79JOjI94sRIQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b1acab-9a8b-423e-b0bc-f45a2a634704/1/KPpFbRwjZ4YhlU_79JOjI94sRIQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:e3:99:f9:f6:9b:54:da:97:b2:7e:d1:8e:00:49:3b:b7:39:
         bf:a7:e1:9c:df:b7:d3:39:df:5a:96:57:3f:87:79:88:34:d2:
         27:09:71:1f:4c:0e:92:f6:d4:7b:b3:03:70:34:f1:e8:be:0d:
         95:49:f0:8c:fd:e6:52:cd:08:d5:78:22:57:3e:3a:c4:53:7d:
         5d:95:de:d1:48:79:a4:0c:1a:1a:25:dc:7c:1b:e1:45:5d:ea:
         36:ea:7c:ab:a5:89:d0:49:f2:08:40:16:bf:c5:b6:a4:fd:dc:
         68:ad:9a:97:71:cc:9d:07:a6:f2:51:f2:fd:ed:7a:e1:a7:43:
         90:d7:c5:69:4b:7b:4e:01:24:e5:ad:9d:00:28:cf:c9:72:51:
         d0:1e:e7:d7:7e:f4:a7:3b:82:aa:be:5d:c5:fd:e1:7e:4c:df:
         7d:fe:c4:a1:d6:3f:bf:13:41:01:42:aa:98:16:f5:66:93:fc:
         57:c8:09:e2:36:76:ce:0b:56:b0:d1:ca:e2:9f:d7:c3:59:2c:
         53:38:25:7d:b7:52:46:57:64:40:1d:c8:b2:a8:aa:d9:cf:e3:
         01:a3:79:76:94:a3:eb:be:d0:42:3f:2c:2a:b4:22:84:3f:1a:
         b3:70:44:b4:da:dd:1a:14:99:75:cf:53:31:ab:2e:95:28:ab:
         f1:3b:1d:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZpQko+p4ZNCOzmbpsurEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ZmE0NTZkMWMyMzY3ODYyMTk1NGZmYmY0OTNhMzIzZGUy
YzQ0ODQwHhcNMjYwMzI5MDcwMjE5WhcNMjYwMzMwMDcwMjE5WjAzMTEwLwYDVQQD
EygwODcwMThmOGQ0YjRhZDY4NTdhN2NmM2VkZjNiN2QzMGU2ZmQ5ZjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEy3f5yOsnaxYkBrN60gmu8aXcTh
itXzzW8U3n/DEMTdu3R7ZEc08bZm0Gi+AwhKv8WsJBDQ3q5e4hchE7KMyVndLjh6
XSPjUaDtuZLcX9BR1J3atgxAmB6B/6BR1+YYQPNqLHFsPnhQp3u4AiD3+F0lzQkX
jJhEszsG3szDkAvTgttEZnMjFEHDGXOJwF4IBDEiyc74TofhQndCYpNG2m1CY21k
6W27ZiO9SIqb4pRQTM8hSRRnzs6hSz7jjaSX0DIq7cIkJc/P5bO+BVMeXKjaVDAO
E3QFIDs6LMbSqVi19hBBVHrmTLAfDEmNtvJv3wvg+3AEfirmOKRFOB86nwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAhwGPjUtK1oV6fPPt87fTDm/Z8zMB8GA1UdIwQY
MBaAFCj6RW0cI2eGIZVP+/SToyPeLESEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1BwRmJSd2paNFlobFVfNzlKT2pJOTRzUklRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iMWFjYWItOWE4Yi00MjNlLWIwYmMt
ZjQ1YTJhNjM0NzA0LzEvS1BwRmJSd2paNFlobFVfNzlKT2pJOTRzUklRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iMWFjYWItOWE4Yi00MjNlLWIwYmMtZjQ1YTJhNjM0NzA0
LzEvS1BwRmJSd2paNFlobFVfNzlKT2pJOTRzUklRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL+OZ+fab
VNqXsn7RjgBJO7c5v6fhnN+30znfWpZXP4d5iDTSJwlxH0wOkvbUe7MDcDTx6L4N
lUnwjP3mUs0I1XgiVz46xFN9XZXe0Uh5pAwaGiXcfBvhRV3qNup8q6WJ0EnyCEAW
v8W2pP3caK2al3HMnQem8lHy/e164adDkNfFaUt7TgEk5a2dACjPyXJR0B7n1370
pzuCqr5dxf3hfkzfff7EodY/vxNBAUKqmBb1ZpP8V8gJ4jZ2zgtWsNHK4p/Xw1ks
UzglfbdSRldkQB3Isqiq2c/jAaN5dpSj677QQj8sKrQihD8as3BEtNrdGhSZdc9T
MasulSir8Tsd1Q==
-----END CERTIFICATE-----