Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
File:                     KmU0qslEKjlNE5oagwPcBJWcHaA.mft (raw, json)
Hash identifier:          Ksczsob/q7qJyDy9EzokSi9t3uPTdZS54btkOuk+0ZA=
Subject key identifier:   57:E8:41:44:A7:5C:31:29:B5:58:02:70:1A:97:71:9D:83:A6:CA:F9
Authority key identifier: 2A:65:34:AA:C9:44:2A:39:4D:13:9A:1A:83:03:DC:04:95:9C:1D:A0
Certificate issuer:       /CN=2a6534aac9442a394d139a1a8303dc04959c1da0
Certificate serial:       019D2AE08B22DC3985C50C7EE6690B76E830
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
Manifest number:          119C
Signing time:             Thu 26 Mar 2026 16:00:51 +0000
Manifest this update:     Thu 26 Mar 2026 16:00:51 +0000
Manifest next update:     Fri 27 Mar 2026 16:00:51 +0000
Files and hashes:         1: KmU0qslEKjlNE5oagwPcBJWcHaA.crl (hash: fn/d5yi2Br96IFcXHEY/rEXBjc4wMyRFNP3xNH/T3mE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 16:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:8b:22:dc:39:85:c5:0c:7e:e6:69:0b:76:e8:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a6534aac9442a394d139a1a8303dc04959c1da0
        Validity
            Not Before: Mar 26 16:00:51 2026 GMT
            Not After : Mar 27 16:00:51 2026 GMT
        Subject: CN=57e84144a75c3129b55802701a97719d83a6caf9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:16:77:77:d1:e2:c0:00:f2:83:50:1b:f8:1c:
                    a7:29:6a:8e:3f:da:5d:78:c9:51:ec:c8:8d:9c:92:
                    9b:23:91:69:af:b7:f4:1c:03:28:ed:ef:2e:c6:5e:
                    0d:8d:27:21:70:bc:16:b1:e5:d2:f0:fa:92:d4:41:
                    bf:f8:46:fa:69:20:ff:3e:9a:22:b9:20:20:42:cc:
                    19:4c:29:9f:97:49:7a:e9:71:da:44:f5:d5:fa:cb:
                    d0:08:52:5c:a4:cf:bf:51:5d:55:30:c0:cf:1f:91:
                    ce:55:25:69:eb:db:44:26:15:00:2e:f4:76:47:29:
                    d8:e6:4f:2f:f5:d7:c2:de:6d:67:66:66:bc:9b:70:
                    8b:fb:3f:eb:1a:f2:c2:9f:42:1c:51:7d:56:1c:37:
                    6b:8b:22:d7:a3:ed:a3:e3:c5:7b:c3:ba:f0:8f:ec:
                    3c:d2:72:73:ff:93:d9:f0:bd:e5:12:88:b3:56:1e:
                    7e:52:9f:cc:0a:4a:55:12:b6:55:02:b9:d5:96:f7:
                    9e:d5:3a:2a:74:6b:c6:51:d8:26:f3:39:d8:f1:6a:
                    7c:53:b0:f8:17:e3:a9:32:5d:50:03:e0:94:19:79:
                    2c:dc:eb:b3:7d:cb:e0:55:fb:f8:80:20:1a:94:b4:
                    30:ba:ea:5a:97:b8:32:f8:fb:e7:64:8f:34:23:ad:
                    e5:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:E8:41:44:A7:5C:31:29:B5:58:02:70:1A:97:71:9D:83:A6:CA:F9
            X509v3 Authority Key Identifier:
                keyid:2A:65:34:AA:C9:44:2A:39:4D:13:9A:1A:83:03:DC:04:95:9C:1D:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:00:82:d5:1e:8c:7e:2d:0d:e1:63:84:58:e1:ee:54:73:13:
         27:b0:f4:48:28:e8:ed:d6:cb:c5:80:08:5b:b4:ef:e4:07:e2:
         8a:96:a1:5f:a2:ac:09:6e:74:90:40:cf:88:af:56:76:50:f0:
         7d:ec:c8:7c:85:38:2c:fd:32:45:a7:fb:6e:a4:3b:0d:0e:48:
         5b:df:86:57:8a:e7:18:66:ea:f9:79:cb:a5:33:56:01:bf:25:
         71:fa:20:f5:18:b2:76:56:25:30:2e:05:44:8f:cc:c5:8a:56:
         2a:93:14:58:f6:5d:42:d2:80:13:f4:10:8a:07:04:dd:4c:64:
         fa:a0:a4:a9:56:6e:e8:3b:46:12:ef:9a:a3:47:41:fd:fc:06:
         0c:35:35:d3:d1:82:84:e7:65:9d:1b:98:8c:94:bf:d1:ed:9d:
         18:0a:96:66:a5:11:f4:81:1e:b6:fb:9f:60:7d:ba:59:bd:25:
         45:a2:c3:40:5f:97:18:8f:e4:ad:7d:66:b2:b1:99:2d:ae:c1:
         ac:e6:bf:28:60:48:d3:88:10:fa:60:b1:b1:3f:68:da:de:32:
         01:8c:06:f7:0d:c9:d4:71:f1:9e:94:b3:11:54:57:7d:2a:9b:
         64:fa:55:61:15:be:83:4b:fa:ff:8d:5e:16:0a:87:95:da:5a:
         be:92:bc:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4Isi3DmFxQx+5mkLdugwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNjUzNGFhYzk0NDJhMzk0ZDEzOWExYTgzMDNkYzA0OTU5
YzFkYTAwHhcNMjYwMzI2MTYwMDUxWhcNMjYwMzI3MTYwMDUxWjAzMTEwLwYDVQQD
Eyg1N2U4NDE0NGE3NWMzMTI5YjU1ODAyNzAxYTk3NzE5ZDgzYTZjYWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhZ3d9HiwADyg1Ab+BynKWqOP9pd
eMlR7MiNnJKbI5Fpr7f0HAMo7e8uxl4NjSchcLwWseXS8PqS1EG/+Eb6aSD/Ppoi
uSAgQswZTCmfl0l66XHaRPXV+svQCFJcpM+/UV1VMMDPH5HOVSVp69tEJhUALvR2
RynY5k8v9dfC3m1nZma8m3CL+z/rGvLCn0IcUX1WHDdriyLXo+2j48V7w7rwj+w8
0nJz/5PZ8L3lEoizVh5+Up/MCkpVErZVArnVlvee1ToqdGvGUdgm8znY8Wp8U7D4
F+OpMl1QA+CUGXks3OuzfcvgVfv4gCAalLQwuupal7gy+PvnZI80I63lywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFfoQUSnXDEptVgCcBqXcZ2Dpsr5MB8GA1UdIwQY
MBaAFCplNKrJRCo5TROaGoMD3ASVnB2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kMjM4OGYtZjhhOS00NDg1LTkzN2Yt
ODQwZmQ1MzUyZGMwLzEvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kMjM4OGYtZjhhOS00NDg1LTkzN2YtODQwZmQ1MzUyZGMw
LzEvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjQCC1R6M
fi0N4WOEWOHuVHMTJ7D0SCjo7dbLxYAIW7Tv5AfiipahX6KsCW50kEDPiK9WdlDw
fezIfIU4LP0yRaf7bqQ7DQ5IW9+GV4rnGGbq+XnLpTNWAb8lcfog9RiydlYlMC4F
RI/MxYpWKpMUWPZdQtKAE/QQigcE3Uxk+qCkqVZu6DtGEu+ao0dB/fwGDDU109GC
hOdlnRuYjJS/0e2dGAqWZqUR9IEetvufYH26Wb0lRaLDQF+XGI/krX1msrGZLa7B
rOa/KGBI04gQ+mCxsT9o2t4yAYwG9w3J1HHxnpSzEVRXfSqbZPpVYRW+g0v6/41e
FgqHldpavpK86g==
-----END CERTIFICATE-----