Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft
File:                     Kn-4HcfsycpmKnTuO347rS6k3nE.mft (raw, json)
Hash identifier:          n7LsFfEQ/8vqo7LSRsGNThgrWy4zpagwc+iKw0JAPZg=
Subject key identifier:   29:22:EE:96:11:85:CA:DC:10:59:C5:A2:54:2F:0C:FD:E3:BA:EB:F5
Authority key identifier: 2A:7F:B8:1D:C7:EC:C9:CA:66:2A:74:EE:3B:7E:3B:AD:2E:A4:DE:71
Certificate issuer:       /CN=2a7fb81dc7ecc9ca662a74ee3b7e3bad2ea4de71
Certificate serial:       019D288458AF77AB2D18AB01738A2E3A616B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kn-4HcfsycpmKnTuO347rS6k3nE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft
Manifest number:          0275
Signing time:             Thu 26 Mar 2026 05:00:55 +0000
Manifest this update:     Thu 26 Mar 2026 05:00:55 +0000
Manifest next update:     Fri 27 Mar 2026 05:00:55 +0000
Files and hashes:         1: Kn-4HcfsycpmKnTuO347rS6k3nE.crl (hash: 0qka3/L9guHQWn96Q1zbikw++sbWIa6L0BZ7kKHWJsU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kn-4HcfsycpmKnTuO347rS6k3nE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 05:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:84:58:af:77:ab:2d:18:ab:01:73:8a:2e:3a:61:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a7fb81dc7ecc9ca662a74ee3b7e3bad2ea4de71
        Validity
            Not Before: Mar 26 05:00:55 2026 GMT
            Not After : Mar 27 05:00:55 2026 GMT
        Subject: CN=2922ee961185cadc1059c5a2542f0cfde3baebf5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:21:64:1f:ad:fd:1a:9f:6b:47:d7:77:7d:77:
                    cc:43:6a:77:f7:43:6d:26:21:13:0c:f5:f1:10:52:
                    1d:df:41:14:28:3d:37:14:72:b6:24:f9:d7:8b:af:
                    61:3d:d9:d2:64:69:96:74:cc:76:9c:07:39:46:90:
                    04:24:14:1a:fc:3f:2a:22:4d:c4:c2:3b:02:97:e0:
                    88:07:cd:8d:5c:db:59:15:df:b8:7c:c0:a2:9c:4a:
                    af:6f:49:f0:d9:c1:c6:2a:82:8f:11:3a:2a:e1:de:
                    43:4d:44:6e:4f:fc:f0:59:c6:ae:76:9d:21:f2:b0:
                    ae:bb:a6:89:c6:b5:e4:15:cb:4f:e8:e3:b5:7b:53:
                    fc:40:2f:ba:a8:ae:76:44:14:0e:96:5c:8d:90:42:
                    55:34:58:af:32:99:60:6c:97:f4:47:9f:63:c6:c4:
                    d2:3d:ec:22:d3:34:e3:6e:01:6c:ab:03:be:53:5b:
                    71:1d:f9:af:d3:be:d5:dd:74:df:c8:4f:dd:c0:13:
                    e1:65:92:3f:82:b4:b5:07:65:c2:a4:a1:1c:3c:63:
                    d6:41:bf:f8:cc:b4:72:04:27:12:f3:fd:06:85:68:
                    c9:d7:e7:20:1b:3f:75:d3:ef:44:e7:ab:ae:83:ab:
                    d5:30:c5:6b:63:2c:d4:59:f9:42:eb:a0:dc:c5:9f:
                    4c:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:22:EE:96:11:85:CA:DC:10:59:C5:A2:54:2F:0C:FD:E3:BA:EB:F5
            X509v3 Authority Key Identifier:
                keyid:2A:7F:B8:1D:C7:EC:C9:CA:66:2A:74:EE:3B:7E:3B:AD:2E:A4:DE:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kn-4HcfsycpmKnTuO347rS6k3nE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:4d:9c:00:1c:24:dc:47:61:99:a4:fe:3f:25:77:36:50:23:
         44:31:8b:6d:40:fb:da:4b:03:f0:35:95:96:c5:c3:ed:55:78:
         fb:36:5b:a3:b0:f1:68:b8:8e:7f:f5:e8:dc:20:b1:c3:d4:13:
         f6:f3:70:52:12:f0:89:c9:9a:81:f6:de:2e:48:8d:69:20:a2:
         25:e3:2d:77:6b:fc:fa:2f:27:70:91:78:6d:8b:98:1d:f2:55:
         15:eb:de:c5:b2:4a:e0:30:d4:a5:c4:54:86:f5:8f:16:91:9e:
         0c:4a:bd:22:c3:b8:1f:86:de:bd:24:1d:fb:9f:33:8c:4f:68:
         1e:c4:03:26:3b:7f:19:06:10:0e:46:53:12:c5:2c:43:19:48:
         0e:89:5c:a5:a4:d3:0c:72:88:18:05:b7:25:14:e8:fa:bb:3b:
         f0:b6:61:a3:55:08:74:b9:e7:4f:7b:f9:a5:d6:d3:bf:0a:b8:
         ec:f5:44:92:86:f3:4e:fa:f7:cb:65:e5:4e:49:a0:60:43:d1:
         75:82:fb:62:ea:b6:31:20:a0:9d:da:c2:1d:c1:3c:f5:e3:fc:
         29:76:1a:72:0f:01:69:2e:fc:0f:2d:95:f1:c5:4d:c8:bc:ad:
         a5:43:f6:ac:26:b0:17:40:5a:16:5a:bc:f9:84:e0:31:e8:88:
         6e:ad:01:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ohFivd6stGKsBc4ouOmFrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhN2ZiODFkYzdlY2M5Y2E2NjJhNzRlZTNiN2UzYmFkMmVh
NGRlNzEwHhcNMjYwMzI2MDUwMDU1WhcNMjYwMzI3MDUwMDU1WjAzMTEwLwYDVQQD
EygyOTIyZWU5NjExODVjYWRjMTA1OWM1YTI1NDJmMGNmZGUzYmFlYmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziFkH639Gp9rR9d3fXfMQ2p390Nt
JiETDPXxEFId30EUKD03FHK2JPnXi69hPdnSZGmWdMx2nAc5RpAEJBQa/D8qIk3E
wjsCl+CIB82NXNtZFd+4fMCinEqvb0nw2cHGKoKPEToq4d5DTURuT/zwWcaudp0h
8rCuu6aJxrXkFctP6OO1e1P8QC+6qK52RBQOllyNkEJVNFivMplgbJf0R59jxsTS
Pewi0zTjbgFsqwO+U1txHfmv077V3XTfyE/dwBPhZZI/grS1B2XCpKEcPGPWQb/4
zLRyBCcS8/0GhWjJ1+cgGz910+9E56uug6vVMMVrYyzUWflC66DcxZ9M3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCki7pYRhcrcEFnFolQvDP3juuv1MB8GA1UdIwQY
MBaAFCp/uB3H7MnKZip07jt+O60upN5xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS24tNEhjZnN5Y3BtS25UdU8zNDdyUzZrM25FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9kODFiZDktN2Q1OC00MzgwLTk3MDct
NDViOGI4NTczNDE5LzEvS24tNEhjZnN5Y3BtS25UdU8zNDdyUzZrM25FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9kODFiZDktN2Q1OC00MzgwLTk3MDctNDViOGI4NTczNDE5
LzEvS24tNEhjZnN5Y3BtS25UdU8zNDdyUzZrM25FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK02cABwk
3EdhmaT+PyV3NlAjRDGLbUD72ksD8DWVlsXD7VV4+zZbo7DxaLiOf/Xo3CCxw9QT
9vNwUhLwicmagfbeLkiNaSCiJeMtd2v8+i8ncJF4bYuYHfJVFevexbJK4DDUpcRU
hvWPFpGeDEq9IsO4H4bevSQd+58zjE9oHsQDJjt/GQYQDkZTEsUsQxlIDolcpaTT
DHKIGAW3JRTo+rs78LZho1UIdLnnT3v5pdbTvwq47PVEkobzTvr3y2XlTkmgYEPR
dYL7Yuq2MSCgndrCHcE89eP8KXYacg8BaS78Dy2V8cVNyLytpUP2rCawF0BaFlq8
+YTgMeiIbq0BQg==
-----END CERTIFICATE-----