Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
File:                     KtclXVpq-4XjdugbuaCew93dvNw.mft (raw, json)
Hash identifier:          csQ1ruiMTH/4Vb0y4IQFTCV4TMa0Aa5nbuFoex2xSas=
Subject key identifier:   C8:0E:53:F9:5F:D4:85:7D:97:DC:65:FC:C6:C3:4B:F5:05:9D:91:25
Authority key identifier: 2A:D7:25:5D:5A:6A:FB:85:E3:76:E8:1B:B9:A0:9E:C3:DD:DD:BC:DC
Certificate issuer:       /CN=2ad7255d5a6afb85e376e81bb9a09ec3ddddbcdc
Certificate serial:       019D25BA37C50A6EE0F7EEBE14B2B7C88E5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
Manifest number:          179C
Signing time:             Wed 25 Mar 2026 16:00:53 +0000
Manifest this update:     Wed 25 Mar 2026 16:00:53 +0000
Manifest next update:     Thu 26 Mar 2026 16:00:53 +0000
Files and hashes:         1: KtclXVpq-4XjdugbuaCew93dvNw.crl (hash: 36iqUM6mAguudKJcczwnPhF+1GRHaQczkL+842IA7zk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:ba:37:c5:0a:6e:e0:f7:ee:be:14:b2:b7:c8:8e:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ad7255d5a6afb85e376e81bb9a09ec3ddddbcdc
        Validity
            Not Before: Mar 25 16:00:53 2026 GMT
            Not After : Mar 26 16:00:53 2026 GMT
        Subject: CN=c80e53f95fd4857d97dc65fcc6c34bf5059d9125
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:e3:8c:c0:ab:3b:fd:eb:83:09:ef:14:06:56:
                    f8:32:8f:62:e6:56:b4:a3:43:bc:bb:9f:8c:cf:ca:
                    35:25:97:1f:2b:5a:b5:cb:bb:e4:44:5c:29:3d:49:
                    89:19:97:98:cb:40:b0:af:f7:3e:42:08:59:b0:51:
                    e5:f3:37:36:55:78:58:31:ee:ff:67:c3:a6:06:d4:
                    d9:86:a5:c6:3f:65:b1:17:5b:da:ef:e8:84:a4:2e:
                    c9:14:5a:8f:e6:46:f6:0c:97:79:3d:09:91:be:3c:
                    3d:a3:11:55:08:d4:d6:8d:e6:d7:4f:1a:64:12:86:
                    0a:08:42:15:b7:9a:92:98:5c:3d:19:a2:77:48:97:
                    4d:98:6d:65:6f:6d:ae:d9:a5:24:e6:e8:22:ee:33:
                    23:b1:55:fb:b3:8b:44:5f:f0:84:65:81:43:48:b0:
                    6e:9d:15:b5:48:7c:ee:82:26:72:54:26:16:01:b5:
                    a3:33:de:ff:31:0e:05:36:21:c1:8d:20:ec:a2:ec:
                    81:3c:55:12:23:24:fc:fb:c3:6d:3e:b9:7e:c0:2a:
                    d0:eb:f7:a7:84:dc:aa:b3:48:a7:96:6f:e6:a1:e7:
                    7d:29:81:be:d7:b3:7a:77:c0:fb:40:68:11:52:c9:
                    a9:ea:2b:75:14:b0:0c:55:9c:c3:e2:a3:a0:9a:ff:
                    8e:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:0E:53:F9:5F:D4:85:7D:97:DC:65:FC:C6:C3:4B:F5:05:9D:91:25
            X509v3 Authority Key Identifier:
                keyid:2A:D7:25:5D:5A:6A:FB:85:E3:76:E8:1B:B9:A0:9E:C3:DD:DD:BC:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:3a:3c:4a:f7:60:d9:9c:18:a0:dd:c8:68:f9:56:5c:ca:9c:
         65:35:17:5a:c1:fa:c8:dc:64:c0:11:56:35:97:24:8d:99:ce:
         e6:a4:c5:c9:27:0d:9e:53:f7:11:e7:58:06:60:c0:db:ba:54:
         5c:e7:68:00:7a:ed:bf:8b:3d:87:b0:d9:4a:81:61:c4:f9:b6:
         35:28:5c:6c:50:6d:3d:3d:ef:e1:80:f6:85:ea:8d:0e:95:6d:
         d0:88:7c:9e:19:9b:01:b1:b1:fa:52:6d:90:7e:6b:4c:c3:1b:
         84:65:07:51:19:2b:06:a0:0f:a2:7b:5c:88:4e:92:66:49:64:
         de:7a:39:da:70:b1:ce:20:8b:1d:4c:24:7b:9a:92:0d:ae:26:
         cf:3a:7b:ee:40:85:a0:aa:76:91:98:28:43:ce:8b:e1:69:dd:
         6b:d7:15:d8:29:92:a3:d2:62:00:f6:83:15:83:70:33:86:97:
         38:5b:9a:7e:3a:27:e4:36:03:6c:d0:e9:87:b4:e5:0a:01:6e:
         81:3e:36:cc:09:64:1b:f2:b3:d4:3c:4b:77:0d:ce:0b:ef:2d:
         f9:b1:d7:e5:0f:0e:2c:bd:76:c0:d4:9c:a9:83:f3:f3:46:6b:
         10:01:5c:fb:8e:a4:61:4b:a0:eb:89:1d:26:42:f4:60:3e:ca:
         32:d1:4b:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lujfFCm7g9+6+FLK3yI5fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZDcyNTVkNWE2YWZiODVlMzc2ZTgxYmI5YTA5ZWMzZGRk
ZGJjZGMwHhcNMjYwMzI1MTYwMDUzWhcNMjYwMzI2MTYwMDUzWjAzMTEwLwYDVQQD
EyhjODBlNTNmOTVmZDQ4NTdkOTdkYzY1ZmNjNmMzNGJmNTA1OWQ5MTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5eOMwKs7/euDCe8UBlb4Mo9i5la0
o0O8u5+Mz8o1JZcfK1q1y7vkRFwpPUmJGZeYy0Cwr/c+QghZsFHl8zc2VXhYMe7/
Z8OmBtTZhqXGP2WxF1va7+iEpC7JFFqP5kb2DJd5PQmRvjw9oxFVCNTWjebXTxpk
EoYKCEIVt5qSmFw9GaJ3SJdNmG1lb22u2aUk5ugi7jMjsVX7s4tEX/CEZYFDSLBu
nRW1SHzugiZyVCYWAbWjM97/MQ4FNiHBjSDsouyBPFUSIyT8+8NtPrl+wCrQ6/en
hNyqs0inlm/moed9KYG+17N6d8D7QGgRUsmp6it1FLAMVZzD4qOgmv+OUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMgOU/lf1IV9l9xl/MbDS/UFnZElMB8GA1UdIwQY
MBaAFCrXJV1aavuF43boG7mgnsPd3bzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lYmI5NzktYmVmMC00MjBjLTk1ZTAt
YmNlYjM3NmMyNTczLzEvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lYmI5NzktYmVmMC00MjBjLTk1ZTAtYmNlYjM3NmMyNTcz
LzEvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWTo8Svdg
2ZwYoN3IaPlWXMqcZTUXWsH6yNxkwBFWNZckjZnO5qTFyScNnlP3EedYBmDA27pU
XOdoAHrtv4s9h7DZSoFhxPm2NShcbFBtPT3v4YD2heqNDpVt0Ih8nhmbAbGx+lJt
kH5rTMMbhGUHURkrBqAPontciE6SZklk3no52nCxziCLHUwke5qSDa4mzzp77kCF
oKp2kZgoQ86L4Wnda9cV2CmSo9JiAPaDFYNwM4aXOFuafjon5DYDbNDph7TlCgFu
gT42zAlkG/Kz1DxLdw3OC+8t+bHX5Q8OLL12wNScqYPz80ZrEAFc+46kYUug64kd
JkL0YD7KMtFL8A==
-----END CERTIFICATE-----