Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
File:                     K328XveedAIoXs2gg3ukvyGHYdw.mft (raw, json)
Hash identifier:          GB0oQyF+eLz/ga7RgHlRnxh179cU84WY6c13F07znB8=
Subject key identifier:   5C:60:AD:6E:3B:31:92:41:C7:87:ED:3D:E5:6F:49:96:35:D9:28:5A
Authority key identifier: 2B:7D:BC:5E:F7:9E:74:02:28:5E:CD:A0:83:7B:A4:BF:21:87:61:DC
Certificate issuer:       /CN=2b7dbc5ef79e7402285ecda0837ba4bf218761dc
Certificate serial:       019D265F87CD9B32FD2567B8521DA159DF83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
Manifest number:          109B
Signing time:             Wed 25 Mar 2026 19:01:28 +0000
Manifest this update:     Wed 25 Mar 2026 19:01:28 +0000
Manifest next update:     Thu 26 Mar 2026 19:01:28 +0000
Files and hashes:         1: K328XveedAIoXs2gg3ukvyGHYdw.crl (hash: MQtoBsHRe+OUuMCydlhLLlvOhkCmYhtp0ZhK5L0jjhs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:87:cd:9b:32:fd:25:67:b8:52:1d:a1:59:df:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b7dbc5ef79e7402285ecda0837ba4bf218761dc
        Validity
            Not Before: Mar 25 19:01:28 2026 GMT
            Not After : Mar 26 19:01:28 2026 GMT
        Subject: CN=5c60ad6e3b319241c787ed3de56f499635d9285a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:9b:a9:db:60:42:49:54:9e:44:eb:83:02:c4:
                    f5:f4:10:18:f0:15:1b:22:65:a1:2d:4e:3c:33:21:
                    ff:3f:3d:b8:1c:d3:cb:f0:35:7b:04:24:7a:b9:63:
                    61:07:85:56:85:06:d6:f4:e6:d1:e3:45:37:58:3a:
                    6a:3a:68:e2:0d:35:a2:c3:59:d0:aa:13:d0:c1:18:
                    37:a1:03:be:02:2d:6e:2e:8f:95:d6:25:1f:24:f7:
                    89:87:5f:33:1a:cf:20:c7:b7:ec:2c:20:61:99:7b:
                    72:56:7e:ac:c9:35:c6:4d:be:0b:67:55:68:0a:42:
                    2c:49:79:0a:9a:d4:a0:d3:a1:46:62:51:ef:ac:e9:
                    92:b4:46:88:e1:6e:fd:d4:61:6f:a4:8f:5f:30:d9:
                    34:b1:6a:50:ed:d5:2e:26:15:48:4d:bf:4b:8b:a8:
                    b6:eb:2d:7f:e5:59:f9:27:1c:eb:94:89:ba:b2:5e:
                    a1:b6:b9:64:35:60:12:81:73:66:8d:2d:49:b9:7b:
                    ce:9f:22:c2:a1:ed:7c:e5:79:7d:ec:e3:cb:46:99:
                    75:41:c4:8e:cb:f9:e2:35:41:23:86:63:81:f1:08:
                    6c:ae:33:70:4a:15:1f:b4:61:c8:88:39:b6:c8:27:
                    80:3f:e2:8a:b8:20:71:98:75:9f:8a:95:22:33:83:
                    c5:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:60:AD:6E:3B:31:92:41:C7:87:ED:3D:E5:6F:49:96:35:D9:28:5A
            X509v3 Authority Key Identifier:
                keyid:2B:7D:BC:5E:F7:9E:74:02:28:5E:CD:A0:83:7B:A4:BF:21:87:61:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:3f:63:42:5c:5c:f5:e7:d6:cf:60:9c:26:e5:4e:1b:3a:4a:
         a4:e4:51:1a:2b:ba:f4:4f:77:e2:4b:24:df:3f:a3:20:b8:c6:
         0e:9c:bd:19:5d:34:85:d0:da:6e:88:db:65:bb:03:ba:b6:c5:
         f8:b5:bc:98:4a:d8:ff:e5:07:59:36:97:35:ca:e4:49:41:7e:
         aa:c9:52:1c:96:7e:5a:4f:2e:4b:19:f3:3e:e5:fc:76:ae:c8:
         3b:a5:3d:de:c1:86:c9:04:29:22:97:c6:a9:14:1b:e4:3f:b3:
         f6:3e:2b:1a:53:df:4d:88:81:03:4d:fa:55:4e:31:54:6f:3e:
         05:71:8e:22:23:ee:02:41:0a:73:29:44:bd:2f:cc:3b:24:cd:
         e7:8f:db:97:2c:3b:8b:bd:ea:d9:64:c2:4a:6c:31:75:9a:29:
         ab:ef:d6:f0:c5:6d:83:16:c5:f8:ec:a9:25:34:30:39:c3:39:
         81:d5:89:34:6b:49:c6:08:0b:0d:c9:d1:c4:c6:ec:22:40:2f:
         45:db:37:e2:1c:d0:8b:88:68:8c:9a:0e:c0:22:f3:49:00:05:
         0b:52:38:8e:0c:b0:32:4f:b0:9c:15:4e:1b:51:27:08:67:57:
         55:4e:cd:25:bb:7f:42:7b:57:00:2e:91:d7:88:74:9e:cd:f1:
         f6:55:5e:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX4fNmzL9JWe4Uh2hWd+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiN2RiYzVlZjc5ZTc0MDIyODVlY2RhMDgzN2JhNGJmMjE4
NzYxZGMwHhcNMjYwMzI1MTkwMTI4WhcNMjYwMzI2MTkwMTI4WjAzMTEwLwYDVQQD
Eyg1YzYwYWQ2ZTNiMzE5MjQxYzc4N2VkM2RlNTZmNDk5NjM1ZDkyODVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZup22BCSVSeROuDAsT19BAY8BUb
ImWhLU48MyH/Pz24HNPL8DV7BCR6uWNhB4VWhQbW9ObR40U3WDpqOmjiDTWiw1nQ
qhPQwRg3oQO+Ai1uLo+V1iUfJPeJh18zGs8gx7fsLCBhmXtyVn6syTXGTb4LZ1Vo
CkIsSXkKmtSg06FGYlHvrOmStEaI4W791GFvpI9fMNk0sWpQ7dUuJhVITb9Li6i2
6y1/5Vn5JxzrlIm6sl6htrlkNWASgXNmjS1JuXvOnyLCoe185Xl97OPLRpl1QcSO
y/niNUEjhmOB8QhsrjNwShUftGHIiDm2yCeAP+KKuCBxmHWfipUiM4PFeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFxgrW47MZJBx4ftPeVvSZY12ShaMB8GA1UdIwQY
MBaAFCt9vF73nnQCKF7NoIN7pL8hh2HcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMTBkNGQtYTJjMC00ZDIwLThhMjEt
MjRkMGU2MmY3OWMwLzEvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kMTBkNGQtYTJjMC00ZDIwLThhMjEtMjRkMGU2MmY3OWMw
LzEvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAij9jQlxc
9efWz2CcJuVOGzpKpORRGiu69E934ksk3z+jILjGDpy9GV00hdDabojbZbsDurbF
+LW8mErY/+UHWTaXNcrkSUF+qslSHJZ+Wk8uSxnzPuX8dq7IO6U93sGGyQQpIpfG
qRQb5D+z9j4rGlPfTYiBA036VU4xVG8+BXGOIiPuAkEKcylEvS/MOyTN54/blyw7
i73q2WTCSmwxdZopq+/W8MVtgxbF+OypJTQwOcM5gdWJNGtJxggLDcnRxMbsIkAv
Rds34hzQi4hojJoOwCLzSQAFC1I4jgywMk+wnBVOG1EnCGdXVU7NJbt/QntXAC6R
14h0ns3x9lVeBg==
-----END CERTIFICATE-----