Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/2fa75a-11b8-49ae-924a-eb9dcd17b476/1/KL8TZ9YSDGyHl6BEhtduR7EwrVE.mft
File:                     KL8TZ9YSDGyHl6BEhtduR7EwrVE.mft (raw, json)
Hash identifier:          Xh+XKuADwzVtEBGIXdB5d5ySm4qay6TUkm49XQG6ofI=
Subject key identifier:   D0:74:A6:8D:5E:D4:72:A1:2B:C2:B2:30:9F:F3:D8:AB:C0:E3:7B:FB
Authority key identifier: 28:BF:13:67:D6:12:0C:6C:87:97:A0:44:86:D7:6E:47:B1:30:AD:51
Certificate issuer:       /CN=28bf1367d6120c6c8797a04486d76e47b130ad51
Certificate serial:       019D26965BA3EFCB7198B9583853734860BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KL8TZ9YSDGyHl6BEhtduR7EwrVE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/2fa75a-11b8-49ae-924a-eb9dcd17b476/1/KL8TZ9YSDGyHl6BEhtduR7EwrVE.mft
Manifest number:          01FC
Signing time:             Wed 25 Mar 2026 20:01:21 +0000
Manifest this update:     Wed 25 Mar 2026 20:01:21 +0000
Manifest next update:     Thu 26 Mar 2026 20:01:21 +0000
Files and hashes:         1: KL8TZ9YSDGyHl6BEhtduR7EwrVE.crl (hash: Hrhg78AzvaFzPMR++efZe4itDotFI00jerD16wVsCE4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/2fa75a-11b8-49ae-924a-eb9dcd17b476/1/KL8TZ9YSDGyHl6BEhtduR7EwrVE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/2fa75a-11b8-49ae-924a-eb9dcd17b476/1/KL8TZ9YSDGyHl6BEhtduR7EwrVE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KL8TZ9YSDGyHl6BEhtduR7EwrVE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:96:5b:a3:ef:cb:71:98:b9:58:38:53:73:48:60:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28bf1367d6120c6c8797a04486d76e47b130ad51
        Validity
            Not Before: Mar 25 20:01:21 2026 GMT
            Not After : Mar 26 20:01:21 2026 GMT
        Subject: CN=d074a68d5ed472a12bc2b2309ff3d8abc0e37bfb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:f2:ce:15:34:b2:0c:f0:d5:7f:67:71:a7:ff:
                    6a:68:c1:a0:89:1c:31:bd:5a:10:29:64:13:da:e3:
                    d1:4a:de:14:6c:12:03:53:7c:55:c6:0b:5c:9a:8c:
                    d5:17:17:4a:71:cf:22:78:1d:11:98:ab:e8:30:24:
                    a2:9a:ff:a9:b3:38:74:b1:44:b3:80:44:69:5b:7e:
                    e4:c1:74:ca:96:22:16:43:25:4c:75:eb:c3:52:a4:
                    b3:db:aa:1f:36:ff:03:3e:10:83:75:f5:5e:5e:70:
                    79:74:89:d3:9f:8e:f9:c3:26:b9:64:c0:35:95:ba:
                    f1:d7:9a:87:78:ff:49:b2:45:ad:9f:2f:0a:95:ba:
                    86:b6:02:c3:50:f2:99:23:52:37:99:f7:6c:3f:b7:
                    74:46:12:1a:2d:94:f9:bc:64:46:7e:8d:a5:99:15:
                    a8:de:b9:40:da:83:fe:29:15:82:11:ee:ee:e1:06:
                    c0:bc:ef:94:06:a2:46:fb:33:b5:bb:a9:aa:3c:5d:
                    91:7d:15:18:99:d5:e2:fc:63:94:98:37:3f:ad:cd:
                    6f:2d:19:8b:f1:5e:9f:d3:c7:1d:9b:fe:ca:5c:4b:
                    a5:86:5f:04:80:8a:dd:d6:2c:2a:82:51:cc:29:86:
                    5b:74:b4:5c:80:ec:53:11:26:1c:2e:a0:67:92:cb:
                    69:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:74:A6:8D:5E:D4:72:A1:2B:C2:B2:30:9F:F3:D8:AB:C0:E3:7B:FB
            X509v3 Authority Key Identifier:
                keyid:28:BF:13:67:D6:12:0C:6C:87:97:A0:44:86:D7:6E:47:B1:30:AD:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KL8TZ9YSDGyHl6BEhtduR7EwrVE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/2fa75a-11b8-49ae-924a-eb9dcd17b476/1/KL8TZ9YSDGyHl6BEhtduR7EwrVE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/2fa75a-11b8-49ae-924a-eb9dcd17b476/1/KL8TZ9YSDGyHl6BEhtduR7EwrVE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:f2:17:d6:fc:c4:f6:44:e5:24:ff:9e:50:eb:0d:9f:82:e1:
         48:4e:25:ec:3b:9d:bb:b4:88:38:a6:bd:2b:1d:45:fa:4c:c5:
         17:75:f8:0d:f7:40:a5:d7:0f:dd:38:77:c3:77:0d:a4:03:a8:
         af:be:b5:66:05:88:b2:d1:15:2e:82:14:1c:2a:40:16:05:e0:
         ec:ac:1e:11:6e:98:a5:05:b1:7b:62:01:0c:b5:09:b8:bf:96:
         9f:b7:ea:96:e0:b8:e8:f9:17:df:d5:23:d9:72:6e:d9:dc:b8:
         51:94:ed:ba:46:50:63:8f:f0:00:82:4b:12:8d:c2:a9:00:ad:
         53:2d:5d:48:d0:95:7d:dd:81:3d:69:37:1a:83:c3:68:f8:69:
         2f:8e:6d:87:b7:8c:7a:4a:11:34:8e:5d:13:6d:6b:5d:cc:1b:
         b9:c3:0c:0c:72:17:f7:bd:47:3f:41:61:1f:42:22:4c:04:02:
         b5:21:94:a6:b1:b8:2c:43:37:55:ec:94:84:26:d9:e0:49:7c:
         17:d8:a5:36:ed:7a:3f:9f:ad:cc:01:f1:cf:37:9b:33:86:c3:
         3f:45:d3:4b:9c:cd:ec:78:28:56:80:e4:a3:aa:10:ee:80:33:
         d2:48:c3:e5:ce:9c:24:29:7d:75:b9:ad:e9:3c:d6:76:14:08:
         a1:74:56:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mlluj78txmLlYOFNzSGC/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmYxMzY3ZDYxMjBjNmM4Nzk3YTA0NDg2ZDc2ZTQ3YjEz
MGFkNTEwHhcNMjYwMzI1MjAwMTIxWhcNMjYwMzI2MjAwMTIxWjAzMTEwLwYDVQQD
EyhkMDc0YTY4ZDVlZDQ3MmExMmJjMmIyMzA5ZmYzZDhhYmMwZTM3YmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/LOFTSyDPDVf2dxp/9qaMGgiRwx
vVoQKWQT2uPRSt4UbBIDU3xVxgtcmozVFxdKcc8ieB0RmKvoMCSimv+pszh0sUSz
gERpW37kwXTKliIWQyVMdevDUqSz26ofNv8DPhCDdfVeXnB5dInTn475wya5ZMA1
lbrx15qHeP9JskWtny8KlbqGtgLDUPKZI1I3mfdsP7d0RhIaLZT5vGRGfo2lmRWo
3rlA2oP+KRWCEe7u4QbAvO+UBqJG+zO1u6mqPF2RfRUYmdXi/GOUmDc/rc1vLRmL
8V6f08cdm/7KXEulhl8EgIrd1iwqglHMKYZbdLRcgOxTESYcLqBnkstpiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNB0po1e1HKhK8KyMJ/z2KvA43v7MB8GA1UdIwQY
MBaAFCi/E2fWEgxsh5egRIbXbkexMK1RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0w4VFo5WVNER3lIbDZCRWh0ZHVSN0V3clZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8yZmE3NWEtMTFiOC00OWFlLTkyNGEt
ZWI5ZGNkMTdiNDc2LzEvS0w4VFo5WVNER3lIbDZCRWh0ZHVSN0V3clZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8yZmE3NWEtMTFiOC00OWFlLTkyNGEtZWI5ZGNkMTdiNDc2
LzEvS0w4VFo5WVNER3lIbDZCRWh0ZHVSN0V3clZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAefIX1vzE
9kTlJP+eUOsNn4LhSE4l7Dudu7SIOKa9Kx1F+kzFF3X4DfdApdcP3Th3w3cNpAOo
r761ZgWIstEVLoIUHCpAFgXg7KweEW6YpQWxe2IBDLUJuL+Wn7fqluC46PkX39Uj
2XJu2dy4UZTtukZQY4/wAIJLEo3CqQCtUy1dSNCVfd2BPWk3GoPDaPhpL45th7eM
ekoRNI5dE21rXcwbucMMDHIX971HP0FhH0IiTAQCtSGUprG4LEM3VeyUhCbZ4El8
F9ilNu16P5+tzAHxzzebM4bDP0XTS5zN7HgoVoDko6oQ7oAz0kjD5c6cJCl9dbmt
6TzWdhQIoXRWbg==
-----END CERTIFICATE-----