Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft
File:                     kbDB4HajRpZoEluN05XzBN-i55Q.mft (raw, json)
Hash identifier:          kxNxG2dAthk55xO+o38a4u/iyDVM9EeV8BMMZU32wIg=
Subject key identifier:   B9:BE:B7:3F:37:F4:76:E5:D4:5B:76:85:81:44:E6:3F:24:95:7F:C4
Authority key identifier: 91:B0:C1:E0:76:A3:46:96:68:12:5B:8D:D3:95:F3:04:DF:A2:E7:94
Certificate issuer:       /CN=91b0c1e076a3469668125b8dd395f304dfa2e794
Certificate serial:       019D2AE1217D3AA7FD42D40DCBD633C967B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kbDB4HajRpZoEluN05XzBN-i55Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft
Manifest number:          0284
Signing time:             Thu 26 Mar 2026 16:01:30 +0000
Manifest this update:     Thu 26 Mar 2026 16:01:30 +0000
Manifest next update:     Fri 27 Mar 2026 16:01:30 +0000
Files and hashes:         1: kbDB4HajRpZoEluN05XzBN-i55Q.crl (hash: 8m2iqSqHX3xEEKZkGsXDYHb3qgcIUH2Q2lHhPIR9KYk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kbDB4HajRpZoEluN05XzBN-i55Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e1:21:7d:3a:a7:fd:42:d4:0d:cb:d6:33:c9:67:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91b0c1e076a3469668125b8dd395f304dfa2e794
        Validity
            Not Before: Mar 26 16:01:30 2026 GMT
            Not After : Mar 27 16:01:30 2026 GMT
        Subject: CN=b9beb73f37f476e5d45b76858144e63f24957fc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:ac:77:55:6d:91:aa:1f:38:b9:9e:b4:f2:7e:
                    3a:5f:de:1e:5b:5a:53:44:cb:b6:51:f4:60:0a:c2:
                    63:94:12:a5:e7:ee:ee:6e:ef:a3:16:80:7d:ab:b4:
                    82:a8:b2:00:35:94:fd:f1:45:71:c3:67:a3:45:76:
                    68:8f:f4:8a:0b:79:7c:b7:4f:0f:a2:a1:71:81:4b:
                    da:69:7b:b1:53:e2:4f:3d:8b:9d:7b:e6:f2:38:53:
                    b3:04:fe:58:13:29:bd:20:96:39:04:0c:9e:98:63:
                    d9:b4:2f:85:e3:8d:26:d7:4c:29:32:55:ae:01:f7:
                    37:22:39:2a:cb:c9:59:e9:9a:64:fc:ae:0d:d4:a6:
                    79:13:38:c0:cd:1a:d3:52:f3:e8:35:1f:ae:6b:38:
                    2d:a8:39:66:88:b6:cb:73:f2:6f:ad:7d:19:18:21:
                    d0:89:05:25:c5:83:0b:3e:e5:b7:64:94:4b:13:f1:
                    8e:0e:62:99:df:83:f2:db:46:ae:bd:5d:79:5f:f6:
                    aa:86:d6:05:f3:5a:c1:af:28:f2:1a:53:31:57:6c:
                    44:61:bc:16:43:33:d8:2e:fa:33:24:d1:c6:28:fd:
                    b4:91:80:48:d7:ba:7f:f2:d6:c6:2f:d1:ae:af:2e:
                    fb:3f:b6:84:d1:01:3c:ed:f8:e1:ed:67:92:02:da:
                    e9:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:BE:B7:3F:37:F4:76:E5:D4:5B:76:85:81:44:E6:3F:24:95:7F:C4
            X509v3 Authority Key Identifier:
                keyid:91:B0:C1:E0:76:A3:46:96:68:12:5B:8D:D3:95:F3:04:DF:A2:E7:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kbDB4HajRpZoEluN05XzBN-i55Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:86:5d:d0:95:f3:55:ab:62:09:e9:6b:62:00:e7:00:89:c5:
         94:64:79:00:28:48:c6:ff:53:ba:f1:f2:8a:71:c6:b3:45:e5:
         17:49:07:2e:45:48:0c:39:91:03:81:ab:a6:ce:df:95:b0:a5:
         13:ef:42:1a:d4:e0:ce:c2:8a:82:b5:b4:95:24:5e:dc:c4:5d:
         f4:e1:a8:6c:f7:df:fb:65:c1:4a:fd:40:26:44:17:b8:77:38:
         8a:2f:83:46:57:00:15:ce:23:f2:fa:bd:4a:7a:d9:69:c1:87:
         bc:1d:ca:54:35:5d:f3:ce:ed:d9:cf:40:04:f4:bd:07:43:43:
         53:e7:cc:10:2e:8d:6a:a9:04:51:fd:99:a9:2c:5f:f9:bf:24:
         2c:d5:8e:45:4d:37:6c:01:c5:4e:db:e1:c1:de:01:83:56:04:
         a3:7b:2b:84:c0:c4:b2:e4:97:5e:21:60:54:b0:69:fe:7a:b6:
         dd:b5:ea:07:cb:ee:3b:80:86:fc:59:f2:dc:a6:b9:5e:49:6b:
         6d:12:3a:0d:0c:d0:92:85:ed:15:da:17:13:d0:9f:5b:8c:ce:
         aa:f8:1e:68:72:d9:12:6f:b4:44:a5:fc:8c:f3:2f:b6:62:21:
         14:36:ac:ab:a7:59:49:0d:88:45:80:c9:61:16:aa:df:57:38:
         e2:bc:74:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4SF9Oqf9QtQNy9YzyWewMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYjBjMWUwNzZhMzQ2OTY2ODEyNWI4ZGQzOTVmMzA0ZGZh
MmU3OTQwHhcNMjYwMzI2MTYwMTMwWhcNMjYwMzI3MTYwMTMwWjAzMTEwLwYDVQQD
EyhiOWJlYjczZjM3ZjQ3NmU1ZDQ1Yjc2ODU4MTQ0ZTYzZjI0OTU3ZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzax3VW2Rqh84uZ608n46X94eW1pT
RMu2UfRgCsJjlBKl5+7ubu+jFoB9q7SCqLIANZT98UVxw2ejRXZoj/SKC3l8t08P
oqFxgUvaaXuxU+JPPYude+byOFOzBP5YEym9IJY5BAyemGPZtC+F440m10wpMlWu
Afc3Ijkqy8lZ6Zpk/K4N1KZ5EzjAzRrTUvPoNR+uazgtqDlmiLbLc/JvrX0ZGCHQ
iQUlxYMLPuW3ZJRLE/GODmKZ34Py20auvV15X/aqhtYF81rBryjyGlMxV2xEYbwW
QzPYLvozJNHGKP20kYBI17p/8tbGL9Gury77P7aE0QE87fjh7WeSAtrplQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLm+tz839Hbl1Ft2hYFE5j8klX/EMB8GA1UdIwQY
MBaAFJGwweB2o0aWaBJbjdOV8wTfoueUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2JEQjRIYWpScFpvRWx1TjA1WHpCTi1pNTVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC83NWM5NjQtMzU0ZS00NmEzLWIzOWUt
ZWQ4MjM3OWNmYTMyLzEva2JEQjRIYWpScFpvRWx1TjA1WHpCTi1pNTVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC83NWM5NjQtMzU0ZS00NmEzLWIzOWUtZWQ4MjM3OWNmYTMy
LzEva2JEQjRIYWpScFpvRWx1TjA1WHpCTi1pNTVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn4Zd0JXz
VatiCelrYgDnAInFlGR5AChIxv9TuvHyinHGs0XlF0kHLkVIDDmRA4Grps7flbCl
E+9CGtTgzsKKgrW0lSRe3MRd9OGobPff+2XBSv1AJkQXuHc4ii+DRlcAFc4j8vq9
SnrZacGHvB3KVDVd887t2c9ABPS9B0NDU+fMEC6NaqkEUf2ZqSxf+b8kLNWORU03
bAHFTtvhwd4Bg1YEo3srhMDEsuSXXiFgVLBp/nq23bXqB8vuO4CG/Fny3Ka5Xklr
bRI6DQzQkoXtFdoXE9CfW4zOqvgeaHLZEm+0RKX8jPMvtmIhFDasq6dZSQ2IRYDJ
YRaq31c44rx08A==
-----END CERTIFICATE-----