Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft
File:                     KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft (raw, json)
Hash identifier:          NqCAbmvFYuDpOYb8UavaBgf+15TF42ClQZZfn7eGPlE=
Subject key identifier:   F6:17:52:15:11:7F:8D:6D:30:AD:4A:2D:88:84:DC:47:62:F7:FA:C9
Authority key identifier: 29:F4:34:0D:F7:17:60:57:48:08:30:0C:B1:4F:C1:76:0F:AE:CC:F9
Certificate issuer:       /CN=29f4340df71760574808300cb14fc1760faeccf9
Certificate serial:       019D28F33A2FF1B6ED0DE47BE1C50D7821ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft
Manifest number:          033B
Signing time:             Thu 26 Mar 2026 07:02:01 +0000
Manifest this update:     Thu 26 Mar 2026 07:02:01 +0000
Manifest next update:     Fri 27 Mar 2026 07:02:01 +0000
Files and hashes:         1: KfQ0DfcXYFdICDAMsU_Bdg-uzPk.crl (hash: jvzZdspAGp2DiX+GfA1fu7NZWknUlCSawCFlg5PwwM0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f3:3a:2f:f1:b6:ed:0d:e4:7b:e1:c5:0d:78:21:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29f4340df71760574808300cb14fc1760faeccf9
        Validity
            Not Before: Mar 26 07:02:01 2026 GMT
            Not After : Mar 27 07:02:01 2026 GMT
        Subject: CN=f6175215117f8d6d30ad4a2d8884dc4762f7fac9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:f8:ce:a5:d0:51:8e:24:d7:72:94:a5:c4:e6:
                    80:66:4c:62:5b:5a:35:7f:7a:d2:5c:17:39:77:01:
                    06:a1:d2:3b:b5:52:09:76:eb:ff:e5:7d:02:8e:d0:
                    ed:61:99:e4:42:0d:68:6c:e0:56:11:6d:33:ee:01:
                    eb:02:49:f5:15:b9:f3:2f:24:5e:24:b0:80:29:86:
                    5b:af:0e:7e:31:c8:6b:ad:c5:69:25:0b:06:45:2e:
                    c0:e4:9b:ad:80:37:fe:c1:c8:d2:76:d4:b5:44:ea:
                    2c:cf:c3:4b:ad:f1:3f:c1:23:66:7b:51:09:37:7d:
                    4d:c2:bf:61:73:68:ff:12:b3:f4:64:b2:92:cc:a0:
                    7c:92:18:e2:b5:41:b5:0a:d8:fd:db:46:9f:2d:62:
                    1d:f4:5c:2c:c1:79:7e:ba:d6:d3:e3:dc:14:6b:20:
                    6d:25:86:07:b4:0b:2d:14:1e:2e:90:03:8a:52:11:
                    9e:f2:e7:96:1a:0f:c6:da:3f:6d:91:f4:8f:9e:d1:
                    7c:84:e8:58:be:2c:17:6f:98:17:c1:99:e6:76:32:
                    d2:82:59:4b:fd:ec:45:40:1d:31:c5:b6:c4:3e:fc:
                    9a:56:fe:f1:c6:7b:6a:41:90:76:64:c3:31:67:1d:
                    c9:c0:ea:0c:8f:db:76:5c:30:df:c0:7a:22:95:10:
                    22:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:17:52:15:11:7F:8D:6D:30:AD:4A:2D:88:84:DC:47:62:F7:FA:C9
            X509v3 Authority Key Identifier:
                keyid:29:F4:34:0D:F7:17:60:57:48:08:30:0C:B1:4F:C1:76:0F:AE:CC:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:7d:fc:88:f3:de:d7:00:9f:e3:0c:84:2a:a2:70:44:1a:6e:
         c9:91:5f:ed:43:59:21:83:8b:c8:02:c8:71:1e:7e:f3:70:f9:
         8f:9f:94:cf:e8:8b:8d:08:37:99:d7:36:55:5f:eb:c8:fb:39:
         38:4a:99:a1:27:78:be:fe:97:ba:94:d6:b6:14:a1:f8:57:be:
         cb:7c:e9:2c:55:1d:1b:8e:96:c2:e3:7a:74:84:4c:76:51:3d:
         72:d7:85:e2:23:26:39:55:be:a2:89:26:a7:9b:4a:3b:84:99:
         a6:d4:3a:42:3d:ec:aa:d4:bf:0c:a8:a0:cc:e1:5c:f1:fc:a2:
         f4:cd:d2:63:eb:1c:24:27:5f:d4:7b:aa:e1:7b:56:fe:35:58:
         04:91:7c:67:e0:f0:b5:cf:43:95:8f:18:e1:55:ba:35:d3:06:
         ab:fb:28:3e:ca:07:08:57:87:86:fa:dd:cc:7f:e7:c6:83:13:
         c0:c6:3e:f0:e7:7e:5b:c5:c2:49:be:39:8e:d9:78:52:bb:f4:
         6f:05:0f:a4:cb:85:47:a8:65:20:88:af:82:2c:5f:62:71:eb:
         91:bc:8f:21:90:dd:3f:4b:6e:e1:1b:92:71:74:42:24:46:d4:
         d9:67:5e:2b:b5:08:e2:a9:d3:30:7a:77:dd:b0:9c:51:64:1f:
         08:60:f0:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8zov8bbtDeR74cUNeCHtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjQzNDBkZjcxNzYwNTc0ODA4MzAwY2IxNGZjMTc2MGZh
ZWNjZjkwHhcNMjYwMzI2MDcwMjAxWhcNMjYwMzI3MDcwMjAxWjAzMTEwLwYDVQQD
EyhmNjE3NTIxNTExN2Y4ZDZkMzBhZDRhMmQ4ODg0ZGM0NzYyZjdmYWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPjOpdBRjiTXcpSlxOaAZkxiW1o1
f3rSXBc5dwEGodI7tVIJduv/5X0CjtDtYZnkQg1obOBWEW0z7gHrAkn1FbnzLyRe
JLCAKYZbrw5+MchrrcVpJQsGRS7A5JutgDf+wcjSdtS1ROosz8NLrfE/wSNme1EJ
N31Nwr9hc2j/ErP0ZLKSzKB8khjitUG1Ctj920afLWId9FwswXl+utbT49wUayBt
JYYHtAstFB4ukAOKUhGe8ueWGg/G2j9tkfSPntF8hOhYviwXb5gXwZnmdjLSgllL
/exFQB0xxbbEPvyaVv7xxntqQZB2ZMMxZx3JwOoMj9t2XDDfwHoilRAi9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPYXUhURf41tMK1KLYiE3Edi9/rJMB8GA1UdIwQY
MBaAFCn0NA33F2BXSAgwDLFPwXYPrsz5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZRMERmY1hZRmRJQ0RBTXNVX0JkZy11elBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC83MDY2OWUtNTc0NC00NDc3LTg2YmEt
Nzk1YzNhNjEyZThiLzEvS2ZRMERmY1hZRmRJQ0RBTXNVX0JkZy11elBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC83MDY2OWUtNTc0NC00NDc3LTg2YmEtNzk1YzNhNjEyZThi
LzEvS2ZRMERmY1hZRmRJQ0RBTXNVX0JkZy11elBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbX38iPPe
1wCf4wyEKqJwRBpuyZFf7UNZIYOLyALIcR5+83D5j5+Uz+iLjQg3mdc2VV/ryPs5
OEqZoSd4vv6XupTWthSh+Fe+y3zpLFUdG46WwuN6dIRMdlE9cteF4iMmOVW+ookm
p5tKO4SZptQ6Qj3sqtS/DKigzOFc8fyi9M3SY+scJCdf1Huq4XtW/jVYBJF8Z+Dw
tc9DlY8Y4VW6NdMGq/soPsoHCFeHhvrdzH/nxoMTwMY+8Od+W8XCSb45jtl4Urv0
bwUPpMuFR6hlIIivgixfYnHrkbyPIZDdP0tu4RuScXRCJEbU2WdeK7UI4qnTMHp3
3bCcUWQfCGDw5w==
-----END CERTIFICATE-----