Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
File:                     KLwbPQy41cqsOntK0XlF--9QWKU.mft (raw, json)
Hash identifier:          HQsdPyMfwUbKIlqokhDVNRBVz/qyqTghVrpMnunEW94=
Subject key identifier:   4C:7E:3F:9B:A7:0C:0C:E7:8D:87:BD:49:4F:7C:E2:F9:7F:AC:CE:1A
Authority key identifier: 28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5
Certificate issuer:       /CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5
Certificate serial:       019D2771DEB05811012C8E5CD39527421D72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
Manifest number:          0495
Signing time:             Thu 26 Mar 2026 00:01:07 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:07 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:07 +0000
Files and hashes:         1: KLwbPQy41cqsOntK0XlF--9QWKU.crl (hash: wwcWSJvUS8irIioc/v+OYi3YatZbdRMqgW/Mehd2aiY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:71:de:b0:58:11:01:2c:8e:5c:d3:95:27:42:1d:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5
        Validity
            Not Before: Mar 26 00:01:07 2026 GMT
            Not After : Mar 27 00:01:07 2026 GMT
        Subject: CN=4c7e3f9ba70c0ce78d87bd494f7ce2f97facce1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:21:42:72:66:bf:b2:5e:f2:ad:cb:24:d5:c4:
                    ff:bf:84:76:29:cd:82:3f:f7:af:82:c5:f7:49:f9:
                    73:0d:d3:a1:17:45:3d:9c:09:e2:71:8c:c7:12:84:
                    ae:6e:51:71:ca:ad:2c:73:14:51:0d:1d:46:56:09:
                    2e:d0:4e:2f:11:1d:4e:70:c8:05:01:4a:5f:bb:8e:
                    b4:57:b0:af:7f:b4:2c:de:16:63:af:f1:10:5e:52:
                    57:9d:a6:12:c8:85:4f:de:5c:d0:8e:76:a8:fc:ec:
                    f3:c4:9f:b9:fb:71:63:7d:31:ff:f3:c2:a7:be:56:
                    be:23:cf:0d:f3:28:15:6d:85:cb:19:56:26:c5:8d:
                    1f:79:10:07:8b:26:3c:97:e6:2f:96:85:51:f0:2c:
                    3a:9b:26:18:f6:2a:4e:2f:b6:68:42:9e:53:e2:38:
                    eb:d4:c3:95:48:11:f0:fa:5a:dc:e7:5f:f5:96:1a:
                    ef:7b:15:8e:fd:a0:be:57:50:9f:19:c1:1f:14:ee:
                    51:a2:96:e3:54:3c:9d:37:fe:9c:a5:0b:94:c2:66:
                    e8:f7:dc:03:f9:22:ba:3f:c6:94:2d:b8:9b:64:6e:
                    0a:e0:33:1c:7d:3c:19:b7:b5:69:c4:a8:d5:0b:ca:
                    15:eb:a8:37:1e:b9:7f:c8:d3:0f:4f:b1:02:55:c2:
                    4c:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:7E:3F:9B:A7:0C:0C:E7:8D:87:BD:49:4F:7C:E2:F9:7F:AC:CE:1A
            X509v3 Authority Key Identifier:
                keyid:28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:55:15:f1:7c:9e:b1:0e:b7:aa:6f:3b:8e:1d:70:5c:82:ca:
         f8:27:d3:ce:e0:fe:73:8c:ad:ba:81:0e:82:21:7e:29:c0:c3:
         bb:97:e9:c0:44:73:9d:5f:4b:9b:9e:2e:f0:5b:a0:b8:64:ad:
         fd:6a:64:0e:89:8b:4b:57:a6:77:ab:f9:80:38:3d:df:59:b9:
         5a:11:60:f3:d8:e5:e3:37:48:57:e4:7f:a4:93:a7:47:63:05:
         d9:f1:f3:16:43:3e:49:c2:43:4a:b0:90:ec:86:64:6e:9e:8b:
         9a:42:cb:80:56:a1:f0:9d:d6:3a:5a:a0:4d:be:36:83:8f:b9:
         54:de:cf:3d:f9:44:ca:7b:33:19:7b:3d:0e:2f:59:91:54:b6:
         58:1b:19:1e:13:91:36:1d:2d:e4:7d:e3:3a:e8:8c:ce:2a:92:
         5c:f1:9d:d4:48:d0:df:44:81:fc:7e:9b:83:be:24:c2:2a:f7:
         a3:97:0f:01:69:62:66:c0:18:99:08:ce:41:98:5c:d5:91:e8:
         84:30:a1:2c:c7:96:f8:b3:ff:b5:b6:d9:99:ca:3c:f8:09:50:
         80:18:6b:7d:78:f4:22:81:a3:fe:02:44:83:1e:28:1a:d7:14:
         0d:a4:9e:87:bf:0b:8f:77:57:14:64:4e:06:cd:d8:6e:5c:25:
         7f:e1:06:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncd6wWBEBLI5c05UnQh1yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmMxYjNkMGNiOGQ1Y2FhYzNhN2I0YWQxNzk0NWZiZWY1
MDU4YTUwHhcNMjYwMzI2MDAwMTA3WhcNMjYwMzI3MDAwMTA3WjAzMTEwLwYDVQQD
Eyg0YzdlM2Y5YmE3MGMwY2U3OGQ4N2JkNDk0ZjdjZTJmOTdmYWNjZTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiFCcma/sl7yrcsk1cT/v4R2Kc2C
P/evgsX3SflzDdOhF0U9nAnicYzHEoSublFxyq0scxRRDR1GVgku0E4vER1OcMgF
AUpfu460V7Cvf7Qs3hZjr/EQXlJXnaYSyIVP3lzQjnao/OzzxJ+5+3FjfTH/88Kn
vla+I88N8ygVbYXLGVYmxY0feRAHiyY8l+YvloVR8Cw6myYY9ipOL7ZoQp5T4jjr
1MOVSBHw+lrc51/1lhrvexWO/aC+V1CfGcEfFO5RopbjVDydN/6cpQuUwmbo99wD
+SK6P8aULbibZG4K4DMcfTwZt7VpxKjVC8oV66g3Hrl/yNMPT7ECVcJM0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEx+P5unDAznjYe9SU984vl/rM4aMB8GA1UdIwQY
MBaAFCi8Gz0MuNXKrDp7StF5RfvvUFilMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjIt
MzY1OTg1NDA5YmZhLzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjItMzY1OTg1NDA5YmZh
LzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaFUV8Xye
sQ63qm87jh1wXILK+CfTzuD+c4ytuoEOgiF+KcDDu5fpwERznV9Lm54u8FuguGSt
/WpkDomLS1emd6v5gDg931m5WhFg89jl4zdIV+R/pJOnR2MF2fHzFkM+ScJDSrCQ
7IZkbp6LmkLLgFah8J3WOlqgTb42g4+5VN7PPflEynszGXs9Di9ZkVS2WBsZHhOR
Nh0t5H3jOuiMziqSXPGd1EjQ30SB/H6bg74kwir3o5cPAWliZsAYmQjOQZhc1ZHo
hDChLMeW+LP/tbbZmco8+AlQgBhrfXj0IoGj/gJEgx4oGtcUDaSeh78Lj3dXFGRO
Bs3Yblwlf+EGJA==
-----END CERTIFICATE-----