Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft
File:                     KMWxDr1MOSkgFDB-h_prHJtCFn0.mft (raw, json)
Hash identifier:          /Ve05CfS+gpiM404MdteFcvf7Edn9LxWuBZuBfL8hL4=
Subject key identifier:   AC:25:F8:33:72:A2:66:41:D6:24:47:E0:C9:B3:99:1C:C0:85:19:96
Authority key identifier: 28:C5:B1:0E:BD:4C:39:29:20:14:30:7E:87:FA:6B:1C:9B:42:16:7D
Certificate issuer:       /CN=28c5b10ebd4c39292014307e87fa6b1c9b42167d
Certificate serial:       019D270471E49C835FB2876108C1E51E3DA3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KMWxDr1MOSkgFDB-h_prHJtCFn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft
Manifest number:          0925
Signing time:             Wed 25 Mar 2026 22:01:35 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:35 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:35 +0000
Files and hashes:         1: KMWxDr1MOSkgFDB-h_prHJtCFn0.crl (hash: p7IzgRABChvNaRTUlKXkYqXTrXshRb1zP42JhSK6hqw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KMWxDr1MOSkgFDB-h_prHJtCFn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:71:e4:9c:83:5f:b2:87:61:08:c1:e5:1e:3d:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28c5b10ebd4c39292014307e87fa6b1c9b42167d
        Validity
            Not Before: Mar 25 22:01:35 2026 GMT
            Not After : Mar 26 22:01:35 2026 GMT
        Subject: CN=ac25f83372a26641d62447e0c9b3991cc0851996
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:a8:fe:7a:15:7e:a8:84:80:cf:6a:2d:9d:21:
                    84:95:53:4a:5f:f0:a8:71:37:62:b3:13:a4:e5:80:
                    ba:dc:4e:0b:8d:62:f4:82:d4:52:ef:9e:c5:82:09:
                    e6:7b:ba:28:ed:ce:9b:8d:b4:75:ca:b3:0e:85:ad:
                    5d:8f:2f:7c:26:65:e5:ac:cc:92:0a:44:9d:58:ad:
                    73:1b:5b:2b:3e:f6:9b:ae:a4:f1:8c:1a:03:a3:27:
                    e8:3e:50:9b:6d:4a:4b:5d:b0:9c:97:95:e5:fe:2a:
                    02:b2:4a:67:f6:87:95:a0:22:0e:01:7f:3a:bb:d4:
                    b6:ad:d1:0c:39:23:bb:2a:53:86:e0:b3:9d:8a:45:
                    72:4f:1b:7b:30:05:2b:e2:08:0a:a3:b5:1b:89:7b:
                    c5:a0:08:ee:27:73:da:8c:36:93:3e:86:2e:f7:68:
                    a2:d2:f9:48:15:69:e3:01:b6:5a:d3:ad:91:46:4c:
                    dc:fd:7d:0d:9a:5f:04:e8:b7:f0:c0:74:ea:e4:25:
                    3c:11:7b:56:ef:09:c2:c9:d2:d6:75:18:e1:33:44:
                    72:4e:f0:7d:f4:84:1d:c3:9c:17:ba:6e:c8:41:3f:
                    e6:c1:18:11:10:94:9b:7e:2b:31:02:ef:49:ca:7e:
                    1c:37:d5:fc:67:f7:76:c9:b8:69:02:4f:b6:5f:1d:
                    45:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:25:F8:33:72:A2:66:41:D6:24:47:E0:C9:B3:99:1C:C0:85:19:96
            X509v3 Authority Key Identifier:
                keyid:28:C5:B1:0E:BD:4C:39:29:20:14:30:7E:87:FA:6B:1C:9B:42:16:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMWxDr1MOSkgFDB-h_prHJtCFn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:d6:55:92:3f:49:e5:b5:5e:a1:24:08:31:27:e0:86:b3:6c:
         e3:c6:52:53:e9:74:c5:76:db:ad:68:85:ed:d0:1c:5c:97:a6:
         d8:de:68:79:cf:6b:40:6d:49:88:42:57:33:4f:95:ff:7b:d6:
         d4:53:17:bc:d2:fd:fa:4c:2a:83:a6:19:dd:6e:97:07:7a:2f:
         84:3e:24:bb:d0:05:5a:f4:0b:ce:2d:c4:36:8f:59:42:85:db:
         fe:8d:33:24:b9:fa:41:da:0d:44:6e:d3:9f:23:5f:a2:e6:46:
         25:9b:45:de:df:b9:e5:fc:92:32:5c:a4:75:ab:2e:b7:ea:7d:
         25:93:a2:c5:21:f0:fa:14:11:90:4b:47:6d:44:76:39:a7:7b:
         bd:8d:a9:e4:2f:c0:b3:5a:18:d5:08:54:2e:65:1b:df:dc:b4:
         c7:2a:bc:c2:bc:4b:92:f8:25:cb:2b:ed:c5:3a:e0:86:49:b3:
         bd:a6:f1:ae:5a:2e:b9:4e:d8:0e:c5:58:b9:74:be:8b:2b:75:
         b1:d0:53:47:ab:13:4b:3e:48:12:37:2d:76:a6:0c:4c:fb:fe:
         49:e2:40:a3:50:f0:cd:a5:3d:57:ee:20:04:a9:aa:11:bb:8d:
         fd:54:a8:55:a7:5e:17:40:ff:59:45:45:95:1e:3f:90:df:0a:
         a8:d7:9f:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBHHknINfsodhCMHlHj2jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzViMTBlYmQ0YzM5MjkyMDE0MzA3ZTg3ZmE2YjFjOWI0
MjE2N2QwHhcNMjYwMzI1MjIwMTM1WhcNMjYwMzI2MjIwMTM1WjAzMTEwLwYDVQQD
EyhhYzI1ZjgzMzcyYTI2NjQxZDYyNDQ3ZTBjOWIzOTkxY2MwODUxOTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaj+ehV+qISAz2otnSGElVNKX/Co
cTdisxOk5YC63E4LjWL0gtRS757Fggnme7oo7c6bjbR1yrMOha1djy98JmXlrMyS
CkSdWK1zG1srPvabrqTxjBoDoyfoPlCbbUpLXbCcl5Xl/ioCskpn9oeVoCIOAX86
u9S2rdEMOSO7KlOG4LOdikVyTxt7MAUr4ggKo7UbiXvFoAjuJ3PajDaTPoYu92ii
0vlIFWnjAbZa062RRkzc/X0Nml8E6LfwwHTq5CU8EXtW7wnCydLWdRjhM0RyTvB9
9IQdw5wXum7IQT/mwRgREJSbfisxAu9Jyn4cN9X8Z/d2ybhpAk+2Xx1FzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKwl+DNyomZB1iRH4MmzmRzAhRmWMB8GA1UdIwQY
MBaAFCjFsQ69TDkpIBQwfof6axybQhZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01XeERyMU1PU2tnRkRCLWhfcHJISnRDRm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85YWIwMmMtMGFjOC00N2YxLThjN2Mt
YTYyOWQxOTc2ZWEzLzEvS01XeERyMU1PU2tnRkRCLWhfcHJISnRDRm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85YWIwMmMtMGFjOC00N2YxLThjN2MtYTYyOWQxOTc2ZWEz
LzEvS01XeERyMU1PU2tnRkRCLWhfcHJISnRDRm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjtZVkj9J
5bVeoSQIMSfghrNs48ZSU+l0xXbbrWiF7dAcXJem2N5oec9rQG1JiEJXM0+V/3vW
1FMXvNL9+kwqg6YZ3W6XB3ovhD4ku9AFWvQLzi3ENo9ZQoXb/o0zJLn6QdoNRG7T
nyNfouZGJZtF3t+55fySMlykdasut+p9JZOixSHw+hQRkEtHbUR2Oad7vY2p5C/A
s1oY1QhULmUb39y0xyq8wrxLkvglyyvtxTrghkmzvabxrlouuU7YDsVYuXS+iyt1
sdBTR6sTSz5IEjctdqYMTPv+SeJAo1DwzaU9V+4gBKmqEbuN/VSoVadeF0D/WUVF
lR4/kN8KqNefYA==
-----END CERTIFICATE-----