Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/0bb8a0-3fb3-41ee-9f65-1c8d9e6ed124/1/KgedPD3CTph79wxKn6u6QFsIOkU.mft
File:                     KgedPD3CTph79wxKn6u6QFsIOkU.mft (raw, json)
Hash identifier:          FMku/79QEr6vViW0cKLCwJvuL+Nf2bJVfoeJk4GmXhI=
Subject key identifier:   F9:CC:26:8E:EB:2A:5D:23:BE:9D:3F:CB:22:D4:1B:3A:4E:99:AA:BF
Authority key identifier: 2A:07:9D:3C:3D:C2:4E:98:7B:F7:0C:4A:9F:AB:BA:40:5B:08:3A:45
Certificate issuer:       /CN=2a079d3c3dc24e987bf70c4a9fabba405b083a45
Certificate serial:       019D28F2793267093F33CDBC98A8A5C3696F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KgedPD3CTph79wxKn6u6QFsIOkU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/0bb8a0-3fb3-41ee-9f65-1c8d9e6ed124/1/KgedPD3CTph79wxKn6u6QFsIOkU.mft
Manifest number:          0DFC
Signing time:             Thu 26 Mar 2026 07:01:12 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:12 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:12 +0000
Files and hashes:         1: KgedPD3CTph79wxKn6u6QFsIOkU.crl (hash: cWt2O6NRd71cZe11gwr+qOS4inl/EIGpYSMitH3Scdo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/0bb8a0-3fb3-41ee-9f65-1c8d9e6ed124/1/KgedPD3CTph79wxKn6u6QFsIOkU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/0bb8a0-3fb3-41ee-9f65-1c8d9e6ed124/1/KgedPD3CTph79wxKn6u6QFsIOkU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KgedPD3CTph79wxKn6u6QFsIOkU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:79:32:67:09:3f:33:cd:bc:98:a8:a5:c3:69:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a079d3c3dc24e987bf70c4a9fabba405b083a45
        Validity
            Not Before: Mar 26 07:01:12 2026 GMT
            Not After : Mar 27 07:01:12 2026 GMT
        Subject: CN=f9cc268eeb2a5d23be9d3fcb22d41b3a4e99aabf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:6f:14:e9:12:db:0c:e1:83:b5:4a:74:29:95:
                    84:76:12:9b:5d:60:0c:1b:da:ed:ed:c6:e6:74:2e:
                    79:f8:fe:cb:e0:15:13:6b:81:aa:df:d1:5e:34:46:
                    d6:09:88:64:da:cb:7a:8f:e1:78:3d:07:6d:e3:ea:
                    e8:e0:c7:0d:a6:77:f7:26:08:3b:8a:6e:ce:82:5b:
                    11:c7:72:17:fd:de:26:58:ff:94:92:69:cd:19:9a:
                    94:95:2c:98:cd:ae:15:9c:89:9a:56:8d:b6:f3:c5:
                    0d:da:d6:28:f6:7c:38:41:9b:3f:97:b1:e6:51:25:
                    03:f5:58:7e:be:75:c8:2a:9f:47:5f:b3:25:e4:6b:
                    dd:a3:e8:64:23:26:df:0b:f1:50:d4:c5:b4:eb:5d:
                    ac:28:85:54:a1:1a:46:34:b2:8d:1f:a1:bd:91:3a:
                    e9:b3:d2:50:83:a7:2e:b0:bf:c2:e2:4b:2f:c2:35:
                    cf:9a:e7:26:85:46:30:57:c0:36:07:a4:29:d4:99:
                    cd:7d:34:57:fd:9c:0a:d1:07:fb:cd:ae:67:48:45:
                    c5:6e:0f:6d:63:53:d3:8c:11:0e:42:58:03:e3:08:
                    d8:5a:85:3e:f1:d1:c0:ba:7e:62:df:c6:76:77:2a:
                    3b:9a:bd:f6:de:b5:66:1b:e6:11:c7:61:64:8d:ab:
                    cd:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:CC:26:8E:EB:2A:5D:23:BE:9D:3F:CB:22:D4:1B:3A:4E:99:AA:BF
            X509v3 Authority Key Identifier:
                keyid:2A:07:9D:3C:3D:C2:4E:98:7B:F7:0C:4A:9F:AB:BA:40:5B:08:3A:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KgedPD3CTph79wxKn6u6QFsIOkU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/0bb8a0-3fb3-41ee-9f65-1c8d9e6ed124/1/KgedPD3CTph79wxKn6u6QFsIOkU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/0bb8a0-3fb3-41ee-9f65-1c8d9e6ed124/1/KgedPD3CTph79wxKn6u6QFsIOkU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:89:b2:7d:ec:5c:97:08:91:46:9a:86:76:13:ce:fb:b3:ae:
         d9:da:34:21:57:ce:09:37:d6:c4:1e:d9:23:6f:3c:3e:d0:29:
         25:d7:5b:fe:d4:5f:e1:e8:99:99:63:11:13:5e:17:60:4d:58:
         6d:a1:be:9b:89:ab:df:a8:60:bb:71:ab:c1:75:36:76:0a:07:
         c7:04:69:d3:9d:6e:8c:b4:25:f3:f3:80:2b:c8:fd:f3:87:79:
         6b:0e:95:4c:d4:cd:31:ce:54:f0:91:c8:61:d6:32:af:ec:0a:
         f4:44:6b:82:78:e0:e8:6f:cb:aa:d1:6b:5c:68:05:73:7b:a1:
         fa:d6:3b:cb:d5:f7:d2:c4:94:05:01:cf:8a:8f:68:2c:f3:e1:
         68:ba:df:57:8c:14:23:87:56:74:bd:ff:31:68:f0:b1:ab:4a:
         ee:49:97:0c:90:0b:d0:10:da:7a:45:53:fe:0e:1a:53:4d:95:
         58:d5:f8:71:90:0b:09:12:b0:a2:e7:44:f5:e4:f0:41:74:ba:
         d3:49:fc:f8:1d:37:26:bc:8f:3d:d3:ee:71:7a:4a:c6:aa:6c:
         a7:ba:46:f3:a5:ad:9d:d2:74:d8:00:cc:9f:ca:48:a2:39:ac:
         23:22:1d:da:4c:26:c7:de:46:80:cf:65:e2:27:8c:51:77:dc:
         3e:38:e2:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8nkyZwk/M828mKilw2lvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMDc5ZDNjM2RjMjRlOTg3YmY3MGM0YTlmYWJiYTQwNWIw
ODNhNDUwHhcNMjYwMzI2MDcwMTEyWhcNMjYwMzI3MDcwMTEyWjAzMTEwLwYDVQQD
EyhmOWNjMjY4ZWViMmE1ZDIzYmU5ZDNmY2IyMmQ0MWIzYTRlOTlhYWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl28U6RLbDOGDtUp0KZWEdhKbXWAM
G9rt7cbmdC55+P7L4BUTa4Gq39FeNEbWCYhk2st6j+F4PQdt4+ro4McNpnf3Jgg7
im7OglsRx3IX/d4mWP+UkmnNGZqUlSyYza4VnImaVo2288UN2tYo9nw4QZs/l7Hm
USUD9Vh+vnXIKp9HX7Ml5Gvdo+hkIybfC/FQ1MW0612sKIVUoRpGNLKNH6G9kTrp
s9JQg6cusL/C4ksvwjXPmucmhUYwV8A2B6Qp1JnNfTRX/ZwK0Qf7za5nSEXFbg9t
Y1PTjBEOQlgD4wjYWoU+8dHAun5i38Z2dyo7mr323rVmG+YRx2FkjavNWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPnMJo7rKl0jvp0/yyLUGzpOmaq/MB8GA1UdIwQY
MBaAFCoHnTw9wk6Ye/cMSp+rukBbCDpFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2dlZFBEM0NUcGg3OXd4S242dTZRRnNJT2tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8wYmI4YTAtM2ZiMy00MWVlLTlmNjUt
MWM4ZDllNmVkMTI0LzEvS2dlZFBEM0NUcGg3OXd4S242dTZRRnNJT2tVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8wYmI4YTAtM2ZiMy00MWVlLTlmNjUtMWM4ZDllNmVkMTI0
LzEvS2dlZFBEM0NUcGg3OXd4S242dTZRRnNJT2tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADYmyfexc
lwiRRpqGdhPO+7Ou2do0IVfOCTfWxB7ZI288PtApJddb/tRf4eiZmWMRE14XYE1Y
baG+m4mr36hgu3GrwXU2dgoHxwRp051ujLQl8/OAK8j984d5aw6VTNTNMc5U8JHI
YdYyr+wK9ERrgnjg6G/LqtFrXGgFc3uh+tY7y9X30sSUBQHPio9oLPPhaLrfV4wU
I4dWdL3/MWjwsatK7kmXDJAL0BDaekVT/g4aU02VWNX4cZALCRKwoudE9eTwQXS6
00n8+B03JryPPdPucXpKxqpsp7pG86WtndJ02ADMn8pIojmsIyId2kwmx95GgM9l
4ieMUXfcPjjizg==
-----END CERTIFICATE-----