Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
File:                     KdIywSew2DMQPDH7UlTsuZVrDEw.mft (raw, json)
Hash identifier:          qbfVHPyH7s7375+ka2QzWSFAjbukrUcnlnFwiZtXZeo=
Subject key identifier:   1B:08:60:7B:70:7B:AB:45:66:51:ED:E7:D9:3D:2F:80:23:07:86:18
Authority key identifier: 29:D2:32:C1:27:B0:D8:33:10:3C:31:FB:52:54:EC:B9:95:6B:0C:4C
Certificate issuer:       /CN=29d232c127b0d833103c31fb5254ecb9956b0c4c
Certificate serial:       019D27A87A85B2240C99C17FF0F6E5217C8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
Manifest number:          0432
Signing time:             Thu 26 Mar 2026 01:00:45 +0000
Manifest this update:     Thu 26 Mar 2026 01:00:45 +0000
Manifest next update:     Fri 27 Mar 2026 01:00:45 +0000
Files and hashes:         1: KdIywSew2DMQPDH7UlTsuZVrDEw.crl (hash: 9+5A7fD4z8Gkj+GzN5x49aPvHhLpDHH4HloMGl5tG/s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:a8:7a:85:b2:24:0c:99:c1:7f:f0:f6:e5:21:7c:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29d232c127b0d833103c31fb5254ecb9956b0c4c
        Validity
            Not Before: Mar 26 01:00:45 2026 GMT
            Not After : Mar 27 01:00:45 2026 GMT
        Subject: CN=1b08607b707bab456651ede7d93d2f8023078618
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:eb:07:7b:7f:d0:76:04:61:e3:d8:f5:5b:60:
                    2f:bc:56:6c:e0:d8:41:49:76:87:44:9c:b1:e9:74:
                    fb:26:55:05:dc:0d:d2:8e:e9:a4:93:17:82:19:3e:
                    48:4c:94:6f:a0:36:58:3d:92:91:2b:07:f4:32:54:
                    da:51:d0:1a:5a:98:cc:77:1a:34:ca:b4:52:a9:13:
                    b1:10:fd:d6:dc:a1:dc:eb:d8:7f:14:72:c5:91:c1:
                    59:5a:1c:df:0a:77:65:02:01:98:62:43:bc:df:5a:
                    df:70:4c:23:24:53:c2:72:a2:51:5b:ec:26:24:29:
                    fb:d2:64:8b:96:06:9c:c9:07:00:b3:63:12:e0:c4:
                    11:72:77:4a:9d:3d:d8:f0:38:d3:93:48:19:a8:ec:
                    65:e5:4d:92:85:f4:31:64:02:fd:3d:9b:8d:ff:58:
                    ec:11:d6:4f:cc:b8:e9:02:e0:20:7b:1a:6b:56:8a:
                    50:78:3f:8d:2e:11:b4:04:7b:a4:4d:0f:be:2d:02:
                    57:12:f5:74:0e:0b:28:79:c6:b0:bc:01:a2:16:2e:
                    78:33:57:50:d3:0c:80:73:30:4c:d8:52:86:68:0e:
                    f1:67:cd:32:0c:68:1c:47:57:e8:44:2d:55:9d:34:
                    57:6c:7b:7f:ad:b6:79:a6:f4:07:e3:35:97:5f:0f:
                    91:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:08:60:7B:70:7B:AB:45:66:51:ED:E7:D9:3D:2F:80:23:07:86:18
            X509v3 Authority Key Identifier:
                keyid:29:D2:32:C1:27:B0:D8:33:10:3C:31:FB:52:54:EC:B9:95:6B:0C:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:55:11:a6:55:6f:00:e2:b0:b3:bc:b0:85:ea:79:d7:61:c1:
         8c:3c:ec:0b:31:40:fe:e3:0e:74:1b:ac:14:54:a6:2e:45:d7:
         d9:12:e9:eb:17:71:b3:6e:79:08:61:38:66:db:a0:26:74:ed:
         39:88:d1:bf:63:bb:84:51:1d:03:66:18:9c:2a:31:b8:dd:21:
         89:a1:11:a8:16:6b:a4:bf:01:5c:a5:e4:c9:af:ca:c3:a2:89:
         43:c9:c1:d7:24:70:58:0e:5b:a8:4c:f4:35:d8:54:00:c2:2c:
         1a:fd:f5:ed:3d:09:bc:41:f3:38:d4:b4:8e:e2:81:11:a7:d9:
         cf:b0:c5:5d:e8:bf:73:6a:46:1d:bc:65:28:01:49:97:89:d1:
         d7:cb:ec:f7:a4:9c:4c:8b:13:9f:c0:b9:5c:18:c9:26:59:b4:
         a4:47:d7:57:23:f4:e2:c6:a0:5f:c2:4b:00:87:ce:b3:ed:48:
         37:12:30:7c:ff:6b:81:47:42:b6:86:a2:a1:75:56:1d:94:bf:
         46:37:37:8c:75:15:fa:db:6f:3d:24:c2:37:dc:d9:99:0a:04:
         61:d7:d8:d3:46:8e:cf:da:ea:4e:d2:a1:02:b0:80:97:a9:ce:
         d4:f0:ec:27:6d:64:e1:13:24:c4:5f:c7:fa:8e:34:2c:13:52:
         b0:a5:18:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqHqFsiQMmcF/8PblIXyLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDIzMmMxMjdiMGQ4MzMxMDNjMzFmYjUyNTRlY2I5OTU2
YjBjNGMwHhcNMjYwMzI2MDEwMDQ1WhcNMjYwMzI3MDEwMDQ1WjAzMTEwLwYDVQQD
EygxYjA4NjA3YjcwN2JhYjQ1NjY1MWVkZTdkOTNkMmY4MDIzMDc4NjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+sHe3/QdgRh49j1W2AvvFZs4NhB
SXaHRJyx6XT7JlUF3A3SjumkkxeCGT5ITJRvoDZYPZKRKwf0MlTaUdAaWpjMdxo0
yrRSqROxEP3W3KHc69h/FHLFkcFZWhzfCndlAgGYYkO831rfcEwjJFPCcqJRW+wm
JCn70mSLlgacyQcAs2MS4MQRcndKnT3Y8DjTk0gZqOxl5U2ShfQxZAL9PZuN/1js
EdZPzLjpAuAgexprVopQeD+NLhG0BHukTQ++LQJXEvV0DgsoecawvAGiFi54M1dQ
0wyAczBM2FKGaA7xZ80yDGgcR1foRC1VnTRXbHt/rbZ5pvQH4zWXXw+R1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBsIYHtwe6tFZlHt59k9L4AjB4YYMB8GA1UdIwQY
MBaAFCnSMsEnsNgzEDwx+1JU7LmVawxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS81OTc5NzUtNzExNy00NGY2LTk0MDAt
ZTE2MDZiZTkyYjk4LzEvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS81OTc5NzUtNzExNy00NGY2LTk0MDAtZTE2MDZiZTkyYjk4
LzEvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALFURplVv
AOKws7ywhep512HBjDzsCzFA/uMOdBusFFSmLkXX2RLp6xdxs255CGE4ZtugJnTt
OYjRv2O7hFEdA2YYnCoxuN0hiaERqBZrpL8BXKXkya/Kw6KJQ8nB1yRwWA5bqEz0
NdhUAMIsGv317T0JvEHzONS0juKBEafZz7DFXei/c2pGHbxlKAFJl4nR18vs96Sc
TIsTn8C5XBjJJlm0pEfXVyP04sagX8JLAIfOs+1INxIwfP9rgUdCtoaioXVWHZS/
Rjc3jHUV+ttvPSTCN9zZmQoEYdfY00aOz9rqTtKhArCAl6nO1PDsJ21k4RMkxF/H
+o40LBNSsKUYpQ==
-----END CERTIFICATE-----