Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/4554ae-999a-4703-bfe4-ce60b6534e37/1/KACGzY28R99NOJtyhcq7ixVieuY.mft
File:                     KACGzY28R99NOJtyhcq7ixVieuY.mft (raw, json)
Hash identifier:          wTQq9I8U0lYnRfxgkoD+kUAhsRqfNTZl2ZcohvsSxiI=
Subject key identifier:   2D:0A:13:19:1E:29:D3:DF:36:37:5F:BD:4B:D8:1F:C6:26:53:F3:2E
Authority key identifier: 28:00:86:CD:8D:BC:47:DF:4D:38:9B:72:85:CA:BB:8B:15:62:7A:E6
Certificate issuer:       /CN=280086cd8dbc47df4d389b7285cabb8b15627ae6
Certificate serial:       019D333E7BD4CCDB63F1F92E2BC3BFF0ED84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KACGzY28R99NOJtyhcq7ixVieuY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/4554ae-999a-4703-bfe4-ce60b6534e37/1/KACGzY28R99NOJtyhcq7ixVieuY.mft
Manifest number:          DB
Signing time:             Sat 28 Mar 2026 07:00:26 +0000
Manifest this update:     Sat 28 Mar 2026 07:00:26 +0000
Manifest next update:     Sun 29 Mar 2026 07:00:26 +0000
Files and hashes:         1: KACGzY28R99NOJtyhcq7ixVieuY.crl (hash: hh9klBBuppMCsusU5y0fn2w1HVu8lEf4DOEPRBPXpSQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/4554ae-999a-4703-bfe4-ce60b6534e37/1/KACGzY28R99NOJtyhcq7ixVieuY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/4554ae-999a-4703-bfe4-ce60b6534e37/1/KACGzY28R99NOJtyhcq7ixVieuY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KACGzY28R99NOJtyhcq7ixVieuY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 00:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:33:3e:7b:d4:cc:db:63:f1:f9:2e:2b:c3:bf:f0:ed:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=280086cd8dbc47df4d389b7285cabb8b15627ae6
        Validity
            Not Before: Mar 28 07:00:26 2026 GMT
            Not After : Mar 29 07:00:26 2026 GMT
        Subject: CN=2d0a13191e29d3df36375fbd4bd81fc62653f32e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:7e:11:31:fd:0a:4a:d7:db:3f:30:10:fd:5b:
                    2c:89:c3:c3:6c:8a:5b:67:f5:0a:51:a1:bd:6d:6b:
                    7b:ae:80:ca:17:5e:ed:30:56:68:73:c7:28:5a:fb:
                    2f:cb:3d:2c:db:ae:15:a9:36:d7:cf:4e:ad:09:0d:
                    29:ed:28:4a:6f:de:d9:b4:82:2a:46:20:a2:01:26:
                    27:9f:b2:ed:5c:28:4d:bd:54:92:27:f4:b3:ec:45:
                    1f:96:fe:d3:98:a1:d0:87:3a:fd:b9:cd:ad:c1:3e:
                    54:d3:e2:b0:88:de:3f:2f:5f:4e:0d:c5:79:83:4a:
                    c2:84:51:02:b1:34:de:e8:e3:96:63:f7:8b:c5:7f:
                    78:aa:25:73:a3:0b:ea:8f:a8:1b:bb:7f:75:bc:f8:
                    d3:de:24:42:ea:78:89:38:c4:cc:e0:5a:3a:b6:fd:
                    27:7e:96:fa:c0:cf:3d:a6:d8:a8:40:ae:dd:b1:65:
                    d0:2e:3a:91:65:c1:89:b3:0e:d9:ef:6b:09:77:6c:
                    1b:af:d7:e9:b0:c5:27:26:5f:76:af:5c:0f:88:c5:
                    a2:d1:06:f4:2e:cd:a1:29:eb:e3:62:41:56:a3:2a:
                    2d:17:43:28:45:ed:a1:b9:88:4b:da:68:db:01:45:
                    8c:3b:7e:00:3f:a3:1d:62:88:58:bf:6d:fb:ca:7e:
                    02:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:0A:13:19:1E:29:D3:DF:36:37:5F:BD:4B:D8:1F:C6:26:53:F3:2E
            X509v3 Authority Key Identifier:
                keyid:28:00:86:CD:8D:BC:47:DF:4D:38:9B:72:85:CA:BB:8B:15:62:7A:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KACGzY28R99NOJtyhcq7ixVieuY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/4554ae-999a-4703-bfe4-ce60b6534e37/1/KACGzY28R99NOJtyhcq7ixVieuY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/4554ae-999a-4703-bfe4-ce60b6534e37/1/KACGzY28R99NOJtyhcq7ixVieuY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ce:03:55:3e:58:02:c6:70:83:5d:3b:90:49:f4:b1:72:c4:ba:
         4f:1c:b0:73:3f:e6:17:f1:a7:db:c2:81:6e:b7:b3:5d:4a:6f:
         cc:5a:d2:d9:17:4f:22:48:5e:5a:64:ee:6b:64:fb:88:c4:a7:
         d9:64:12:6d:39:be:b4:54:29:4e:6e:5f:a1:95:c5:aa:3b:fe:
         e6:1f:cf:f5:68:56:16:06:d7:eb:d4:76:23:ef:7c:95:09:45:
         ee:19:b9:80:91:d8:34:a5:38:f2:2f:65:e4:58:af:3e:33:74:
         b6:22:4c:60:03:8f:4d:d1:24:48:fd:d4:b1:fb:30:be:6c:2a:
         3d:fd:2d:9d:49:87:9c:0a:36:eb:ba:53:f4:f6:21:ed:b3:34:
         10:15:13:4b:71:8b:7b:8c:31:07:2b:9c:ee:51:b3:5e:c6:b2:
         70:b4:25:b5:c7:dd:55:34:ba:6b:65:e3:fd:69:97:d2:e9:65:
         cc:26:ce:4c:7c:ff:ae:a9:b7:81:6c:79:0f:90:52:15:48:63:
         a7:3e:5b:24:ec:06:b4:0d:a3:b9:58:57:8a:a4:1f:0e:fb:26:
         1d:55:36:23:bc:ce:88:48:6b:dd:80:66:af:ff:70:9c:29:06:
         c5:5e:a8:17:01:8d:04:44:ac:40:b7:b1:22:04:02:98:e4:6d:
         b6:ee:88:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zPnvUzNtj8fkuK8O/8O2EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MDA4NmNkOGRiYzQ3ZGY0ZDM4OWI3Mjg1Y2FiYjhiMTU2
MjdhZTYwHhcNMjYwMzI4MDcwMDI2WhcNMjYwMzI5MDcwMDI2WjAzMTEwLwYDVQQD
EygyZDBhMTMxOTFlMjlkM2RmMzYzNzVmYmQ0YmQ4MWZjNjI2NTNmMzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8H4RMf0KStfbPzAQ/VssicPDbIpb
Z/UKUaG9bWt7roDKF17tMFZoc8coWvsvyz0s264VqTbXz06tCQ0p7ShKb97ZtIIq
RiCiASYnn7LtXChNvVSSJ/Sz7EUflv7TmKHQhzr9uc2twT5U0+KwiN4/L19ODcV5
g0rChFECsTTe6OOWY/eLxX94qiVzowvqj6gbu391vPjT3iRC6niJOMTM4Fo6tv0n
fpb6wM89ptioQK7dsWXQLjqRZcGJsw7Z72sJd2wbr9fpsMUnJl92r1wPiMWi0Qb0
Ls2hKevjYkFWoyotF0MoRe2huYhL2mjbAUWMO34AP6MdYohYv237yn4C9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC0KExkeKdPfNjdfvUvYH8YmU/MuMB8GA1UdIwQY
MBaAFCgAhs2NvEffTTibcoXKu4sVYnrmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0FDR3pZMjhSOTlOT0p0eWhjcTdpeFZpZXVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny80NTU0YWUtOTk5YS00NzAzLWJmZTQt
Y2U2MGI2NTM0ZTM3LzEvS0FDR3pZMjhSOTlOT0p0eWhjcTdpeFZpZXVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny80NTU0YWUtOTk5YS00NzAzLWJmZTQtY2U2MGI2NTM0ZTM3
LzEvS0FDR3pZMjhSOTlOT0p0eWhjcTdpeFZpZXVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzgNVPlgC
xnCDXTuQSfSxcsS6Txywcz/mF/Gn28KBbrezXUpvzFrS2RdPIkheWmTua2T7iMSn
2WQSbTm+tFQpTm5foZXFqjv+5h/P9WhWFgbX69R2I+98lQlF7hm5gJHYNKU48i9l
5FivPjN0tiJMYAOPTdEkSP3UsfswvmwqPf0tnUmHnAo267pT9PYh7bM0EBUTS3GL
e4wxByuc7lGzXsaycLQltcfdVTS6a2Xj/WmX0ullzCbOTHz/rqm3gWx5D5BSFUhj
pz5bJOwGtA2juVhXiqQfDvsmHVU2I7zOiEhr3YBmr/9wnCkGxV6oFwGNBESsQLex
IgQCmORttu6IIQ==
-----END CERTIFICATE-----