Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
File:                     KY2bT7TP4nih65-iA1oInEwlaFg.mft (raw, json)
Hash identifier:          zloDJzMza0WaLsweIiMpo8g9xJTRnqt8SSO077ew8t4=
Subject key identifier:   EE:56:D8:76:70:32:48:91:C3:FE:A1:F5:01:9C:03:7F:6E:7A:12:7A
Authority key identifier: 29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58
Certificate issuer:       /CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
Certificate serial:       019D27DFF342D338A3CAE651B5D78FD5265F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
Manifest number:          0E0C
Signing time:             Thu 26 Mar 2026 02:01:21 +0000
Manifest this update:     Thu 26 Mar 2026 02:01:21 +0000
Manifest next update:     Fri 27 Mar 2026 02:01:21 +0000
Files and hashes:         1: KY2bT7TP4nih65-iA1oInEwlaFg.crl (hash: j3mEkyC+D9uqEs0503zfIbHjor/8G3y+ZHrjYOnc/C4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:df:f3:42:d3:38:a3:ca:e6:51:b5:d7:8f:d5:26:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
        Validity
            Not Before: Mar 26 02:01:21 2026 GMT
            Not After : Mar 27 02:01:21 2026 GMT
        Subject: CN=ee56d87670324891c3fea1f5019c037f6e7a127a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:82:ff:d4:df:6f:8e:c5:ea:9e:95:82:d4:62:
                    16:e6:74:83:ad:d9:af:2f:b1:a6:f6:c5:68:95:12:
                    82:66:40:dc:79:0e:57:8a:e1:ca:e3:32:8d:a8:94:
                    a9:2a:1c:10:58:87:b7:6a:4a:f1:00:53:83:68:0b:
                    32:31:17:ff:a9:4e:16:e4:f1:c9:99:de:7b:73:bb:
                    c3:16:75:34:cc:cb:d3:46:42:61:2f:0a:c2:a7:d9:
                    78:19:0b:57:6a:af:e4:c9:5f:b4:75:d6:29:f6:7c:
                    56:ac:99:57:60:58:b3:03:95:22:21:05:f6:9d:28:
                    96:e2:a8:8d:cb:f4:e0:15:5f:e5:03:a3:e2:f5:34:
                    0d:0b:14:06:5b:4e:10:0d:ca:52:a3:99:09:22:a2:
                    a9:9d:1f:ad:1a:9e:1f:6d:72:ba:4e:45:d3:ec:96:
                    c6:ec:79:7d:cc:d8:f2:2e:e4:df:fe:91:d3:c5:c3:
                    b6:c7:ef:59:8d:16:b3:19:b1:b5:49:c3:9c:f9:9a:
                    96:36:ce:d2:fa:fa:da:4d:51:da:ee:ee:f9:8d:07:
                    cf:74:f9:f0:e2:71:fa:9c:33:dd:8a:68:0b:c1:86:
                    5a:c1:95:f0:17:c5:7f:c6:81:3f:b4:52:6f:8b:8d:
                    a5:ee:f3:cb:82:83:b6:60:71:70:5e:90:ee:66:0d:
                    d7:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:56:D8:76:70:32:48:91:C3:FE:A1:F5:01:9C:03:7F:6E:7A:12:7A
            X509v3 Authority Key Identifier:
                keyid:29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:ca:03:7d:26:f9:fd:c5:57:93:fd:51:3d:93:50:0e:f2:5f:
         9a:da:e6:81:15:96:09:fa:57:1d:03:e1:4d:24:42:7a:09:66:
         a2:6b:f2:e3:e6:50:64:84:21:ac:12:a2:9f:52:50:81:06:ae:
         74:69:7b:d9:c0:3f:12:57:66:20:e6:e9:eb:24:66:5f:52:20:
         73:7f:54:98:4a:f6:23:98:8f:69:2a:c5:c8:b8:5b:8e:68:a7:
         b4:37:72:c7:84:cf:10:94:bd:9e:49:fc:3b:d5:8d:f8:bc:a1:
         41:c9:23:4c:ce:d2:7d:15:b4:c1:58:70:2c:50:5a:14:15:68:
         f2:26:b7:68:5c:e8:e6:52:d2:30:62:0e:fd:16:82:d4:69:39:
         08:ac:ea:ab:fd:df:f2:8d:39:7e:d6:7b:3b:4b:87:7c:4f:cd:
         a2:84:4e:dd:7d:44:f6:b5:66:7d:3d:69:ca:8b:60:b2:25:d0:
         3c:48:e3:a6:bf:c1:a3:e2:ee:0c:c9:46:91:52:6d:d9:f1:2e:
         8d:7f:ec:4b:61:e3:6a:08:14:40:0b:42:77:d5:16:e0:7c:60:
         ef:bc:90:1e:1c:3f:f3:92:b3:54:38:4d:1a:c3:4e:dd:36:87:
         10:86:5b:4e:49:bb:80:aa:0b:a7:9e:16:99:49:ab:ac:20:0c:
         a4:33:a4:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n3/NC0zijyuZRtdeP1SZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGQ5YjRmYjRjZmUyNzhhMWViOWZhMjAzNWEwODljNGMy
NTY4NTgwHhcNMjYwMzI2MDIwMTIxWhcNMjYwMzI3MDIwMTIxWjAzMTEwLwYDVQQD
EyhlZTU2ZDg3NjcwMzI0ODkxYzNmZWExZjUwMTljMDM3ZjZlN2ExMjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYL/1N9vjsXqnpWC1GIW5nSDrdmv
L7Gm9sVolRKCZkDceQ5XiuHK4zKNqJSpKhwQWIe3akrxAFODaAsyMRf/qU4W5PHJ
md57c7vDFnU0zMvTRkJhLwrCp9l4GQtXaq/kyV+0ddYp9nxWrJlXYFizA5UiIQX2
nSiW4qiNy/TgFV/lA6Pi9TQNCxQGW04QDcpSo5kJIqKpnR+tGp4fbXK6TkXT7JbG
7Hl9zNjyLuTf/pHTxcO2x+9ZjRazGbG1ScOc+ZqWNs7S+vraTVHa7u75jQfPdPnw
4nH6nDPdimgLwYZawZXwF8V/xoE/tFJvi42l7vPLgoO2YHFwXpDuZg3XzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO5W2HZwMkiRw/6h9QGcA39uehJ6MB8GA1UdIwQY
MBaAFCmNm0+0z+J4oeufogNaCJxMJWhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDIt
ZDgwMGJkZDY4NmUzLzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDItZDgwMGJkZDY4NmUz
LzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ8oDfSb5
/cVXk/1RPZNQDvJfmtrmgRWWCfpXHQPhTSRCeglmomvy4+ZQZIQhrBKin1JQgQau
dGl72cA/EldmIObp6yRmX1Igc39UmEr2I5iPaSrFyLhbjmintDdyx4TPEJS9nkn8
O9WN+LyhQckjTM7SfRW0wVhwLFBaFBVo8ia3aFzo5lLSMGIO/RaC1Gk5CKzqq/3f
8o05ftZ7O0uHfE/NooRO3X1E9rVmfT1pyotgsiXQPEjjpr/Bo+LuDMlGkVJt2fEu
jX/sS2HjaggUQAtCd9UW4Hxg77yQHhw/85KzVDhNGsNO3TaHEIZbTkm7gKoLp54W
mUmrrCAMpDOkkg==
-----END CERTIFICATE-----