Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft
File:                     kdTzrA50tq60hL0U9ocdmjBCK30.mft (raw, json)
Hash identifier:          iRrHgNNKziiqMNofZHXE2cBskfHkGEpnl57THWuRS0s=
Subject key identifier:   D6:60:AD:90:74:5A:D0:C1:AC:F7:9F:2C:66:C2:3E:E5:10:59:98:59
Authority key identifier: 91:D4:F3:AC:0E:74:B6:AE:B4:84:BD:14:F6:87:1D:9A:30:42:2B:7D
Certificate issuer:       /CN=91d4f3ac0e74b6aeb484bd14f6871d9a30422b7d
Certificate serial:       019D348907A333540DACA6C9AC2F633AFCDF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kdTzrA50tq60hL0U9ocdmjBCK30.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft
Manifest number:          0304
Signing time:             Sat 28 Mar 2026 13:01:28 +0000
Manifest this update:     Sat 28 Mar 2026 13:01:28 +0000
Manifest next update:     Sun 29 Mar 2026 13:01:28 +0000
Files and hashes:         1: kdTzrA50tq60hL0U9ocdmjBCK30.crl (hash: UCbFTWjK92jsRXtteFjrmeHYw4cujvPQWIAnQmM+exE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kdTzrA50tq60hL0U9ocdmjBCK30.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 13:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:34:89:07:a3:33:54:0d:ac:a6:c9:ac:2f:63:3a:fc:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91d4f3ac0e74b6aeb484bd14f6871d9a30422b7d
        Validity
            Not Before: Mar 28 13:01:28 2026 GMT
            Not After : Mar 29 13:01:28 2026 GMT
        Subject: CN=d660ad90745ad0c1acf79f2c66c23ee510599859
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:02:ba:03:ac:ed:85:fc:0b:14:74:e7:86:6d:
                    1a:8d:e6:eb:70:61:bd:9c:2c:2a:b5:17:c4:e9:17:
                    27:d4:15:b5:b3:8f:8e:14:e7:49:f5:86:96:55:83:
                    ee:0c:d6:24:e3:e4:60:d4:3c:ff:04:d4:8a:c4:da:
                    01:65:7c:52:eb:d9:8b:2d:dc:12:3e:7c:67:cb:96:
                    9a:54:f6:f0:14:4b:3f:d1:56:ef:67:22:80:79:ca:
                    3f:1e:66:1e:57:9e:a8:54:49:7c:bf:dd:63:d6:a4:
                    c3:48:b4:ab:30:d7:df:32:51:3e:94:19:13:bd:cc:
                    67:1d:a1:15:da:cf:dc:47:0f:84:9e:ad:fa:85:95:
                    fd:90:71:27:ea:b9:33:93:ee:66:a4:16:dd:5a:73:
                    8b:9c:90:ab:05:29:f6:dc:ae:96:46:85:62:aa:5e:
                    0d:85:20:20:5e:04:d7:f8:79:5f:f0:ad:1e:93:bd:
                    b0:d6:9c:ae:0d:16:83:6f:45:91:6d:6c:2d:5e:5c:
                    b4:93:1e:19:94:2f:ce:5e:3d:f0:4b:7e:4e:62:a8:
                    a4:70:a9:df:de:d4:8a:9e:89:64:a1:67:2d:99:68:
                    4c:b1:4a:6d:2f:be:c8:69:72:02:b3:f6:ba:d7:c7:
                    6e:02:b5:d3:0f:a0:fc:e0:c0:6d:98:ac:90:cd:92:
                    35:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:60:AD:90:74:5A:D0:C1:AC:F7:9F:2C:66:C2:3E:E5:10:59:98:59
            X509v3 Authority Key Identifier:
                keyid:91:D4:F3:AC:0E:74:B6:AE:B4:84:BD:14:F6:87:1D:9A:30:42:2B:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdTzrA50tq60hL0U9ocdmjBCK30.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:cc:47:b0:91:dc:10:ef:e9:20:50:9c:00:c2:7c:e3:93:31:
         af:8e:6f:c0:9b:2e:f2:f9:7d:2e:67:8c:be:28:47:64:89:ec:
         78:f7:e3:39:fa:87:b4:8f:75:65:67:6c:d7:b6:16:f0:a5:24:
         48:71:b8:82:19:01:7d:9e:da:be:82:c7:d0:19:1f:e5:29:11:
         9d:a9:f2:a2:e7:fe:ed:15:f8:80:fd:96:92:90:57:54:c7:c1:
         11:ea:1f:2b:ce:6f:f6:f7:cb:f8:eb:f3:5a:32:44:a8:d2:a4:
         e0:82:cd:64:ef:03:e2:09:47:79:e1:21:bc:24:3c:7b:81:4f:
         6e:a1:13:f2:7f:9e:60:36:1c:d4:ba:4b:68:25:39:dd:92:70:
         49:23:0a:16:e7:3a:53:65:1a:ed:0e:77:3b:c4:11:b8:66:43:
         3a:12:5b:e8:37:5a:00:8b:67:49:95:b8:7b:e1:84:9c:c5:f5:
         9c:fe:07:9f:af:cf:de:95:22:6b:58:d4:14:44:b1:45:06:3d:
         ef:c0:dc:2f:f3:bd:90:94:89:a1:5c:e6:65:53:7e:d4:e0:ff:
         ad:ff:ae:68:97:3a:b1:a2:63:e5:2b:22:b7:b4:55:05:51:67:
         67:89:46:ea:2b:7f:bf:a8:06:25:6f:31:c2:37:3c:ee:f9:86:
         6d:b0:6b:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ00iQejM1QNrKbJrC9jOvzfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDRmM2FjMGU3NGI2YWViNDg0YmQxNGY2ODcxZDlhMzA0
MjJiN2QwHhcNMjYwMzI4MTMwMTI4WhcNMjYwMzI5MTMwMTI4WjAzMTEwLwYDVQQD
EyhkNjYwYWQ5MDc0NWFkMGMxYWNmNzlmMmM2NmMyM2VlNTEwNTk5ODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQK6A6zthfwLFHTnhm0ajebrcGG9
nCwqtRfE6Rcn1BW1s4+OFOdJ9YaWVYPuDNYk4+Rg1Dz/BNSKxNoBZXxS69mLLdwS
Pnxny5aaVPbwFEs/0VbvZyKAeco/HmYeV56oVEl8v91j1qTDSLSrMNffMlE+lBkT
vcxnHaEV2s/cRw+Enq36hZX9kHEn6rkzk+5mpBbdWnOLnJCrBSn23K6WRoViql4N
hSAgXgTX+Hlf8K0ek72w1pyuDRaDb0WRbWwtXly0kx4ZlC/OXj3wS35OYqikcKnf
3tSKnolkoWctmWhMsUptL77IaXICs/a618duArXTD6D84MBtmKyQzZI1xwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNZgrZB0WtDBrPefLGbCPuUQWZhZMB8GA1UdIwQY
MBaAFJHU86wOdLautIS9FPaHHZowQit9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RUenJBNTB0cTYwaEwwVTlvY2RtakJDSzMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84ZDBjNjgtNjFhNS00YWUxLWE4MzEt
YWExMDQ3MzJmNTczLzEva2RUenJBNTB0cTYwaEwwVTlvY2RtakJDSzMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84ZDBjNjgtNjFhNS00YWUxLWE4MzEtYWExMDQ3MzJmNTcz
LzEva2RUenJBNTB0cTYwaEwwVTlvY2RtakJDSzMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhsxHsJHc
EO/pIFCcAMJ845Mxr45vwJsu8vl9LmeMvihHZInsePfjOfqHtI91ZWds17YW8KUk
SHG4ghkBfZ7avoLH0Bkf5SkRnanyouf+7RX4gP2WkpBXVMfBEeofK85v9vfL+Ovz
WjJEqNKk4ILNZO8D4glHeeEhvCQ8e4FPbqET8n+eYDYc1LpLaCU53ZJwSSMKFuc6
U2Ua7Q53O8QRuGZDOhJb6DdaAItnSZW4e+GEnMX1nP4Hn6/P3pUia1jUFESxRQY9
78DcL/O9kJSJoVzmZVN+1OD/rf+uaJc6saJj5Ssit7RVBVFnZ4lG6it/v6gGJW8x
wjc87vmGbbBrWw==
-----END CERTIFICATE-----