Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft
File:                     KMvNlssXsh1iT9IXD9DXCBY68j0.mft (raw, json)
Hash identifier:          gQ7h4rfaZYmpSe3upj2YJ++0xNqBF/SEIypfDifqAgk=
Subject key identifier:   9F:6B:ED:19:B1:34:8C:EC:B0:0E:37:FD:19:A5:B3:04:57:BF:D8:75
Authority key identifier: 28:CB:CD:96:CB:17:B2:1D:62:4F:D2:17:0F:D0:D7:08:16:3A:F2:3D
Certificate issuer:       /CN=28cbcd96cb17b21d624fd2170fd0d708163af23d
Certificate serial:       019D2AE0BC76E6DB77C91933AEF5A01A71F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft
Manifest number:          11B0
Signing time:             Thu 26 Mar 2026 16:01:04 +0000
Manifest this update:     Thu 26 Mar 2026 16:01:04 +0000
Manifest next update:     Fri 27 Mar 2026 16:01:04 +0000
Files and hashes:         1: KMvNlssXsh1iT9IXD9DXCBY68j0.crl (hash: 1kS9obgDL+OAnRYoQqv0NQuQXPBmf/9lXjIyQTF1Ank=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 16:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:bc:76:e6:db:77:c9:19:33:ae:f5:a0:1a:71:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28cbcd96cb17b21d624fd2170fd0d708163af23d
        Validity
            Not Before: Mar 26 16:01:04 2026 GMT
            Not After : Mar 27 16:01:04 2026 GMT
        Subject: CN=9f6bed19b1348cecb00e37fd19a5b30457bfd875
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:44:e3:db:20:e6:7b:65:10:68:bf:3a:ac:88:
                    33:90:5a:85:99:03:04:e1:e9:2d:d3:15:00:e4:7d:
                    f1:6a:cb:26:ef:18:04:5d:29:37:2a:5d:b6:ac:46:
                    d8:03:c6:80:00:55:74:45:ba:b4:57:3a:cb:44:6f:
                    0f:82:27:bb:33:61:93:5f:8c:dd:ea:21:bb:12:49:
                    fa:63:0b:12:d4:17:18:97:09:c1:d7:f3:19:76:3a:
                    fd:f9:d6:a5:64:76:c0:98:87:13:25:bb:f8:f6:86:
                    5c:25:75:6f:a6:c5:f5:09:03:e3:3a:16:68:c2:ac:
                    23:98:8b:a4:10:8d:ad:10:92:8b:1c:f0:bd:4c:f7:
                    6e:29:85:3b:ae:fc:35:45:70:78:08:49:d7:68:b5:
                    c7:36:e8:7b:04:f2:51:cc:10:4f:33:ec:87:1b:4c:
                    3c:65:4d:e3:b9:b1:15:fe:95:56:68:74:16:ac:5c:
                    ab:43:d0:0c:8a:7d:4c:69:d6:9b:48:83:da:23:d5:
                    d2:1b:9b:e1:7f:ca:db:70:4a:e2:df:36:eb:6e:59:
                    e2:d5:b1:b8:15:ad:d3:8c:51:e9:c0:87:a0:bc:56:
                    b9:18:38:27:ad:87:c5:4d:82:d5:77:44:7b:ce:fe:
                    3f:a1:2a:bb:9d:63:45:03:44:ba:32:a9:97:f2:ed:
                    1c:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:6B:ED:19:B1:34:8C:EC:B0:0E:37:FD:19:A5:B3:04:57:BF:D8:75
            X509v3 Authority Key Identifier:
                keyid:28:CB:CD:96:CB:17:B2:1D:62:4F:D2:17:0F:D0:D7:08:16:3A:F2:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:a9:58:45:21:7e:7a:41:f7:20:03:2c:f6:ed:70:89:ce:a7:
         8e:84:a4:9d:69:02:9e:84:14:b2:f7:7c:cb:c9:62:2d:0e:60:
         56:3a:01:30:ec:32:c4:c7:43:4f:d9:a3:39:89:84:dd:c9:a0:
         d4:03:51:94:bb:8a:a2:37:4e:b1:5f:d3:b8:c1:78:d5:7f:e0:
         26:f2:8c:82:31:2b:c4:a8:6a:3f:5d:ee:1e:48:1e:15:27:5f:
         14:19:67:72:52:20:9a:78:ac:86:bd:bc:5a:a2:98:fa:c4:67:
         c1:54:6b:3c:b9:80:22:73:f8:55:7a:0e:34:65:4d:63:35:b5:
         e2:9f:55:c9:b1:5b:9e:fb:b4:9b:5b:f3:7f:26:4e:27:4b:bd:
         8c:dc:a4:00:fb:87:f3:e1:d8:71:69:9e:77:c7:38:f1:32:37:
         c6:b5:1b:49:40:ac:d7:dc:01:4d:d4:3d:46:38:8b:5a:34:ca:
         41:e8:f6:5a:a6:1e:10:bc:84:fe:33:92:31:c6:e3:af:9e:68:
         87:91:e9:6d:ac:12:d0:15:a7:25:43:86:13:ae:e5:96:26:1e:
         c6:86:9d:73:5f:eb:43:fe:cd:54:75:3e:3d:04:5c:d6:48:f5:
         24:12:85:d3:a3:31:67:4c:ec:9c:31:2b:3b:15:4c:64:aa:08:
         e6:21:61:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4Lx25tt3yRkzrvWgGnHzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4Y2JjZDk2Y2IxN2IyMWQ2MjRmZDIxNzBmZDBkNzA4MTYz
YWYyM2QwHhcNMjYwMzI2MTYwMTA0WhcNMjYwMzI3MTYwMTA0WjAzMTEwLwYDVQQD
Eyg5ZjZiZWQxOWIxMzQ4Y2VjYjAwZTM3ZmQxOWE1YjMwNDU3YmZkODc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkTj2yDme2UQaL86rIgzkFqFmQME
4ekt0xUA5H3xassm7xgEXSk3Kl22rEbYA8aAAFV0Rbq0VzrLRG8Pgie7M2GTX4zd
6iG7Ekn6YwsS1BcYlwnB1/MZdjr9+dalZHbAmIcTJbv49oZcJXVvpsX1CQPjOhZo
wqwjmIukEI2tEJKLHPC9TPduKYU7rvw1RXB4CEnXaLXHNuh7BPJRzBBPM+yHG0w8
ZU3jubEV/pVWaHQWrFyrQ9AMin1MadabSIPaI9XSG5vhf8rbcEri3zbrblni1bG4
Fa3TjFHpwIegvFa5GDgnrYfFTYLVd0R7zv4/oSq7nWNFA0S6MqmX8u0c0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ9r7RmxNIzssA43/RmlswRXv9h1MB8GA1UdIwQY
MBaAFCjLzZbLF7IdYk/SFw/Q1wgWOvI9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZTQwZWUtNzkzNS00MWE5LThlZTct
ZjlhNjk0NDlkNWZhLzEvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ZTQwZWUtNzkzNS00MWE5LThlZTctZjlhNjk0NDlkNWZh
LzEvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOalYRSF+
ekH3IAMs9u1wic6njoSknWkCnoQUsvd8y8liLQ5gVjoBMOwyxMdDT9mjOYmE3cmg
1ANRlLuKojdOsV/TuMF41X/gJvKMgjErxKhqP13uHkgeFSdfFBlnclIgmnishr28
WqKY+sRnwVRrPLmAInP4VXoONGVNYzW14p9VybFbnvu0m1vzfyZOJ0u9jNykAPuH
8+HYcWmed8c48TI3xrUbSUCs19wBTdQ9RjiLWjTKQej2WqYeELyE/jOSMcbjr55o
h5HpbawS0BWnJUOGE67lliYexoadc1/rQ/7NVHU+PQRc1kj1JBKF06MxZ0zsnDEr
OxVMZKoI5iFhFw==
-----END CERTIFICATE-----