Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/d978ff-74a1-4915-959a-c03568dc08b3/1/KgV9tw5HTrSgd_oT875N17Y4C1Q.mft
File:                     KgV9tw5HTrSgd_oT875N17Y4C1Q.mft (raw, json)
Hash identifier:          694t1GFhp5LhczPXlImpz2LKnVqGJhnhyRoZem6Etv4=
Subject key identifier:   32:37:5A:95:33:5D:AF:09:76:56:F3:F9:9A:89:CC:16:26:EE:1E:13
Authority key identifier: 2A:05:7D:B7:0E:47:4E:B4:A0:77:FA:13:F3:BE:4D:D7:B6:38:0B:54
Certificate issuer:       /CN=2a057db70e474eb4a077fa13f3be4dd7b6380b54
Certificate serial:       019D26CCA45A13D6406F49D4946BD7D59349
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KgV9tw5HTrSgd_oT875N17Y4C1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/d978ff-74a1-4915-959a-c03568dc08b3/1/KgV9tw5HTrSgd_oT875N17Y4C1Q.mft
Manifest number:          127E
Signing time:             Wed 25 Mar 2026 21:00:38 +0000
Manifest this update:     Wed 25 Mar 2026 21:00:38 +0000
Manifest next update:     Thu 26 Mar 2026 21:00:38 +0000
Files and hashes:         1: KgV9tw5HTrSgd_oT875N17Y4C1Q.crl (hash: uexfRfKKKDUqZ4i6TY7W+GQQ6Mnnmc55SiebjXUFXDI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/d978ff-74a1-4915-959a-c03568dc08b3/1/KgV9tw5HTrSgd_oT875N17Y4C1Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/d978ff-74a1-4915-959a-c03568dc08b3/1/KgV9tw5HTrSgd_oT875N17Y4C1Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KgV9tw5HTrSgd_oT875N17Y4C1Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:cc:a4:5a:13:d6:40:6f:49:d4:94:6b:d7:d5:93:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a057db70e474eb4a077fa13f3be4dd7b6380b54
        Validity
            Not Before: Mar 25 21:00:38 2026 GMT
            Not After : Mar 26 21:00:38 2026 GMT
        Subject: CN=32375a95335daf097656f3f99a89cc1626ee1e13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:98:c3:45:92:89:38:dd:67:81:f7:3d:ce:0c:
                    d2:74:7f:d3:13:17:87:da:a0:75:1b:82:2c:f1:cc:
                    f8:7b:5d:3e:9d:d1:26:0d:a7:ed:b7:78:97:7a:8e:
                    1f:41:fb:17:b2:6a:b9:61:da:3e:41:82:74:53:d0:
                    10:5c:89:3b:ba:ce:16:15:7c:9e:cf:c7:0e:ce:70:
                    f9:e1:81:4a:54:1c:59:cf:b2:79:4c:63:56:2a:cb:
                    16:2c:be:b2:fe:7e:bb:63:d3:63:05:2a:e3:7e:1d:
                    89:2e:89:db:0a:ab:61:9e:fa:43:bb:8e:b3:bb:f2:
                    51:98:54:bf:36:9c:b1:bc:56:e9:da:d7:4a:c7:c4:
                    71:73:5b:e2:b6:87:61:d0:26:3c:7a:04:fe:b2:5c:
                    52:80:93:5c:30:5d:ea:28:b9:d8:49:04:95:bf:03:
                    dd:c8:bc:f0:6b:a2:1f:1c:34:d2:ed:3c:95:9f:3c:
                    c5:94:1f:c2:1f:38:65:f5:8b:76:49:2c:13:67:a6:
                    df:77:bf:ac:b7:64:01:48:ab:88:58:c9:79:0a:9c:
                    e1:f7:8e:1a:25:b8:b2:04:88:d8:8b:26:8b:c2:3c:
                    b0:90:b6:22:f3:d0:63:95:fb:16:75:59:fb:01:41:
                    f7:17:5d:0e:70:99:0c:08:25:d0:31:12:56:55:c9:
                    07:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:37:5A:95:33:5D:AF:09:76:56:F3:F9:9A:89:CC:16:26:EE:1E:13
            X509v3 Authority Key Identifier:
                keyid:2A:05:7D:B7:0E:47:4E:B4:A0:77:FA:13:F3:BE:4D:D7:B6:38:0B:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KgV9tw5HTrSgd_oT875N17Y4C1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/d978ff-74a1-4915-959a-c03568dc08b3/1/KgV9tw5HTrSgd_oT875N17Y4C1Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/d978ff-74a1-4915-959a-c03568dc08b3/1/KgV9tw5HTrSgd_oT875N17Y4C1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cd:51:36:fe:19:14:c5:04:27:a3:17:37:b2:f5:c1:af:a5:b3:
         e6:17:1b:b6:1d:2b:64:91:3d:1c:cf:09:0b:ef:65:6a:76:8d:
         78:f0:95:08:1f:f6:2e:69:27:99:6e:f7:8b:67:01:e9:62:11:
         0f:47:d2:19:0a:6f:28:20:01:9c:26:9a:30:fc:a8:9f:76:e6:
         ff:80:85:8d:07:c9:56:ce:58:1e:d7:b9:cf:f4:9b:fc:1d:80:
         f1:23:d7:1c:32:10:0d:5c:0f:87:46:ae:21:14:ef:75:6f:d0:
         1c:1d:04:67:82:72:3f:31:9b:e6:33:42:6a:23:0c:7b:30:34:
         b6:03:2d:19:8c:14:48:a3:00:37:15:90:d5:9e:0a:b4:7a:9e:
         7d:c9:dd:79:5c:24:ec:cd:c5:6a:e2:e6:c3:7a:6c:b0:30:da:
         11:f0:6b:b7:83:bb:de:26:cf:6e:f0:f1:2c:77:33:f3:39:ed:
         e0:2f:d6:7c:1c:a9:1f:e8:a9:c7:2d:f1:9f:18:79:70:40:b4:
         91:92:4c:b1:b1:cb:81:46:dd:16:4d:7a:6a:63:76:8f:65:ac:
         37:7f:fd:39:c0:94:cd:ac:6e:af:fa:19:8c:33:e0:f0:44:ca:
         9c:1b:ce:d8:93:c4:77:39:62:7e:17:75:db:00:38:0a:f4:f9:
         fd:1d:70:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mzKRaE9ZAb0nUlGvX1ZNJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMDU3ZGI3MGU0NzRlYjRhMDc3ZmExM2YzYmU0ZGQ3YjYz
ODBiNTQwHhcNMjYwMzI1MjEwMDM4WhcNMjYwMzI2MjEwMDM4WjAzMTEwLwYDVQQD
EygzMjM3NWE5NTMzNWRhZjA5NzY1NmYzZjk5YTg5Y2MxNjI2ZWUxZTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZjDRZKJON1ngfc9zgzSdH/TExeH
2qB1G4Is8cz4e10+ndEmDaftt3iXeo4fQfsXsmq5Ydo+QYJ0U9AQXIk7us4WFXye
z8cOznD54YFKVBxZz7J5TGNWKssWLL6y/n67Y9NjBSrjfh2JLonbCqthnvpDu46z
u/JRmFS/NpyxvFbp2tdKx8Rxc1vitodh0CY8egT+slxSgJNcMF3qKLnYSQSVvwPd
yLzwa6IfHDTS7TyVnzzFlB/CHzhl9Yt2SSwTZ6bfd7+st2QBSKuIWMl5Cpzh944a
JbiyBIjYiyaLwjywkLYi89BjlfsWdVn7AUH3F10OcJkMCCXQMRJWVckH/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDI3WpUzXa8Jdlbz+ZqJzBYm7h4TMB8GA1UdIwQY
MBaAFCoFfbcOR060oHf6E/O+Tde2OAtUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2dWOXR3NUhUclNnZF9vVDg3NU4xN1k0QzFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9kOTc4ZmYtNzRhMS00OTE1LTk1OWEt
YzAzNTY4ZGMwOGIzLzEvS2dWOXR3NUhUclNnZF9vVDg3NU4xN1k0QzFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9kOTc4ZmYtNzRhMS00OTE1LTk1OWEtYzAzNTY4ZGMwOGIz
LzEvS2dWOXR3NUhUclNnZF9vVDg3NU4xN1k0QzFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzVE2/hkU
xQQnoxc3svXBr6Wz5hcbth0rZJE9HM8JC+9lanaNePCVCB/2LmknmW73i2cB6WIR
D0fSGQpvKCABnCaaMPyon3bm/4CFjQfJVs5YHte5z/Sb/B2A8SPXHDIQDVwPh0au
IRTvdW/QHB0EZ4JyPzGb5jNCaiMMezA0tgMtGYwUSKMANxWQ1Z4KtHqefcndeVwk
7M3FauLmw3pssDDaEfBrt4O73ibPbvDxLHcz8znt4C/WfBypH+ipxy3xnxh5cEC0
kZJMsbHLgUbdFk16amN2j2WsN3/9OcCUzaxur/oZjDPg8ETKnBvO2JPEdzlifhd1
2wA4CvT5/R1wtA==
-----END CERTIFICATE-----