Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft
File:                     ksrhHed02u8FJ0JGPOlU9SHG0nI.mft (raw, json)
Hash identifier:          g5siiVnohXSiBMGEeCDbRENspj46/PV2mSBxh8ZpuKI=
Subject key identifier:   2E:98:96:4D:DD:92:30:95:1B:99:2F:CA:D2:C2:99:87:77:A3:59:50
Authority key identifier: 92:CA:E1:1D:E7:74:DA:EF:05:27:42:46:3C:E9:54:F5:21:C6:D2:72
Certificate issuer:       /CN=92cae11de774daef052742463ce954f521c6d272
Certificate serial:       019D28F33BBAB8593EAEF8B5EFBDA066A84A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ksrhHed02u8FJ0JGPOlU9SHG0nI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft
Manifest number:          127F
Signing time:             Thu 26 Mar 2026 07:02:02 +0000
Manifest this update:     Thu 26 Mar 2026 07:02:02 +0000
Manifest next update:     Fri 27 Mar 2026 07:02:02 +0000
Files and hashes:         1: ksrhHed02u8FJ0JGPOlU9SHG0nI.crl (hash: f/HfyapMwyzLMOTB/xSfr5sKtAaHN0lyuw39NsaUQwY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ksrhHed02u8FJ0JGPOlU9SHG0nI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f3:3b:ba:b8:59:3e:ae:f8:b5:ef:bd:a0:66:a8:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92cae11de774daef052742463ce954f521c6d272
        Validity
            Not Before: Mar 26 07:02:02 2026 GMT
            Not After : Mar 27 07:02:02 2026 GMT
        Subject: CN=2e98964ddd9230951b992fcad2c2998777a35950
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:0b:be:9f:74:28:7c:1d:5c:72:ba:70:4d:5b:
                    34:d6:bb:18:29:b9:e9:a7:71:bd:07:d5:24:5b:c7:
                    00:09:93:bf:6d:6c:2d:89:ea:1a:d0:1f:ea:82:54:
                    83:97:51:bb:ce:91:fc:53:3d:85:ca:c7:e2:c4:39:
                    1f:26:ac:b7:43:d2:11:d2:53:23:83:ec:84:b5:cd:
                    97:90:87:34:25:bc:68:ee:20:43:c4:31:4a:df:5b:
                    62:fe:28:05:45:96:74:0c:a4:c5:21:56:e3:34:18:
                    c3:f5:91:72:4b:55:8b:f6:79:d0:a4:d0:48:cb:f5:
                    ef:05:a1:75:e5:ae:80:e4:a8:37:64:ac:8b:d6:b9:
                    c3:84:0a:05:58:5d:37:fa:cb:59:44:2e:e1:21:04:
                    20:e7:5e:01:46:38:a0:a1:a5:ec:0d:fd:43:46:4f:
                    b4:b0:7a:d1:7a:4e:1e:a6:e5:12:e0:a7:d8:ae:66:
                    39:cb:94:a6:20:d0:17:4d:57:d4:90:99:6d:0d:02:
                    95:9e:07:6f:0d:02:5c:f7:32:cc:18:ca:9c:0e:83:
                    02:e0:35:c1:18:16:8d:61:a6:25:0b:67:6e:61:37:
                    93:d2:dd:da:9e:f7:ec:5e:db:a7:e4:74:7c:7f:2b:
                    7a:af:15:08:e2:a9:c5:1e:8e:38:c0:43:80:73:66:
                    10:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:98:96:4D:DD:92:30:95:1B:99:2F:CA:D2:C2:99:87:77:A3:59:50
            X509v3 Authority Key Identifier:
                keyid:92:CA:E1:1D:E7:74:DA:EF:05:27:42:46:3C:E9:54:F5:21:C6:D2:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ksrhHed02u8FJ0JGPOlU9SHG0nI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:52:3b:bc:9e:79:79:cd:a2:b1:b6:45:2e:69:44:e0:bc:eb:
         ff:a8:32:95:98:92:3c:6a:e1:f0:21:19:3f:4d:36:93:e6:44:
         79:9f:c5:ab:c2:7c:e4:fc:44:44:41:40:07:e8:f1:d6:bb:e0:
         37:de:51:37:7b:2b:48:9a:2e:b2:29:4c:25:4a:17:1f:2b:5d:
         ac:30:03:c1:25:36:fc:f3:9f:1d:12:45:34:f9:75:12:d3:a0:
         ae:33:de:56:4c:b0:b0:8c:c6:34:d5:fd:73:4a:08:d6:15:50:
         9b:95:38:61:8c:b4:e5:3c:e1:18:c1:22:8f:97:24:60:b0:1a:
         a2:37:57:61:2a:a7:62:ba:43:d3:7a:9d:28:9e:0e:6d:8c:61:
         d1:1f:b6:3d:74:4e:f7:d7:6e:04:98:ea:71:f0:1f:db:5f:02:
         09:40:62:a3:5d:3d:00:9b:bc:0b:78:86:ef:8a:04:9d:30:43:
         c1:54:0b:56:1b:97:4d:12:8c:9b:e1:86:9d:b8:cd:d1:09:af:
         b5:ab:8d:e7:05:37:37:e6:03:dd:ea:85:2b:3b:15:a0:0d:8b:
         83:b8:20:4a:ad:d3:5c:ae:eb:0d:e4:30:0c:f8:cb:77:2c:b8:
         a4:77:e8:6e:bd:f4:51:49:ea:c4:c9:50:93:5b:f3:9f:ba:ed:
         4d:77:b5:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8zu6uFk+rvi1772gZqhKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyY2FlMTFkZTc3NGRhZWYwNTI3NDI0NjNjZTk1NGY1MjFj
NmQyNzIwHhcNMjYwMzI2MDcwMjAyWhcNMjYwMzI3MDcwMjAyWjAzMTEwLwYDVQQD
EygyZTk4OTY0ZGRkOTIzMDk1MWI5OTJmY2FkMmMyOTk4Nzc3YTM1OTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgu+n3QofB1ccrpwTVs01rsYKbnp
p3G9B9UkW8cACZO/bWwtieoa0B/qglSDl1G7zpH8Uz2FysfixDkfJqy3Q9IR0lMj
g+yEtc2XkIc0Jbxo7iBDxDFK31ti/igFRZZ0DKTFIVbjNBjD9ZFyS1WL9nnQpNBI
y/XvBaF15a6A5Kg3ZKyL1rnDhAoFWF03+stZRC7hIQQg514BRjigoaXsDf1DRk+0
sHrRek4epuUS4KfYrmY5y5SmINAXTVfUkJltDQKVngdvDQJc9zLMGMqcDoMC4DXB
GBaNYaYlC2duYTeT0t3anvfsXtun5HR8fyt6rxUI4qnFHo44wEOAc2YQtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC6Ylk3dkjCVG5kvytLCmYd3o1lQMB8GA1UdIwQY
MBaAFJLK4R3ndNrvBSdCRjzpVPUhxtJyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3NyaEhlZDAydThGSjBKR1BPbFU5U0hHMG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9lZGY0MzUtMWFiZi00NzBlLWJhNmQt
ZWZmNmZkN2QzYjI4LzEva3NyaEhlZDAydThGSjBKR1BPbFU5U0hHMG5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9lZGY0MzUtMWFiZi00NzBlLWJhNmQtZWZmNmZkN2QzYjI4
LzEva3NyaEhlZDAydThGSjBKR1BPbFU5U0hHMG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANVI7vJ55
ec2isbZFLmlE4Lzr/6gylZiSPGrh8CEZP002k+ZEeZ/Fq8J85PxEREFAB+jx1rvg
N95RN3srSJousilMJUoXHytdrDADwSU2/POfHRJFNPl1EtOgrjPeVkywsIzGNNX9
c0oI1hVQm5U4YYy05TzhGMEij5ckYLAaojdXYSqnYrpD03qdKJ4ObYxh0R+2PXRO
99duBJjqcfAf218CCUBio109AJu8C3iG74oEnTBDwVQLVhuXTRKMm+GGnbjN0Qmv
tauN5wU3N+YD3eqFKzsVoA2Lg7ggSq3TXK7rDeQwDPjLdyy4pHfobr30UUnqxMlQ
k1vzn7rtTXe17Q==
-----END CERTIFICATE-----