Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft
File:                     KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft (raw, json)
Hash identifier:          C6ZCVkRb/cAguh3VuD7Ev7rtqy0dBg18owOFJJuXdmQ=
Subject key identifier:   4B:A1:FB:C0:40:DF:E5:A9:C2:9E:BA:4A:14:D0:61:1F:11:50:28:AD
Authority key identifier: 29:D4:57:B1:02:5E:4A:6A:45:C6:C4:B4:5D:6E:23:4A:A5:18:C8:B1
Certificate issuer:       /CN=29d457b1025e4a6a45c6c4b45d6e234aa518c8b1
Certificate serial:       019CAEA3E2F68B2C8F484B49F854818AF984
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft
Manifest number:          131D
Signing time:             Mon 02 Mar 2026 13:01:41 +0000
Manifest this update:     Mon 02 Mar 2026 13:01:41 +0000
Manifest next update:     Tue 03 Mar 2026 13:01:41 +0000
Files and hashes:         1: KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl (hash: SFCBHm9TCzwhHsfft7mT2kA9SQR0inJpat7OjRcGwwM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 13:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ae:a3:e2:f6:8b:2c:8f:48:4b:49:f8:54:81:8a:f9:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29d457b1025e4a6a45c6c4b45d6e234aa518c8b1
        Validity
            Not Before: Mar  2 13:01:41 2026 GMT
            Not After : Mar  3 13:01:41 2026 GMT
        Subject: CN=4ba1fbc040dfe5a9c29eba4a14d0611f115028ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:27:00:86:c5:7c:d5:83:6f:a5:dc:fa:f0:b5:
                    b9:b0:6c:e3:d7:31:ee:88:c8:6a:c2:cf:60:45:97:
                    78:bc:7f:03:d3:11:11:f9:b9:05:67:a8:4e:ad:5a:
                    c0:61:ee:f0:54:71:8e:bf:19:43:89:5a:9e:fe:6e:
                    cf:51:d7:12:e9:35:71:ac:e6:43:81:1c:aa:9f:7e:
                    25:d7:18:0a:75:27:cc:15:cf:0b:51:59:ca:ad:69:
                    98:39:93:e9:5b:92:88:23:78:8b:88:8c:4f:f9:2c:
                    a1:64:63:66:01:ad:b4:a8:57:d0:20:4a:ae:de:1b:
                    cb:01:e7:3a:e1:df:7b:bd:ef:d3:bf:91:7a:9a:e2:
                    04:ec:d3:62:2f:b1:4e:36:87:85:aa:ec:bd:33:da:
                    05:82:70:1d:d2:66:3f:7d:ca:9c:e8:70:92:82:c9:
                    89:d9:70:88:11:0d:5e:7f:cb:94:4f:65:70:e1:41:
                    01:14:5d:7a:c1:2c:6f:77:b2:1b:6c:c6:b0:1c:dd:
                    6f:8f:4c:c8:a2:e6:5d:1b:f3:04:15:e0:59:0b:5b:
                    b6:28:be:6d:7b:57:8e:fe:e0:12:4d:6a:ea:4b:ea:
                    27:77:3f:0b:a4:25:3a:b3:a0:dd:62:bb:e3:75:2c:
                    8f:cf:a5:1a:3d:f9:c2:55:f3:30:57:63:cc:24:f8:
                    b3:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:A1:FB:C0:40:DF:E5:A9:C2:9E:BA:4A:14:D0:61:1F:11:50:28:AD
            X509v3 Authority Key Identifier:
                keyid:29:D4:57:B1:02:5E:4A:6A:45:C6:C4:B4:5D:6E:23:4A:A5:18:C8:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:9b:17:4d:cf:5c:8a:6c:fa:e5:6c:f7:64:97:a2:58:cf:a7:
         92:15:3b:5f:c8:1e:f8:be:cd:50:84:0a:7f:63:3a:db:b4:78:
         be:38:e1:c1:4a:47:8b:de:c8:6e:25:07:a4:af:f6:0d:1f:7a:
         88:ba:9b:79:4e:e4:ae:52:19:62:c8:c3:f6:4c:ba:f0:17:a9:
         e5:d9:ef:d1:11:85:12:98:b3:6a:60:96:cb:21:78:c7:84:2d:
         06:94:e4:ec:9a:43:3b:b8:c6:94:9e:b9:ec:a1:86:d9:68:22:
         4c:3e:94:2d:f0:8a:a6:3c:69:22:49:dd:fd:71:dd:78:60:64:
         8c:3f:d2:2a:ad:58:22:aa:ca:84:85:e8:6f:7f:21:16:06:83:
         6c:b2:73:af:4d:ea:cb:7d:d6:20:f1:2c:bf:84:47:5d:e3:f0:
         e4:be:ac:08:39:75:a3:4b:fc:68:2b:f3:ea:a7:88:4f:71:ba:
         04:bc:ab:22:e4:6a:d5:fb:f9:d8:3b:b8:ec:9e:78:00:72:0b:
         38:35:d1:ba:d1:13:d4:52:51:76:42:0e:b5:7e:94:de:9c:e8:
         28:27:2c:94:e9:9e:3b:e7:28:68:8a:74:17:79:41:78:25:1f:
         a4:28:36:ff:36:48:16:d6:20:bd:be:fd:37:22:b2:07:f4:9b:
         0b:38:b3:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuo+L2iyyPSEtJ+FSBivmEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDQ1N2IxMDI1ZTRhNmE0NWM2YzRiNDVkNmUyMzRhYTUx
OGM4YjEwHhcNMjYwMzAyMTMwMTQxWhcNMjYwMzAzMTMwMTQxWjAzMTEwLwYDVQQD
Eyg0YmExZmJjMDQwZGZlNWE5YzI5ZWJhNGExNGQwNjExZjExNTAyOGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCcAhsV81YNvpdz68LW5sGzj1zHu
iMhqws9gRZd4vH8D0xER+bkFZ6hOrVrAYe7wVHGOvxlDiVqe/m7PUdcS6TVxrOZD
gRyqn34l1xgKdSfMFc8LUVnKrWmYOZPpW5KII3iLiIxP+SyhZGNmAa20qFfQIEqu
3hvLAec64d97ve/Tv5F6muIE7NNiL7FONoeFquy9M9oFgnAd0mY/fcqc6HCSgsmJ
2XCIEQ1ef8uUT2Vw4UEBFF16wSxvd7IbbMawHN1vj0zIouZdG/MEFeBZC1u2KL5t
e1eO/uASTWrqS+ondz8LpCU6s6DdYrvjdSyPz6UaPfnCVfMwV2PMJPizZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEuh+8BA3+Wpwp66ShTQYR8RUCitMB8GA1UdIwQY
MBaAFCnUV7ECXkpqRcbEtF1uI0qlGMixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84ZTg3ZmUtYzlkNi00NDI0LWJkOTgt
N2EwNjE5ZmFhZjdkLzEvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84ZTg3ZmUtYzlkNi00NDI0LWJkOTgtN2EwNjE5ZmFhZjdk
LzEvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO5sXTc9c
imz65Wz3ZJeiWM+nkhU7X8ge+L7NUIQKf2M627R4vjjhwUpHi97IbiUHpK/2DR96
iLqbeU7krlIZYsjD9ky68Bep5dnv0RGFEpizamCWyyF4x4QtBpTk7JpDO7jGlJ65
7KGG2WgiTD6ULfCKpjxpIknd/XHdeGBkjD/SKq1YIqrKhIXob38hFgaDbLJzr03q
y33WIPEsv4RHXePw5L6sCDl1o0v8aCvz6qeIT3G6BLyrIuRq1fv52Du47J54AHIL
ODXRutET1FJRdkIOtX6U3pzoKCcslOmeO+coaIp0F3lBeCUfpCg2/zZIFtYgvb79
NyKyB/SbCzizQQ==
-----END CERTIFICATE-----