Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft
File:                     KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft (raw, json)
Hash identifier:          wAkzWilira/Is0jqJGI23JHopaIzJrLNmPBgxc1q4h4=
Subject key identifier:   CF:57:3B:21:2E:A0:00:D2:C3:5A:67:65:40:B3:17:3C:C1:CF:E0:82
Authority key identifier: 29:D4:57:B1:02:5E:4A:6A:45:C6:C4:B4:5D:6E:23:4A:A5:18:C8:B1
Certificate issuer:       /CN=29d457b1025e4a6a45c6c4b45d6e234aa518c8b1
Certificate serial:       019D985017219C07E2E27C373BEE339E316B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft
Manifest number:          1396
Signing time:             Thu 16 Apr 2026 22:01:18 +0000
Manifest this update:     Thu 16 Apr 2026 22:01:18 +0000
Manifest next update:     Fri 17 Apr 2026 22:01:18 +0000
Files and hashes:         1: KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl (hash: Ml8L/dWwwBSrOJOTxxi1U+RMzQ8w3VuCF2NASyCs+cs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:50:17:21:9c:07:e2:e2:7c:37:3b:ee:33:9e:31:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29d457b1025e4a6a45c6c4b45d6e234aa518c8b1
        Validity
            Not Before: Apr 16 22:01:18 2026 GMT
            Not After : Apr 17 22:01:18 2026 GMT
        Subject: CN=cf573b212ea000d2c35a676540b3173cc1cfe082
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:57:49:15:f4:a9:9b:1e:dd:eb:89:34:fb:5b:
                    a9:51:d6:3a:a0:61:73:c2:d0:48:a6:fc:84:5c:9d:
                    16:c2:1c:49:a9:8e:60:ed:a1:8c:e5:f8:61:78:39:
                    29:5c:16:35:a0:60:55:18:58:5d:b9:9c:2e:b7:97:
                    e8:e0:9b:ce:3f:d9:ae:3b:ac:2c:8f:24:e4:c6:84:
                    09:e6:52:23:04:fa:82:4d:d3:0a:c6:b1:61:26:92:
                    a5:fa:60:fb:b1:cb:55:82:4d:a8:c4:95:de:4f:84:
                    0e:97:92:24:aa:1a:2a:ff:5e:38:9a:41:8c:43:09:
                    fb:2c:49:b0:96:8f:0a:a0:88:9e:1f:ae:20:42:8e:
                    23:28:c7:a8:be:03:49:43:25:ed:b3:c8:70:57:2d:
                    6e:3d:fa:4b:ec:36:01:c0:5e:c0:1b:29:d4:5b:06:
                    8d:f7:39:16:50:ed:07:b6:bc:9e:f4:18:7e:79:55:
                    60:74:f4:2e:16:1b:a3:49:b6:f6:37:9d:71:21:34:
                    30:c6:10:9c:58:38:19:de:2c:f2:8b:cf:20:44:c8:
                    b5:29:ca:6e:bc:93:95:88:9f:bd:55:0f:1d:0f:24:
                    a1:b9:43:65:27:73:14:43:5a:02:73:1f:4b:b3:f0:
                    b4:69:1e:2a:23:91:4f:ec:bd:9f:cd:47:1a:ac:50:
                    50:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:57:3B:21:2E:A0:00:D2:C3:5A:67:65:40:B3:17:3C:C1:CF:E0:82
            X509v3 Authority Key Identifier:
                keyid:29:D4:57:B1:02:5E:4A:6A:45:C6:C4:B4:5D:6E:23:4A:A5:18:C8:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:cd:84:82:01:69:11:09:51:68:05:ee:ab:4b:76:45:4b:54:
         11:47:19:56:ba:a6:15:f6:c3:33:3b:38:d3:17:74:d3:73:8f:
         b5:d9:cd:8d:be:24:ca:fc:d9:3a:3e:e2:5c:b7:24:61:92:a8:
         e2:5e:c2:29:e6:cd:00:75:c8:20:5b:50:dd:5c:5b:fe:b6:1b:
         25:14:8e:ca:bc:a5:bb:34:f7:a5:5f:1e:ab:56:40:c4:d1:32:
         e4:02:bc:f9:7f:21:d7:83:4b:ba:2b:57:93:ef:2a:bc:75:9b:
         d2:13:b6:42:aa:23:3f:f4:7d:ab:c2:7e:94:52:c0:fd:4a:b8:
         62:b4:a8:73:a9:53:f9:ca:5d:aa:94:14:dd:b4:62:33:26:31:
         39:b2:8b:f5:a0:e7:2f:45:33:7a:0a:4c:89:3a:02:65:80:b0:
         c8:79:f0:22:63:19:98:bd:f6:eb:f3:a5:11:7f:94:4d:42:67:
         12:0a:a1:12:f3:73:48:93:43:f7:96:75:ce:f6:f4:1d:66:97:
         23:11:86:9b:d1:65:4f:f2:e5:27:13:9f:01:3c:e8:52:a5:9c:
         4a:6b:b3:d1:ac:42:73:21:af:a2:e6:c1:d2:da:f0:f7:2a:3c:
         75:02:6c:f5:ba:a4:44:4d:0b:8b:c9:31:eb:61:c7:0c:fd:cf:
         ea:37:2b:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YUBchnAfi4nw3O+4znjFrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDQ1N2IxMDI1ZTRhNmE0NWM2YzRiNDVkNmUyMzRhYTUx
OGM4YjEwHhcNMjYwNDE2MjIwMTE4WhcNMjYwNDE3MjIwMTE4WjAzMTEwLwYDVQQD
EyhjZjU3M2IyMTJlYTAwMGQyYzM1YTY3NjU0MGIzMTczY2MxY2ZlMDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFdJFfSpmx7d64k0+1upUdY6oGFz
wtBIpvyEXJ0WwhxJqY5g7aGM5fhheDkpXBY1oGBVGFhduZwut5fo4JvOP9muO6ws
jyTkxoQJ5lIjBPqCTdMKxrFhJpKl+mD7sctVgk2oxJXeT4QOl5Ikqhoq/144mkGM
Qwn7LEmwlo8KoIieH64gQo4jKMeovgNJQyXts8hwVy1uPfpL7DYBwF7AGynUWwaN
9zkWUO0Htrye9Bh+eVVgdPQuFhujSbb2N51xITQwxhCcWDgZ3izyi88gRMi1Kcpu
vJOViJ+9VQ8dDyShuUNlJ3MUQ1oCcx9Ls/C0aR4qI5FP7L2fzUcarFBQ6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM9XOyEuoADSw1pnZUCzFzzBz+CCMB8GA1UdIwQY
MBaAFCnUV7ECXkpqRcbEtF1uI0qlGMixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84ZTg3ZmUtYzlkNi00NDI0LWJkOTgt
N2EwNjE5ZmFhZjdkLzEvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84ZTg3ZmUtYzlkNi00NDI0LWJkOTgtN2EwNjE5ZmFhZjdk
LzEvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATc2EggFp
EQlRaAXuq0t2RUtUEUcZVrqmFfbDMzs40xd003OPtdnNjb4kyvzZOj7iXLckYZKo
4l7CKebNAHXIIFtQ3Vxb/rYbJRSOyryluzT3pV8eq1ZAxNEy5AK8+X8h14NLuitX
k+8qvHWb0hO2QqojP/R9q8J+lFLA/Uq4YrSoc6lT+cpdqpQU3bRiMyYxObKL9aDn
L0UzegpMiToCZYCwyHnwImMZmL326/OlEX+UTUJnEgqhEvNzSJND95Z1zvb0HWaX
IxGGm9FlT/LlJxOfATzoUqWcSmuz0axCcyGvoubB0trw9yo8dQJs9bqkRE0Li8kx
62HHDP3P6jcrCQ==
-----END CERTIFICATE-----