Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
File:                     KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft (raw, json)
Hash identifier:          IjQozuVtMtWi8UEZrmnOsRZPqr90D6bGikVIMzjA85s=
Subject key identifier:   14:D5:58:19:2A:5A:91:5C:9A:A9:A0:B3:3D:56:9C:91:FC:E3:05:59
Authority key identifier: 29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39
Certificate issuer:       /CN=29b1210ec9105c717d098f9f0d00d9dea2322539
Certificate serial:       019D9B509C3854FA955849FAB15C960DBFB3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
Manifest number:          1594
Signing time:             Fri 17 Apr 2026 12:00:44 +0000
Manifest this update:     Fri 17 Apr 2026 12:00:44 +0000
Manifest next update:     Sat 18 Apr 2026 12:00:44 +0000
Files and hashes:         1: KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl (hash: uuuPtfMFY/2sAMnh2P/vZ20Yh1EGXfbAdcJI9bnAl7w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 12:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:50:9c:38:54:fa:95:58:49:fa:b1:5c:96:0d:bf:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29b1210ec9105c717d098f9f0d00d9dea2322539
        Validity
            Not Before: Apr 17 12:00:44 2026 GMT
            Not After : Apr 18 12:00:44 2026 GMT
        Subject: CN=14d558192a5a915c9aa9a0b33d569c91fce30559
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:55:8d:8d:ac:f2:f8:d6:11:cd:f4:12:cf:93:
                    a2:42:ae:07:1c:ff:73:38:5a:12:ab:c1:33:a5:5f:
                    fd:6f:e7:48:54:b6:b9:cc:b8:ed:d5:53:83:8a:4e:
                    b1:3a:b3:9a:29:38:7c:77:4f:cf:2c:f4:79:e3:27:
                    56:79:7a:6c:8e:6a:df:eb:85:4e:3a:75:61:da:85:
                    bb:fc:87:0f:1d:e4:f7:bb:43:d9:47:9e:6a:1a:54:
                    d9:57:bb:65:67:75:6c:f7:7a:5d:89:94:cc:de:62:
                    0f:f2:c8:fa:7a:4f:fa:81:59:c1:f4:08:0b:05:a7:
                    01:f3:54:58:ea:59:12:62:51:0f:50:30:11:f9:cc:
                    d2:98:ee:9f:40:e3:12:da:56:b7:f2:05:c2:0e:73:
                    2d:5d:75:ff:57:cd:83:79:9b:c2:18:ee:a8:2f:c9:
                    4f:40:66:4c:e7:6f:3a:26:10:88:58:ad:43:bb:4b:
                    bc:46:2c:25:c8:34:82:3e:8a:72:b0:49:e1:69:b7:
                    ad:f3:0f:8f:64:90:64:f4:75:89:11:a2:5e:1a:88:
                    fb:34:81:89:78:91:76:c3:c6:8f:18:fb:b4:27:62:
                    ae:02:bf:4a:ef:03:71:8c:db:62:49:47:92:b7:f3:
                    3a:72:6b:71:e0:02:a1:0a:f8:7c:ab:88:bd:7c:cb:
                    bd:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:D5:58:19:2A:5A:91:5C:9A:A9:A0:B3:3D:56:9C:91:FC:E3:05:59
            X509v3 Authority Key Identifier:
                keyid:29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:ca:35:41:0f:4c:9f:ca:d5:3c:1c:81:5d:d3:bd:7a:6d:93:
         92:95:2e:45:f1:4e:8f:77:3b:20:2e:54:21:b4:37:5f:82:cc:
         ed:f1:fa:50:ce:15:5d:7e:3b:fb:5d:4d:51:90:15:bb:94:93:
         bb:6a:8b:91:e3:d8:f1:d8:bb:f1:c1:41:33:bd:18:50:15:90:
         df:ba:ee:1f:2c:92:4a:c3:d7:27:27:23:8a:ec:a9:d8:77:92:
         18:58:88:45:66:69:d6:29:cf:b3:fd:d1:be:f1:dc:13:5e:3a:
         32:21:49:7f:e9:51:33:de:aa:62:ff:3f:16:70:82:fd:1b:46:
         3c:66:64:4a:ff:9a:9e:32:6e:69:f4:dc:0a:db:07:ca:e3:bd:
         ac:88:b8:dd:4b:ff:0a:73:00:d1:88:0e:75:41:07:ef:7f:df:
         48:c9:b0:40:5b:e5:1b:8a:3d:3d:b7:31:fe:75:64:05:98:df:
         d3:59:1f:42:b6:e5:a1:32:f3:34:8f:09:2d:d7:6b:c3:09:d5:
         b3:1f:d2:b9:fb:f8:5a:0b:39:7a:c3:60:0a:cb:7a:ea:67:84:
         93:56:20:2e:e9:30:73:a5:53:81:09:f0:68:8e:28:54:59:9c:
         3a:fe:86:f8:7b:7c:a3:89:60:dd:ab:1a:73:6c:d1:74:0f:a4:
         21:ba:0c:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUJw4VPqVWEn6sVyWDb+zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjEyMTBlYzkxMDVjNzE3ZDA5OGY5ZjBkMDBkOWRlYTIz
MjI1MzkwHhcNMjYwNDE3MTIwMDQ0WhcNMjYwNDE4MTIwMDQ0WjAzMTEwLwYDVQQD
EygxNGQ1NTgxOTJhNWE5MTVjOWFhOWEwYjMzZDU2OWM5MWZjZTMwNTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1WNjazy+NYRzfQSz5OiQq4HHP9z
OFoSq8EzpV/9b+dIVLa5zLjt1VODik6xOrOaKTh8d0/PLPR54ydWeXpsjmrf64VO
OnVh2oW7/IcPHeT3u0PZR55qGlTZV7tlZ3Vs93pdiZTM3mIP8sj6ek/6gVnB9AgL
BacB81RY6lkSYlEPUDAR+czSmO6fQOMS2la38gXCDnMtXXX/V82DeZvCGO6oL8lP
QGZM5286JhCIWK1Du0u8RiwlyDSCPopysEnhabet8w+PZJBk9HWJEaJeGoj7NIGJ
eJF2w8aPGPu0J2KuAr9K7wNxjNtiSUeSt/M6cmtx4AKhCvh8q4i9fMu9NwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBTVWBkqWpFcmqmgsz1WnJH84wVZMB8GA1UdIwQY
MBaAFCmxIQ7JEFxxfQmPnw0A2d6iMiU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2Yt
MGU0NjRjYTM5ZTc1LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2YtMGU0NjRjYTM5ZTc1
LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjco1QQ9M
n8rVPByBXdO9em2TkpUuRfFOj3c7IC5UIbQ3X4LM7fH6UM4VXX47+11NUZAVu5ST
u2qLkePY8di78cFBM70YUBWQ37ruHyySSsPXJycjiuyp2HeSGFiIRWZp1inPs/3R
vvHcE146MiFJf+lRM96qYv8/FnCC/RtGPGZkSv+anjJuafTcCtsHyuO9rIi43Uv/
CnMA0YgOdUEH73/fSMmwQFvlG4o9Pbcx/nVkBZjf01kfQrbloTLzNI8JLddrwwnV
sx/Sufv4Wgs5esNgCst66meEk1YgLukwc6VTgQnwaI4oVFmcOv6G+Ht8o4lg3asa
c2zRdA+kIboM5A==
-----END CERTIFICATE-----