Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
File:                     KmU0qslEKjlNE5oagwPcBJWcHaA.mft (raw, json)
Hash identifier:          6HGN09OhxX1mxkzot2hQtzFDvVwjYXrhTOHQJRuS4tY=
Subject key identifier:   3D:86:70:88:CC:97:1F:13:39:9D:FA:08:74:20:30:DA:B3:5B:E6:05
Authority key identifier: 2A:65:34:AA:C9:44:2A:39:4D:13:9A:1A:83:03:DC:04:95:9C:1D:A0
Certificate issuer:       /CN=2a6534aac9442a394d139a1a8303dc04959c1da0
Certificate serial:       019CAD59918304EAE6ED77262769B3BE0B68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
Manifest number:          115B
Signing time:             Mon 02 Mar 2026 07:00:54 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:54 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:54 +0000
Files and hashes:         1: KmU0qslEKjlNE5oagwPcBJWcHaA.crl (hash: dXMNSamTqNdmopXfC32V8YsPtwsxtACyHl8bhV6Chc8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:91:83:04:ea:e6:ed:77:26:27:69:b3:be:0b:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a6534aac9442a394d139a1a8303dc04959c1da0
        Validity
            Not Before: Mar  2 07:00:54 2026 GMT
            Not After : Mar  3 07:00:54 2026 GMT
        Subject: CN=3d867088cc971f13399dfa08742030dab35be605
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:6d:c8:72:38:5b:25:8a:55:90:5c:f6:d4:41:
                    dd:61:7b:cf:5f:60:39:3a:04:e7:15:56:44:0d:4b:
                    29:58:cc:28:ed:ff:0a:9e:c5:ff:10:97:80:e0:d9:
                    05:c3:75:9f:4e:7b:e6:36:cf:b5:2b:98:dc:b0:9a:
                    9d:73:ae:98:e3:3b:06:6d:1d:75:12:6a:5a:c7:ab:
                    34:57:b3:1e:2b:04:05:7e:b7:04:24:d9:6f:0c:5e:
                    de:42:5d:b6:d1:db:5b:d6:0d:0e:1d:1c:ac:99:12:
                    75:e8:8f:ba:9d:40:10:e4:4d:be:3a:cd:dd:67:16:
                    9c:6c:d7:80:48:96:24:15:11:5e:0b:f6:84:37:37:
                    90:c4:d7:05:6e:9e:f0:9e:a8:fc:d6:08:c9:7e:76:
                    0a:cc:c2:40:96:90:67:d5:02:52:65:40:9f:c4:bf:
                    c3:b5:87:9a:74:d6:35:8f:a2:e1:d8:dc:ab:ce:8f:
                    a4:94:0b:3e:17:78:03:f1:d3:aa:97:cb:fc:9d:73:
                    21:05:9b:39:85:a6:5d:bd:ee:3b:af:7d:39:22:7d:
                    12:01:42:5d:a6:b7:ce:61:ee:6f:76:89:b0:06:4e:
                    95:67:39:a2:47:7b:a8:75:c6:a4:eb:ba:fa:3b:1a:
                    5d:6f:47:99:de:a8:cd:4a:fb:3f:be:00:13:a4:5f:
                    98:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:86:70:88:CC:97:1F:13:39:9D:FA:08:74:20:30:DA:B3:5B:E6:05
            X509v3 Authority Key Identifier:
                keyid:2A:65:34:AA:C9:44:2A:39:4D:13:9A:1A:83:03:DC:04:95:9C:1D:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:b6:3a:88:36:4f:31:c4:63:d7:5f:fe:da:d5:b4:55:65:f7:
         3d:13:f3:a7:51:d4:45:0b:98:bf:71:73:7b:09:4b:9c:af:ef:
         cd:ec:c9:01:7b:2a:3e:8e:2b:17:ec:d8:62:ac:62:14:f0:01:
         f8:9e:7f:25:2d:ec:2b:19:be:66:65:90:45:01:f1:45:7c:1f:
         1a:05:42:b2:37:93:9e:3c:86:f6:a4:14:c8:74:e2:db:d4:51:
         02:78:4f:78:fe:6e:bb:e7:00:e2:9f:84:08:70:c2:c8:75:51:
         2a:f9:4c:8a:f4:39:7c:e4:d7:fa:6b:6b:00:ba:a3:71:02:47:
         c0:c3:4f:35:33:da:15:e9:d8:54:fe:59:6c:9f:fb:60:7e:26:
         fc:5d:1f:ef:18:c1:e6:bf:00:d0:f8:ef:7f:30:b1:df:a7:78:
         1e:6f:a6:69:58:93:f6:68:94:0a:f4:59:79:cb:21:1c:f1:8a:
         70:45:21:a9:e9:61:99:74:99:2c:47:03:2d:c1:ec:52:59:72:
         bd:ec:f5:e3:c8:48:09:8a:87:0a:3a:de:62:2f:0b:f5:12:d5:
         ad:c5:79:fc:05:81:94:19:fc:33:d2:3c:e5:b8:14:fa:95:f4:
         82:5a:86:de:be:56:1e:f4:fa:e8:d1:eb:8b:e0:3b:31:3d:eb:
         51:ba:3a:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWZGDBOrm7XcmJ2mzvgtoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNjUzNGFhYzk0NDJhMzk0ZDEzOWExYTgzMDNkYzA0OTU5
YzFkYTAwHhcNMjYwMzAyMDcwMDU0WhcNMjYwMzAzMDcwMDU0WjAzMTEwLwYDVQQD
EygzZDg2NzA4OGNjOTcxZjEzMzk5ZGZhMDg3NDIwMzBkYWIzNWJlNjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlm3IcjhbJYpVkFz21EHdYXvPX2A5
OgTnFVZEDUspWMwo7f8KnsX/EJeA4NkFw3WfTnvmNs+1K5jcsJqdc66Y4zsGbR11
Empax6s0V7MeKwQFfrcEJNlvDF7eQl220dtb1g0OHRysmRJ16I+6nUAQ5E2+Os3d
ZxacbNeASJYkFRFeC/aENzeQxNcFbp7wnqj81gjJfnYKzMJAlpBn1QJSZUCfxL/D
tYeadNY1j6Lh2Nyrzo+klAs+F3gD8dOql8v8nXMhBZs5haZdve47r305In0SAUJd
prfOYe5vdomwBk6VZzmiR3uodcak67r6Oxpdb0eZ3qjNSvs/vgATpF+YlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2GcIjMlx8TOZ36CHQgMNqzW+YFMB8GA1UdIwQY
MBaAFCplNKrJRCo5TROaGoMD3ASVnB2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kMjM4OGYtZjhhOS00NDg1LTkzN2Yt
ODQwZmQ1MzUyZGMwLzEvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kMjM4OGYtZjhhOS00NDg1LTkzN2YtODQwZmQ1MzUyZGMw
LzEvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdrY6iDZP
McRj11/+2tW0VWX3PRPzp1HURQuYv3FzewlLnK/vzezJAXsqPo4rF+zYYqxiFPAB
+J5/JS3sKxm+ZmWQRQHxRXwfGgVCsjeTnjyG9qQUyHTi29RRAnhPeP5uu+cA4p+E
CHDCyHVRKvlMivQ5fOTX+mtrALqjcQJHwMNPNTPaFenYVP5ZbJ/7YH4m/F0f7xjB
5r8A0PjvfzCx36d4Hm+maViT9miUCvRZecshHPGKcEUhqelhmXSZLEcDLcHsUlly
vez148hICYqHCjreYi8L9RLVrcV5/AWBlBn8M9I85bgU+pX0glqG3r5WHvT66NHr
i+A7MT3rUbo6ig==
-----END CERTIFICATE-----