Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
File:                     KtclXVpq-4XjdugbuaCew93dvNw.mft (raw, json)
Hash identifier:          g3R9ccPC1ZnaCoEBgzRiCB9/Gs3e/xgjwuFArjUE/9Q=
Subject key identifier:   72:EA:E2:C6:71:5E:EF:6B:EE:C6:C0:53:3C:83:1F:6C:CA:6F:DA:3F
Authority key identifier: 2A:D7:25:5D:5A:6A:FB:85:E3:76:E8:1B:B9:A0:9E:C3:DD:DD:BC:DC
Certificate issuer:       /CN=2ad7255d5a6afb85e376e81bb9a09ec3ddddbcdc
Certificate serial:       019CAC1057CC8B892E259B521DDEC083FCAC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
Manifest number:          175D
Signing time:             Mon 02 Mar 2026 01:01:18 +0000
Manifest this update:     Mon 02 Mar 2026 01:01:18 +0000
Manifest next update:     Tue 03 Mar 2026 01:01:18 +0000
Files and hashes:         1: KtclXVpq-4XjdugbuaCew93dvNw.crl (hash: sE/m+CWLH1FP3IWTkvbw3pxLNHDNVRpnkwGF3Xo4A6Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:10:57:cc:8b:89:2e:25:9b:52:1d:de:c0:83:fc:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ad7255d5a6afb85e376e81bb9a09ec3ddddbcdc
        Validity
            Not Before: Mar  2 01:01:18 2026 GMT
            Not After : Mar  3 01:01:18 2026 GMT
        Subject: CN=72eae2c6715eef6beec6c0533c831f6cca6fda3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:bf:db:30:33:d6:bf:2e:6c:a0:a8:86:4e:4f:
                    e0:ca:fd:da:28:c6:31:5d:9e:c4:d0:6e:57:5c:08:
                    7f:84:e1:9c:bd:51:9b:2f:51:20:ee:bb:da:32:1d:
                    9d:2d:3f:31:ae:a2:79:8a:5b:15:80:3e:07:0a:49:
                    39:84:82:3a:84:3b:fd:d3:26:81:5c:cc:c9:67:bd:
                    96:fc:56:75:02:d3:de:65:f0:da:72:78:c1:02:69:
                    a7:5b:ca:9a:c2:b9:03:c5:fc:c5:3e:6d:b4:08:67:
                    d5:a0:c0:12:59:13:00:0d:b3:e7:95:8e:6f:36:d1:
                    c9:d8:89:51:92:82:f5:71:fd:a7:73:ff:72:19:eb:
                    0a:66:2e:1c:78:e4:0a:9d:a6:9f:85:ff:fa:3b:93:
                    3b:02:a8:e0:9c:c7:7f:69:c1:5e:ca:3d:50:f3:d0:
                    d0:f7:78:26:ff:fe:a5:bc:a2:84:e3:99:14:09:21:
                    6d:b9:7d:ae:b6:f1:0d:2d:90:36:55:3e:7c:6c:e3:
                    3c:cc:92:2f:be:69:37:60:25:47:e3:d6:86:0c:9a:
                    a3:62:d6:57:76:ab:a2:fc:12:3a:fe:75:c3:f4:3f:
                    49:b3:1c:b4:6c:05:5b:84:90:81:f3:e0:03:34:be:
                    33:81:a4:dd:a8:6b:be:f9:60:5e:79:10:7b:f0:f9:
                    d2:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:EA:E2:C6:71:5E:EF:6B:EE:C6:C0:53:3C:83:1F:6C:CA:6F:DA:3F
            X509v3 Authority Key Identifier:
                keyid:2A:D7:25:5D:5A:6A:FB:85:E3:76:E8:1B:B9:A0:9E:C3:DD:DD:BC:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:f2:b7:40:88:29:f7:18:02:5a:34:0f:15:80:7a:18:10:04:
         c7:90:1c:b1:33:2e:14:c2:39:56:59:4c:a5:2e:ed:fb:97:5c:
         c3:a9:0c:80:f3:f9:fd:9e:d4:34:c7:17:6e:75:2a:73:48:f5:
         95:a6:0e:ac:51:85:14:2b:39:38:d4:03:9e:61:4f:53:ca:4b:
         ac:69:fd:08:2c:2b:12:f1:45:53:81:72:e3:23:30:93:a1:90:
         47:49:c2:96:21:aa:77:34:6b:d2:5a:3d:b4:13:7f:ce:10:d8:
         47:05:a4:cd:18:13:a7:e2:ae:61:92:c3:a0:f5:70:51:81:53:
         9b:ea:af:eb:2c:2a:83:88:38:76:19:5e:43:64:2d:e7:b8:60:
         3a:9b:a5:3a:3d:18:39:31:40:16:c1:33:14:89:2d:d5:2a:2d:
         41:c5:4e:d7:aa:b8:b7:a2:18:1d:34:d5:d6:2b:f3:bc:97:df:
         74:0a:6f:27:a9:c8:20:ae:26:ee:83:8e:e7:10:ed:f0:98:1b:
         1d:72:70:e1:ea:63:fb:b2:9f:c7:19:31:2b:c0:3a:de:34:3a:
         6f:4c:f1:e4:15:5f:3f:0c:f4:89:65:d2:70:49:23:ec:12:15:
         d0:cd:25:aa:99:84:c0:d4:e5:53:d3:19:62:64:29:57:cf:8f:
         c1:17:af:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysEFfMi4kuJZtSHd7Ag/ysMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZDcyNTVkNWE2YWZiODVlMzc2ZTgxYmI5YTA5ZWMzZGRk
ZGJjZGMwHhcNMjYwMzAyMDEwMTE4WhcNMjYwMzAzMDEwMTE4WjAzMTEwLwYDVQQD
Eyg3MmVhZTJjNjcxNWVlZjZiZWVjNmMwNTMzYzgzMWY2Y2NhNmZkYTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7/bMDPWvy5soKiGTk/gyv3aKMYx
XZ7E0G5XXAh/hOGcvVGbL1Eg7rvaMh2dLT8xrqJ5ilsVgD4HCkk5hII6hDv90yaB
XMzJZ72W/FZ1AtPeZfDacnjBAmmnW8qawrkDxfzFPm20CGfVoMASWRMADbPnlY5v
NtHJ2IlRkoL1cf2nc/9yGesKZi4ceOQKnaafhf/6O5M7AqjgnMd/acFeyj1Q89DQ
93gm//6lvKKE45kUCSFtuX2utvENLZA2VT58bOM8zJIvvmk3YCVH49aGDJqjYtZX
dqui/BI6/nXD9D9Jsxy0bAVbhJCB8+ADNL4zgaTdqGu++WBeeRB78PnSLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHLq4sZxXu9r7sbAUzyDH2zKb9o/MB8GA1UdIwQY
MBaAFCrXJV1aavuF43boG7mgnsPd3bzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lYmI5NzktYmVmMC00MjBjLTk1ZTAt
YmNlYjM3NmMyNTczLzEvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lYmI5NzktYmVmMC00MjBjLTk1ZTAtYmNlYjM3NmMyNTcz
LzEvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEPK3QIgp
9xgCWjQPFYB6GBAEx5AcsTMuFMI5VllMpS7t+5dcw6kMgPP5/Z7UNMcXbnUqc0j1
laYOrFGFFCs5ONQDnmFPU8pLrGn9CCwrEvFFU4Fy4yMwk6GQR0nCliGqdzRr0lo9
tBN/zhDYRwWkzRgTp+KuYZLDoPVwUYFTm+qv6ywqg4g4dhleQ2Qt57hgOpulOj0Y
OTFAFsEzFIkt1SotQcVO16q4t6IYHTTV1ivzvJffdApvJ6nIIK4m7oOO5xDt8Jgb
HXJw4epj+7KfxxkxK8A63jQ6b0zx5BVfPwz0iWXScEkj7BIV0M0lqpmEwNTlU9MZ
YmQpV8+PwRevBA==
-----END CERTIFICATE-----