Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
File:                     KtclXVpq-4XjdugbuaCew93dvNw.mft (raw, json)
Hash identifier:          guOUvFKKNf1hLUkxKGGPcWrkecw+4en6tU092kvIh40=
Subject key identifier:   3E:34:92:4B:61:A6:E0:A2:2D:7A:FD:84:D2:55:30:80:4D:0C:FE:97
Authority key identifier: 2A:D7:25:5D:5A:6A:FB:85:E3:76:E8:1B:B9:A0:9E:C3:DD:DD:BC:DC
Certificate issuer:       /CN=2ad7255d5a6afb85e376e81bb9a09ec3ddddbcdc
Certificate serial:       019D9B87AA7D0032BB220E031CEA826B7794
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
Manifest number:          17D9
Signing time:             Fri 17 Apr 2026 13:00:52 +0000
Manifest this update:     Fri 17 Apr 2026 13:00:52 +0000
Manifest next update:     Sat 18 Apr 2026 13:00:52 +0000
Files and hashes:         1: KtclXVpq-4XjdugbuaCew93dvNw.crl (hash: plgJGr/x3hcz8W/T4C6uYy6PJBpZPnn9dzm4bK9sveA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:87:aa:7d:00:32:bb:22:0e:03:1c:ea:82:6b:77:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ad7255d5a6afb85e376e81bb9a09ec3ddddbcdc
        Validity
            Not Before: Apr 17 13:00:52 2026 GMT
            Not After : Apr 18 13:00:52 2026 GMT
        Subject: CN=3e34924b61a6e0a22d7afd84d25530804d0cfe97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:e7:6e:eb:20:26:6f:6a:50:ac:34:e1:2b:cd:
                    7c:f4:7d:70:f5:f2:93:69:0b:09:ff:67:5f:81:06:
                    f5:28:71:c0:40:9c:8f:1b:cd:a1:49:6c:61:8d:74:
                    37:10:67:32:bb:67:a5:9a:51:c7:3a:4c:d6:b0:f7:
                    09:5a:29:5f:3c:f1:43:62:a6:1b:5e:c0:3c:59:88:
                    ef:d6:8b:29:02:7a:67:13:4d:5d:bd:b8:d8:76:80:
                    43:41:15:54:e9:e4:91:2e:98:31:58:45:47:9a:73:
                    b1:14:fd:eb:59:3c:ac:23:e3:f6:de:0d:04:41:48:
                    28:d9:44:ec:0a:1e:af:cd:64:7b:37:3b:2d:f9:45:
                    c5:9e:0a:13:58:a7:bd:10:22:14:19:bf:5b:04:02:
                    02:c3:fa:87:e0:74:c4:a1:9d:41:e2:04:88:e0:17:
                    98:70:35:88:58:86:57:19:90:4e:b7:87:19:76:49:
                    2c:69:53:f2:78:f8:35:94:00:e7:43:6d:71:f4:a5:
                    f4:39:d6:9f:86:4b:df:96:fc:80:0c:49:59:27:17:
                    76:d6:aa:1c:ad:14:89:2d:2b:6b:90:f4:09:f0:ec:
                    13:1f:f5:eb:1f:12:d0:f6:65:51:70:95:48:ce:4c:
                    43:b6:80:db:73:66:19:e9:fd:e4:64:28:0b:1b:84:
                    b2:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:34:92:4B:61:A6:E0:A2:2D:7A:FD:84:D2:55:30:80:4D:0C:FE:97
            X509v3 Authority Key Identifier:
                keyid:2A:D7:25:5D:5A:6A:FB:85:E3:76:E8:1B:B9:A0:9E:C3:DD:DD:BC:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:80:58:67:f8:eb:8e:f4:fb:0c:d9:9c:da:22:27:e9:8d:47:
         dd:63:17:5c:4f:e9:c9:17:b5:d4:97:b1:a1:49:f2:5a:f8:7d:
         1e:5d:dd:ac:eb:94:4a:32:f3:84:cd:1c:13:b9:e7:b5:11:7f:
         70:c5:95:ee:fe:ee:e1:27:23:10:7e:e8:d6:89:2e:fb:e0:bf:
         bb:1a:ee:29:e3:69:21:76:91:b0:25:e4:a1:33:ae:77:bf:37:
         9e:2d:1d:78:54:67:57:4e:ce:42:38:80:9e:c7:11:c5:14:66:
         3f:a6:d5:8a:38:6d:ef:14:39:cc:84:52:4c:bc:60:a7:4f:6f:
         fd:8a:f9:bc:af:4b:61:6e:a2:ec:a2:63:0b:39:ac:25:af:fa:
         4e:32:64:f8:8c:99:49:73:6a:a2:05:7d:4b:ea:33:47:f6:82:
         d7:94:f5:f5:b2:9d:37:10:e8:e1:27:4b:42:b5:ab:91:b1:90:
         cb:ee:c6:81:e6:ef:a6:6e:47:bd:cc:b2:13:65:6d:1f:75:69:
         b3:e4:08:33:58:c2:e2:d2:73:16:29:2e:81:73:71:f9:57:c1:
         2f:de:f6:80:42:3e:1a:ce:23:d0:14:fe:69:4f:50:c2:76:67:
         c1:ee:cb:bf:ca:ed:30:5b:01:ef:77:44:3a:4c:9d:c9:dc:6d:
         8f:d7:d4:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bh6p9ADK7Ig4DHOqCa3eUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZDcyNTVkNWE2YWZiODVlMzc2ZTgxYmI5YTA5ZWMzZGRk
ZGJjZGMwHhcNMjYwNDE3MTMwMDUyWhcNMjYwNDE4MTMwMDUyWjAzMTEwLwYDVQQD
EygzZTM0OTI0YjYxYTZlMGEyMmQ3YWZkODRkMjU1MzA4MDRkMGNmZTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApudu6yAmb2pQrDThK8189H1w9fKT
aQsJ/2dfgQb1KHHAQJyPG82hSWxhjXQ3EGcyu2elmlHHOkzWsPcJWilfPPFDYqYb
XsA8WYjv1ospAnpnE01dvbjYdoBDQRVU6eSRLpgxWEVHmnOxFP3rWTysI+P23g0E
QUgo2UTsCh6vzWR7Nzst+UXFngoTWKe9ECIUGb9bBAICw/qH4HTEoZ1B4gSI4BeY
cDWIWIZXGZBOt4cZdkksaVPyePg1lADnQ21x9KX0OdafhkvflvyADElZJxd21qoc
rRSJLStrkPQJ8OwTH/XrHxLQ9mVRcJVIzkxDtoDbc2YZ6f3kZCgLG4SyLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD40kkthpuCiLXr9hNJVMIBNDP6XMB8GA1UdIwQY
MBaAFCrXJV1aavuF43boG7mgnsPd3bzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lYmI5NzktYmVmMC00MjBjLTk1ZTAt
YmNlYjM3NmMyNTczLzEvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lYmI5NzktYmVmMC00MjBjLTk1ZTAtYmNlYjM3NmMyNTcz
LzEvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG4BYZ/jr
jvT7DNmc2iIn6Y1H3WMXXE/pyRe11JexoUnyWvh9Hl3drOuUSjLzhM0cE7nntRF/
cMWV7v7u4ScjEH7o1oku++C/uxruKeNpIXaRsCXkoTOud783ni0deFRnV07OQjiA
nscRxRRmP6bVijht7xQ5zIRSTLxgp09v/Yr5vK9LYW6i7KJjCzmsJa/6TjJk+IyZ
SXNqogV9S+ozR/aC15T19bKdNxDo4SdLQrWrkbGQy+7Ggebvpm5HvcyyE2VtH3Vp
s+QIM1jC4tJzFikugXNx+VfBL972gEI+Gs4j0BT+aU9QwnZnwe7Lv8rtMFsB73dE
Okydydxtj9fU0g==
-----END CERTIFICATE-----