Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
File:                     K328XveedAIoXs2gg3ukvyGHYdw.mft (raw, json)
Hash identifier:          aMKz8hcx9zaxTa3lsq3Cq+KC9zin6sJcOlG6H5ZZP5s=
Subject key identifier:   75:D0:98:96:41:ED:CF:4F:F9:33:21:4B:80:1B:6D:7D:18:97:AF:1E
Authority key identifier: 2B:7D:BC:5E:F7:9E:74:02:28:5E:CD:A0:83:7B:A4:BF:21:87:61:DC
Certificate issuer:       /CN=2b7dbc5ef79e7402285ecda0837ba4bf218761dc
Certificate serial:       019D98507B84063D553E81B846FAF8A95729
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
Manifest number:          10D6
Signing time:             Thu 16 Apr 2026 22:01:44 +0000
Manifest this update:     Thu 16 Apr 2026 22:01:44 +0000
Manifest next update:     Fri 17 Apr 2026 22:01:44 +0000
Files and hashes:         1: K328XveedAIoXs2gg3ukvyGHYdw.crl (hash: ArdKDX2OrOFYA04QELDCTe9r6XLagy7YT9SqenxwggU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:50:7b:84:06:3d:55:3e:81:b8:46:fa:f8:a9:57:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b7dbc5ef79e7402285ecda0837ba4bf218761dc
        Validity
            Not Before: Apr 16 22:01:44 2026 GMT
            Not After : Apr 17 22:01:44 2026 GMT
        Subject: CN=75d0989641edcf4ff933214b801b6d7d1897af1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:ce:49:81:09:d4:f1:df:e2:5c:54:c3:ec:d0:
                    79:b7:57:f6:cf:92:f3:1b:0c:b9:55:9a:7c:2a:65:
                    6c:f1:63:94:6d:12:24:95:0c:4b:f1:a1:ca:8f:d9:
                    fc:40:63:c2:98:5c:91:00:77:cc:85:90:fd:e9:aa:
                    d2:4a:94:a7:84:31:56:18:3e:2a:85:ce:6d:09:ae:
                    c4:cf:c8:8f:55:03:0e:68:8c:2c:dd:f9:bc:cd:81:
                    9e:e0:1c:dd:4e:2a:cd:85:a7:8c:35:8a:d7:9e:0d:
                    92:be:43:77:b4:31:f4:07:7e:21:06:ba:61:59:df:
                    de:a4:ea:b1:21:29:31:ec:a3:c1:4a:e7:9b:f4:f2:
                    ee:5b:7b:b1:e1:af:ec:f5:cf:29:37:0e:29:89:14:
                    30:c5:22:27:e2:3d:c3:94:0d:14:a6:3c:de:83:b6:
                    d7:fb:43:41:26:aa:52:27:3a:a7:3a:1b:d7:9a:40:
                    63:af:17:f5:3f:15:02:7b:8a:10:c1:9a:55:49:b5:
                    95:ca:40:9d:c1:cd:8a:1f:5d:6a:39:6d:5d:27:af:
                    7d:9b:d7:09:ae:59:48:a0:ff:3b:50:e1:27:ad:b2:
                    aa:3f:76:ea:d2:b5:f0:f3:d1:b8:3e:69:ce:45:d2:
                    ec:48:ec:65:6a:cd:09:83:ce:f8:6f:dd:da:e0:e0:
                    0e:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:D0:98:96:41:ED:CF:4F:F9:33:21:4B:80:1B:6D:7D:18:97:AF:1E
            X509v3 Authority Key Identifier:
                keyid:2B:7D:BC:5E:F7:9E:74:02:28:5E:CD:A0:83:7B:A4:BF:21:87:61:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:9d:fe:3d:35:db:d6:16:76:87:27:01:ef:f0:a5:63:b9:6d:
         fa:c8:0c:48:c3:a3:a9:f3:2f:17:f8:53:ef:dc:02:df:31:11:
         7a:35:6b:5c:bc:4d:a8:8e:92:36:b9:7d:9c:4b:b5:f0:1a:30:
         f9:9e:fb:92:a2:62:98:6e:a0:dc:03:ae:9e:88:31:7b:96:0e:
         04:53:09:c0:83:e2:f4:92:a8:32:68:d6:29:f4:3a:a3:f6:d3:
         fc:2e:a1:df:ae:58:8f:7a:62:7a:f3:e1:15:22:66:91:83:83:
         ca:fe:ae:9f:5d:e7:b3:e6:ef:4f:88:02:ac:1a:69:af:a2:63:
         3f:e0:3a:46:10:13:12:39:ba:e3:2a:02:a9:6b:41:5b:0c:8f:
         99:5a:2d:7c:17:21:c5:f0:35:e4:36:39:1a:f8:a7:d6:99:5b:
         48:1d:63:e3:ef:8c:17:cb:7b:30:d6:1e:bd:e8:28:f2:84:57:
         90:76:ec:61:aa:24:f5:ca:9c:33:dd:1a:cd:67:35:a5:29:ff:
         d5:e2:44:7b:c1:06:09:21:d6:8a:18:bf:77:37:c2:12:6b:1a:
         dc:db:d1:20:ca:c2:61:62:20:d4:48:bd:21:e3:74:3c:eb:09:
         bb:66:d4:b3:ad:dd:ff:f6:f3:74:7a:6b:10:a0:6a:7d:e8:52:
         4a:f0:f2:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YUHuEBj1VPoG4Rvr4qVcpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiN2RiYzVlZjc5ZTc0MDIyODVlY2RhMDgzN2JhNGJmMjE4
NzYxZGMwHhcNMjYwNDE2MjIwMTQ0WhcNMjYwNDE3MjIwMTQ0WjAzMTEwLwYDVQQD
Eyg3NWQwOTg5NjQxZWRjZjRmZjkzMzIxNGI4MDFiNmQ3ZDE4OTdhZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr85JgQnU8d/iXFTD7NB5t1f2z5Lz
Gwy5VZp8KmVs8WOUbRIklQxL8aHKj9n8QGPCmFyRAHfMhZD96arSSpSnhDFWGD4q
hc5tCa7Ez8iPVQMOaIws3fm8zYGe4BzdTirNhaeMNYrXng2SvkN3tDH0B34hBrph
Wd/epOqxISkx7KPBSueb9PLuW3ux4a/s9c8pNw4piRQwxSIn4j3DlA0Upjzeg7bX
+0NBJqpSJzqnOhvXmkBjrxf1PxUCe4oQwZpVSbWVykCdwc2KH11qOW1dJ699m9cJ
rllIoP87UOEnrbKqP3bq0rXw89G4PmnORdLsSOxlas0Jg874b93a4OAO7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHXQmJZB7c9P+TMhS4AbbX0Yl68eMB8GA1UdIwQY
MBaAFCt9vF73nnQCKF7NoIN7pL8hh2HcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMTBkNGQtYTJjMC00ZDIwLThhMjEt
MjRkMGU2MmY3OWMwLzEvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kMTBkNGQtYTJjMC00ZDIwLThhMjEtMjRkMGU2MmY3OWMw
LzEvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJp3+PTXb
1hZ2hycB7/ClY7lt+sgMSMOjqfMvF/hT79wC3zERejVrXLxNqI6SNrl9nEu18Bow
+Z77kqJimG6g3AOunogxe5YOBFMJwIPi9JKoMmjWKfQ6o/bT/C6h365Yj3pievPh
FSJmkYODyv6un13ns+bvT4gCrBppr6JjP+A6RhATEjm64yoCqWtBWwyPmVotfBch
xfA15DY5Gvin1plbSB1j4++MF8t7MNYevego8oRXkHbsYaok9cqcM90azWc1pSn/
1eJEe8EGCSHWihi/dzfCEmsa3NvRIMrCYWIg1Ei9IeN0POsJu2bUs63d//bzdHpr
EKBqfehSSvDyeQ==
-----END CERTIFICATE-----