Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
File:                     K328XveedAIoXs2gg3ukvyGHYdw.mft (raw, json)
Hash identifier:          TM+2+jbhS1cMAfT5X2lRexpUi0dJ7p2VTPGtsHvU91I=
Subject key identifier:   DF:1A:14:AF:35:73:68:8D:7D:7F:75:D8:E8:AB:34:B2:42:F6:C0:94
Authority key identifier: 2B:7D:BC:5E:F7:9E:74:02:28:5E:CD:A0:83:7B:A4:BF:21:87:61:DC
Certificate issuer:       /CN=2b7dbc5ef79e7402285ecda0837ba4bf218761dc
Certificate serial:       019CAAC61F35624BD7CA99441798682BFFA1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
Manifest number:          105B
Signing time:             Sun 01 Mar 2026 19:00:36 +0000
Manifest this update:     Sun 01 Mar 2026 19:00:36 +0000
Manifest next update:     Mon 02 Mar 2026 19:00:36 +0000
Files and hashes:         1: K328XveedAIoXs2gg3ukvyGHYdw.crl (hash: llO1EYdJDHOEbQUJMpvvw5T3eVz8PevdKZvx2tHuv2Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 19:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:1f:35:62:4b:d7:ca:99:44:17:98:68:2b:ff:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b7dbc5ef79e7402285ecda0837ba4bf218761dc
        Validity
            Not Before: Mar  1 19:00:36 2026 GMT
            Not After : Mar  2 19:00:36 2026 GMT
        Subject: CN=df1a14af3573688d7d7f75d8e8ab34b242f6c094
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:13:f9:ce:77:ec:9d:ff:95:91:2d:af:17:2e:
                    cb:cd:69:08:62:45:ee:cb:e2:44:d2:a4:34:4d:2b:
                    31:43:22:e2:31:5a:c3:81:7f:d9:b0:58:85:f7:90:
                    41:eb:0a:4e:18:90:39:0c:ae:d8:bf:2b:21:10:1a:
                    2e:95:f2:fd:e4:c8:c9:5b:6b:c7:e3:46:47:6c:28:
                    02:30:23:fb:93:01:fc:01:cf:1a:99:51:4a:20:49:
                    2a:d2:c4:c1:ae:06:18:b6:89:6a:91:89:46:a1:26:
                    7a:c5:45:b6:5b:e9:56:9d:11:09:af:56:d1:a7:61:
                    f5:44:47:2c:2a:1b:b2:bd:32:66:be:cc:6c:5c:0c:
                    d7:b0:90:4c:c7:32:d9:9c:a9:db:b6:17:86:5b:c9:
                    00:ab:c9:5c:42:b9:d3:20:bf:61:5e:8e:f1:b0:49:
                    a8:f3:8b:02:08:f9:d0:02:a2:b4:88:46:b9:e6:5a:
                    23:78:fa:a4:82:d5:70:4c:f9:91:5c:13:27:22:e8:
                    e8:9e:99:06:ef:e9:2a:58:fc:1e:d7:bb:66:92:6c:
                    32:87:39:4d:08:a2:7f:7f:2c:b9:12:61:9e:78:9b:
                    b8:af:63:9b:43:9b:ed:6e:d5:93:98:7e:1a:ea:c0:
                    cd:a6:6b:11:60:b8:88:0e:4d:de:b6:c2:18:3c:92:
                    c4:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:1A:14:AF:35:73:68:8D:7D:7F:75:D8:E8:AB:34:B2:42:F6:C0:94
            X509v3 Authority Key Identifier:
                keyid:2B:7D:BC:5E:F7:9E:74:02:28:5E:CD:A0:83:7B:A4:BF:21:87:61:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:90:98:ef:ae:62:ef:31:e8:d8:ea:b8:e9:cc:fa:22:b3:3c:
         dc:d2:f7:88:c2:fd:03:f1:f7:3f:79:3e:52:6a:58:02:0a:f0:
         4f:e5:6d:14:70:ac:59:86:7c:5b:d6:62:5d:9a:17:f1:a5:32:
         b9:2e:78:9f:51:f3:0b:da:06:78:9f:87:7d:f1:6b:25:10:62:
         1f:d5:45:af:26:25:9d:d0:24:5b:a9:89:e4:88:d5:34:43:44:
         cb:70:ae:f6:ee:f0:e7:9a:ee:9d:17:74:aa:18:fc:1d:5b:a8:
         70:35:80:46:0a:16:b9:9e:c4:9f:52:47:ee:5a:b5:76:d0:7a:
         43:15:1c:03:5e:41:19:0f:de:dd:df:11:37:df:6a:bf:8b:ee:
         33:55:e1:8b:eb:b9:21:d9:7e:40:7f:c4:e2:a7:f5:31:76:c3:
         c1:2c:5e:5a:91:54:42:50:2c:cb:10:ec:9d:75:fc:a3:14:91:
         34:37:4f:98:b5:73:b6:92:ae:7e:19:51:8c:a2:3b:d9:37:c3:
         62:7f:67:73:db:30:d6:c1:51:ad:38:84:e4:02:78:27:0b:69:
         62:cd:46:9f:d7:76:45:04:05:24:04:9b:1a:6c:5d:d5:ea:99:
         c0:61:c1:2d:1b:c0:63:8c:a7:49:fc:2f:d4:13:e8:68:b0:09:
         63:e2:87:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxh81YkvXyplEF5hoK/+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiN2RiYzVlZjc5ZTc0MDIyODVlY2RhMDgzN2JhNGJmMjE4
NzYxZGMwHhcNMjYwMzAxMTkwMDM2WhcNMjYwMzAyMTkwMDM2WjAzMTEwLwYDVQQD
EyhkZjFhMTRhZjM1NzM2ODhkN2Q3Zjc1ZDhlOGFiMzRiMjQyZjZjMDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBP5znfsnf+VkS2vFy7LzWkIYkXu
y+JE0qQ0TSsxQyLiMVrDgX/ZsFiF95BB6wpOGJA5DK7YvyshEBoulfL95MjJW2vH
40ZHbCgCMCP7kwH8Ac8amVFKIEkq0sTBrgYYtolqkYlGoSZ6xUW2W+lWnREJr1bR
p2H1REcsKhuyvTJmvsxsXAzXsJBMxzLZnKnbtheGW8kAq8lcQrnTIL9hXo7xsEmo
84sCCPnQAqK0iEa55lojePqkgtVwTPmRXBMnIujonpkG7+kqWPwe17tmkmwyhzlN
CKJ/fyy5EmGeeJu4r2ObQ5vtbtWTmH4a6sDNpmsRYLiIDk3etsIYPJLEVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN8aFK81c2iNfX912OirNLJC9sCUMB8GA1UdIwQY
MBaAFCt9vF73nnQCKF7NoIN7pL8hh2HcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMTBkNGQtYTJjMC00ZDIwLThhMjEt
MjRkMGU2MmY3OWMwLzEvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kMTBkNGQtYTJjMC00ZDIwLThhMjEtMjRkMGU2MmY3OWMw
LzEvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa5CY765i
7zHo2Oq46cz6IrM83NL3iML9A/H3P3k+UmpYAgrwT+VtFHCsWYZ8W9ZiXZoX8aUy
uS54n1HzC9oGeJ+HffFrJRBiH9VFryYlndAkW6mJ5IjVNENEy3Cu9u7w55runRd0
qhj8HVuocDWARgoWuZ7En1JH7lq1dtB6QxUcA15BGQ/e3d8RN99qv4vuM1Xhi+u5
Idl+QH/E4qf1MXbDwSxeWpFUQlAsyxDsnXX8oxSRNDdPmLVztpKufhlRjKI72TfD
Yn9nc9sw1sFRrTiE5AJ4JwtpYs1Gn9d2RQQFJASbGmxd1eqZwGHBLRvAY4ynSfwv
1BPoaLAJY+KH/g==
-----END CERTIFICATE-----