Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
File:                     KH97Jo822TFYldOyCDdzEHGanUE.mft (raw, json)
Hash identifier:          NopiIZqZVzyAUPV+sPtXrb19c46t9/zQH5ahgyzf/ds=
Subject key identifier:   CB:39:D6:84:43:A6:E6:2A:A8:EB:4D:66:73:63:71:91:06:9D:E4:1B
Authority key identifier: 28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41
Certificate issuer:       /CN=287f7b268f36d9315895d3b208377310719a9d41
Certificate serial:       019D9BBE38823724B48426A62056E59B0A71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
Manifest number:          101B
Signing time:             Fri 17 Apr 2026 14:00:27 +0000
Manifest this update:     Fri 17 Apr 2026 14:00:27 +0000
Manifest next update:     Sat 18 Apr 2026 14:00:27 +0000
Files and hashes:         1: KH97Jo822TFYldOyCDdzEHGanUE.crl (hash: 7vrAAHv8/jGJqapT8SlsnPbgCzg+zzvc4AHn3SBxGSw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:be:38:82:37:24:b4:84:26:a6:20:56:e5:9b:0a:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=287f7b268f36d9315895d3b208377310719a9d41
        Validity
            Not Before: Apr 17 14:00:27 2026 GMT
            Not After : Apr 18 14:00:27 2026 GMT
        Subject: CN=cb39d68443a6e62aa8eb4d6673637191069de41b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:8f:94:54:0c:5c:74:02:63:a9:44:c3:eb:89:
                    22:f3:56:d7:8a:0e:a6:68:66:bc:fb:90:44:12:46:
                    25:b9:5a:cc:81:21:29:30:b9:78:22:0a:95:e0:2c:
                    0f:93:e2:65:fd:e9:ec:db:67:c7:29:a6:04:c0:0b:
                    8e:3f:6a:98:ed:24:59:a4:02:44:bd:6d:86:c9:3d:
                    61:6a:7b:ff:22:ba:87:26:42:39:42:6b:7a:a0:72:
                    c9:29:ab:26:0b:36:77:41:9a:00:1e:9b:a9:b6:1d:
                    1d:4e:bd:56:02:09:9c:37:ce:1f:48:d4:f6:7e:0d:
                    1d:41:e6:6c:ac:78:2e:8b:a0:10:1f:b1:89:9d:4b:
                    65:d0:1b:a4:16:e9:85:5e:b2:24:aa:db:2a:55:25:
                    01:d7:cb:b9:5b:a1:b2:a4:98:c9:2c:d8:71:0c:26:
                    41:0f:b4:8d:8d:09:49:a4:34:14:89:11:da:36:f0:
                    4d:98:a4:7d:f2:8f:f8:a2:51:cf:6f:65:bc:81:53:
                    64:0c:fb:3c:61:3a:4b:6f:9d:a4:3c:74:ea:ed:78:
                    95:f7:4d:9c:6e:89:f2:75:5b:c5:43:42:47:98:2b:
                    52:bb:d1:31:70:e3:ec:65:b9:cd:42:4d:29:1d:a8:
                    33:95:a3:7b:f7:b6:5a:fa:8d:9e:56:f0:46:69:4e:
                    59:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:39:D6:84:43:A6:E6:2A:A8:EB:4D:66:73:63:71:91:06:9D:E4:1B
            X509v3 Authority Key Identifier:
                keyid:28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:ed:6e:1a:ff:b4:e0:9a:d7:d6:f0:ef:a5:9b:5e:56:a2:08:
         49:21:b8:f2:30:eb:19:9d:d7:3b:57:44:6e:63:75:97:09:04:
         bb:e9:0e:56:a7:7e:94:16:73:25:82:e1:20:1c:6c:49:80:c0:
         08:ab:2e:1c:d3:5c:3c:b1:09:26:32:79:13:8a:bb:31:17:b3:
         02:ed:92:5a:a6:09:f7:ee:cb:e2:bf:1f:77:b8:bf:9c:d8:39:
         a8:5a:ed:16:9d:e0:13:62:cb:23:86:35:7b:63:a9:b4:92:fa:
         92:3d:eb:c7:1b:97:7c:f5:de:b8:53:38:73:01:9e:2a:a8:71:
         1a:bc:d6:c6:0e:39:db:b4:53:3c:cc:ec:b2:3a:c3:96:a6:b9:
         bc:77:d7:ae:5f:aa:d6:94:92:8f:e7:17:de:e6:b7:5d:bd:53:
         e8:b8:9e:49:dd:c1:ae:22:0b:06:1b:b1:da:cc:81:a4:9b:85:
         25:14:f3:75:44:61:ce:ff:8c:17:69:24:cf:8f:d1:c6:d5:b6:
         cf:9c:07:94:63:a3:29:54:af:b0:22:5c:40:12:62:c6:e0:a9:
         c6:e3:aa:53:f2:97:4e:13:48:34:5c:09:9f:1c:b3:22:f7:91:
         73:50:3d:f3:f3:f0:e3:bf:74:50:b5:9d:74:dd:4a:b8:36:f5:
         3e:19:c8:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bvjiCNyS0hCamIFblmwpxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2Y3YjI2OGYzNmQ5MzE1ODk1ZDNiMjA4Mzc3MzEwNzE5
YTlkNDEwHhcNMjYwNDE3MTQwMDI3WhcNMjYwNDE4MTQwMDI3WjAzMTEwLwYDVQQD
EyhjYjM5ZDY4NDQzYTZlNjJhYThlYjRkNjY3MzYzNzE5MTA2OWRlNDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4+UVAxcdAJjqUTD64ki81bXig6m
aGa8+5BEEkYluVrMgSEpMLl4IgqV4CwPk+Jl/ens22fHKaYEwAuOP2qY7SRZpAJE
vW2GyT1hanv/IrqHJkI5Qmt6oHLJKasmCzZ3QZoAHpupth0dTr1WAgmcN84fSNT2
fg0dQeZsrHgui6AQH7GJnUtl0BukFumFXrIkqtsqVSUB18u5W6GypJjJLNhxDCZB
D7SNjQlJpDQUiRHaNvBNmKR98o/4olHPb2W8gVNkDPs8YTpLb52kPHTq7XiV902c
bonydVvFQ0JHmCtSu9ExcOPsZbnNQk0pHagzlaN797Za+o2eVvBGaU5ZgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMs51oRDpuYqqOtNZnNjcZEGneQbMB8GA1UdIwQY
MBaAFCh/eyaPNtkxWJXTsgg3cxBxmp1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUt
Mjc4OTE0ODRkOTg1LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUtMjc4OTE0ODRkOTg1
LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ+1uGv+0
4JrX1vDvpZteVqIISSG48jDrGZ3XO1dEbmN1lwkEu+kOVqd+lBZzJYLhIBxsSYDA
CKsuHNNcPLEJJjJ5E4q7MRezAu2SWqYJ9+7L4r8fd7i/nNg5qFrtFp3gE2LLI4Y1
e2OptJL6kj3rxxuXfPXeuFM4cwGeKqhxGrzWxg4527RTPMzssjrDlqa5vHfXrl+q
1pSSj+cX3ua3Xb1T6LieSd3BriILBhux2syBpJuFJRTzdURhzv+MF2kkz4/RxtW2
z5wHlGOjKVSvsCJcQBJixuCpxuOqU/KXThNINFwJnxyzIveRc1A98/Pw4790ULWd
dN1KuDb1PhnIJA==
-----END CERTIFICATE-----