Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
File:                     KH97Jo822TFYldOyCDdzEHGanUE.mft (raw, json)
Hash identifier:          rk0eIrVq78qTUiwQseQS3ekU+rV4vXr5JoHaLszGP/s=
Subject key identifier:   DE:42:BC:B1:CD:B6:25:D6:41:50:B4:36:D6:97:BE:C5:F1:45:68:2C
Authority key identifier: 28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41
Certificate issuer:       /CN=287f7b268f36d9315895d3b208377310719a9d41
Certificate serial:       019CAC478AEF8B01187FA488291E58EC6553
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
Manifest number:          0F9F
Signing time:             Mon 02 Mar 2026 02:01:35 +0000
Manifest this update:     Mon 02 Mar 2026 02:01:35 +0000
Manifest next update:     Tue 03 Mar 2026 02:01:35 +0000
Files and hashes:         1: KH97Jo822TFYldOyCDdzEHGanUE.crl (hash: iJB4gt2/2SAkZnYgC06+98hB866fk6FoQyS4wWvNV94=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 02:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:47:8a:ef:8b:01:18:7f:a4:88:29:1e:58:ec:65:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=287f7b268f36d9315895d3b208377310719a9d41
        Validity
            Not Before: Mar  2 02:01:35 2026 GMT
            Not After : Mar  3 02:01:35 2026 GMT
        Subject: CN=de42bcb1cdb625d64150b436d697bec5f145682c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:10:1b:ec:d8:e3:4c:e2:37:95:37:2a:a8:d2:
                    77:d3:80:9d:80:b0:6d:46:87:a3:cd:e8:ba:c0:78:
                    17:39:4a:10:d9:25:19:8a:fd:c5:ca:4c:fb:f9:8f:
                    c7:81:30:b8:b4:10:3f:d1:18:2a:a6:e1:86:85:24:
                    99:13:dc:8b:70:82:2d:af:23:89:c3:94:ef:f6:65:
                    5e:99:72:bc:cd:29:b3:d9:06:e0:e0:21:37:bf:77:
                    aa:ab:06:44:f0:4b:9b:90:98:2b:c1:52:04:7c:09:
                    a5:a0:a6:35:55:74:9e:15:92:3a:21:4f:d1:6d:cc:
                    db:37:3e:9f:9e:65:05:10:4d:b1:4f:3c:e6:63:99:
                    6d:73:c1:cf:62:2b:c4:b4:cf:7e:31:fd:e5:cf:26:
                    3e:98:21:d3:f2:63:76:1f:43:f6:9e:51:47:21:bb:
                    eb:6a:2e:06:75:e9:40:90:d5:b1:32:73:1a:10:3b:
                    6b:36:77:64:22:67:1f:80:f1:2c:24:ba:0d:fd:d2:
                    3d:3d:10:45:c4:3b:c1:a3:c3:85:23:99:c9:a3:db:
                    5d:5a:7b:6c:9d:77:d2:a9:65:60:88:ba:f6:a5:96:
                    5e:9b:2a:4b:48:e7:38:4a:bd:43:49:ea:15:95:79:
                    b1:2f:96:00:18:4d:8f:3d:e9:93:96:9d:7f:59:c0:
                    83:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:42:BC:B1:CD:B6:25:D6:41:50:B4:36:D6:97:BE:C5:F1:45:68:2C
            X509v3 Authority Key Identifier:
                keyid:28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:78:0a:f5:1d:0a:89:3c:1b:0c:aa:71:6b:ca:aa:e3:c4:8d:
         0a:f7:6d:25:aa:60:53:7b:48:27:c1:eb:40:05:eb:18:15:40:
         6a:54:11:09:e0:4e:01:b7:40:fe:fd:8f:6d:f6:34:63:37:d4:
         28:1d:92:72:0b:d3:b6:72:8c:47:09:39:2a:97:8f:f2:dc:71:
         7e:3a:24:4a:26:94:bf:e5:c6:21:cb:45:ba:05:76:61:5f:23:
         d5:cd:55:cb:5f:d3:65:40:b8:c1:af:63:8d:52:e8:50:e2:4e:
         e0:2c:ce:61:80:7e:2c:5e:7c:5d:bb:fc:6a:a3:ee:eb:f0:0f:
         fd:39:eb:95:2e:e0:a6:67:b5:f8:d8:53:41:35:ce:17:9d:a0:
         17:e1:47:05:3e:cb:e2:77:54:b9:31:f1:e5:aa:2f:7f:66:44:
         30:e8:aa:d1:11:5a:1a:d9:cd:9a:e7:22:ec:d3:8e:65:76:35:
         2e:9f:35:11:74:c5:30:ef:d0:88:1d:8f:f7:7e:3f:1f:7d:aa:
         8a:2c:db:3c:01:58:3b:24:58:6e:57:69:1c:32:13:07:3c:8f:
         49:28:7f:14:46:d6:6a:14:ea:b8:9a:15:32:e6:a2:08:f2:ab:
         0a:6f:94:e7:8d:f9:e5:b5:63:0c:ef:97:c2:a2:b8:cd:73:67:
         39:f5:95:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysR4rviwEYf6SIKR5Y7GVTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2Y3YjI2OGYzNmQ5MzE1ODk1ZDNiMjA4Mzc3MzEwNzE5
YTlkNDEwHhcNMjYwMzAyMDIwMTM1WhcNMjYwMzAzMDIwMTM1WjAzMTEwLwYDVQQD
EyhkZTQyYmNiMWNkYjYyNWQ2NDE1MGI0MzZkNjk3YmVjNWYxNDU2ODJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRAb7NjjTOI3lTcqqNJ304CdgLBt
Roejzei6wHgXOUoQ2SUZiv3Fykz7+Y/HgTC4tBA/0RgqpuGGhSSZE9yLcIItryOJ
w5Tv9mVemXK8zSmz2Qbg4CE3v3eqqwZE8EubkJgrwVIEfAmloKY1VXSeFZI6IU/R
bczbNz6fnmUFEE2xTzzmY5ltc8HPYivEtM9+Mf3lzyY+mCHT8mN2H0P2nlFHIbvr
ai4GdelAkNWxMnMaEDtrNndkImcfgPEsJLoN/dI9PRBFxDvBo8OFI5nJo9tdWnts
nXfSqWVgiLr2pZZemypLSOc4Sr1DSeoVlXmxL5YAGE2PPemTlp1/WcCDvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN5CvLHNtiXWQVC0NtaXvsXxRWgsMB8GA1UdIwQY
MBaAFCh/eyaPNtkxWJXTsgg3cxBxmp1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUt
Mjc4OTE0ODRkOTg1LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUtMjc4OTE0ODRkOTg1
LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQHgK9R0K
iTwbDKpxa8qq48SNCvdtJapgU3tIJ8HrQAXrGBVAalQRCeBOAbdA/v2PbfY0YzfU
KB2ScgvTtnKMRwk5KpeP8txxfjokSiaUv+XGIctFugV2YV8j1c1Vy1/TZUC4wa9j
jVLoUOJO4CzOYYB+LF58Xbv8aqPu6/AP/TnrlS7gpme1+NhTQTXOF52gF+FHBT7L
4ndUuTHx5aovf2ZEMOiq0RFaGtnNmuci7NOOZXY1Lp81EXTFMO/QiB2P934/H32q
iizbPAFYOyRYbldpHDITBzyPSSh/FEbWahTquJoVMuaiCPKrCm+U54355bVjDO+X
wqK4zXNnOfWViw==
-----END CERTIFICATE-----