Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
File:                     kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft (raw, json)
Hash identifier:          jxClivcZQhFYEbgNTJv/IhwYQIZLzKCmW/LpiFVapzE=
Subject key identifier:   EC:37:66:A3:05:A4:33:BB:39:FD:CD:17:91:2E:B5:80:42:57:FC:C0
Authority key identifier: 91:D3:38:37:0E:10:62:7A:4C:D6:31:E3:FD:E1:86:E1:94:89:8C:81
Certificate issuer:       /CN=91d338370e10627a4cd631e3fde186e194898c81
Certificate serial:       019CAB6B1BFBA41FF86AE57591A0F13F72AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
Manifest number:          0E31
Signing time:             Sun 01 Mar 2026 22:00:49 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:49 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:49 +0000
Files and hashes:         1: kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl (hash: t0972BGQ51K4NW5OzF2XurMGAE9K7pjg+Uhfjgebo+I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:1b:fb:a4:1f:f8:6a:e5:75:91:a0:f1:3f:72:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91d338370e10627a4cd631e3fde186e194898c81
        Validity
            Not Before: Mar  1 22:00:49 2026 GMT
            Not After : Mar  2 22:00:49 2026 GMT
        Subject: CN=ec3766a305a433bb39fdcd17912eb5804257fcc0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ef:6f:c6:1e:40:5b:67:05:61:c0:d2:e1:1c:
                    32:67:5c:b0:f8:86:db:7a:00:ab:33:0c:e5:dd:80:
                    36:ed:04:db:e1:73:74:bb:46:be:de:df:4a:a3:f6:
                    65:f9:fe:10:74:8c:c6:06:0c:fe:57:4a:7e:2d:97:
                    b2:13:1f:24:91:0e:fe:bc:ec:61:44:af:8d:4b:20:
                    69:6a:74:98:5a:1e:9b:02:0a:e2:2f:b3:16:66:76:
                    f7:3c:f8:df:0d:ce:96:8b:0e:55:ae:88:36:d5:11:
                    d4:f3:a9:f4:51:ec:30:89:2f:77:ee:ae:a6:b9:5d:
                    2e:4c:f0:ce:93:ab:ac:75:5e:7f:d6:a4:25:30:04:
                    e5:4c:a2:36:4e:53:c9:6a:17:f6:cc:f9:56:86:bf:
                    33:4c:5e:fd:fb:43:01:ab:63:40:86:14:8f:b5:a7:
                    8f:cb:eb:20:96:97:3c:22:c3:58:2a:b9:a4:1c:9a:
                    5e:e1:9e:4c:f7:96:db:c7:07:3f:d3:ad:94:11:46:
                    4e:18:4b:d8:7f:c1:0c:56:2f:aa:b9:fa:4b:b5:09:
                    57:de:34:9f:45:fe:f2:8e:b1:47:7b:77:d2:cd:2f:
                    23:a6:85:d3:74:b4:3a:1a:84:0b:a2:8c:54:e6:7d:
                    af:f5:63:93:a8:d8:7a:ca:9c:cb:3e:d3:64:ce:16:
                    a0:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:37:66:A3:05:A4:33:BB:39:FD:CD:17:91:2E:B5:80:42:57:FC:C0
            X509v3 Authority Key Identifier:
                keyid:91:D3:38:37:0E:10:62:7A:4C:D6:31:E3:FD:E1:86:E1:94:89:8C:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:d1:e3:1a:a1:3a:be:8e:3c:10:4a:b9:bd:0b:48:a6:b3:fc:
         a7:ec:94:6f:0e:ae:24:d6:0c:81:2a:9a:bc:42:f7:f7:d9:6e:
         24:8b:4f:99:15:f0:d0:23:c5:f0:85:0f:8c:b7:3c:52:85:63:
         bd:e2:c2:74:4f:e4:0b:f9:89:29:e2:55:b3:c5:a9:42:64:33:
         76:11:6b:58:8a:82:de:a1:0e:71:92:5a:4c:48:4c:1a:75:a6:
         a8:ec:29:09:ad:32:d9:92:17:3e:27:81:f3:c0:f4:c9:b7:60:
         b9:24:76:fd:c7:13:0b:cc:b7:1a:8b:e9:fb:41:eb:80:24:40:
         b5:81:8b:56:f2:85:30:d2:db:a8:f1:69:14:a2:cc:94:9a:e6:
         b5:ab:43:00:6c:a8:1e:05:89:ff:9e:e9:cf:ed:a3:fc:2c:6a:
         62:92:9b:72:82:78:e7:19:ff:62:5e:14:cc:d3:ff:2e:f2:1a:
         fb:b7:dc:48:71:1d:f9:ec:ba:1d:48:20:f8:ba:3e:07:23:51:
         36:76:dc:e4:b1:cd:73:47:52:54:de:1e:11:0a:04:f5:a0:4d:
         74:55:2a:83:07:a8:8d:56:e1:3f:39:c2:0a:cc:8b:7c:cd:db:
         30:a9:2f:14:bf:69:4a:81:c5:a0:ab:35:3d:06:c5:27:08:07:
         fd:05:8f:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyraxv7pB/4auV1kaDxP3KsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDMzODM3MGUxMDYyN2E0Y2Q2MzFlM2ZkZTE4NmUxOTQ4
OThjODEwHhcNMjYwMzAxMjIwMDQ5WhcNMjYwMzAyMjIwMDQ5WjAzMTEwLwYDVQQD
EyhlYzM3NjZhMzA1YTQzM2JiMzlmZGNkMTc5MTJlYjU4MDQyNTdmY2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtu9vxh5AW2cFYcDS4RwyZ1yw+Ibb
egCrMwzl3YA27QTb4XN0u0a+3t9Ko/Zl+f4QdIzGBgz+V0p+LZeyEx8kkQ7+vOxh
RK+NSyBpanSYWh6bAgriL7MWZnb3PPjfDc6Wiw5Vrog21RHU86n0UewwiS937q6m
uV0uTPDOk6usdV5/1qQlMATlTKI2TlPJahf2zPlWhr8zTF79+0MBq2NAhhSPtaeP
y+sglpc8IsNYKrmkHJpe4Z5M95bbxwc/062UEUZOGEvYf8EMVi+qufpLtQlX3jSf
Rf7yjrFHe3fSzS8jpoXTdLQ6GoQLooxU5n2v9WOTqNh6ypzLPtNkzhagpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOw3ZqMFpDO7Of3NF5EutYBCV/zAMB8GA1UdIwQY
MBaAFJHTODcOEGJ6TNYx4/3hhuGUiYyBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni85OTBmZGEtNTkwNS00ZTQ5LWE2MzAt
MTUzNTdjZDVlY2U0LzEva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni85OTBmZGEtNTkwNS00ZTQ5LWE2MzAtMTUzNTdjZDVlY2U0
LzEva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAedHjGqE6
vo48EEq5vQtIprP8p+yUbw6uJNYMgSqavEL399luJItPmRXw0CPF8IUPjLc8UoVj
veLCdE/kC/mJKeJVs8WpQmQzdhFrWIqC3qEOcZJaTEhMGnWmqOwpCa0y2ZIXPieB
88D0ybdguSR2/ccTC8y3Govp+0HrgCRAtYGLVvKFMNLbqPFpFKLMlJrmtatDAGyo
HgWJ/57pz+2j/CxqYpKbcoJ45xn/Yl4UzNP/LvIa+7fcSHEd+ey6HUgg+Lo+ByNR
Nnbc5LHNc0dSVN4eEQoE9aBNdFUqgweojVbhPznCCsyLfM3bMKkvFL9pSoHFoKs1
PQbFJwgH/QWPJQ==
-----END CERTIFICATE-----