Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
File:                     KLwbPQy41cqsOntK0XlF--9QWKU.mft (raw, json)
Hash identifier:          MSqCbgS7zd3HP+oUAMjj/oG4NeLjVjPHpPkslFKgPmM=
Subject key identifier:   9C:95:7A:FD:89:35:76:4D:71:51:B0:32:45:A5:51:C7:16:D2:D0:BA
Authority key identifier: 28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5
Certificate issuer:       /CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5
Certificate serial:       019CABDA02423FD61979CA09C71193BBD0DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
Manifest number:          0455
Signing time:             Mon 02 Mar 2026 00:01:57 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:57 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:57 +0000
Files and hashes:         1: KLwbPQy41cqsOntK0XlF--9QWKU.crl (hash: lcLsfw3+Eea62nXdljIeo+30eyNyvAPco9YKiUjsorA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:da:02:42:3f:d6:19:79:ca:09:c7:11:93:bb:d0:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5
        Validity
            Not Before: Mar  2 00:01:57 2026 GMT
            Not After : Mar  3 00:01:57 2026 GMT
        Subject: CN=9c957afd8935764d7151b03245a551c716d2d0ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:81:59:38:7f:b5:fd:3e:e3:36:66:44:c6:07:
                    d5:d4:cb:2a:b1:69:d9:25:09:1a:0b:03:1d:07:b9:
                    cd:1b:60:99:01:9b:ee:fb:31:96:9e:18:ce:c2:dc:
                    7f:a5:68:7b:26:08:dd:49:73:50:10:95:7c:30:c6:
                    b0:a9:74:ff:c5:8c:f8:d8:da:50:ea:92:f5:07:99:
                    93:8c:af:37:27:55:c1:0b:98:da:6f:52:61:2c:f1:
                    9b:cd:1d:5f:d5:93:fd:17:5f:f1:ab:5c:96:0f:5f:
                    57:dd:3d:04:8f:ad:21:41:49:44:c2:c3:99:e6:f9:
                    1b:2d:a5:44:0c:93:0f:3e:0a:64:f7:4c:65:ee:94:
                    b9:7d:a1:34:70:a3:b5:ae:9f:5c:2a:e3:25:f9:16:
                    01:9c:cd:9d:94:4d:03:d1:0a:46:45:3c:42:8a:a7:
                    3f:2b:1d:9f:6d:77:fd:01:5b:76:17:10:09:e5:f0:
                    de:1b:72:7d:42:13:84:64:b3:ec:4b:02:84:f6:63:
                    ca:9f:c8:39:ce:ce:eb:1c:b9:1f:b5:02:b9:6b:03:
                    4d:51:7a:76:77:cc:ff:9c:93:7d:5d:4e:a0:aa:63:
                    d4:7f:e4:f1:79:18:86:23:2b:b2:0b:f0:f0:4c:a8:
                    83:f7:63:58:ca:03:16:f5:93:15:da:ec:83:16:28:
                    1a:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:95:7A:FD:89:35:76:4D:71:51:B0:32:45:A5:51:C7:16:D2:D0:BA
            X509v3 Authority Key Identifier:
                keyid:28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:df:8a:66:d5:29:82:6e:5d:1c:71:4c:b5:fd:b7:e7:a6:14:
         ef:95:e3:e2:92:b3:92:15:a4:46:41:e4:71:6e:8c:cd:cd:9c:
         98:ca:f6:f1:3b:39:ab:8b:38:c2:9b:c1:71:ac:71:bd:2d:ed:
         85:71:00:17:53:00:c0:23:e8:dd:95:6e:87:f0:56:ef:73:b2:
         f4:33:1b:c9:7b:c1:51:f0:97:de:86:b5:25:07:d4:c8:33:e8:
         a2:63:4e:e1:52:0b:68:8d:f3:00:1f:1d:e9:fc:70:52:db:ca:
         6e:59:1f:09:0f:99:64:cd:b7:2d:ab:0e:10:94:77:36:d9:3e:
         34:03:91:20:52:85:2d:f5:8f:00:bb:74:9f:cc:8a:5e:05:39:
         46:af:5a:f5:d0:d7:f5:9c:b2:71:9c:48:91:a6:8b:c4:c4:01:
         ce:b7:00:ce:63:ee:2a:b2:e4:fb:5b:6d:5a:82:0d:74:f6:01:
         9f:e4:05:57:85:e2:5c:47:ba:aa:f4:c0:07:a3:0c:30:fe:cf:
         11:45:a5:04:5b:04:d5:74:19:95:e4:9f:16:1b:6f:10:73:27:
         a4:c3:c1:3a:04:fd:fe:0c:c6:0f:58:5f:63:d3:f5:b8:e4:7a:
         6c:9f:d1:bb:22:4f:00:2d:9e:48:76:ba:7a:3c:61:0d:55:74:
         f2:8d:73:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2gJCP9YZecoJxxGTu9DfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmMxYjNkMGNiOGQ1Y2FhYzNhN2I0YWQxNzk0NWZiZWY1
MDU4YTUwHhcNMjYwMzAyMDAwMTU3WhcNMjYwMzAzMDAwMTU3WjAzMTEwLwYDVQQD
Eyg5Yzk1N2FmZDg5MzU3NjRkNzE1MWIwMzI0NWE1NTFjNzE2ZDJkMGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2YFZOH+1/T7jNmZExgfV1MsqsWnZ
JQkaCwMdB7nNG2CZAZvu+zGWnhjOwtx/pWh7JgjdSXNQEJV8MMawqXT/xYz42NpQ
6pL1B5mTjK83J1XBC5jab1JhLPGbzR1f1ZP9F1/xq1yWD19X3T0Ej60hQUlEwsOZ
5vkbLaVEDJMPPgpk90xl7pS5faE0cKO1rp9cKuMl+RYBnM2dlE0D0QpGRTxCiqc/
Kx2fbXf9AVt2FxAJ5fDeG3J9QhOEZLPsSwKE9mPKn8g5zs7rHLkftQK5awNNUXp2
d8z/nJN9XU6gqmPUf+TxeRiGIyuyC/DwTKiD92NYygMW9ZMV2uyDFiga9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJyVev2JNXZNcVGwMkWlUccW0tC6MB8GA1UdIwQY
MBaAFCi8Gz0MuNXKrDp7StF5RfvvUFilMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjIt
MzY1OTg1NDA5YmZhLzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjItMzY1OTg1NDA5YmZh
LzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe9+KZtUp
gm5dHHFMtf2356YU75Xj4pKzkhWkRkHkcW6Mzc2cmMr28Ts5q4s4wpvBcaxxvS3t
hXEAF1MAwCPo3ZVuh/BW73Oy9DMbyXvBUfCX3oa1JQfUyDPoomNO4VILaI3zAB8d
6fxwUtvKblkfCQ+ZZM23LasOEJR3Ntk+NAORIFKFLfWPALt0n8yKXgU5Rq9a9dDX
9ZyycZxIkaaLxMQBzrcAzmPuKrLk+1ttWoINdPYBn+QFV4XiXEe6qvTAB6MMMP7P
EUWlBFsE1XQZleSfFhtvEHMnpMPBOgT9/gzGD1hfY9P1uOR6bJ/RuyJPAC2eSHa6
ejxhDVV08o1zsQ==
-----END CERTIFICATE-----