Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
File:                     kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft (raw, json)
Hash identifier:          Qy5sHFHyc53Hk/9K4/OgRMJLuB8f9aWQDLk1H82K6wU=
Subject key identifier:   A5:B7:AA:BD:82:43:EA:9E:3E:2F:AB:0E:CB:4E:84:1A:1B:C7:96:4D
Authority key identifier: 91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
Certificate issuer:       /CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Certificate serial:       019D98BDCF44527A03F9CAD4E96F9E8BD5B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
Manifest number:          0FE2
Signing time:             Fri 17 Apr 2026 00:01:09 +0000
Manifest this update:     Fri 17 Apr 2026 00:01:09 +0000
Manifest next update:     Sat 18 Apr 2026 00:01:09 +0000
Files and hashes:         1: kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl (hash: G52Hjg0KYT48OdqaASCWz9Yz3nL+m/s/p3hnWJASANs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:bd:cf:44:52:7a:03:f9:ca:d4:e9:6f:9e:8b:d5:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
        Validity
            Not Before: Apr 17 00:01:09 2026 GMT
            Not After : Apr 18 00:01:09 2026 GMT
        Subject: CN=a5b7aabd8243ea9e3e2fab0ecb4e841a1bc7964d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:f4:71:6f:79:98:e1:01:ec:05:ba:07:2a:22:
                    b3:c8:73:53:74:47:57:86:ec:4a:6e:8b:a1:da:f7:
                    87:ce:c9:f7:4c:cf:a5:b2:df:f3:8a:5b:fc:e1:e1:
                    94:37:5e:1a:96:db:c9:16:2b:f0:59:4c:0c:09:76:
                    16:d7:d3:88:b4:7b:d1:3e:62:ed:53:e0:a0:8d:30:
                    04:b3:38:3e:f5:bb:3f:f6:d5:20:bc:d3:14:b0:3a:
                    d8:18:30:3c:91:4a:af:22:48:42:3d:6f:40:c8:ac:
                    c2:8e:97:38:63:ca:ef:7a:41:8f:b9:ae:21:66:14:
                    0b:72:63:c0:3f:5c:87:83:aa:b3:75:38:96:8d:09:
                    70:cf:f8:a8:fe:44:29:77:cc:85:9b:44:a3:a0:a0:
                    f1:bb:1b:2a:3f:71:ea:ce:c4:9c:e5:05:42:b9:3b:
                    95:fe:f5:81:d3:47:3f:e2:3f:8f:aa:a1:63:e8:4c:
                    f2:de:86:53:dc:b2:3a:3f:26:16:5f:1b:55:a0:22:
                    c5:75:f7:5d:a1:fd:f9:bf:81:4d:fc:e0:fa:55:73:
                    a3:82:9d:93:47:63:40:3f:60:a1:86:77:ea:36:1a:
                    5d:f5:62:64:b4:dd:a3:fe:cb:aa:69:af:ac:65:4e:
                    37:82:e6:be:2b:a6:dd:63:b7:01:60:ce:7e:d6:1b:
                    a2:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:B7:AA:BD:82:43:EA:9E:3E:2F:AB:0E:CB:4E:84:1A:1B:C7:96:4D
            X509v3 Authority Key Identifier:
                keyid:91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:b9:f0:c0:da:0b:0c:b7:bf:d3:6a:57:0f:d2:78:78:7f:be:
         68:99:0e:da:ef:8e:f4:f1:23:4d:8f:a6:e4:78:f7:32:83:93:
         23:45:cc:b5:33:f7:9a:69:a8:75:13:78:a3:27:4f:02:c9:4d:
         ae:b0:25:6f:ed:1f:42:b2:6b:14:3d:79:b1:5c:60:2a:b9:eb:
         5e:46:2a:1e:84:c7:1d:76:80:ae:f3:31:85:05:dc:b1:e2:bc:
         2c:5a:6a:73:14:ce:2e:c0:d1:35:9a:11:b4:4c:5c:b6:94:67:
         77:bd:ec:2c:a2:14:55:21:5c:bb:33:8e:42:33:c6:3e:1c:ec:
         6b:89:51:2d:f2:25:49:de:e3:69:84:7e:48:49:37:b6:ba:82:
         95:a6:cf:68:b5:01:ff:e8:39:f0:8f:a2:64:b0:9e:4c:c6:70:
         3c:90:8e:b6:b4:f4:c1:47:74:b9:85:3c:50:f2:bc:bf:58:c5:
         a6:31:29:77:8e:4c:7e:fc:56:2d:9d:50:b1:83:b1:41:0c:80:
         be:6a:a1:cf:9e:98:53:ff:3f:9b:4b:a4:9b:1c:0b:d8:26:3c:
         f9:b7:b3:c9:07:a9:bb:1c:74:c5:b6:91:f5:05:2a:17:96:a3:
         43:5c:09:3b:77:a7:89:ea:a8:dc:eb:8d:6d:6f:87:41:c8:e3:
         ca:c7:9c:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Yvc9EUnoD+crU6W+ei9W2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZGQwZTQ4ZDkwMTFhZGYzNzY2NjVhZDRkNjJjZjMxY2U2
MzA1OGMwHhcNMjYwNDE3MDAwMTA5WhcNMjYwNDE4MDAwMTA5WjAzMTEwLwYDVQQD
EyhhNWI3YWFiZDgyNDNlYTllM2UyZmFiMGVjYjRlODQxYTFiYzc5NjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PRxb3mY4QHsBboHKiKzyHNTdEdX
huxKbouh2veHzsn3TM+lst/zilv84eGUN14altvJFivwWUwMCXYW19OItHvRPmLt
U+CgjTAEszg+9bs/9tUgvNMUsDrYGDA8kUqvIkhCPW9AyKzCjpc4Y8rvekGPua4h
ZhQLcmPAP1yHg6qzdTiWjQlwz/io/kQpd8yFm0SjoKDxuxsqP3HqzsSc5QVCuTuV
/vWB00c/4j+PqqFj6Ezy3oZT3LI6PyYWXxtVoCLFdfddof35v4FN/OD6VXOjgp2T
R2NAP2ChhnfqNhpd9WJktN2j/suqaa+sZU43gua+K6bdY7cBYM5+1hui7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKW3qr2CQ+qePi+rDstOhBobx5ZNMB8GA1UdIwQY
MBaAFJHdDkjZARrfN2ZlrU1izzHOYwWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2Mt
MTBmMzRmNTU4MzYzLzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2MtMTBmMzRmNTU4MzYz
LzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi7nwwNoL
DLe/02pXD9J4eH++aJkO2u+O9PEjTY+m5Hj3MoOTI0XMtTP3mmmodRN4oydPAslN
rrAlb+0fQrJrFD15sVxgKrnrXkYqHoTHHXaArvMxhQXcseK8LFpqcxTOLsDRNZoR
tExctpRnd73sLKIUVSFcuzOOQjPGPhzsa4lRLfIlSd7jaYR+SEk3trqClabPaLUB
/+g58I+iZLCeTMZwPJCOtrT0wUd0uYU8UPK8v1jFpjEpd45MfvxWLZ1QsYOxQQyA
vmqhz56YU/8/m0ukmxwL2CY8+bezyQepuxx0xbaR9QUqF5ajQ1wJO3enieqo3OuN
bW+HQcjjysecyQ==
-----END CERTIFICATE-----