Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/174c3e-fa5b-49d1-9d21-e2bd2e4c5232/1/kffw_3S3yfrqKXjtlehAmEkE3NY.mft
File:                     kffw_3S3yfrqKXjtlehAmEkE3NY.mft (raw, json)
Hash identifier:          Y71hSC8dEDo5Zv7Ta7WkXD+1vlxTDQ/Vruu0ajlHMOI=
Subject key identifier:   B6:CF:4F:15:E3:F3:12:27:9E:6E:27:F2:68:E7:38:7A:0D:54:E1:5A
Authority key identifier: 91:F7:F0:FF:74:B7:C9:FA:EA:29:78:ED:95:E8:40:98:49:04:DC:D6
Certificate issuer:       /CN=91f7f0ff74b7c9faea2978ed95e840984904dcd6
Certificate serial:       019CABD9455CB9825316B262B2B2F552CE40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kffw_3S3yfrqKXjtlehAmEkE3NY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/174c3e-fa5b-49d1-9d21-e2bd2e4c5232/1/kffw_3S3yfrqKXjtlehAmEkE3NY.mft
Manifest number:          0C02
Signing time:             Mon 02 Mar 2026 00:01:08 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:08 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:08 +0000
Files and hashes:         1: kffw_3S3yfrqKXjtlehAmEkE3NY.crl (hash: Toup1Mf2xKvSDDu65gtFhUEKGHLArehgXDl0tqeqavw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/174c3e-fa5b-49d1-9d21-e2bd2e4c5232/1/kffw_3S3yfrqKXjtlehAmEkE3NY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/174c3e-fa5b-49d1-9d21-e2bd2e4c5232/1/kffw_3S3yfrqKXjtlehAmEkE3NY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kffw_3S3yfrqKXjtlehAmEkE3NY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:45:5c:b9:82:53:16:b2:62:b2:b2:f5:52:ce:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91f7f0ff74b7c9faea2978ed95e840984904dcd6
        Validity
            Not Before: Mar  2 00:01:08 2026 GMT
            Not After : Mar  3 00:01:08 2026 GMT
        Subject: CN=b6cf4f15e3f312279e6e27f268e7387a0d54e15a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:92:1c:c3:b8:e5:ff:f1:bb:71:46:2a:d8:65:
                    c2:60:e7:12:7f:fc:3f:34:fb:a9:43:bf:b2:8a:45:
                    a8:ac:30:e3:15:3a:62:e7:27:f0:1e:c6:26:47:5f:
                    c8:30:be:7a:60:94:4b:e3:f7:7e:33:d8:c5:1c:0f:
                    bc:f4:15:f9:fb:51:65:b5:91:f4:7e:9e:fa:d7:e4:
                    3e:1e:8a:16:73:38:43:c6:72:2e:25:25:45:3b:c7:
                    75:5f:8b:f9:20:8c:32:7f:88:01:9b:cc:51:a2:5c:
                    09:e3:46:a2:14:de:f6:a1:15:13:35:6e:9d:67:6b:
                    ac:a9:fd:3e:00:98:3b:0a:6e:90:ff:e2:ef:7c:cb:
                    8a:91:dd:ad:82:b0:46:f1:f5:d6:6c:db:e0:21:5b:
                    2f:ee:cc:92:ba:6f:cb:d8:39:c4:47:d3:2d:ae:31:
                    8b:ec:cf:90:08:4d:5e:e1:f2:26:c9:24:ba:f4:47:
                    87:87:0c:20:4b:a5:77:da:f5:d5:76:34:3d:c1:59:
                    a6:35:3b:09:e5:25:9a:ad:f3:f8:dc:ce:49:e6:4c:
                    2d:5e:ed:42:36:33:28:d5:8a:bf:23:67:0c:ca:f7:
                    09:3a:89:63:ea:c8:71:c4:f8:9a:c1:ea:7e:5d:26:
                    eb:b9:66:cb:79:ec:03:56:4d:d3:aa:a2:fc:43:fb:
                    23:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:CF:4F:15:E3:F3:12:27:9E:6E:27:F2:68:E7:38:7A:0D:54:E1:5A
            X509v3 Authority Key Identifier:
                keyid:91:F7:F0:FF:74:B7:C9:FA:EA:29:78:ED:95:E8:40:98:49:04:DC:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kffw_3S3yfrqKXjtlehAmEkE3NY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/174c3e-fa5b-49d1-9d21-e2bd2e4c5232/1/kffw_3S3yfrqKXjtlehAmEkE3NY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/174c3e-fa5b-49d1-9d21-e2bd2e4c5232/1/kffw_3S3yfrqKXjtlehAmEkE3NY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:81:8f:44:ba:d2:f0:a1:47:bd:38:b4:5b:27:aa:4c:96:af:
         0f:a4:3d:60:ec:97:3f:1d:82:5b:64:3c:50:17:6f:05:9c:2b:
         ed:9b:ba:3e:a3:a6:b0:52:2d:8b:42:02:45:7d:52:ad:2d:22:
         85:2a:c8:35:37:e9:ea:f3:71:16:fc:94:9d:55:38:b0:f6:54:
         08:77:84:11:0a:12:3d:af:3b:8a:b3:d6:01:d1:bf:62:b6:f5:
         57:3c:77:71:b5:59:f4:57:c5:12:45:d4:b5:96:7c:ba:b8:12:
         7e:cd:7e:77:71:81:a0:8b:81:41:62:e5:6e:ba:b5:92:ed:5f:
         47:4b:06:c0:c4:14:8a:0f:05:e9:9a:d0:40:23:85:a1:06:6a:
         5d:a5:c2:9a:30:92:f8:84:02:f2:3a:29:9d:a3:58:d7:bb:da:
         6a:a3:ef:9b:b3:56:3b:4c:76:09:dc:e4:49:cc:85:59:08:5e:
         24:fb:de:71:a3:94:ea:11:61:1f:7f:5d:be:7e:f6:9a:f2:2e:
         53:1d:c1:a1:8a:9f:ec:33:96:de:64:81:84:97:b8:43:34:d9:
         48:e2:f9:7c:32:ce:46:86:1e:85:7c:21:5c:e6:24:45:10:bb:
         11:bd:57:1f:94:4b:9a:88:e2:61:e3:1f:ed:23:17:a6:a1:f4:
         ed:1e:1c:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2UVcuYJTFrJisrL1Us5AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZjdmMGZmNzRiN2M5ZmFlYTI5NzhlZDk1ZTg0MDk4NDkw
NGRjZDYwHhcNMjYwMzAyMDAwMTA4WhcNMjYwMzAzMDAwMTA4WjAzMTEwLwYDVQQD
EyhiNmNmNGYxNWUzZjMxMjI3OWU2ZTI3ZjI2OGU3Mzg3YTBkNTRlMTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5Icw7jl//G7cUYq2GXCYOcSf/w/
NPupQ7+yikWorDDjFTpi5yfwHsYmR1/IML56YJRL4/d+M9jFHA+89BX5+1FltZH0
fp761+Q+HooWczhDxnIuJSVFO8d1X4v5IIwyf4gBm8xRolwJ40aiFN72oRUTNW6d
Z2usqf0+AJg7Cm6Q/+LvfMuKkd2tgrBG8fXWbNvgIVsv7sySum/L2DnER9MtrjGL
7M+QCE1e4fImySS69EeHhwwgS6V32vXVdjQ9wVmmNTsJ5SWarfP43M5J5kwtXu1C
NjMo1Yq/I2cMyvcJOolj6shxxPiawep+XSbruWbLeewDVk3TqqL8Q/sj5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLbPTxXj8xInnm4n8mjnOHoNVOFaMB8GA1UdIwQY
MBaAFJH38P90t8n66il47ZXoQJhJBNzWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2Zmd18zUzN5ZnJxS1hqdGxlaEFtRWtFM05ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8xNzRjM2UtZmE1Yi00OWQxLTlkMjEt
ZTJiZDJlNGM1MjMyLzEva2Zmd18zUzN5ZnJxS1hqdGxlaEFtRWtFM05ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8xNzRjM2UtZmE1Yi00OWQxLTlkMjEtZTJiZDJlNGM1MjMy
LzEva2Zmd18zUzN5ZnJxS1hqdGxlaEFtRWtFM05ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXoGPRLrS
8KFHvTi0WyeqTJavD6Q9YOyXPx2CW2Q8UBdvBZwr7Zu6PqOmsFIti0ICRX1SrS0i
hSrINTfp6vNxFvyUnVU4sPZUCHeEEQoSPa87irPWAdG/Yrb1Vzx3cbVZ9FfFEkXU
tZZ8urgSfs1+d3GBoIuBQWLlbrq1ku1fR0sGwMQUig8F6ZrQQCOFoQZqXaXCmjCS
+IQC8jopnaNY17vaaqPvm7NWO0x2CdzkScyFWQheJPvecaOU6hFhH39dvn72mvIu
Ux3BoYqf7DOW3mSBhJe4QzTZSOL5fDLORoYehXwhXOYkRRC7Eb1XH5RLmojiYeMf
7SMXpqH07R4cgw==
-----END CERTIFICATE-----