Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/174c3e-fa5b-49d1-9d21-e2bd2e4c5232/1/kffw_3S3yfrqKXjtlehAmEkE3NY.mft
File:                     kffw_3S3yfrqKXjtlehAmEkE3NY.mft (raw, json)
Hash identifier:          r5aLRj4KVuzfKwMU3JZe3HPBgLwckOxaWHbugGZ/ZL4=
Subject key identifier:   D7:93:45:BA:84:FE:B2:B8:EC:92:F8:3A:DE:F1:DC:38:CB:EB:1C:EE
Authority key identifier: 91:F7:F0:FF:74:B7:C9:FA:EA:29:78:ED:95:E8:40:98:49:04:DC:D6
Certificate issuer:       /CN=91f7f0ff74b7c9faea2978ed95e840984904dcd6
Certificate serial:       019DA30AFA8F9ED84EE0B327E0B84D20F719
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kffw_3S3yfrqKXjtlehAmEkE3NY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/174c3e-fa5b-49d1-9d21-e2bd2e4c5232/1/kffw_3S3yfrqKXjtlehAmEkE3NY.mft
Manifest number:          0C82
Signing time:             Sun 19 Apr 2026 00:01:38 +0000
Manifest this update:     Sun 19 Apr 2026 00:01:38 +0000
Manifest next update:     Mon 20 Apr 2026 00:01:38 +0000
Files and hashes:         1: kffw_3S3yfrqKXjtlehAmEkE3NY.crl (hash: AmB0YffrRaIkhpnK00Yvol68vO4w/lIp7b3t+nwiDc0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/174c3e-fa5b-49d1-9d21-e2bd2e4c5232/1/kffw_3S3yfrqKXjtlehAmEkE3NY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/174c3e-fa5b-49d1-9d21-e2bd2e4c5232/1/kffw_3S3yfrqKXjtlehAmEkE3NY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kffw_3S3yfrqKXjtlehAmEkE3NY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 00:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:0a:fa:8f:9e:d8:4e:e0:b3:27:e0:b8:4d:20:f7:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91f7f0ff74b7c9faea2978ed95e840984904dcd6
        Validity
            Not Before: Apr 19 00:01:38 2026 GMT
            Not After : Apr 20 00:01:38 2026 GMT
        Subject: CN=d79345ba84feb2b8ec92f83adef1dc38cbeb1cee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:3d:99:4f:e2:f8:9d:78:9f:54:9a:2d:30:07:
                    4b:70:9d:5b:89:9f:aa:6b:7f:3d:8a:8c:ac:e9:cc:
                    8e:65:4f:56:7c:5b:9f:e7:0c:d5:82:2b:ae:88:59:
                    0b:13:23:7d:30:c1:98:b0:f5:50:5c:30:cb:7b:1e:
                    2e:98:fb:0a:66:1f:29:93:5a:cb:0b:d0:6b:b4:86:
                    72:fc:64:7a:f5:71:72:af:f4:02:e6:93:96:2f:49:
                    56:57:1b:22:b7:01:e9:ed:28:a0:a0:d3:04:0b:7f:
                    57:2d:2c:16:b1:5a:ff:fb:58:0f:58:46:ee:1a:10:
                    2d:69:ea:33:cd:25:2a:17:f7:bd:63:db:ad:4e:c1:
                    3e:53:79:66:dd:49:dc:ea:52:53:64:df:96:ed:ba:
                    06:3f:34:1d:e4:b8:29:1e:ff:ec:b1:12:d2:c5:ae:
                    3e:3d:29:83:b7:82:3b:0b:68:b1:a5:3e:f7:a6:a8:
                    b5:34:ee:bd:f4:82:04:84:5e:af:e4:4a:29:fc:83:
                    48:ec:8f:5c:1a:37:ec:20:3c:77:b4:50:fb:10:34:
                    ea:f5:19:dc:ae:32:73:11:e3:8f:7f:b9:96:dc:2c:
                    d0:4f:5f:ff:82:ea:13:1a:9c:7b:71:0c:46:24:b3:
                    1e:5c:4a:dd:3d:97:b3:9b:a7:cc:03:88:1d:bb:67:
                    ae:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:93:45:BA:84:FE:B2:B8:EC:92:F8:3A:DE:F1:DC:38:CB:EB:1C:EE
            X509v3 Authority Key Identifier:
                keyid:91:F7:F0:FF:74:B7:C9:FA:EA:29:78:ED:95:E8:40:98:49:04:DC:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kffw_3S3yfrqKXjtlehAmEkE3NY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/174c3e-fa5b-49d1-9d21-e2bd2e4c5232/1/kffw_3S3yfrqKXjtlehAmEkE3NY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/174c3e-fa5b-49d1-9d21-e2bd2e4c5232/1/kffw_3S3yfrqKXjtlehAmEkE3NY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:fa:68:32:d4:e6:d2:c5:a5:6a:dd:92:61:d2:a0:a5:04:22:
         5a:03:f9:48:19:4d:b7:86:d9:7f:91:12:42:c1:12:24:24:83:
         15:2f:0b:13:f1:9f:4e:7d:24:03:49:01:fb:69:8a:7d:8f:f7:
         1e:58:ae:02:dd:d5:7e:2f:e3:78:bb:de:10:c6:e0:9a:56:ee:
         57:9c:9b:c0:54:82:02:ce:44:19:1d:0c:e4:2a:bb:f5:29:a2:
         40:e3:5f:2f:63:42:63:ef:39:f1:5e:24:a9:35:59:f1:7d:89:
         4e:8c:eb:70:a3:d0:d4:5b:2b:21:01:19:a7:36:99:60:24:6c:
         d5:f5:21:80:22:7a:26:48:8f:7f:cf:a7:0b:46:6c:01:67:11:
         d4:2b:48:55:df:e8:b1:16:66:4c:0d:30:e1:96:01:4b:ed:3b:
         cd:2e:dd:54:30:1b:6e:93:3d:04:d4:a3:7e:24:4c:c2:89:7c:
         69:b8:d4:7b:6a:8f:df:61:af:6a:3b:17:e3:b4:e2:0b:65:3c:
         a4:22:4c:ea:4c:62:24:c8:e8:f4:3e:95:69:df:31:d3:f5:25:
         16:9a:08:e6:39:76:0c:15:98:93:55:45:9c:fb:dc:82:ae:ca:
         1c:2b:5d:9c:3a:7d:f7:1e:b1:57:56:e7:59:c0:d0:26:c9:4f:
         5e:44:50:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jCvqPnthO4LMn4LhNIPcZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZjdmMGZmNzRiN2M5ZmFlYTI5NzhlZDk1ZTg0MDk4NDkw
NGRjZDYwHhcNMjYwNDE5MDAwMTM4WhcNMjYwNDIwMDAwMTM4WjAzMTEwLwYDVQQD
EyhkNzkzNDViYTg0ZmViMmI4ZWM5MmY4M2FkZWYxZGMzOGNiZWIxY2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsj2ZT+L4nXifVJotMAdLcJ1biZ+q
a389ioys6cyOZU9WfFuf5wzVgiuuiFkLEyN9MMGYsPVQXDDLex4umPsKZh8pk1rL
C9BrtIZy/GR69XFyr/QC5pOWL0lWVxsitwHp7SigoNMEC39XLSwWsVr/+1gPWEbu
GhAtaeozzSUqF/e9Y9utTsE+U3lm3Unc6lJTZN+W7boGPzQd5LgpHv/ssRLSxa4+
PSmDt4I7C2ixpT73pqi1NO699IIEhF6v5Eop/INI7I9cGjfsIDx3tFD7EDTq9Rnc
rjJzEeOPf7mW3CzQT1//guoTGpx7cQxGJLMeXErdPZezm6fMA4gdu2euLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNeTRbqE/rK47JL4Ot7x3DjL6xzuMB8GA1UdIwQY
MBaAFJH38P90t8n66il47ZXoQJhJBNzWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2Zmd18zUzN5ZnJxS1hqdGxlaEFtRWtFM05ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8xNzRjM2UtZmE1Yi00OWQxLTlkMjEt
ZTJiZDJlNGM1MjMyLzEva2Zmd18zUzN5ZnJxS1hqdGxlaEFtRWtFM05ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8xNzRjM2UtZmE1Yi00OWQxLTlkMjEtZTJiZDJlNGM1MjMy
LzEva2Zmd18zUzN5ZnJxS1hqdGxlaEFtRWtFM05ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVfpoMtTm
0sWlat2SYdKgpQQiWgP5SBlNt4bZf5ESQsESJCSDFS8LE/GfTn0kA0kB+2mKfY/3
HliuAt3Vfi/jeLveEMbgmlbuV5ybwFSCAs5EGR0M5Cq79SmiQONfL2NCY+858V4k
qTVZ8X2JTozrcKPQ1FsrIQEZpzaZYCRs1fUhgCJ6JkiPf8+nC0ZsAWcR1CtIVd/o
sRZmTA0w4ZYBS+07zS7dVDAbbpM9BNSjfiRMwol8abjUe2qP32GvajsX47TiC2U8
pCJM6kxiJMjo9D6Vad8x0/UlFpoI5jl2DBWYk1VFnPvcgq7KHCtdnDp99x6xV1bn
WcDQJslPXkRQ8A==
-----END CERTIFICATE-----