Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
File:                     KrmiSem1jILhRV6yM5RVsDHn3d8.mft (raw, json)
Hash identifier:          5KQLbhcpzasW5sjNmy1ALyqQEHLxg8+ol9qxcV8pBUQ=
Subject key identifier:   A9:3B:A4:10:7C:50:C0:AD:BD:6C:7C:0A:4D:DB:99:16:FF:E2:57:73
Authority key identifier: 2A:B9:A2:49:E9:B5:8C:82:E1:45:5E:B2:33:94:55:B0:31:E7:DD:DF
Certificate issuer:       /CN=2ab9a249e9b58c82e1455eb2339455b031e7dddf
Certificate serial:       019DA4F8C57078E4ADE4C4EF66335A646950
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
Manifest number:          18C4
Signing time:             Sun 19 Apr 2026 09:01:00 +0000
Manifest this update:     Sun 19 Apr 2026 09:01:00 +0000
Manifest next update:     Mon 20 Apr 2026 09:01:00 +0000
Files and hashes:         1: KrmiSem1jILhRV6yM5RVsDHn3d8.crl (hash: KoQWHShIS2LQbTk5Fq/DZXhYo4MPIf3tEWxVgIXg21g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:f8:c5:70:78:e4:ad:e4:c4:ef:66:33:5a:64:69:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ab9a249e9b58c82e1455eb2339455b031e7dddf
        Validity
            Not Before: Apr 19 09:01:00 2026 GMT
            Not After : Apr 20 09:01:00 2026 GMT
        Subject: CN=a93ba4107c50c0adbd6c7c0a4ddb9916ffe25773
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:33:3f:2f:31:ce:2b:cb:dc:f8:0e:f4:6a:f4:
                    79:d9:79:eb:59:58:8d:fb:5e:d8:09:d2:d2:6c:1e:
                    b9:36:91:58:41:97:70:fb:27:75:40:f4:3d:18:37:
                    dc:d5:04:f0:e6:8e:57:68:f1:d3:df:a2:35:77:4c:
                    f9:05:2c:5d:43:2c:b8:3f:ed:00:99:98:c0:55:f8:
                    dd:6a:6f:4c:4a:a2:60:7b:d3:e2:e7:b4:93:de:cc:
                    2b:c8:35:c2:af:1a:e1:47:e6:6f:99:ee:c4:46:56:
                    ef:5c:40:03:44:04:73:12:6a:3b:e9:e2:08:86:c2:
                    6d:4d:e4:88:ab:43:42:ed:19:d3:de:79:6c:fe:cc:
                    57:15:18:8a:80:67:9f:76:8e:36:7c:a4:a8:cd:be:
                    bf:f1:51:11:84:aa:82:07:55:70:17:b9:99:4b:c3:
                    25:21:b4:fb:b2:0b:1c:05:cc:79:c6:ca:1f:e5:a1:
                    ef:cb:7d:37:43:c2:e4:5c:8f:b4:ab:48:0e:f4:96:
                    bb:1b:28:e1:82:5a:00:fc:12:d6:5c:6b:7e:29:3d:
                    e2:11:c5:8f:4c:40:4b:f6:f4:61:96:a9:a7:ce:56:
                    60:83:4c:dd:27:be:12:6a:27:bd:25:5f:ff:1d:f2:
                    9f:6b:e9:e7:08:ea:ae:82:5c:57:09:a6:38:f9:5f:
                    0e:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:3B:A4:10:7C:50:C0:AD:BD:6C:7C:0A:4D:DB:99:16:FF:E2:57:73
            X509v3 Authority Key Identifier:
                keyid:2A:B9:A2:49:E9:B5:8C:82:E1:45:5E:B2:33:94:55:B0:31:E7:DD:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:93:a6:a7:d7:16:16:10:46:54:03:c9:f0:6c:85:62:3e:db:
         05:2a:e7:28:a5:d6:b1:7a:46:91:17:0a:eb:a6:51:2c:15:66:
         19:04:24:ff:4c:ca:80:16:89:a1:a9:0b:5b:c8:c8:82:9a:16:
         b9:46:7f:30:66:b7:c5:68:9b:47:7d:eb:9c:e2:24:d5:4e:68:
         7f:f8:8e:d5:89:db:0e:bb:4f:0a:6d:02:09:e3:ce:41:26:5e:
         13:88:d5:57:83:ac:7f:55:3d:46:ee:0b:7b:1c:9a:7e:02:30:
         24:70:26:7f:5a:e6:d3:50:5b:77:70:ec:81:27:a4:a6:05:8d:
         2f:4d:2f:28:72:7a:20:72:f4:fe:e7:b4:68:1b:e0:40:1c:eb:
         06:9b:f3:91:a0:01:94:c2:4d:7d:25:27:7d:26:bf:6c:43:e7:
         ef:d7:9f:a4:43:ec:47:3d:7d:d2:77:8f:41:50:44:8c:51:80:
         89:fa:a2:8a:08:c6:78:52:2f:f7:fd:2a:af:45:bf:bb:cd:72:
         9d:08:3b:09:15:74:93:fc:20:3b:3f:65:88:a5:44:2f:d2:ed:
         46:cd:8a:ab:a4:f2:fc:d4:12:b0:06:f9:a2:1f:b3:15:ac:ab:
         c9:8c:89:af:35:0f:14:3b:45:db:84:3a:3f:c5:e4:75:0d:b1:
         2d:1f:0d:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2k+MVweOSt5MTvZjNaZGlQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYjlhMjQ5ZTliNThjODJlMTQ1NWViMjMzOTQ1NWIwMzFl
N2RkZGYwHhcNMjYwNDE5MDkwMTAwWhcNMjYwNDIwMDkwMTAwWjAzMTEwLwYDVQQD
EyhhOTNiYTQxMDdjNTBjMGFkYmQ2YzdjMGE0ZGRiOTkxNmZmZTI1NzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDM/LzHOK8vc+A70avR52XnrWViN
+17YCdLSbB65NpFYQZdw+yd1QPQ9GDfc1QTw5o5XaPHT36I1d0z5BSxdQyy4P+0A
mZjAVfjdam9MSqJge9Pi57ST3swryDXCrxrhR+Zvme7ERlbvXEADRARzEmo76eII
hsJtTeSIq0NC7RnT3nls/sxXFRiKgGefdo42fKSozb6/8VERhKqCB1VwF7mZS8Ml
IbT7sgscBcx5xsof5aHvy303Q8LkXI+0q0gO9Ja7GyjhgloA/BLWXGt+KT3iEcWP
TEBL9vRhlqmnzlZgg0zdJ74Saie9JV//HfKfa+nnCOquglxXCaY4+V8OewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKk7pBB8UMCtvWx8Ck3bmRb/4ldzMB8GA1UdIwQY
MBaAFCq5oknptYyC4UVesjOUVbAx593fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85ZWFiNmQtNmIzNS00YTVhLWFmYjEt
MjUxZjIyMDkzZDA0LzEvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85ZWFiNmQtNmIzNS00YTVhLWFmYjEtMjUxZjIyMDkzZDA0
LzEvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkJOmp9cW
FhBGVAPJ8GyFYj7bBSrnKKXWsXpGkRcK66ZRLBVmGQQk/0zKgBaJoakLW8jIgpoW
uUZ/MGa3xWibR33rnOIk1U5of/iO1YnbDrtPCm0CCePOQSZeE4jVV4Osf1U9Ru4L
exyafgIwJHAmf1rm01Bbd3DsgSekpgWNL00vKHJ6IHL0/ue0aBvgQBzrBpvzkaAB
lMJNfSUnfSa/bEPn79efpEPsRz190nePQVBEjFGAifqiigjGeFIv9/0qr0W/u81y
nQg7CRV0k/wgOz9liKVEL9LtRs2Kq6Ty/NQSsAb5oh+zFayryYyJrzUPFDtF24Q6
P8XkdQ2xLR8NDw==
-----END CERTIFICATE-----