Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
File:                     KrmiSem1jILhRV6yM5RVsDHn3d8.mft (raw, json)
Hash identifier:          QGadr/Ggx83sgZZJgNZBwc2XVu3HOMWZ8XCm5yyg4r4=
Subject key identifier:   90:6E:1B:AB:B0:26:C2:C2:FC:07:D3:56:AC:D0:72:02:7A:7D:3A:30
Authority key identifier: 2A:B9:A2:49:E9:B5:8C:82:E1:45:5E:B2:33:94:55:B0:31:E7:DD:DF
Certificate issuer:       /CN=2ab9a249e9b58c82e1455eb2339455b031e7dddf
Certificate serial:       019CA9EB87504D24E6D4161F6626832EF55B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
Manifest number:          1842
Signing time:             Sun 01 Mar 2026 15:01:50 +0000
Manifest this update:     Sun 01 Mar 2026 15:01:50 +0000
Manifest next update:     Mon 02 Mar 2026 15:01:50 +0000
Files and hashes:         1: KrmiSem1jILhRV6yM5RVsDHn3d8.crl (hash: DfolNmugQw+DoX4HAKzWz0Lx7l0w8Ct4bK0VGVwrvL8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:eb:87:50:4d:24:e6:d4:16:1f:66:26:83:2e:f5:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ab9a249e9b58c82e1455eb2339455b031e7dddf
        Validity
            Not Before: Mar  1 15:01:50 2026 GMT
            Not After : Mar  2 15:01:50 2026 GMT
        Subject: CN=906e1babb026c2c2fc07d356acd072027a7d3a30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:1e:76:d8:77:c4:c9:2a:22:14:1a:1b:b8:46:
                    c7:31:58:11:ef:5d:bf:cc:fb:f1:c6:04:28:33:dc:
                    bd:42:16:82:ab:17:83:c1:9b:f1:21:28:23:dc:d4:
                    c9:fa:d2:79:de:a2:84:42:40:4c:36:01:cb:a7:85:
                    64:f3:7f:bd:4e:3f:41:a3:7e:75:f0:26:56:c9:05:
                    7d:c2:ef:47:49:a0:42:29:00:d3:9f:95:7f:75:0a:
                    50:ec:35:24:ba:89:58:dc:c8:2b:e2:3e:b8:bc:9b:
                    1d:7f:28:2f:53:35:8a:a3:3b:b3:95:49:bd:69:99:
                    a5:6a:8b:3b:c1:61:f2:9b:bc:6d:57:61:a1:22:d5:
                    68:66:20:c8:ba:9e:1a:71:3b:c3:c5:6b:39:36:67:
                    49:ca:a4:e2:34:38:80:96:90:59:c6:e5:6d:9e:94:
                    d5:e3:94:dc:87:c8:d3:3d:d6:31:31:71:fd:54:fa:
                    17:fd:33:35:ed:77:f9:41:27:79:b2:90:b2:d0:e8:
                    d3:cd:8c:da:43:af:33:92:d3:90:e3:4d:a8:5a:80:
                    3a:b0:8f:a1:96:35:95:ff:5b:d5:b9:a5:9a:42:2c:
                    3c:bc:37:cb:df:cf:3a:6c:f3:56:de:99:cd:61:4f:
                    85:d3:26:b2:ab:62:22:c7:1b:db:c2:c7:54:42:04:
                    44:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:6E:1B:AB:B0:26:C2:C2:FC:07:D3:56:AC:D0:72:02:7A:7D:3A:30
            X509v3 Authority Key Identifier:
                keyid:2A:B9:A2:49:E9:B5:8C:82:E1:45:5E:B2:33:94:55:B0:31:E7:DD:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:2b:96:e1:ce:a4:03:4a:91:38:f3:53:0d:bd:b8:42:bf:67:
         d4:5c:8b:b5:60:ca:87:c2:29:20:c7:16:f5:b0:1f:d7:a4:c3:
         a1:a5:f7:57:9f:33:a0:d9:24:b4:25:00:ec:30:2e:e1:b5:d8:
         88:53:6f:7f:21:7c:a8:90:77:e3:9a:aa:d3:c5:51:00:4e:8f:
         ef:2e:78:85:ca:6a:9f:99:17:1f:60:8b:1c:14:98:0d:9e:3a:
         a6:31:b9:46:19:f7:64:34:f3:8f:9e:ec:d2:76:fa:ae:38:af:
         00:47:de:06:63:1d:89:40:55:98:ca:83:3b:8c:9f:23:e3:b9:
         d9:bf:57:bc:27:3a:36:e3:54:3c:a8:49:cb:ba:96:3c:05:6f:
         bf:a1:8b:de:67:2e:f0:ad:19:df:ef:95:60:33:bd:2e:58:d1:
         4d:fd:93:44:4c:a4:e7:15:ed:ad:67:91:1c:49:c7:79:f5:3a:
         c1:e9:c7:e1:fd:15:84:6f:f1:c8:e5:12:75:91:37:af:23:c9:
         30:ee:b4:78:fe:36:57:82:1f:dd:2b:2e:23:0d:44:ee:91:92:
         41:50:2c:0c:c6:e8:f5:5f:d0:87:4f:13:59:8c:58:ea:bb:2a:
         02:92:f7:1c:d1:f8:a0:24:6f:e3:01:70:23:61:c7:92:b7:bf:
         88:59:95:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyp64dQTSTm1BYfZiaDLvVbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYjlhMjQ5ZTliNThjODJlMTQ1NWViMjMzOTQ1NWIwMzFl
N2RkZGYwHhcNMjYwMzAxMTUwMTUwWhcNMjYwMzAyMTUwMTUwWjAzMTEwLwYDVQQD
Eyg5MDZlMWJhYmIwMjZjMmMyZmMwN2QzNTZhY2QwNzIwMjdhN2QzYTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvR522HfEySoiFBobuEbHMVgR712/
zPvxxgQoM9y9QhaCqxeDwZvxISgj3NTJ+tJ53qKEQkBMNgHLp4Vk83+9Tj9Bo351
8CZWyQV9wu9HSaBCKQDTn5V/dQpQ7DUkuolY3Mgr4j64vJsdfygvUzWKozuzlUm9
aZmlaos7wWHym7xtV2GhItVoZiDIup4acTvDxWs5NmdJyqTiNDiAlpBZxuVtnpTV
45Tch8jTPdYxMXH9VPoX/TM17Xf5QSd5spCy0OjTzYzaQ68zktOQ402oWoA6sI+h
ljWV/1vVuaWaQiw8vDfL3886bPNW3pnNYU+F0yayq2IixxvbwsdUQgREdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJBuG6uwJsLC/AfTVqzQcgJ6fTowMB8GA1UdIwQY
MBaAFCq5oknptYyC4UVesjOUVbAx593fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85ZWFiNmQtNmIzNS00YTVhLWFmYjEt
MjUxZjIyMDkzZDA0LzEvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85ZWFiNmQtNmIzNS00YTVhLWFmYjEtMjUxZjIyMDkzZDA0
LzEvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYiuW4c6k
A0qROPNTDb24Qr9n1FyLtWDKh8IpIMcW9bAf16TDoaX3V58zoNkktCUA7DAu4bXY
iFNvfyF8qJB345qq08VRAE6P7y54hcpqn5kXH2CLHBSYDZ46pjG5Rhn3ZDTzj57s
0nb6rjivAEfeBmMdiUBVmMqDO4yfI+O52b9XvCc6NuNUPKhJy7qWPAVvv6GL3mcu
8K0Z3++VYDO9LljRTf2TREyk5xXtrWeRHEnHefU6wenH4f0VhG/xyOUSdZE3ryPJ
MO60eP42V4If3SsuIw1E7pGSQVAsDMbo9V/Qh08TWYxY6rsqApL3HNH4oCRv4wFw
I2HHkre/iFmVmw==
-----END CERTIFICATE-----