Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
File:                     KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft (raw, json)
Hash identifier:          yyhHCrzS0RBr8WBdkGmrUC3ZxGZId7mOezWopoAAZO0=
Subject key identifier:   0D:6C:1E:50:6B:16:10:DA:FA:85:62:D5:85:D6:30:28:11:F3:70:EE
Authority key identifier: 29:62:E6:A1:33:4C:9C:A9:C9:3E:D5:7F:F4:AD:72:D9:9C:E9:1A:D0
Certificate issuer:       /CN=2962e6a1334c9ca9c93ed57ff4ad72d99ce91ad0
Certificate serial:       019DA3782C856DC3873B2B7EDE315A90D660
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
Manifest number:          09AB
Signing time:             Sun 19 Apr 2026 02:00:54 +0000
Manifest this update:     Sun 19 Apr 2026 02:00:54 +0000
Manifest next update:     Mon 20 Apr 2026 02:00:54 +0000
Files and hashes:         1: KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl (hash: L99PY5ghubt4x6pCuHkaHtmnCX97doqZTHsfx3G6Azs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:78:2c:85:6d:c3:87:3b:2b:7e:de:31:5a:90:d6:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2962e6a1334c9ca9c93ed57ff4ad72d99ce91ad0
        Validity
            Not Before: Apr 19 02:00:54 2026 GMT
            Not After : Apr 20 02:00:54 2026 GMT
        Subject: CN=0d6c1e506b1610dafa8562d585d6302811f370ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:4f:a3:11:8b:49:2e:3d:94:76:21:f9:14:e8:
                    5f:2e:e6:1e:b1:cd:7c:c5:d8:b7:77:a0:c0:d8:83:
                    60:69:23:bc:a7:cf:7b:7d:a1:e5:e6:23:ed:bc:61:
                    da:43:4d:c2:d8:db:7f:f9:b6:ae:91:a2:f1:99:6a:
                    13:06:23:58:7c:1c:52:70:8f:29:1c:a4:52:6b:63:
                    d6:11:ec:ac:da:75:5b:cc:8b:5c:fa:b1:9a:7b:7e:
                    6c:69:87:6b:1b:8d:3f:5c:40:93:b0:fe:93:b9:bd:
                    e8:0b:db:ea:b4:10:34:21:e3:19:47:04:07:14:3c:
                    48:2c:85:62:4f:b6:82:bc:c3:28:f7:9e:b4:29:9f:
                    14:db:46:86:b3:b7:17:f4:c5:8d:90:4d:be:db:5b:
                    5d:b3:10:fe:5b:45:a5:38:9d:e3:77:57:79:6c:a5:
                    12:77:2e:41:a1:c7:66:4d:a9:d1:eb:41:a5:0b:ae:
                    6b:b7:0d:8d:2d:11:d3:cd:50:57:fb:63:70:05:3a:
                    62:1c:46:92:95:99:7c:32:ed:a8:f5:d1:c3:c4:32:
                    6d:cc:dc:6e:67:bf:5e:41:49:b4:4f:f3:8e:db:99:
                    6c:23:ca:ae:b8:c5:d1:a7:7c:e9:0e:6f:e5:2e:c6:
                    bf:08:6d:7e:c4:70:c2:1a:f9:82:81:19:d2:32:c5:
                    7c:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:6C:1E:50:6B:16:10:DA:FA:85:62:D5:85:D6:30:28:11:F3:70:EE
            X509v3 Authority Key Identifier:
                keyid:29:62:E6:A1:33:4C:9C:A9:C9:3E:D5:7F:F4:AD:72:D9:9C:E9:1A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:31:af:fe:ba:5d:da:73:50:30:7d:2e:e1:bc:a1:94:f8:01:
         2f:8e:92:80:a4:84:b1:96:52:15:c3:33:78:49:2f:0a:0d:d5:
         7c:f7:db:83:03:e9:b9:6d:58:42:c6:3d:20:6a:3a:37:69:8f:
         f7:f3:71:ee:c8:af:c8:ba:47:04:3a:1c:c8:5c:7e:6f:be:da:
         4e:90:7d:38:53:02:1a:16:71:86:a4:83:e8:18:f0:4b:f7:89:
         44:3b:29:5f:c1:4f:4d:6c:50:68:9b:6b:83:ce:b8:19:75:2f:
         6b:59:20:b5:e1:fc:57:23:de:db:73:29:9d:c8:7e:b5:aa:fa:
         19:da:9b:ce:06:3c:64:16:98:92:44:f5:2f:42:d9:5f:67:b2:
         a2:2e:1b:56:42:f8:ce:5c:b3:8c:7a:97:aa:31:2c:84:15:02:
         bd:44:7c:9e:d7:83:21:94:5d:2b:1d:b8:24:11:c8:47:45:60:
         c7:1c:10:72:1d:25:fd:a3:d3:97:0f:36:95:ef:a6:f9:52:f4:
         f1:ff:1a:bc:b3:90:04:07:23:a2:27:26:f1:0d:de:e5:65:27:
         57:db:c3:ba:a9:9e:91:18:10:8a:57:4d:08:b6:a1:d6:ec:2d:
         2c:86:29:1c:48:40:4e:4d:3e:20:23:33:73:39:85:4f:64:7e:
         17:6c:ee:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jeCyFbcOHOyt+3jFakNZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjJlNmExMzM0YzljYTljOTNlZDU3ZmY0YWQ3MmQ5OWNl
OTFhZDAwHhcNMjYwNDE5MDIwMDU0WhcNMjYwNDIwMDIwMDU0WjAzMTEwLwYDVQQD
EygwZDZjMWU1MDZiMTYxMGRhZmE4NTYyZDU4NWQ2MzAyODExZjM3MGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApk+jEYtJLj2UdiH5FOhfLuYesc18
xdi3d6DA2INgaSO8p897faHl5iPtvGHaQ03C2Nt/+baukaLxmWoTBiNYfBxScI8p
HKRSa2PWEeys2nVbzItc+rGae35saYdrG40/XECTsP6Tub3oC9vqtBA0IeMZRwQH
FDxILIViT7aCvMMo9560KZ8U20aGs7cX9MWNkE2+21tdsxD+W0WlOJ3jd1d5bKUS
dy5BocdmTanR60GlC65rtw2NLRHTzVBX+2NwBTpiHEaSlZl8Mu2o9dHDxDJtzNxu
Z79eQUm0T/OO25lsI8quuMXRp3zpDm/lLsa/CG1+xHDCGvmCgRnSMsV88wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA1sHlBrFhDa+oVi1YXWMCgR83DuMB8GA1UdIwQY
MBaAFCli5qEzTJypyT7Vf/Stctmc6RrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iZGU4MTgtYzBlZC00OTI0LThkN2It
NmVjNDBjODVhMmFlLzEvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iZGU4MTgtYzBlZC00OTI0LThkN2ItNmVjNDBjODVhMmFl
LzEvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAATGv/rpd
2nNQMH0u4byhlPgBL46SgKSEsZZSFcMzeEkvCg3VfPfbgwPpuW1YQsY9IGo6N2mP
9/Nx7sivyLpHBDocyFx+b77aTpB9OFMCGhZxhqSD6BjwS/eJRDspX8FPTWxQaJtr
g864GXUva1kgteH8VyPe23Mpnch+tar6GdqbzgY8ZBaYkkT1L0LZX2eyoi4bVkL4
zlyzjHqXqjEshBUCvUR8nteDIZRdKx24JBHIR0VgxxwQch0l/aPTlw82le+m+VL0
8f8avLOQBAcjoicm8Q3e5WUnV9vDuqmekRgQildNCLah1uwtLIYpHEhATk0+ICMz
czmFT2R+F2zuGw==
-----END CERTIFICATE-----