Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
File:                     KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft (raw, json)
Hash identifier:          Lr6IyyyrsPPZ90jS5BQKe3M7P+6WFa+vjK7uR4S9364=
Subject key identifier:   AA:56:27:DD:25:09:8D:C9:5A:C0:F8:F9:24:C7:D2:60:CE:89:64:CC
Authority key identifier: 29:62:E6:A1:33:4C:9C:A9:C9:3E:D5:7F:F4:AD:72:D9:9C:E9:1A:D0
Certificate issuer:       /CN=2962e6a1334c9ca9c93ed57ff4ad72d99ce91ad0
Certificate serial:       019CAC467EA2CE7C95C52FFDB1BC249C863B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
Manifest number:          092B
Signing time:             Mon 02 Mar 2026 02:00:26 +0000
Manifest this update:     Mon 02 Mar 2026 02:00:26 +0000
Manifest next update:     Tue 03 Mar 2026 02:00:26 +0000
Files and hashes:         1: KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl (hash: vLwhufqXS/sU3R+TbfyNWTMHDAyiP6T6IVr7/6WaYmY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:46:7e:a2:ce:7c:95:c5:2f:fd:b1:bc:24:9c:86:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2962e6a1334c9ca9c93ed57ff4ad72d99ce91ad0
        Validity
            Not Before: Mar  2 02:00:26 2026 GMT
            Not After : Mar  3 02:00:26 2026 GMT
        Subject: CN=aa5627dd25098dc95ac0f8f924c7d260ce8964cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:68:15:66:72:2f:b4:78:4a:c1:7d:13:01:f6:
                    5f:72:ee:03:7f:97:65:64:73:f6:a8:7c:c9:30:bc:
                    a5:46:b4:ee:47:69:0d:d8:0e:8d:23:ee:60:dd:21:
                    b4:89:f0:4d:56:f5:30:c4:b1:01:32:4e:13:63:40:
                    ed:9e:fb:2e:f7:7b:a9:25:35:82:22:8e:66:30:7c:
                    ca:88:3c:bf:22:79:6b:0a:29:66:75:27:7e:89:1a:
                    35:95:8a:e7:f9:9c:df:11:d9:36:c8:53:ba:e3:fd:
                    3d:52:e0:90:de:56:2b:f5:88:e4:b9:dc:2a:31:ab:
                    77:60:12:ab:c9:dd:91:1c:5d:30:74:7b:01:01:d2:
                    67:36:6e:8a:39:47:62:e1:79:f9:13:50:47:e5:e6:
                    01:ca:ee:ca:c5:c0:7f:63:bc:c9:6d:63:9a:e6:75:
                    c7:4d:91:e9:d0:b1:48:3b:4d:2e:ac:6a:7e:f0:2e:
                    aa:45:b4:ed:f5:7c:c6:e8:e6:99:ad:55:ba:d0:52:
                    25:5e:30:19:86:3b:21:4f:fb:a4:5f:df:cc:1f:0c:
                    13:60:fb:78:ba:d1:5e:c1:19:6c:bf:17:14:43:13:
                    ea:f9:08:77:c4:f8:7b:86:a4:4a:e2:d1:02:f6:90:
                    f4:d0:9b:89:be:ba:ec:37:98:76:30:e9:bf:0d:df:
                    55:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:56:27:DD:25:09:8D:C9:5A:C0:F8:F9:24:C7:D2:60:CE:89:64:CC
            X509v3 Authority Key Identifier:
                keyid:29:62:E6:A1:33:4C:9C:A9:C9:3E:D5:7F:F4:AD:72:D9:9C:E9:1A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:06:95:a2:15:b7:33:3c:a3:1c:88:64:d7:24:44:8d:5b:c7:
         b2:06:d9:54:72:01:28:84:b4:0d:fe:43:2e:4c:9d:02:b4:b1:
         a0:61:ae:c4:d5:2b:8a:63:4e:ce:b6:bc:6a:43:0c:38:26:c1:
         79:49:d7:59:19:ad:75:87:4d:8a:50:a3:23:22:d1:3d:f4:81:
         48:f3:26:bd:95:ea:a8:cc:56:1c:14:f1:83:f5:5d:87:b1:24:
         97:5f:99:7d:8e:4e:47:c9:6c:2d:81:cb:b1:99:53:96:8e:54:
         a9:7c:88:80:32:ef:c7:98:61:25:d6:52:fd:df:20:f8:ad:81:
         3e:78:d7:c5:40:de:b1:31:2e:bc:74:21:dc:52:6b:27:83:1b:
         c9:e6:7e:31:d9:cc:4c:fe:95:d3:23:e5:53:f9:41:bf:94:91:
         d4:23:93:e5:fa:0f:18:6b:47:c3:cd:21:03:7e:d7:46:06:74:
         8e:f4:5a:aa:ec:5e:48:9c:df:4f:b8:73:df:e2:d9:c3:3e:ea:
         b0:8b:dd:6b:6b:c5:fb:3e:30:26:84:54:79:a4:b5:5a:2b:e4:
         55:7c:b5:f0:b2:08:ee:10:2b:4b:ea:31:25:62:db:3c:72:20:
         5e:75:57:a3:aa:2d:96:fa:8a:7e:5a:b8:d6:9f:d4:e3:80:a0:
         9a:6d:62:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRn6iznyVxS/9sbwknIY7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjJlNmExMzM0YzljYTljOTNlZDU3ZmY0YWQ3MmQ5OWNl
OTFhZDAwHhcNMjYwMzAyMDIwMDI2WhcNMjYwMzAzMDIwMDI2WjAzMTEwLwYDVQQD
EyhhYTU2MjdkZDI1MDk4ZGM5NWFjMGY4ZjkyNGM3ZDI2MGNlODk2NGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmgVZnIvtHhKwX0TAfZfcu4Df5dl
ZHP2qHzJMLylRrTuR2kN2A6NI+5g3SG0ifBNVvUwxLEBMk4TY0Dtnvsu93upJTWC
Io5mMHzKiDy/InlrCilmdSd+iRo1lYrn+ZzfEdk2yFO64/09UuCQ3lYr9Yjkudwq
Mat3YBKryd2RHF0wdHsBAdJnNm6KOUdi4Xn5E1BH5eYByu7KxcB/Y7zJbWOa5nXH
TZHp0LFIO00urGp+8C6qRbTt9XzG6OaZrVW60FIlXjAZhjshT/ukX9/MHwwTYPt4
utFewRlsvxcUQxPq+Qh3xPh7hqRK4tEC9pD00JuJvrrsN5h2MOm/Dd9VfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKpWJ90lCY3JWsD4+STH0mDOiWTMMB8GA1UdIwQY
MBaAFCli5qEzTJypyT7Vf/Stctmc6RrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iZGU4MTgtYzBlZC00OTI0LThkN2It
NmVjNDBjODVhMmFlLzEvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iZGU4MTgtYzBlZC00OTI0LThkN2ItNmVjNDBjODVhMmFl
LzEvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhgaVohW3
MzyjHIhk1yREjVvHsgbZVHIBKIS0Df5DLkydArSxoGGuxNUrimNOzra8akMMOCbB
eUnXWRmtdYdNilCjIyLRPfSBSPMmvZXqqMxWHBTxg/Vdh7Ekl1+ZfY5OR8lsLYHL
sZlTlo5UqXyIgDLvx5hhJdZS/d8g+K2BPnjXxUDesTEuvHQh3FJrJ4MbyeZ+MdnM
TP6V0yPlU/lBv5SR1COT5foPGGtHw80hA37XRgZ0jvRaquxeSJzfT7hz3+LZwz7q
sIvda2vF+z4wJoRUeaS1WivkVXy18LII7hArS+oxJWLbPHIgXnVXo6otlvqKflq4
1p/U44Cgmm1i9w==
-----END CERTIFICATE-----