Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft
File:                     KMvNlssXsh1iT9IXD9DXCBY68j0.mft (raw, json)
Hash identifier:          hPLBoO+394YEQSRjzIstEPZNk+Z2V57FqI6dKV+RUuI=
Subject key identifier:   0B:15:D6:AC:D1:96:5A:5A:7E:97:FA:D4:6E:F0:ED:73:85:C1:D3:B7
Authority key identifier: 28:CB:CD:96:CB:17:B2:1D:62:4F:D2:17:0F:D0:D7:08:16:3A:F2:3D
Certificate issuer:       /CN=28cbcd96cb17b21d624fd2170fd0d708163af23d
Certificate serial:       019CAD59CE76FA9F2C4372499DD7FC7CC5CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft
Manifest number:          116F
Signing time:             Mon 02 Mar 2026 07:01:09 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:09 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:09 +0000
Files and hashes:         1: KMvNlssXsh1iT9IXD9DXCBY68j0.crl (hash: QGJp17KG0qcv/jcDBCIicGfr5/UsDjbC5JpA4hVsxyc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:ce:76:fa:9f:2c:43:72:49:9d:d7:fc:7c:c5:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28cbcd96cb17b21d624fd2170fd0d708163af23d
        Validity
            Not Before: Mar  2 07:01:09 2026 GMT
            Not After : Mar  3 07:01:09 2026 GMT
        Subject: CN=0b15d6acd1965a5a7e97fad46ef0ed7385c1d3b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:9a:d4:e4:6d:69:af:bb:53:16:0d:f8:62:1f:
                    38:0b:9c:77:20:66:2b:7c:2b:52:a9:64:03:d0:52:
                    41:5e:28:7b:1f:06:f4:f4:f8:f1:91:6b:8a:26:99:
                    0a:51:b3:f0:4f:85:6f:80:39:11:39:08:2b:5b:d5:
                    e6:cc:e6:63:d5:30:8a:80:b5:bc:6d:00:26:b4:7b:
                    08:77:b7:3c:af:af:80:d9:66:fe:9c:e4:3d:4a:ab:
                    1a:44:db:82:6c:98:a0:e1:93:1a:d2:b6:4f:aa:eb:
                    23:39:a5:6c:b5:a7:24:06:2a:58:fb:60:7f:62:dd:
                    8f:ce:b1:23:7c:ac:99:7a:44:7d:e6:4e:83:77:08:
                    57:68:de:3f:07:e5:38:3d:ac:87:e9:3a:9a:12:33:
                    0a:fe:1e:c3:4f:83:a4:33:ce:62:39:8d:d5:c6:12:
                    7c:e7:53:6e:69:4c:9a:35:46:3a:79:b7:9f:f8:cd:
                    7b:36:14:d3:47:cb:f4:c7:eb:d5:b8:9c:50:45:5f:
                    c0:be:21:3a:85:8e:85:90:c5:d7:14:bb:18:61:cb:
                    2d:a8:3b:61:78:07:11:72:90:aa:0f:43:18:cd:7f:
                    ba:7b:14:e5:83:76:d2:91:4d:3e:a7:73:f5:be:58:
                    e9:9b:bb:9a:fb:80:11:83:e8:57:c2:ae:55:fc:2f:
                    46:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:15:D6:AC:D1:96:5A:5A:7E:97:FA:D4:6E:F0:ED:73:85:C1:D3:B7
            X509v3 Authority Key Identifier:
                keyid:28:CB:CD:96:CB:17:B2:1D:62:4F:D2:17:0F:D0:D7:08:16:3A:F2:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:05:89:78:93:71:62:06:15:9c:e6:d6:7f:bf:13:87:4d:5b:
         2d:ff:45:11:53:0c:0d:cc:93:ae:ca:2c:b2:5f:dd:91:d6:5c:
         e4:81:f6:24:20:15:a8:9e:8b:25:af:f2:2a:c2:44:6f:21:b0:
         d0:91:00:98:eb:64:81:4a:7c:2f:be:b6:99:05:8a:2a:bf:42:
         23:86:df:91:53:24:93:8c:90:a2:e4:ac:56:44:7a:c1:bb:7a:
         fd:dc:cc:51:ce:e6:08:b4:62:c2:40:d6:f6:fc:e2:8b:ce:ed:
         db:79:7c:a6:f4:f3:5d:67:4f:2b:ea:6e:10:30:c5:bd:09:c0:
         70:0e:03:9a:6c:01:0a:37:d0:b6:08:4b:d1:39:2d:b7:52:6f:
         2c:29:0d:35:81:67:93:2c:4a:ee:e4:50:ae:34:68:4d:a6:49:
         59:ac:1f:9b:1f:35:2a:76:b3:2d:8f:63:e7:48:44:51:60:7b:
         36:39:0f:46:ed:4d:e6:8c:96:86:68:cc:33:de:ea:2d:ec:79:
         68:56:93:f1:b3:f3:be:38:28:e1:fc:45:ed:63:bc:b6:43:0b:
         96:99:b5:18:66:ab:c0:9a:9b:3b:fe:c2:ac:cc:33:26:d6:7f:
         ec:ef:f4:8e:77:5f:f8:02:c6:f7:c7:c4:36:97:b5:5a:4d:af:
         2e:f7:7c:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWc52+p8sQ3JJndf8fMXNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4Y2JjZDk2Y2IxN2IyMWQ2MjRmZDIxNzBmZDBkNzA4MTYz
YWYyM2QwHhcNMjYwMzAyMDcwMTA5WhcNMjYwMzAzMDcwMTA5WjAzMTEwLwYDVQQD
EygwYjE1ZDZhY2QxOTY1YTVhN2U5N2ZhZDQ2ZWYwZWQ3Mzg1YzFkM2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZrU5G1pr7tTFg34Yh84C5x3IGYr
fCtSqWQD0FJBXih7Hwb09PjxkWuKJpkKUbPwT4VvgDkROQgrW9XmzOZj1TCKgLW8
bQAmtHsId7c8r6+A2Wb+nOQ9SqsaRNuCbJig4ZMa0rZPqusjOaVstackBipY+2B/
Yt2PzrEjfKyZekR95k6DdwhXaN4/B+U4PayH6TqaEjMK/h7DT4OkM85iOY3VxhJ8
51NuaUyaNUY6ebef+M17NhTTR8v0x+vVuJxQRV/AviE6hY6FkMXXFLsYYcstqDth
eAcRcpCqD0MYzX+6exTlg3bSkU0+p3P1vljpm7ua+4ARg+hXwq5V/C9GEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAsV1qzRllpafpf61G7w7XOFwdO3MB8GA1UdIwQY
MBaAFCjLzZbLF7IdYk/SFw/Q1wgWOvI9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZTQwZWUtNzkzNS00MWE5LThlZTct
ZjlhNjk0NDlkNWZhLzEvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ZTQwZWUtNzkzNS00MWE5LThlZTctZjlhNjk0NDlkNWZh
LzEvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPgWJeJNx
YgYVnObWf78Th01bLf9FEVMMDcyTrsossl/dkdZc5IH2JCAVqJ6LJa/yKsJEbyGw
0JEAmOtkgUp8L762mQWKKr9CI4bfkVMkk4yQouSsVkR6wbt6/dzMUc7mCLRiwkDW
9vzii87t23l8pvTzXWdPK+puEDDFvQnAcA4DmmwBCjfQtghL0Tktt1JvLCkNNYFn
kyxK7uRQrjRoTaZJWawfmx81KnazLY9j50hEUWB7NjkPRu1N5oyWhmjMM97qLex5
aFaT8bPzvjgo4fxF7WO8tkMLlpm1GGarwJqbO/7CrMwzJtZ/7O/0jndf+ALG98fE
Npe1Wk2vLvd8RA==
-----END CERTIFICATE-----