Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.mft
File:                     K5Ro565AOUbluk3mHMHEej2b794.mft (raw, json)
Hash identifier:          l+Mw1mEY/hDaC2nQF5URDyFncHgMxiK4xtvkihK/zKo=
Subject key identifier:   BB:B7:E0:80:F2:80:25:22:0C:8C:B5:EF:9F:7E:70:DA:75:7F:62:32
Authority key identifier: 2B:94:68:E7:AE:40:39:46:E5:BA:4D:E6:1C:C1:C4:7A:3D:9B:EF:DE
Certificate issuer:       /CN=2b9468e7ae403946e5ba4de61cc1c47a3d9befde
Certificate serial:       019CAD59EE1850E21E1EEBDE694A6FA7A71F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K5Ro565AOUbluk3mHMHEej2b794.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.mft
Manifest number:          0D00
Signing time:             Mon 02 Mar 2026 07:01:17 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:17 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:17 +0000
Files and hashes:         1: K5Ro565AOUbluk3mHMHEej2b794.crl (hash: 4C2q1Tg98PQkzcA5syObEoWOhgoKauCTLCOhoHkAgUA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K5Ro565AOUbluk3mHMHEej2b794.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:ee:18:50:e2:1e:1e:eb:de:69:4a:6f:a7:a7:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b9468e7ae403946e5ba4de61cc1c47a3d9befde
        Validity
            Not Before: Mar  2 07:01:17 2026 GMT
            Not After : Mar  3 07:01:17 2026 GMT
        Subject: CN=bbb7e080f28025220c8cb5ef9f7e70da757f6232
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:b4:e7:b2:88:38:33:e3:38:89:de:63:04:fc:
                    8d:0b:4a:a5:d3:2c:2d:ab:88:c3:1e:2c:89:5e:0c:
                    34:b4:7c:e0:9b:8e:db:3f:4f:07:db:2c:93:3c:8a:
                    4f:ef:4e:fa:1b:00:50:65:3f:8b:fa:5e:b0:1c:ed:
                    6d:26:cf:d4:ea:e3:00:02:05:72:30:4c:83:25:5f:
                    7f:26:6c:0f:71:ce:cf:d7:0b:06:c6:0e:99:25:20:
                    90:ab:05:25:08:58:93:c2:fe:d2:8c:06:b7:ca:22:
                    77:1f:fb:53:ab:22:a2:43:69:45:bd:c0:d5:bb:80:
                    46:db:9b:42:f8:46:17:11:ed:b3:76:fe:36:6f:bf:
                    48:d2:cf:88:67:c3:7d:2a:84:f2:09:0b:24:2f:96:
                    8b:00:6e:1a:08:13:46:dc:e5:52:62:a2:1f:4f:d6:
                    e1:f8:62:fd:20:db:c6:41:e0:2d:b9:49:57:0d:61:
                    5b:bc:bb:5f:2b:d1:5b:54:d7:e9:ea:44:09:05:90:
                    c3:5d:10:90:d2:12:f0:25:19:73:13:22:b2:19:d7:
                    73:84:8b:4a:d2:a7:81:43:1d:ef:fd:ac:70:ed:ff:
                    38:65:ce:1b:23:9d:91:53:74:f2:41:b0:f7:71:ba:
                    b2:1d:e3:e2:9d:2c:7c:31:b6:e3:03:cc:98:bc:10:
                    ed:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:B7:E0:80:F2:80:25:22:0C:8C:B5:EF:9F:7E:70:DA:75:7F:62:32
            X509v3 Authority Key Identifier:
                keyid:2B:94:68:E7:AE:40:39:46:E5:BA:4D:E6:1C:C1:C4:7A:3D:9B:EF:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Ro565AOUbluk3mHMHEej2b794.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:0e:2c:47:f2:11:20:0c:f8:62:31:83:63:2a:b6:8b:0f:0e:
         73:7e:ab:93:0a:bb:7d:6c:98:88:44:79:a3:4a:ea:9f:79:47:
         c9:c8:8b:21:f6:ce:d0:89:0f:02:9e:2f:67:7c:1f:39:e3:3b:
         e7:9e:3c:b4:57:03:13:7b:c5:9d:b7:c3:d5:07:80:4d:cc:0c:
         c2:f2:a4:8d:fe:10:2f:d1:f3:05:45:34:ce:a1:61:51:69:3e:
         e7:bf:2f:e2:46:a3:04:5e:73:45:b2:98:a4:62:31:dc:e5:fa:
         a3:cb:02:6b:71:9d:28:19:b0:96:ad:20:bf:7b:8f:38:ef:b9:
         6e:c2:f4:55:32:90:9d:33:42:06:1a:72:68:18:83:6a:42:b2:
         08:60:8f:dc:3f:30:22:00:00:a8:14:cc:02:77:bc:7e:e9:e9:
         aa:0e:1f:18:77:5a:28:d7:41:48:8b:da:19:55:4b:ce:b3:3e:
         79:5b:ad:45:52:7d:23:36:3f:81:34:21:4e:38:31:9c:73:cc:
         f5:13:af:c3:33:fe:b6:9b:83:49:2b:c1:78:21:ff:29:8c:b3:
         5e:8a:4f:53:e9:8c:25:48:fb:a6:b1:53:33:8b:e0:f9:33:85:
         08:a1:2c:58:b9:b9:17:c2:11:41:27:3d:e2:a0:68:0c:ac:08:
         6d:67:19:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWe4YUOIeHuveaUpvp6cfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTQ2OGU3YWU0MDM5NDZlNWJhNGRlNjFjYzFjNDdhM2Q5
YmVmZGUwHhcNMjYwMzAyMDcwMTE3WhcNMjYwMzAzMDcwMTE3WjAzMTEwLwYDVQQD
EyhiYmI3ZTA4MGYyODAyNTIyMGM4Y2I1ZWY5ZjdlNzBkYTc1N2Y2MjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7Tnsog4M+M4id5jBPyNC0ql0ywt
q4jDHiyJXgw0tHzgm47bP08H2yyTPIpP7076GwBQZT+L+l6wHO1tJs/U6uMAAgVy
MEyDJV9/JmwPcc7P1wsGxg6ZJSCQqwUlCFiTwv7SjAa3yiJ3H/tTqyKiQ2lFvcDV
u4BG25tC+EYXEe2zdv42b79I0s+IZ8N9KoTyCQskL5aLAG4aCBNG3OVSYqIfT9bh
+GL9INvGQeAtuUlXDWFbvLtfK9FbVNfp6kQJBZDDXRCQ0hLwJRlzEyKyGddzhItK
0qeBQx3v/axw7f84Zc4bI52RU3TyQbD3cbqyHePinSx8MbbjA8yYvBDtjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLu34IDygCUiDIy1759+cNp1f2IyMB8GA1UdIwQY
MBaAFCuUaOeuQDlG5bpN5hzBxHo9m+/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVSbzU2NUFPVWJsdWszbUhNSEVlajJiNzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi80YjVjMTgtODQ3Mi00MWRiLWI1NTct
MjI2OWMxYWYyYWQzLzEvSzVSbzU2NUFPVWJsdWszbUhNSEVlajJiNzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi80YjVjMTgtODQ3Mi00MWRiLWI1NTctMjI2OWMxYWYyYWQz
LzEvSzVSbzU2NUFPVWJsdWszbUhNSEVlajJiNzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWQ4sR/IR
IAz4YjGDYyq2iw8Oc36rkwq7fWyYiER5o0rqn3lHyciLIfbO0IkPAp4vZ3wfOeM7
5548tFcDE3vFnbfD1QeATcwMwvKkjf4QL9HzBUU0zqFhUWk+578v4kajBF5zRbKY
pGIx3OX6o8sCa3GdKBmwlq0gv3uPOO+5bsL0VTKQnTNCBhpyaBiDakKyCGCP3D8w
IgAAqBTMAne8funpqg4fGHdaKNdBSIvaGVVLzrM+eVutRVJ9IzY/gTQhTjgxnHPM
9ROvwzP+tpuDSSvBeCH/KYyzXopPU+mMJUj7prFTM4vg+TOFCKEsWLm5F8IRQSc9
4qBoDKwIbWcZbQ==
-----END CERTIFICATE-----