Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft
File:                     KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft (raw, json)
Hash identifier:          xOdO9NMana7PBNU9GK1wTxclZ44IxO7YWtUxGLMo9co=
Subject key identifier:   28:23:9A:48:15:77:F8:E0:63:C3:4B:7E:F4:34:B7:B6:02:48:11:85
Authority key identifier: 29:47:98:77:68:64:7E:EB:8A:0F:38:60:C4:41:76:24:7C:E6:FC:59
Certificate issuer:       /CN=2947987768647eeb8a0f3860c44176247ce6fc59
Certificate serial:       019D9850432B413CF2FD6E0C2AB5E840205D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft
Manifest number:          10D8
Signing time:             Thu 16 Apr 2026 22:01:29 +0000
Manifest this update:     Thu 16 Apr 2026 22:01:29 +0000
Manifest next update:     Fri 17 Apr 2026 22:01:29 +0000
Files and hashes:         1: KUeYd2hkfuuKDzhgxEF2JHzm_Fk.crl (hash: WmqrVOLEqFFI2KTcFbQkGGmw7k7MU0N3ow9p9JMqHs0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:50:43:2b:41:3c:f2:fd:6e:0c:2a:b5:e8:40:20:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2947987768647eeb8a0f3860c44176247ce6fc59
        Validity
            Not Before: Apr 16 22:01:29 2026 GMT
            Not After : Apr 17 22:01:29 2026 GMT
        Subject: CN=28239a481577f8e063c34b7ef434b7b602481185
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:66:74:58:5f:44:7f:29:2c:ca:24:90:d7:f3:
                    89:84:81:4c:26:e1:e6:5c:d0:a0:f7:b3:3a:b2:11:
                    06:e1:2b:8c:ad:1d:4d:07:94:c6:1f:b7:a8:9e:7a:
                    8b:76:2b:80:e3:12:16:9b:a3:f9:d7:0d:55:a5:39:
                    4a:2b:55:42:d9:e6:3d:3c:1f:6e:45:04:4f:69:06:
                    3d:f7:8d:b1:e2:68:33:df:c6:19:d9:d5:82:6a:35:
                    4d:f9:1d:25:6a:9c:62:f1:b3:1e:41:95:fd:e0:61:
                    9b:1f:f8:c1:ef:9b:7e:4a:f7:f6:bb:a7:0a:67:c6:
                    cf:d8:51:0b:79:ae:af:d8:b9:d0:c4:dc:07:95:bb:
                    53:7c:dd:e6:05:5e:01:5e:3c:10:9f:6f:59:25:75:
                    77:4d:7f:1a:5e:5f:b1:00:dd:eb:e8:8c:f8:c4:35:
                    65:18:9b:a8:31:8c:53:d9:f7:50:5c:82:a7:b6:fc:
                    d4:44:dc:4d:af:c6:e5:8f:63:14:2c:b4:f4:39:72:
                    76:2e:60:b1:e7:a6:b6:a0:37:12:9d:9b:cd:55:ca:
                    c8:c9:8c:bd:87:d2:20:be:45:69:59:45:33:da:7f:
                    f8:59:e7:a3:ca:86:29:39:1d:f4:0b:5e:22:2c:a2:
                    b7:8d:ae:b1:13:00:4e:5b:c1:17:62:bd:9a:4f:53:
                    19:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:23:9A:48:15:77:F8:E0:63:C3:4B:7E:F4:34:B7:B6:02:48:11:85
            X509v3 Authority Key Identifier:
                keyid:29:47:98:77:68:64:7E:EB:8A:0F:38:60:C4:41:76:24:7C:E6:FC:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:da:86:dc:e8:1e:9f:4f:09:17:e3:b8:5b:3e:43:1d:89:5c:
         8b:a4:fe:d1:bb:d9:f8:99:ae:7d:be:29:c4:4c:b2:a2:bb:e1:
         80:c6:20:fb:5c:d1:38:5c:0b:d2:fd:e2:6c:b2:ed:df:38:2b:
         8d:89:c3:2f:4c:f7:f9:e7:63:31:e8:77:b2:e9:15:01:95:98:
         a8:64:45:cd:55:c1:48:17:f2:f6:2a:4a:c5:3d:ea:39:60:cd:
         5d:90:a8:a3:6e:bd:db:7a:d8:32:18:16:3d:22:b3:00:23:8a:
         f7:d9:11:4e:ca:a8:ff:dd:da:0e:63:7b:37:14:00:da:72:27:
         62:74:16:75:8d:3f:18:dc:fb:ae:c6:6f:85:db:3d:85:c0:7c:
         a0:ec:7e:ac:bb:ce:c7:ba:18:b2:bb:d6:7e:5b:2a:8c:a5:34:
         6d:65:97:12:4b:58:31:1c:22:a3:f5:4a:59:22:53:ca:ad:69:
         89:60:47:58:d6:3a:d5:13:b8:8f:2e:35:9c:23:61:21:44:ad:
         5b:30:2a:21:ba:7a:22:b2:9d:8e:4c:f0:94:b4:4a:9f:58:fa:
         ff:a6:ca:40:71:03:d3:f7:0d:42:c3:86:74:10:2d:b5:c5:36:
         63:7e:b8:5d:23:b4:04:f1:24:10:47:5c:63:ae:0f:5b:d5:ee:
         98:fc:53:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YUEMrQTzy/W4MKrXoQCBdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NDc5ODc3Njg2NDdlZWI4YTBmMzg2MGM0NDE3NjI0N2Nl
NmZjNTkwHhcNMjYwNDE2MjIwMTI5WhcNMjYwNDE3MjIwMTI5WjAzMTEwLwYDVQQD
EygyODIzOWE0ODE1NzdmOGUwNjNjMzRiN2VmNDM0YjdiNjAyNDgxMTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32Z0WF9EfyksyiSQ1/OJhIFMJuHm
XNCg97M6shEG4SuMrR1NB5TGH7eonnqLdiuA4xIWm6P51w1VpTlKK1VC2eY9PB9u
RQRPaQY9942x4mgz38YZ2dWCajVN+R0lapxi8bMeQZX94GGbH/jB75t+Svf2u6cK
Z8bP2FELea6v2LnQxNwHlbtTfN3mBV4BXjwQn29ZJXV3TX8aXl+xAN3r6Iz4xDVl
GJuoMYxT2fdQXIKntvzURNxNr8blj2MULLT0OXJ2LmCx56a2oDcSnZvNVcrIyYy9
h9IgvkVpWUUz2n/4WeejyoYpOR30C14iLKK3ja6xEwBOW8EXYr2aT1MZHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCgjmkgVd/jgY8NLfvQ0t7YCSBGFMB8GA1UdIwQY
MBaAFClHmHdoZH7rig84YMRBdiR85vxZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1VlWWQyaGtmdXVLRHpoZ3hFRjJKSHptX0ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lZGVmYjMtMTM4ZC00YWU2LTk0ODct
NWRhYjFiNGE1YzYxLzEvS1VlWWQyaGtmdXVLRHpoZ3hFRjJKSHptX0ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lZGVmYjMtMTM4ZC00YWU2LTk0ODctNWRhYjFiNGE1YzYx
LzEvS1VlWWQyaGtmdXVLRHpoZ3hFRjJKSHptX0ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK9qG3Oge
n08JF+O4Wz5DHYlci6T+0bvZ+Jmufb4pxEyyorvhgMYg+1zROFwL0v3ibLLt3zgr
jYnDL0z3+edjMeh3sukVAZWYqGRFzVXBSBfy9ipKxT3qOWDNXZCoo26923rYMhgW
PSKzACOK99kRTsqo/93aDmN7NxQA2nInYnQWdY0/GNz7rsZvhds9hcB8oOx+rLvO
x7oYsrvWflsqjKU0bWWXEktYMRwio/VKWSJTyq1piWBHWNY61RO4jy41nCNhIUSt
WzAqIbp6IrKdjkzwlLRKn1j6/6bKQHED0/cNQsOGdBAttcU2Y364XSO0BPEkEEdc
Y64PW9XumPxTHQ==
-----END CERTIFICATE-----