Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft
File:                     KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft (raw, json)
Hash identifier:          DEOqB+SGq1WdEM7vhk0Ya6RsCDHrsvwgq2FP3OrvBo0=
Subject key identifier:   97:D9:80:8C:71:B4:DC:A7:A6:09:C6:71:29:B7:7D:3B:F9:AB:DF:39
Authority key identifier: 29:47:98:77:68:64:7E:EB:8A:0F:38:60:C4:41:76:24:7C:E6:FC:59
Certificate issuer:       /CN=2947987768647eeb8a0f3860c44176247ce6fc59
Certificate serial:       019CAAC66B3C007D38B6DC3C652151A011E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft
Manifest number:          105D
Signing time:             Sun 01 Mar 2026 19:00:56 +0000
Manifest this update:     Sun 01 Mar 2026 19:00:56 +0000
Manifest next update:     Mon 02 Mar 2026 19:00:56 +0000
Files and hashes:         1: KUeYd2hkfuuKDzhgxEF2JHzm_Fk.crl (hash: zLoZj4VcgnwJ7KTWAvQkO1bYQ/DwHwsq3vdb8fkXJh4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:6b:3c:00:7d:38:b6:dc:3c:65:21:51:a0:11:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2947987768647eeb8a0f3860c44176247ce6fc59
        Validity
            Not Before: Mar  1 19:00:56 2026 GMT
            Not After : Mar  2 19:00:56 2026 GMT
        Subject: CN=97d9808c71b4dca7a609c67129b77d3bf9abdf39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:f2:f3:c5:89:ac:2c:a5:16:0c:6e:ba:4d:31:
                    22:2b:b4:d7:10:67:fe:ed:ab:2b:8b:52:d3:bd:63:
                    9a:ad:5c:bd:7e:3c:7e:77:4c:5b:67:ae:84:a2:2d:
                    8e:76:25:37:fc:97:2c:90:43:a3:17:5d:37:b9:28:
                    c0:0e:80:11:a1:2b:33:a5:9a:6c:b7:0d:64:7d:97:
                    7c:be:ca:20:9c:25:a3:c0:40:bc:49:26:7f:39:6f:
                    b7:25:0e:6e:a4:a0:4d:ef:93:1b:7c:e2:1f:9b:1d:
                    d2:67:78:d6:aa:0b:e7:b9:24:1e:bb:71:41:e3:00:
                    9d:4a:a9:ce:98:10:62:de:0e:94:dd:fe:64:fe:c7:
                    d4:e6:b6:f7:fd:c9:e9:e0:fb:bf:d1:e8:9e:62:f9:
                    f5:31:7d:e1:b4:0e:e7:50:48:2e:6c:c7:a3:18:58:
                    cd:f3:5e:42:a9:41:58:7b:78:bf:07:2e:bd:2e:d1:
                    04:d4:e6:fe:84:43:cc:d2:31:fd:c6:a9:4a:8f:d4:
                    ef:9a:43:ae:75:ef:b2:d4:c4:b5:97:ac:c5:d6:27:
                    70:57:8b:69:f9:9c:3d:9f:9f:80:88:1f:0d:b6:aa:
                    c9:b4:5a:80:b3:e9:7d:96:2e:26:9b:b7:5d:cf:b1:
                    d8:cc:06:ce:06:6b:cb:10:99:e2:2a:03:4d:71:42:
                    97:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:D9:80:8C:71:B4:DC:A7:A6:09:C6:71:29:B7:7D:3B:F9:AB:DF:39
            X509v3 Authority Key Identifier:
                keyid:29:47:98:77:68:64:7E:EB:8A:0F:38:60:C4:41:76:24:7C:E6:FC:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:e8:8f:3b:ba:2d:ab:27:12:6f:02:67:e3:54:8a:e6:8b:57:
         84:69:fb:93:98:d0:2d:4a:81:5d:17:b2:12:fe:8e:5b:75:df:
         9a:c0:fb:55:6c:21:88:77:cd:45:c9:33:10:59:a6:17:a5:d4:
         0c:35:ac:3c:35:01:e7:68:bf:29:d9:1b:67:10:da:8a:65:28:
         b6:48:ca:a1:bf:de:ce:4c:90:d4:e5:85:7e:98:91:93:07:86:
         df:e3:a0:2a:42:ba:57:92:c7:26:57:e3:65:20:e3:2d:fc:c8:
         f4:ac:8c:c6:07:6a:25:21:b5:2e:91:1c:44:32:9c:33:0b:4b:
         6a:ca:0a:2a:10:b2:33:9d:ef:5f:69:03:de:d3:06:d0:5d:12:
         ec:24:c2:4f:72:b3:d8:72:f1:2d:e3:69:78:0f:23:23:53:20:
         1b:6c:d2:06:90:fb:29:ef:5d:82:9c:03:28:c0:e0:05:fb:ff:
         f2:03:04:b1:74:db:3b:0c:d4:cc:85:2d:7e:0e:be:9b:f3:63:
         89:d0:b5:e2:b3:0b:07:a1:a6:24:0c:33:78:6d:4a:e2:3a:d9:
         0d:de:c8:79:3d:de:40:9f:e0:0f:0d:c7:15:b0:2b:c0:10:5c:
         e4:b3:5f:1a:fc:17:c6:9b:32:86:9f:d6:13:37:50:6f:b7:70:
         b4:67:be:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxms8AH04ttw8ZSFRoBHpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NDc5ODc3Njg2NDdlZWI4YTBmMzg2MGM0NDE3NjI0N2Nl
NmZjNTkwHhcNMjYwMzAxMTkwMDU2WhcNMjYwMzAyMTkwMDU2WjAzMTEwLwYDVQQD
Eyg5N2Q5ODA4YzcxYjRkY2E3YTYwOWM2NzEyOWI3N2QzYmY5YWJkZjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vLzxYmsLKUWDG66TTEiK7TXEGf+
7asri1LTvWOarVy9fjx+d0xbZ66Eoi2OdiU3/JcskEOjF103uSjADoARoSszpZps
tw1kfZd8vsognCWjwEC8SSZ/OW+3JQ5upKBN75MbfOIfmx3SZ3jWqgvnuSQeu3FB
4wCdSqnOmBBi3g6U3f5k/sfU5rb3/cnp4Pu/0eieYvn1MX3htA7nUEgubMejGFjN
815CqUFYe3i/By69LtEE1Ob+hEPM0jH9xqlKj9TvmkOude+y1MS1l6zF1idwV4tp
+Zw9n5+AiB8NtqrJtFqAs+l9li4mm7ddz7HYzAbOBmvLEJniKgNNcUKXaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJfZgIxxtNynpgnGcSm3fTv5q985MB8GA1UdIwQY
MBaAFClHmHdoZH7rig84YMRBdiR85vxZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1VlWWQyaGtmdXVLRHpoZ3hFRjJKSHptX0ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lZGVmYjMtMTM4ZC00YWU2LTk0ODct
NWRhYjFiNGE1YzYxLzEvS1VlWWQyaGtmdXVLRHpoZ3hFRjJKSHptX0ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lZGVmYjMtMTM4ZC00YWU2LTk0ODctNWRhYjFiNGE1YzYx
LzEvS1VlWWQyaGtmdXVLRHpoZ3hFRjJKSHptX0ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi+iPO7ot
qycSbwJn41SK5otXhGn7k5jQLUqBXReyEv6OW3XfmsD7VWwhiHfNRckzEFmmF6XU
DDWsPDUB52i/KdkbZxDaimUotkjKob/ezkyQ1OWFfpiRkweG3+OgKkK6V5LHJlfj
ZSDjLfzI9KyMxgdqJSG1LpEcRDKcMwtLasoKKhCyM53vX2kD3tMG0F0S7CTCT3Kz
2HLxLeNpeA8jI1MgG2zSBpD7Ke9dgpwDKMDgBfv/8gMEsXTbOwzUzIUtfg6+m/Nj
idC14rMLB6GmJAwzeG1K4jrZDd7IeT3eQJ/gDw3HFbArwBBc5LNfGvwXxpsyhp/W
EzdQb7dwtGe+8w==
-----END CERTIFICATE-----