Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
File:                     KGURKILY5sctAiwsPaF7UsKtsHs.mft (raw, json)
Hash identifier:          7pZkArkiDqY4DDXVVIVckerZi44QemQYqee77Pdrsvo=
Subject key identifier:   3A:ED:C3:47:AD:F9:28:A9:12:C2:C6:3D:13:6F:D9:9F:1E:BB:FE:CE
Authority key identifier: 28:65:11:28:82:D8:E6:C7:2D:02:2C:2C:3D:A1:7B:52:C2:AD:B0:7B
Certificate issuer:       /CN=2865112882d8e6c72d022c2c3da17b52c2adb07b
Certificate serial:       019CA97C95C45027BA6047ABCC65D6075539
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
Manifest number:          0B12
Signing time:             Sun 01 Mar 2026 13:00:40 +0000
Manifest this update:     Sun 01 Mar 2026 13:00:40 +0000
Manifest next update:     Mon 02 Mar 2026 13:00:40 +0000
Files and hashes:         1: KGURKILY5sctAiwsPaF7UsKtsHs.crl (hash: txYRs44obCaMA1tMPVCZzMobyEpBmy8/GspwaP4MFqM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 13:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:7c:95:c4:50:27:ba:60:47:ab:cc:65:d6:07:55:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2865112882d8e6c72d022c2c3da17b52c2adb07b
        Validity
            Not Before: Mar  1 13:00:40 2026 GMT
            Not After : Mar  2 13:00:40 2026 GMT
        Subject: CN=3aedc347adf928a912c2c63d136fd99f1ebbfece
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:a0:b6:b0:65:a5:21:29:be:d9:ad:a4:25:e9:
                    9b:3c:4c:4a:c9:cd:7f:d8:80:dd:16:df:a2:b9:8f:
                    77:d5:2f:de:7f:13:cc:e3:29:f2:de:c5:68:44:72:
                    e7:36:40:b1:72:b1:d5:c1:b4:c7:c0:89:c3:3a:b3:
                    83:c2:54:35:2e:ba:99:58:02:50:81:44:e0:c2:16:
                    1b:51:96:c0:f5:56:a0:7a:dc:7c:f8:04:20:de:48:
                    b8:9b:d0:07:8b:5d:1d:bf:ee:d3:7e:e3:b7:e8:8f:
                    dc:31:89:03:c6:d8:b8:45:15:81:2b:29:b9:2a:75:
                    5a:a6:e9:42:a2:3e:88:4d:39:bf:c9:2b:24:69:60:
                    00:01:f3:02:ae:2d:b9:08:ed:a8:d5:7d:19:32:ed:
                    94:3d:0b:60:5b:4b:53:35:12:2e:0c:27:be:5b:4f:
                    7e:98:10:52:cf:72:dd:af:d9:64:19:15:b7:8b:dd:
                    1f:4b:c8:95:27:a9:b3:d9:c9:3e:89:42:16:7c:1a:
                    d1:ca:c2:4c:b7:4c:ae:90:87:7b:73:14:d7:d8:52:
                    53:dd:a7:93:94:54:a7:6b:b7:57:2c:82:5a:bf:3d:
                    20:70:8d:5a:ac:be:42:c7:78:28:6e:1f:86:59:38:
                    05:b8:b8:3e:de:a5:a3:15:0c:a2:a2:37:f2:7b:a2:
                    46:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:ED:C3:47:AD:F9:28:A9:12:C2:C6:3D:13:6F:D9:9F:1E:BB:FE:CE
            X509v3 Authority Key Identifier:
                keyid:28:65:11:28:82:D8:E6:C7:2D:02:2C:2C:3D:A1:7B:52:C2:AD:B0:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:dd:86:1c:69:05:b6:4c:ca:a2:74:c0:d4:51:3e:23:86:87:
         dc:8a:65:99:84:b3:be:0b:f3:91:36:d7:de:79:d4:f7:7c:54:
         31:ad:b0:a4:d6:ad:e4:96:0c:39:ab:17:61:86:6d:a7:12:7d:
         bf:bc:9a:b8:90:07:75:9d:cb:34:36:30:79:5c:dd:21:c9:a5:
         df:0f:57:22:b4:fd:aa:e0:4f:ef:dd:49:8c:94:ce:58:60:7f:
         a7:5c:7f:d8:4f:2d:a6:67:e2:b4:78:b0:b4:78:32:81:0c:68:
         74:20:12:92:68:d4:c5:cb:9d:e3:83:45:42:47:60:31:19:af:
         ea:75:c2:c0:2c:1b:fa:11:44:4d:a3:ec:2e:ef:b0:da:29:f4:
         67:ff:54:6b:c7:0c:12:93:18:62:a8:a3:f7:47:fb:04:c7:77:
         35:c8:69:e0:c0:b5:69:16:58:b9:9b:b7:e2:90:a8:43:b0:ac:
         9e:da:52:db:0c:a3:94:17:19:93:b6:95:67:a2:a1:34:b0:dd:
         4c:67:f5:c5:f6:f0:11:d4:fd:66:b2:4b:2d:e2:3d:5c:f3:bd:
         8f:d7:bf:3a:73:2e:c4:9a:34:55:ff:fc:ff:b1:74:06:70:dd:
         b2:10:de:74:d1:99:4c:6f:bd:18:2f:b9:b2:13:d1:27:67:b7:
         40:86:66:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypfJXEUCe6YEerzGXWB1U5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NjUxMTI4ODJkOGU2YzcyZDAyMmMyYzNkYTE3YjUyYzJh
ZGIwN2IwHhcNMjYwMzAxMTMwMDQwWhcNMjYwMzAyMTMwMDQwWjAzMTEwLwYDVQQD
EygzYWVkYzM0N2FkZjkyOGE5MTJjMmM2M2QxMzZmZDk5ZjFlYmJmZWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqC2sGWlISm+2a2kJembPExKyc1/
2IDdFt+iuY931S/efxPM4yny3sVoRHLnNkCxcrHVwbTHwInDOrODwlQ1LrqZWAJQ
gUTgwhYbUZbA9Vagetx8+AQg3ki4m9AHi10dv+7TfuO36I/cMYkDxti4RRWBKym5
KnVapulCoj6ITTm/ySskaWAAAfMCri25CO2o1X0ZMu2UPQtgW0tTNRIuDCe+W09+
mBBSz3Ldr9lkGRW3i90fS8iVJ6mz2ck+iUIWfBrRysJMt0yukId7cxTX2FJT3aeT
lFSna7dXLIJavz0gcI1arL5Cx3gobh+GWTgFuLg+3qWjFQyiojfye6JGIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDrtw0et+SipEsLGPRNv2Z8eu/7OMB8GA1UdIwQY
MBaAFChlESiC2ObHLQIsLD2he1LCrbB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9hZDhkMDktMzllOS00MDhmLWEzNzAt
OWJiM2Y1N2MwZWYwLzEvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9hZDhkMDktMzllOS00MDhmLWEzNzAtOWJiM2Y1N2MwZWYw
LzEvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH92GHGkF
tkzKonTA1FE+I4aH3IplmYSzvgvzkTbX3nnU93xUMa2wpNat5JYMOasXYYZtpxJ9
v7yauJAHdZ3LNDYweVzdIcml3w9XIrT9quBP791JjJTOWGB/p1x/2E8tpmfitHiw
tHgygQxodCASkmjUxcud44NFQkdgMRmv6nXCwCwb+hFETaPsLu+w2in0Z/9Ua8cM
EpMYYqij90f7BMd3Nchp4MC1aRZYuZu34pCoQ7CsntpS2wyjlBcZk7aVZ6KhNLDd
TGf1xfbwEdT9ZrJLLeI9XPO9j9e/OnMuxJo0Vf/8/7F0BnDdshDedNGZTG+9GC+5
shPRJ2e3QIZmig==
-----END CERTIFICATE-----