Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
File:                     KGURKILY5sctAiwsPaF7UsKtsHs.mft (raw, json)
Hash identifier:          m5wdFXXAI6hFqIB661CLi20QF0j15TkImXNoiK1aTPQ=
Subject key identifier:   C0:81:3F:D2:D7:C3:49:7F:53:4C:1D:09:08:72:16:C5:DA:19:DA:B4
Authority key identifier: 28:65:11:28:82:D8:E6:C7:2D:02:2C:2C:3D:A1:7B:52:C2:AD:B0:7B
Certificate issuer:       /CN=2865112882d8e6c72d022c2c3da17b52c2adb07b
Certificate serial:       019D98F41EF0FCDBE07CE0E07F0A739B982B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
Manifest number:          0B8E
Signing time:             Fri 17 Apr 2026 01:00:28 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:28 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:28 +0000
Files and hashes:         1: KGURKILY5sctAiwsPaF7UsKtsHs.crl (hash: UAey24g7wOfApAvI0auD5IQtX41jAFIts1aK/U/wtZk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:1e:f0:fc:db:e0:7c:e0:e0:7f:0a:73:9b:98:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2865112882d8e6c72d022c2c3da17b52c2adb07b
        Validity
            Not Before: Apr 17 01:00:28 2026 GMT
            Not After : Apr 18 01:00:28 2026 GMT
        Subject: CN=c0813fd2d7c3497f534c1d09087216c5da19dab4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:a1:1c:cf:43:81:51:b4:07:55:e9:0a:91:f2:
                    de:a6:54:2f:80:e5:ba:9b:08:b3:01:53:31:d9:8e:
                    86:a0:13:4c:7e:82:fa:00:d0:cd:0b:ef:50:8d:85:
                    04:76:ad:d3:62:0a:ba:bb:a2:aa:b7:11:bf:8b:cd:
                    42:e3:a7:5f:86:11:de:a8:3b:31:d0:7a:01:b1:87:
                    81:78:84:65:1b:c5:76:b5:51:12:28:e9:4a:09:7a:
                    b9:6d:35:3a:b8:c8:eb:cc:5e:b9:0b:6c:41:fd:85:
                    aa:60:0e:9c:9e:ad:3b:bc:3f:43:6f:ba:3e:e6:d6:
                    05:63:f2:ff:d8:79:ee:91:e3:b2:7e:24:e2:0a:04:
                    8a:0e:30:67:37:db:ad:08:8d:bd:64:72:d1:28:0c:
                    6a:47:0d:33:b6:02:2e:05:f8:47:56:bc:02:82:e4:
                    b9:51:b1:cc:13:ab:82:60:42:10:49:b4:dc:b0:58:
                    75:a1:93:bf:9c:da:91:b2:d3:a0:39:a6:45:d5:66:
                    13:79:bd:69:8c:d1:08:15:0d:32:ee:42:69:03:b2:
                    50:a7:b8:31:ce:8f:9e:53:27:1e:f3:97:d8:1c:38:
                    60:c9:13:6c:20:a0:25:9e:03:cb:78:9a:48:8c:59:
                    08:12:4b:80:cd:9f:b2:c7:21:cc:a4:e1:46:03:3a:
                    2f:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:81:3F:D2:D7:C3:49:7F:53:4C:1D:09:08:72:16:C5:DA:19:DA:B4
            X509v3 Authority Key Identifier:
                keyid:28:65:11:28:82:D8:E6:C7:2D:02:2C:2C:3D:A1:7B:52:C2:AD:B0:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:72:f9:71:34:1b:16:f0:fe:cc:a4:86:5f:63:b7:c4:e9:2f:
         d1:9f:34:18:99:98:8d:13:3f:d7:84:d2:0c:e5:e3:61:7b:6a:
         9e:2c:e8:52:ac:68:44:5d:ec:66:15:09:3e:58:44:62:ad:a9:
         ab:12:33:69:21:0f:0b:99:58:15:15:cc:b8:7a:33:30:26:9c:
         2c:37:ae:47:20:af:e0:e3:d5:e2:4e:6e:a7:20:25:44:c1:b1:
         44:f0:a7:3c:c9:c8:82:25:88:4d:c0:8c:fc:e4:d0:c0:20:87:
         a0:ac:9a:a8:bf:92:a9:50:88:84:d5:14:38:40:1d:63:a9:f2:
         6e:f3:b7:58:36:7a:6e:62:4d:ba:69:27:1d:4c:bb:0b:5c:c1:
         02:4c:56:6e:fa:80:82:40:cc:27:30:85:32:ec:0a:10:b6:39:
         d8:84:3d:15:92:29:ca:cf:ef:6f:9b:be:b6:4f:bc:40:e7:e6:
         bc:10:80:cc:94:e8:cf:d2:ad:bc:b6:9b:a7:df:bb:0d:02:ce:
         a3:72:76:27:68:37:ce:40:f8:fd:8b:4d:ff:c8:14:0c:7d:79:
         09:7c:58:cd:84:ee:71:43:d9:45:67:5c:36:e3:1e:1a:48:34:
         72:48:c1:10:35:a6:90:b0:6a:7a:5c:a9:b9:cf:e6:cc:30:f0:
         79:1c:85:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9B7w/NvgfODgfwpzm5grMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NjUxMTI4ODJkOGU2YzcyZDAyMmMyYzNkYTE3YjUyYzJh
ZGIwN2IwHhcNMjYwNDE3MDEwMDI4WhcNMjYwNDE4MDEwMDI4WjAzMTEwLwYDVQQD
EyhjMDgxM2ZkMmQ3YzM0OTdmNTM0YzFkMDkwODcyMTZjNWRhMTlkYWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqEcz0OBUbQHVekKkfLeplQvgOW6
mwizAVMx2Y6GoBNMfoL6ANDNC+9QjYUEdq3TYgq6u6KqtxG/i81C46dfhhHeqDsx
0HoBsYeBeIRlG8V2tVESKOlKCXq5bTU6uMjrzF65C2xB/YWqYA6cnq07vD9Db7o+
5tYFY/L/2HnukeOyfiTiCgSKDjBnN9utCI29ZHLRKAxqRw0ztgIuBfhHVrwCguS5
UbHME6uCYEIQSbTcsFh1oZO/nNqRstOgOaZF1WYTeb1pjNEIFQ0y7kJpA7JQp7gx
zo+eUyce85fYHDhgyRNsIKAlngPLeJpIjFkIEkuAzZ+yxyHMpOFGAzovPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMCBP9LXw0l/U0wdCQhyFsXaGdq0MB8GA1UdIwQY
MBaAFChlESiC2ObHLQIsLD2he1LCrbB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9hZDhkMDktMzllOS00MDhmLWEzNzAt
OWJiM2Y1N2MwZWYwLzEvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9hZDhkMDktMzllOS00MDhmLWEzNzAtOWJiM2Y1N2MwZWYw
LzEvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAanL5cTQb
FvD+zKSGX2O3xOkv0Z80GJmYjRM/14TSDOXjYXtqnizoUqxoRF3sZhUJPlhEYq2p
qxIzaSEPC5lYFRXMuHozMCacLDeuRyCv4OPV4k5upyAlRMGxRPCnPMnIgiWITcCM
/OTQwCCHoKyaqL+SqVCIhNUUOEAdY6nybvO3WDZ6bmJNumknHUy7C1zBAkxWbvqA
gkDMJzCFMuwKELY52IQ9FZIpys/vb5u+tk+8QOfmvBCAzJToz9KtvLabp9+7DQLO
o3J2J2g3zkD4/YtN/8gUDH15CXxYzYTucUPZRWdcNuMeGkg0ckjBEDWmkLBqelyp
uc/mzDDweRyFQw==
-----END CERTIFICATE-----