Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.mft
File:                     Kksu12XR1HipbYLxJgEen7dS_Ic.mft (raw, json)
Hash identifier:          fdns9tmsfVjLGltQtpw/fKOF14sZgT+vz1aF7yT3p3M=
Subject key identifier:   B2:81:F5:F3:16:CF:A2:AA:5F:DC:A9:AC:A6:07:9E:50:EC:CC:93:45
Authority key identifier: 2A:4B:2E:D7:65:D1:D4:78:A9:6D:82:F1:26:01:1E:9F:B7:52:FC:87
Certificate issuer:       /CN=2a4b2ed765d1d478a96d82f126011e9fb752fc87
Certificate serial:       019D99CFFDE6AE8079A26F146CF335E2F60B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kksu12XR1HipbYLxJgEen7dS_Ic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.mft
Manifest number:          18BD
Signing time:             Fri 17 Apr 2026 05:00:38 +0000
Manifest this update:     Fri 17 Apr 2026 05:00:38 +0000
Manifest next update:     Sat 18 Apr 2026 05:00:38 +0000
Files and hashes:         1: Kksu12XR1HipbYLxJgEen7dS_Ic.crl (hash: /XlYT7DCusNUkvqxCxFh5Ve8xbrrG3Ebi/vZGvTAzaQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kksu12XR1HipbYLxJgEen7dS_Ic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 05:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:cf:fd:e6:ae:80:79:a2:6f:14:6c:f3:35:e2:f6:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a4b2ed765d1d478a96d82f126011e9fb752fc87
        Validity
            Not Before: Apr 17 05:00:38 2026 GMT
            Not After : Apr 18 05:00:38 2026 GMT
        Subject: CN=b281f5f316cfa2aa5fdca9aca6079e50eccc9345
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:89:11:a1:1e:83:01:18:7e:60:51:2f:de:6f:
                    84:ab:11:dc:b1:ee:d5:04:c7:bd:a5:79:42:71:b0:
                    23:e4:07:71:8a:cc:df:d8:2a:20:bb:9a:28:c6:cb:
                    f6:cd:22:9e:46:f4:5f:25:d8:19:92:4c:85:16:41:
                    82:df:3a:3b:c5:73:75:db:c2:d8:64:27:fa:be:79:
                    98:c3:95:6d:1b:9d:91:b8:6c:a2:c0:ed:2d:47:e6:
                    92:3b:66:63:f9:05:c8:80:99:f6:d6:10:6f:b5:f3:
                    45:77:12:4f:17:40:1e:25:a4:f7:3e:3f:a8:a3:33:
                    b9:8c:64:65:53:09:71:7b:69:55:f0:d0:f0:a0:2e:
                    d1:49:fa:5c:0b:98:79:30:96:88:02:ec:dd:25:4c:
                    ca:57:1f:2c:30:65:b5:f2:c3:c3:07:c2:65:b5:4e:
                    3d:4f:28:28:00:6b:be:f4:3e:b2:df:cd:07:e0:1e:
                    65:c8:f4:e2:18:02:56:9f:93:60:e3:76:b6:51:73:
                    78:b8:54:77:ab:6c:47:7c:54:ad:e2:fa:da:57:73:
                    cc:f3:8c:57:ba:8b:ce:41:07:70:ac:14:da:d3:c5:
                    bc:7d:15:d7:33:48:a4:f4:46:06:79:64:4c:aa:30:
                    14:2a:fa:c4:32:52:e0:4d:9f:19:83:d7:c7:c0:a6:
                    15:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:81:F5:F3:16:CF:A2:AA:5F:DC:A9:AC:A6:07:9E:50:EC:CC:93:45
            X509v3 Authority Key Identifier:
                keyid:2A:4B:2E:D7:65:D1:D4:78:A9:6D:82:F1:26:01:1E:9F:B7:52:FC:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kksu12XR1HipbYLxJgEen7dS_Ic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:e6:f3:f3:2c:4e:be:d9:03:11:d2:b5:46:51:35:73:23:37:
         2c:f1:bd:4d:8e:ed:07:9c:48:a0:6e:03:60:2a:87:a2:28:48:
         d0:51:bf:1d:1c:d4:cc:04:64:5f:55:80:46:aa:83:4f:cb:cf:
         4b:b5:c2:54:4d:bb:21:5d:e4:e4:c1:0f:fa:dc:f8:26:dd:bf:
         81:a2:a3:47:1a:56:b6:82:98:c8:29:dd:fe:9b:ab:30:2f:69:
         7a:7e:e7:8c:92:95:d8:14:d4:2f:6f:60:af:8d:55:63:4e:30:
         b6:d6:27:2e:4f:6c:6a:49:fd:fb:51:e4:15:c0:46:27:5a:9b:
         4b:85:af:bb:d2:cf:18:30:cc:65:dd:7d:40:46:92:69:9f:f9:
         43:7e:5b:fd:d2:50:2b:aa:5d:15:cb:14:bb:19:09:59:4f:f6:
         39:c4:ef:85:fb:93:23:d5:9e:bf:d6:f1:62:2f:97:f6:be:80:
         91:4e:0a:28:33:7c:b8:f7:e3:9a:8c:64:59:55:be:22:cc:dc:
         8b:f6:02:79:de:16:0a:cf:66:8b:00:f3:53:f8:26:a0:73:5e:
         15:48:de:00:91:9e:10:da:59:bf:df:1a:84:6a:8c:12:bf:38:
         93:f2:f5:ff:13:fb:50:6d:e1:97:f9:e6:75:e9:09:64:d9:34:
         07:df:fb:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Zz/3mroB5om8UbPM14vYLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNGIyZWQ3NjVkMWQ0NzhhOTZkODJmMTI2MDExZTlmYjc1
MmZjODcwHhcNMjYwNDE3MDUwMDM4WhcNMjYwNDE4MDUwMDM4WjAzMTEwLwYDVQQD
EyhiMjgxZjVmMzE2Y2ZhMmFhNWZkY2E5YWNhNjA3OWU1MGVjY2M5MzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmokRoR6DARh+YFEv3m+EqxHcse7V
BMe9pXlCcbAj5Adxiszf2Cogu5ooxsv2zSKeRvRfJdgZkkyFFkGC3zo7xXN128LY
ZCf6vnmYw5VtG52RuGyiwO0tR+aSO2Zj+QXIgJn21hBvtfNFdxJPF0AeJaT3Pj+o
ozO5jGRlUwlxe2lV8NDwoC7RSfpcC5h5MJaIAuzdJUzKVx8sMGW18sPDB8JltU49
TygoAGu+9D6y380H4B5lyPTiGAJWn5Ng43a2UXN4uFR3q2xHfFSt4vraV3PM84xX
uovOQQdwrBTa08W8fRXXM0ik9EYGeWRMqjAUKvrEMlLgTZ8Zg9fHwKYVdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLKB9fMWz6KqX9yprKYHnlDszJNFMB8GA1UdIwQY
MBaAFCpLLtdl0dR4qW2C8SYBHp+3UvyHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2tzdTEyWFIxSGlwYllMeEpnRWVuN2RTX0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80OWUwYjItMWUyYS00MzJhLWJhMTkt
MTE1OTg4ZDgxMjg5LzEvS2tzdTEyWFIxSGlwYllMeEpnRWVuN2RTX0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80OWUwYjItMWUyYS00MzJhLWJhMTktMTE1OTg4ZDgxMjg5
LzEvS2tzdTEyWFIxSGlwYllMeEpnRWVuN2RTX0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkebz8yxO
vtkDEdK1RlE1cyM3LPG9TY7tB5xIoG4DYCqHoihI0FG/HRzUzARkX1WARqqDT8vP
S7XCVE27IV3k5MEP+tz4Jt2/gaKjRxpWtoKYyCnd/purMC9pen7njJKV2BTUL29g
r41VY04wttYnLk9sakn9+1HkFcBGJ1qbS4Wvu9LPGDDMZd19QEaSaZ/5Q35b/dJQ
K6pdFcsUuxkJWU/2OcTvhfuTI9Wev9bxYi+X9r6AkU4KKDN8uPfjmoxkWVW+Iszc
i/YCed4WCs9miwDzU/gmoHNeFUjeAJGeENpZv98ahGqMEr84k/L1/xP7UG3hl/nm
dekJZNk0B9/7sg==
-----END CERTIFICATE-----