Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft
File:                     KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft (raw, json)
Hash identifier:          O0Su6nEwjf/Upir4McEJkH8PewJvPVY7eMKO0I63L3A=
Subject key identifier:   57:76:1E:47:9E:8A:93:2B:E5:56:FC:96:44:65:E9:E5:5B:9B:4D:23
Authority key identifier: 2A:52:75:AD:89:C9:97:6B:51:03:0C:5B:D2:56:79:9B:79:26:56:0C
Certificate issuer:       /CN=2a5275ad89c9976b51030c5bd256799b7926560c
Certificate serial:       019CAF10C728AF59E30DD6CC0661CB646340
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft
Manifest number:          0BF8
Signing time:             Mon 02 Mar 2026 15:00:38 +0000
Manifest this update:     Mon 02 Mar 2026 15:00:38 +0000
Manifest next update:     Tue 03 Mar 2026 15:00:38 +0000
Files and hashes:         1: KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.crl (hash: EHNm3hKXVyE3oqNOq/PEqSYkQOy9ZBU7Sz67Vqohabc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 15:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:af:10:c7:28:af:59:e3:0d:d6:cc:06:61:cb:64:63:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a5275ad89c9976b51030c5bd256799b7926560c
        Validity
            Not Before: Mar  2 15:00:38 2026 GMT
            Not After : Mar  3 15:00:38 2026 GMT
        Subject: CN=57761e479e8a932be556fc964465e9e55b9b4d23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:2a:87:a0:0b:42:1a:26:bf:42:de:c1:ca:66:
                    7a:3e:25:52:64:b2:c2:18:20:0a:c8:60:6d:ed:c0:
                    ff:2a:be:4f:65:77:02:29:87:8e:7a:f4:df:34:6a:
                    e4:97:e8:e1:de:a5:5c:af:7b:38:ce:e6:c2:70:e7:
                    69:d8:87:0c:4d:5b:1c:6e:48:13:86:9f:53:c5:6f:
                    02:1c:34:9d:43:4f:40:ca:d7:01:1e:51:d8:1b:a3:
                    5c:8c:26:a7:67:64:e1:2d:1d:80:0f:9e:10:17:fd:
                    da:a6:4a:cd:d0:9a:d3:cc:2f:9a:35:62:98:51:4b:
                    03:c8:7c:61:53:b6:f8:7a:18:2b:72:8e:3c:26:bd:
                    20:08:7b:a7:b2:1c:85:93:13:77:7a:47:f0:da:42:
                    f4:85:bb:31:34:ef:3d:62:78:ad:3e:68:0a:ba:98:
                    c6:67:ce:26:73:a7:18:f7:f6:25:ec:84:ec:9b:64:
                    dd:ac:4e:09:aa:31:d6:a2:76:cd:1c:20:c5:4a:f6:
                    a0:7f:da:ec:35:e7:bd:c7:75:69:f9:6f:fe:e3:a5:
                    9f:80:6a:83:9e:32:83:b0:b7:b3:7b:0f:bf:5a:c3:
                    dc:ea:16:22:de:a4:2a:d9:32:6e:1e:65:89:34:a6:
                    23:9d:00:de:a0:5e:07:c3:a1:9d:71:a7:23:85:38:
                    2f:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:76:1E:47:9E:8A:93:2B:E5:56:FC:96:44:65:E9:E5:5B:9B:4D:23
            X509v3 Authority Key Identifier:
                keyid:2A:52:75:AD:89:C9:97:6B:51:03:0C:5B:D2:56:79:9B:79:26:56:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:a3:56:38:83:54:69:da:66:8b:05:37:6c:21:16:84:38:87:
         32:bf:88:10:cf:7d:92:84:4c:43:b8:11:11:5a:fb:7c:e5:7a:
         75:3a:d6:79:5a:cf:09:c4:f7:12:8d:1a:1a:b0:da:af:37:e9:
         78:ff:34:cd:09:a5:e3:8e:f9:73:b9:46:b6:c6:4f:26:e3:f5:
         61:39:57:bd:a9:e6:b8:5c:46:43:2c:1f:6a:ef:74:11:ce:c0:
         d9:74:0b:26:f6:dc:de:96:41:22:24:be:0d:8d:93:28:d3:36:
         ab:d7:b3:7d:81:18:9f:2c:62:ce:67:33:c8:37:d7:d6:cf:fd:
         01:ae:9d:79:27:47:03:1d:df:d0:60:b4:5c:f3:f9:7f:2b:a7:
         dc:64:02:16:76:f5:50:3d:01:c9:dd:1e:ff:f4:f9:49:cc:b0:
         8e:d3:bd:d0:77:fa:97:6c:1c:9f:03:9f:55:8a:19:55:98:61:
         80:bd:02:6b:57:cb:07:0c:21:d6:49:64:06:32:8a:3d:71:b0:
         14:b2:c0:40:41:b2:d7:6a:c6:12:3e:87:90:3e:40:70:1c:c9:
         ab:8b:29:f0:83:05:19:c9:70:e9:c4:17:7e:83:a9:fc:7c:91:
         16:1e:58:56:83:48:fe:ae:5c:4b:c3:9d:2f:6e:44:8f:2b:8a:
         1d:f6:76:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvEMcor1njDdbMBmHLZGNAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNTI3NWFkODljOTk3NmI1MTAzMGM1YmQyNTY3OTliNzky
NjU2MGMwHhcNMjYwMzAyMTUwMDM4WhcNMjYwMzAzMTUwMDM4WjAzMTEwLwYDVQQD
Eyg1Nzc2MWU0NzllOGE5MzJiZTU1NmZjOTY0NDY1ZTllNTViOWI0ZDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCqHoAtCGia/Qt7BymZ6PiVSZLLC
GCAKyGBt7cD/Kr5PZXcCKYeOevTfNGrkl+jh3qVcr3s4zubCcOdp2IcMTVscbkgT
hp9TxW8CHDSdQ09AytcBHlHYG6NcjCanZ2ThLR2AD54QF/3apkrN0JrTzC+aNWKY
UUsDyHxhU7b4ehgrco48Jr0gCHunshyFkxN3ekfw2kL0hbsxNO89YnitPmgKupjG
Z84mc6cY9/Yl7ITsm2TdrE4JqjHWonbNHCDFSvagf9rsNee9x3Vp+W/+46WfgGqD
njKDsLezew+/WsPc6hYi3qQq2TJuHmWJNKYjnQDeoF4Hw6GdcacjhTgv4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFd2HkeeipMr5Vb8lkRl6eVbm00jMB8GA1UdIwQY
MBaAFCpSda2JyZdrUQMMW9JWeZt5JlYMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2xKMXJZbkpsMnRSQXd4YjBsWjVtM2ttVmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC85YmMyZDgtOTMyMC00YTMxLWE3ZDQt
MTE1NjY5MGE0M2I1LzEvS2xKMXJZbkpsMnRSQXd4YjBsWjVtM2ttVmd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC85YmMyZDgtOTMyMC00YTMxLWE3ZDQtMTE1NjY5MGE0M2I1
LzEvS2xKMXJZbkpsMnRSQXd4YjBsWjVtM2ttVmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe6NWOINU
adpmiwU3bCEWhDiHMr+IEM99koRMQ7gREVr7fOV6dTrWeVrPCcT3Eo0aGrDarzfp
eP80zQml4475c7lGtsZPJuP1YTlXvanmuFxGQywfau90Ec7A2XQLJvbc3pZBIiS+
DY2TKNM2q9ezfYEYnyxizmczyDfX1s/9Aa6deSdHAx3f0GC0XPP5fyun3GQCFnb1
UD0Byd0e//T5ScywjtO90Hf6l2wcnwOfVYoZVZhhgL0Ca1fLBwwh1klkBjKKPXGw
FLLAQEGy12rGEj6HkD5AcBzJq4sp8IMFGclw6cQXfoOp/HyRFh5YVoNI/q5cS8Od
L25EjyuKHfZ2Vw==
-----END CERTIFICATE-----