Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft
File:                     KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft (raw, json)
Hash identifier:          yeBEU4jj9X90uGCZZbEXVIsuWKcYB//zMOv3+y5YOgY=
Subject key identifier:   8B:D0:31:B2:DB:2B:EB:01:1B:6F:FC:C1:5D:38:2E:2C:18:C1:6D:7B
Authority key identifier: 2A:52:75:AD:89:C9:97:6B:51:03:0C:5B:D2:56:79:9B:79:26:56:0C
Certificate issuer:       /CN=2a5275ad89c9976b51030c5bd256799b7926560c
Certificate serial:       019D9E8926CF2DF7AD9E68DE0F21DF38C998
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft
Manifest number:          0C74
Signing time:             Sat 18 Apr 2026 03:01:21 +0000
Manifest this update:     Sat 18 Apr 2026 03:01:21 +0000
Manifest next update:     Sun 19 Apr 2026 03:01:21 +0000
Files and hashes:         1: KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.crl (hash: T0DIDdCSYEcwHW09W5MXl9RfoiS8J9MurFNgTnN/bqY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 21:23:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9e:89:26:cf:2d:f7:ad:9e:68:de:0f:21:df:38:c9:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a5275ad89c9976b51030c5bd256799b7926560c
        Validity
            Not Before: Apr 18 03:01:21 2026 GMT
            Not After : Apr 19 03:01:21 2026 GMT
        Subject: CN=8bd031b2db2beb011b6ffcc15d382e2c18c16d7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:5c:ec:25:99:31:45:df:de:b3:c7:ba:f1:53:
                    06:e6:e9:ad:06:fc:f6:84:35:cf:71:3f:bb:10:5b:
                    75:ef:57:a2:94:8c:0d:7f:d9:2d:36:81:f3:b5:b0:
                    e0:5f:e4:0a:65:e3:f0:eb:83:24:f7:37:d8:94:f7:
                    f2:b6:b8:75:0c:5d:05:5e:7e:52:68:a5:8c:08:b7:
                    08:66:31:23:3a:a5:1c:92:e0:c5:3a:30:99:76:27:
                    25:d2:08:23:3f:c4:dd:89:9d:2e:f2:a8:6d:f3:40:
                    ea:8e:65:ff:5f:ef:c2:4e:c6:22:25:42:07:b6:d7:
                    f3:1d:3a:8f:2e:8e:26:b4:3d:9b:ee:6e:25:75:c7:
                    54:9d:ab:e2:44:e3:7c:fe:46:f9:2f:c5:54:8b:a7:
                    ec:68:0d:d0:82:74:97:e7:30:9c:45:5d:0c:a3:39:
                    f5:46:13:7b:44:86:d5:9e:0d:17:a8:e6:ca:a3:50:
                    92:2c:b4:96:90:27:3f:7d:1c:dc:7f:0b:41:9c:de:
                    d6:01:ec:c3:fa:af:02:8b:19:0b:66:f6:26:05:54:
                    60:f3:11:1a:af:3b:95:f4:27:9e:d4:be:21:3a:2d:
                    8c:8a:4b:6e:b7:95:0d:99:e7:2b:f2:90:76:79:be:
                    5f:7a:b6:83:bb:39:ef:fd:cf:11:d6:f3:ec:39:ba:
                    4a:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:D0:31:B2:DB:2B:EB:01:1B:6F:FC:C1:5D:38:2E:2C:18:C1:6D:7B
            X509v3 Authority Key Identifier:
                keyid:2A:52:75:AD:89:C9:97:6B:51:03:0C:5B:D2:56:79:9B:79:26:56:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/9bc2d8-9320-4a31-a7d4-1156690a43b5/1/KlJ1rYnJl2tRAwxb0lZ5m3kmVgw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:5a:74:06:c7:45:cb:70:59:f5:51:15:05:48:f3:b4:86:24:
         43:9c:dd:3b:7c:3c:45:3c:fa:88:82:3a:3a:f6:de:b9:5a:91:
         c7:4d:7d:5d:6e:01:4b:52:27:6e:f2:e0:f1:26:cb:14:34:06:
         09:b3:d6:4c:80:ff:21:03:b1:98:94:21:28:40:85:ff:7d:b2:
         13:2d:14:79:1f:69:8b:40:7f:6e:e9:c6:b8:82:67:82:0b:a5:
         70:2c:9d:35:05:40:ab:65:cc:77:a3:6d:2a:58:b9:1f:33:19:
         eb:34:60:0e:ef:a3:ec:4a:ec:fe:83:8e:7a:5d:20:a8:ea:dc:
         42:57:ec:84:f9:9a:2d:dc:c2:d2:50:2c:ab:e8:75:e4:3c:72:
         c8:cb:00:13:9c:26:83:15:87:07:9a:c3:46:da:64:e3:87:ff:
         95:5d:3b:d1:8e:34:bb:89:28:0a:d1:b2:29:a0:bb:fc:dc:42:
         ee:33:df:86:ca:2b:8c:d7:65:72:61:e6:93:9b:86:43:b1:63:
         ef:97:2b:c9:12:79:bc:a7:fd:ad:06:36:7e:5e:39:6f:1e:91:
         de:43:5e:a0:fb:5f:bc:0d:f9:f6:8c:4b:5a:97:4d:53:89:7c:
         c1:c0:0c:e6:87:7e:e1:ff:f2:46:74:eb:cf:66:a9:5d:f4:97:
         aa:c1:f7:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2eiSbPLfetnmjeDyHfOMmYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNTI3NWFkODljOTk3NmI1MTAzMGM1YmQyNTY3OTliNzky
NjU2MGMwHhcNMjYwNDE4MDMwMTIxWhcNMjYwNDE5MDMwMTIxWjAzMTEwLwYDVQQD
Eyg4YmQwMzFiMmRiMmJlYjAxMWI2ZmZjYzE1ZDM4MmUyYzE4YzE2ZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4VzsJZkxRd/es8e68VMG5umtBvz2
hDXPcT+7EFt171eilIwNf9ktNoHztbDgX+QKZePw64Mk9zfYlPfytrh1DF0FXn5S
aKWMCLcIZjEjOqUckuDFOjCZdicl0ggjP8TdiZ0u8qht80DqjmX/X+/CTsYiJUIH
ttfzHTqPLo4mtD2b7m4ldcdUnaviRON8/kb5L8VUi6fsaA3QgnSX5zCcRV0Mozn1
RhN7RIbVng0XqObKo1CSLLSWkCc/fRzcfwtBnN7WAezD+q8CixkLZvYmBVRg8xEa
rzuV9Cee1L4hOi2Miktut5UNmecr8pB2eb5feraDuznv/c8R1vPsObpKDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIvQMbLbK+sBG2/8wV04LiwYwW17MB8GA1UdIwQY
MBaAFCpSda2JyZdrUQMMW9JWeZt5JlYMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2xKMXJZbkpsMnRSQXd4YjBsWjVtM2ttVmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC85YmMyZDgtOTMyMC00YTMxLWE3ZDQt
MTE1NjY5MGE0M2I1LzEvS2xKMXJZbkpsMnRSQXd4YjBsWjVtM2ttVmd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC85YmMyZDgtOTMyMC00YTMxLWE3ZDQtMTE1NjY5MGE0M2I1
LzEvS2xKMXJZbkpsMnRSQXd4YjBsWjVtM2ttVmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnFp0BsdF
y3BZ9VEVBUjztIYkQ5zdO3w8RTz6iII6OvbeuVqRx019XW4BS1InbvLg8SbLFDQG
CbPWTID/IQOxmJQhKECF/32yEy0UeR9pi0B/bunGuIJnggulcCydNQVAq2XMd6Nt
Kli5HzMZ6zRgDu+j7Ers/oOOel0gqOrcQlfshPmaLdzC0lAsq+h15DxyyMsAE5wm
gxWHB5rDRtpk44f/lV070Y40u4koCtGyKaC7/NxC7jPfhsorjNdlcmHmk5uGQ7Fj
75cryRJ5vKf9rQY2fl45bx6R3kNeoPtfvA359oxLWpdNU4l8wcAM5od+4f/yRnTr
z2apXfSXqsH3ZA==
-----END CERTIFICATE-----