Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.mft
File:                     IOsM1NM69OKLeobbIS2VkaC-YuM.mft (raw, json)
Hash identifier:          vHjylulRT51zrErFI4zjA4kNMIF4NgWwTam1TWXRQXA=
Subject key identifier:   46:0A:04:FA:54:13:F2:BC:11:A0:32:E0:55:09:79:D8:0C:20:49:9F
Authority key identifier: 20:EB:0C:D4:D3:3A:F4:E2:8B:7A:86:DB:21:2D:95:91:A0:BE:62:E3
Certificate issuer:       /CN=20eb0cd4d33af4e28b7a86db212d9591a0be62e3
Certificate serial:       019D98F4F23C59B832A15B0E7FF52227A10D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IOsM1NM69OKLeobbIS2VkaC-YuM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.mft
Manifest number:          14E5
Signing time:             Fri 17 Apr 2026 01:01:22 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:22 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:22 +0000
Files and hashes:         1: IOsM1NM69OKLeobbIS2VkaC-YuM.crl (hash: e4zoTcbzy9LjApgS9rwNwoKxs2vqAFBndoG2q3KZsWQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IOsM1NM69OKLeobbIS2VkaC-YuM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:f2:3c:59:b8:32:a1:5b:0e:7f:f5:22:27:a1:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20eb0cd4d33af4e28b7a86db212d9591a0be62e3
        Validity
            Not Before: Apr 17 01:01:22 2026 GMT
            Not After : Apr 18 01:01:22 2026 GMT
        Subject: CN=460a04fa5413f2bc11a032e0550979d80c20499f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:c0:9d:69:1b:d4:8f:d3:59:4a:8c:ae:07:89:
                    ab:e3:e7:f4:42:5b:12:4b:80:e5:86:33:63:d5:37:
                    fc:db:2a:d5:3c:36:d1:11:5b:30:16:89:d0:9e:5c:
                    e3:54:58:24:77:b8:0b:c5:71:70:ff:26:24:27:96:
                    6f:dd:a7:de:20:05:03:a9:ce:5f:70:8a:83:6d:4d:
                    23:ec:96:bc:74:8e:2f:9b:74:d9:40:1e:c2:31:30:
                    ff:4b:34:40:24:1b:fe:a2:06:5c:9f:a7:2e:dd:fa:
                    a2:a2:b3:f2:e8:6c:32:fd:84:18:50:fa:7a:9f:5d:
                    bc:8e:c6:27:71:63:70:2e:a5:62:00:c4:39:ee:7f:
                    05:dd:73:f3:e7:69:62:15:9b:2b:87:7b:08:71:4d:
                    a4:ab:0a:07:d1:ce:16:ff:72:6a:3a:6e:45:24:39:
                    37:88:15:51:99:07:f7:38:d1:f6:cf:55:09:88:5b:
                    db:84:36:25:61:f2:6c:63:61:cf:e6:3b:2f:ee:a4:
                    32:af:83:56:13:2d:b9:88:df:c5:f6:e8:18:3f:c7:
                    8a:82:00:e7:2c:ff:4f:f6:93:3c:5e:ff:89:91:14:
                    ee:37:90:fc:a4:7a:99:51:3b:4a:77:21:ae:1e:7a:
                    72:df:2c:9d:50:1b:fd:60:a1:11:d9:28:84:1e:80:
                    22:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:0A:04:FA:54:13:F2:BC:11:A0:32:E0:55:09:79:D8:0C:20:49:9F
            X509v3 Authority Key Identifier:
                keyid:20:EB:0C:D4:D3:3A:F4:E2:8B:7A:86:DB:21:2D:95:91:A0:BE:62:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IOsM1NM69OKLeobbIS2VkaC-YuM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/144494-9b46-40ac-9fe5-459d1e6d0ee9/1/IOsM1NM69OKLeobbIS2VkaC-YuM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:99:ad:f5:11:6f:3d:40:4c:7e:c6:57:81:66:37:88:9c:6a:
         4c:2b:77:da:bc:36:9e:dc:9e:68:ba:e7:b6:0d:93:53:0b:43:
         55:dd:f1:9a:86:a9:80:91:ed:71:5c:75:b0:a3:3a:11:fe:92:
         b8:a3:84:5d:52:f7:d9:a5:f2:52:8d:17:be:6a:1a:6f:f5:46:
         53:ac:73:ac:a3:12:c7:89:ae:da:32:b2:62:78:e8:8c:ca:97:
         13:ab:f9:0b:7c:6f:8b:e9:b0:08:32:19:58:0e:47:13:8b:34:
         57:a5:b7:10:23:41:03:02:05:ff:b8:4e:be:21:9a:dc:26:25:
         e5:26:81:4c:f0:47:f9:d4:4c:54:2b:91:82:d7:5a:1c:5d:05:
         73:37:b0:1e:dc:24:ec:db:75:55:6f:8d:ca:92:02:b6:6c:b7:
         21:5e:4b:a6:34:bc:43:12:1b:a5:95:83:68:40:cd:17:f6:ae:
         e9:a4:29:18:a2:6a:49:00:82:3d:d7:95:26:32:d6:bf:d4:53:
         4f:50:f9:ad:ea:43:ce:8e:f6:11:45:5a:a7:0d:11:94:55:00:
         c3:57:75:ef:b0:4e:54:4d:80:db:88:3b:81:db:80:14:6a:bb:
         44:89:36:e4:1e:fc:fe:af:2f:19:65:a3:54:39:1f:d7:ca:b3:
         b4:04:69:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9PI8WbgyoVsOf/UiJ6ENMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZWIwY2Q0ZDMzYWY0ZTI4YjdhODZkYjIxMmQ5NTkxYTBi
ZTYyZTMwHhcNMjYwNDE3MDEwMTIyWhcNMjYwNDE4MDEwMTIyWjAzMTEwLwYDVQQD
Eyg0NjBhMDRmYTU0MTNmMmJjMTFhMDMyZTA1NTA5NzlkODBjMjA0OTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMCdaRvUj9NZSoyuB4mr4+f0QlsS
S4DlhjNj1Tf82yrVPDbREVswFonQnlzjVFgkd7gLxXFw/yYkJ5Zv3afeIAUDqc5f
cIqDbU0j7Ja8dI4vm3TZQB7CMTD/SzRAJBv+ogZcn6cu3fqiorPy6Gwy/YQYUPp6
n128jsYncWNwLqViAMQ57n8F3XPz52liFZsrh3sIcU2kqwoH0c4W/3JqOm5FJDk3
iBVRmQf3ONH2z1UJiFvbhDYlYfJsY2HP5jsv7qQyr4NWEy25iN/F9ugYP8eKggDn
LP9P9pM8Xv+JkRTuN5D8pHqZUTtKdyGuHnpy3yydUBv9YKER2SiEHoAirQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEYKBPpUE/K8EaAy4FUJedgMIEmfMB8GA1UdIwQY
MBaAFCDrDNTTOvTii3qG2yEtlZGgvmLjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU9zTTFOTTY5T0tMZW9iYklTMlZrYUMtWXVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8xNDQ0OTQtOWI0Ni00MGFjLTlmZTUt
NDU5ZDFlNmQwZWU5LzEvSU9zTTFOTTY5T0tMZW9iYklTMlZrYUMtWXVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8xNDQ0OTQtOWI0Ni00MGFjLTlmZTUtNDU5ZDFlNmQwZWU5
LzEvSU9zTTFOTTY5T0tMZW9iYklTMlZrYUMtWXVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY5mt9RFv
PUBMfsZXgWY3iJxqTCt32rw2ntyeaLrntg2TUwtDVd3xmoapgJHtcVx1sKM6Ef6S
uKOEXVL32aXyUo0Xvmoab/VGU6xzrKMSx4mu2jKyYnjojMqXE6v5C3xvi+mwCDIZ
WA5HE4s0V6W3ECNBAwIF/7hOviGa3CYl5SaBTPBH+dRMVCuRgtdaHF0FczewHtwk
7Nt1VW+NypICtmy3IV5LpjS8QxIbpZWDaEDNF/au6aQpGKJqSQCCPdeVJjLWv9RT
T1D5repDzo72EUVapw0RlFUAw1d177BOVE2A24g7gduAFGq7RIk25B78/q8vGWWj
VDkf18qztARprg==
-----END CERTIFICATE-----