Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
File:                     Th1cISsoF0fIw-xuhm4Vs5TFu98.mft (raw, json)
Hash identifier:          N/BU3AnGzM/sdATSoUGaubMstFy2a3J3eHc8+5kucOE=
Subject key identifier:   42:58:64:59:02:C9:55:A3:80:DC:C5:65:97:F9:15:4B:59:A8:95:B4
Authority key identifier: 4E:1D:5C:21:2B:28:17:47:C8:C3:EC:6E:86:6E:15:B3:94:C5:BB:DF
Certificate issuer:       /CN=4e1d5c212b281747c8c3ec6e866e15b394c5bbdf
Certificate serial:       019D97AB02FBA1CCAB584BC8A2C61D4070F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
Manifest number:          0FF8
Signing time:             Thu 16 Apr 2026 19:01:00 +0000
Manifest this update:     Thu 16 Apr 2026 19:01:00 +0000
Manifest next update:     Fri 17 Apr 2026 19:01:00 +0000
Files and hashes:         1: Th1cISsoF0fIw-xuhm4Vs5TFu98.crl (hash: dQEcB+hQbbDEgpI42XKCOcGEJyidNdYt9G8O+Ml0vpI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 19:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:97:ab:02:fb:a1:cc:ab:58:4b:c8:a2:c6:1d:40:70:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e1d5c212b281747c8c3ec6e866e15b394c5bbdf
        Validity
            Not Before: Apr 16 19:01:00 2026 GMT
            Not After : Apr 17 19:01:00 2026 GMT
        Subject: CN=4258645902c955a380dcc56597f9154b59a895b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:db:14:bc:b9:cc:72:c3:7d:fb:0e:e5:ed:2e:
                    72:8a:c8:16:fd:c9:b9:fc:7e:66:a6:f1:38:72:67:
                    29:96:8f:81:ea:38:78:ec:56:68:76:7f:c3:a2:35:
                    70:18:c3:49:9f:80:3d:11:28:65:0c:fc:bc:9a:86:
                    dd:f6:b6:9d:52:6c:98:81:35:e7:26:0d:a0:6d:e7:
                    69:c3:dc:d3:6c:3d:17:1f:14:c9:3d:a7:56:37:ed:
                    63:3b:1d:da:e0:ee:13:35:59:f0:52:4f:04:61:ef:
                    ee:6d:c1:b0:56:dd:b5:21:58:39:7d:50:ea:94:37:
                    98:20:59:c6:3b:c0:2d:b2:58:be:8f:5b:cc:18:9d:
                    1d:3e:6f:f8:c9:82:d5:62:33:90:0d:91:a5:82:3a:
                    0f:0d:65:8a:d0:66:70:95:15:a3:a2:ad:fa:e3:96:
                    76:4e:1e:bf:52:a3:20:06:dd:8c:5b:b9:17:8a:2a:
                    64:52:a4:92:ba:db:1a:c4:4a:81:24:4c:a8:4b:90:
                    07:1f:09:f5:ca:2b:ff:2e:a4:c8:0e:08:46:0a:7a:
                    90:45:ef:a7:be:fc:10:d1:c1:31:3d:05:bc:07:52:
                    62:d1:91:36:6a:58:d9:90:f9:38:50:c8:66:73:39:
                    de:e8:a9:4c:23:ce:c3:86:a3:4b:21:5e:2b:7d:c4:
                    a1:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:58:64:59:02:C9:55:A3:80:DC:C5:65:97:F9:15:4B:59:A8:95:B4
            X509v3 Authority Key Identifier:
                keyid:4E:1D:5C:21:2B:28:17:47:C8:C3:EC:6E:86:6E:15:B3:94:C5:BB:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:f1:e5:de:59:4c:de:67:24:34:0b:93:05:ee:2f:ed:93:81:
         78:cd:da:d8:d8:3b:89:8a:6d:2c:e1:81:a2:d4:a4:a4:2b:54:
         89:e2:1d:40:4c:ee:98:d7:85:f7:35:35:3d:fc:18:ca:74:5e:
         a3:cb:50:56:02:e5:13:e9:ab:37:66:5e:6a:74:38:f3:dc:41:
         1d:c8:52:9f:6e:4c:88:ad:1e:90:e7:55:d7:5e:2f:50:e0:5c:
         35:69:cb:56:63:b0:ba:b9:a0:fb:c6:b0:37:9b:08:3a:d5:31:
         56:c4:bd:33:a8:19:37:37:ff:0d:4f:40:ed:1a:51:7e:b4:1f:
         8d:a9:70:a9:bf:49:fb:cb:7e:d5:52:e2:cb:40:65:db:d9:26:
         be:ab:b9:1d:f5:d0:5f:e5:43:1d:bd:ca:a9:71:58:97:66:2d:
         2e:45:0e:e2:a0:0b:99:88:65:96:ad:96:1a:e7:68:92:77:c0:
         fa:bc:56:ef:c4:e3:c8:b6:50:a3:b9:f1:5c:24:95:b6:ba:02:
         80:2f:c4:8e:56:c2:e6:44:73:3c:c3:5c:c2:44:de:e4:d1:6a:
         0d:af:6f:95:c0:13:0b:62:39:19:e1:27:a8:56:ac:85:d3:98:
         c1:aa:b9:45:60:25:46:c7:8b:ee:41:61:cc:95:85:79:81:32:
         0d:50:b6:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2XqwL7ocyrWEvIosYdQHDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMWQ1YzIxMmIyODE3NDdjOGMzZWM2ZTg2NmUxNWIzOTRj
NWJiZGYwHhcNMjYwNDE2MTkwMTAwWhcNMjYwNDE3MTkwMTAwWjAzMTEwLwYDVQQD
Eyg0MjU4NjQ1OTAyYzk1NWEzODBkY2M1NjU5N2Y5MTU0YjU5YTg5NWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9sUvLnMcsN9+w7l7S5yisgW/cm5
/H5mpvE4cmcplo+B6jh47FZodn/DojVwGMNJn4A9EShlDPy8mobd9radUmyYgTXn
Jg2gbedpw9zTbD0XHxTJPadWN+1jOx3a4O4TNVnwUk8EYe/ubcGwVt21IVg5fVDq
lDeYIFnGO8Atsli+j1vMGJ0dPm/4yYLVYjOQDZGlgjoPDWWK0GZwlRWjoq3645Z2
Th6/UqMgBt2MW7kXiipkUqSSutsaxEqBJEyoS5AHHwn1yiv/LqTIDghGCnqQRe+n
vvwQ0cExPQW8B1Ji0ZE2aljZkPk4UMhmczne6KlMI87DhqNLIV4rfcShDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEJYZFkCyVWjgNzFZZf5FUtZqJW0MB8GA1UdIwQY
MBaAFE4dXCErKBdHyMPsboZuFbOUxbvfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8yNzc1MDMtODJlMy00YzE3LTk2OTkt
NzEyZTI3NjFkYWY1LzEvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8yNzc1MDMtODJlMy00YzE3LTk2OTktNzEyZTI3NjFkYWY1
LzEvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT/Hl3llM
3mckNAuTBe4v7ZOBeM3a2Ng7iYptLOGBotSkpCtUieIdQEzumNeF9zU1PfwYynRe
o8tQVgLlE+mrN2ZeanQ489xBHchSn25MiK0ekOdV114vUOBcNWnLVmOwurmg+8aw
N5sIOtUxVsS9M6gZNzf/DU9A7RpRfrQfjalwqb9J+8t+1VLiy0Bl29kmvqu5HfXQ
X+VDHb3KqXFYl2YtLkUO4qALmYhllq2WGudoknfA+rxW78TjyLZQo7nxXCSVtroC
gC/EjlbC5kRzPMNcwkTe5NFqDa9vlcATC2I5GeEnqFashdOYwaq5RWAlRseL7kFh
zJWFeYEyDVC2lw==
-----END CERTIFICATE-----