Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft
File:                     MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft (raw, json)
Hash identifier:          lwQ6GB6KOaIH3/hDihnTvHzKMt/iPANd+YpFXX+fW80=
Subject key identifier:   FA:51:AA:4B:0F:B8:90:73:C2:F5:5F:0A:F9:D5:11:2A:C2:94:9E:DD
Authority key identifier: 30:A2:42:CF:6C:15:29:AA:A0:69:33:67:E4:4C:84:A0:7D:8B:0C:9F
Certificate issuer:       /CN=30a242cf6c1529aaa0693367e44c84a07d8b0c9f
Certificate serial:       019D98F4E00BE806375A645B9568BB32E9BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft
Manifest number:          0C48
Signing time:             Fri 17 Apr 2026 01:01:18 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:18 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:18 +0000
Files and hashes:         1: MKJCz2wVKaqgaTNn5EyEoH2LDJ8.crl (hash: UseA2eTfpyhNIpmy3qSkiaaTaVqxqpV1sHeGEvh/tpA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:e0:0b:e8:06:37:5a:64:5b:95:68:bb:32:e9:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30a242cf6c1529aaa0693367e44c84a07d8b0c9f
        Validity
            Not Before: Apr 17 01:01:18 2026 GMT
            Not After : Apr 18 01:01:18 2026 GMT
        Subject: CN=fa51aa4b0fb89073c2f55f0af9d5112ac2949edd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:92:3b:aa:cb:86:fb:4c:f3:7f:50:a4:3f:43:
                    c8:9d:f4:74:44:b6:84:03:f8:e9:d4:84:89:b8:f3:
                    97:a0:33:25:f2:55:0c:cb:72:da:fb:56:14:7e:31:
                    20:2d:d5:6a:95:8d:3c:85:af:3f:3a:f4:10:ec:4a:
                    d5:ee:70:1f:ba:93:12:d6:e4:e7:50:4c:5a:24:10:
                    8d:5f:bb:2b:3a:10:d6:e8:d5:04:3b:d1:a8:73:cd:
                    c7:5b:61:32:47:74:32:20:9d:0d:81:d6:71:4f:a2:
                    64:f8:8b:59:78:ba:2e:8c:7b:46:6e:d6:dc:89:0f:
                    b1:fc:10:0f:33:17:19:0f:64:a6:7e:63:49:88:2c:
                    32:fa:cd:e8:f5:46:b8:00:60:f9:bd:39:37:05:16:
                    69:54:93:81:0c:73:bc:19:9a:62:29:dc:55:5f:ab:
                    d2:b1:ef:da:a5:e9:4a:82:f3:45:25:c1:4c:47:17:
                    db:28:42:9e:8f:cb:08:14:b2:6a:50:57:6f:53:b1:
                    8b:64:80:56:36:5d:9e:6f:7a:b3:69:43:83:87:33:
                    28:40:cd:dd:2a:47:a3:b0:7b:5f:1f:6a:c0:38:87:
                    2c:1b:b2:c4:bf:90:86:d8:92:c9:6b:0b:1d:de:df:
                    a6:60:22:fc:52:de:48:63:f9:bf:13:6e:01:9d:f6:
                    21:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:51:AA:4B:0F:B8:90:73:C2:F5:5F:0A:F9:D5:11:2A:C2:94:9E:DD
            X509v3 Authority Key Identifier:
                keyid:30:A2:42:CF:6C:15:29:AA:A0:69:33:67:E4:4C:84:A0:7D:8B:0C:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/17cd86-7fbb-408f-a28c-fa2676fe38fd/1/MKJCz2wVKaqgaTNn5EyEoH2LDJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:92:95:a0:f6:b2:3a:d9:b4:d6:62:2e:47:e5:44:02:9d:dc:
         f1:17:60:fe:58:17:10:81:a0:04:1f:de:6b:b1:db:61:70:09:
         6c:c6:b5:2a:a5:94:1c:48:12:57:b7:76:00:2b:9b:df:a8:0e:
         38:de:e8:05:84:e2:d4:5d:00:38:65:16:d3:2d:d4:08:5e:85:
         5c:11:8a:c4:0c:13:73:a6:21:11:88:32:1d:d7:2f:13:dd:43:
         58:1b:42:35:d0:51:81:15:43:68:28:8f:5d:75:f2:ef:49:30:
         79:66:47:6c:cf:23:f6:a9:3a:49:30:a7:e6:85:a9:86:f5:8e:
         6e:d2:3e:7a:9b:82:cd:0c:59:90:f9:b5:e0:c6:8c:fa:f4:c9:
         24:37:e0:77:61:ef:a4:12:5f:80:9a:c2:2f:69:4a:76:7b:17:
         c8:0e:92:10:15:41:fe:52:bf:5d:83:54:f9:08:5a:d7:68:92:
         71:83:8e:3d:7b:76:da:96:f8:96:48:cd:f4:cd:c7:f8:0b:fb:
         35:b6:cd:d6:83:c0:10:ab:e0:92:c6:db:4b:34:ed:32:61:09:
         7d:1e:e4:b1:09:3d:7c:b6:a1:73:e3:0f:b5:32:9e:5e:85:73:
         9b:79:e0:7c:50:b4:e0:1b:4e:57:72:ef:3a:38:2e:02:63:69:
         f5:60:e0:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9OAL6AY3WmRblWi7Mum8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYTI0MmNmNmMxNTI5YWFhMDY5MzM2N2U0NGM4NGEwN2Q4
YjBjOWYwHhcNMjYwNDE3MDEwMTE4WhcNMjYwNDE4MDEwMTE4WjAzMTEwLwYDVQQD
EyhmYTUxYWE0YjBmYjg5MDczYzJmNTVmMGFmOWQ1MTEyYWMyOTQ5ZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJI7qsuG+0zzf1CkP0PInfR0RLaE
A/jp1ISJuPOXoDMl8lUMy3La+1YUfjEgLdVqlY08ha8/OvQQ7ErV7nAfupMS1uTn
UExaJBCNX7srOhDW6NUEO9Goc83HW2EyR3QyIJ0NgdZxT6Jk+ItZeLoujHtGbtbc
iQ+x/BAPMxcZD2SmfmNJiCwy+s3o9Ua4AGD5vTk3BRZpVJOBDHO8GZpiKdxVX6vS
se/apelKgvNFJcFMRxfbKEKej8sIFLJqUFdvU7GLZIBWNl2eb3qzaUODhzMoQM3d
KkejsHtfH2rAOIcsG7LEv5CG2JLJawsd3t+mYCL8Ut5IY/m/E24BnfYhuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPpRqksPuJBzwvVfCvnVESrClJ7dMB8GA1UdIwQY
MBaAFDCiQs9sFSmqoGkzZ+RMhKB9iwyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUtKQ3oyd1ZLYXFnYVRObjVFeUVvSDJMREo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xN2NkODYtN2ZiYi00MDhmLWEyOGMt
ZmEyNjc2ZmUzOGZkLzEvTUtKQ3oyd1ZLYXFnYVRObjVFeUVvSDJMREo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xN2NkODYtN2ZiYi00MDhmLWEyOGMtZmEyNjc2ZmUzOGZk
LzEvTUtKQ3oyd1ZLYXFnYVRObjVFeUVvSDJMREo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL5KVoPay
Otm01mIuR+VEAp3c8Rdg/lgXEIGgBB/ea7HbYXAJbMa1KqWUHEgSV7d2ACub36gO
ON7oBYTi1F0AOGUW0y3UCF6FXBGKxAwTc6YhEYgyHdcvE91DWBtCNdBRgRVDaCiP
XXXy70kweWZHbM8j9qk6STCn5oWphvWObtI+epuCzQxZkPm14MaM+vTJJDfgd2Hv
pBJfgJrCL2lKdnsXyA6SEBVB/lK/XYNU+Qha12iScYOOPXt22pb4lkjN9M3H+Av7
NbbN1oPAEKvgksbbSzTtMmEJfR7ksQk9fLahc+MPtTKeXoVzm3ngfFC04BtOV3Lv
OjguAmNp9WDgfw==
-----END CERTIFICATE-----