Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
File:                     goIekswnAHYZMDmOI4DCOqR1XxY.mft (raw, json)
Hash identifier:          XalkGJrmBfxQBLq8Ff7yKfznwcHkIRoQK/0W4vwmIhk=
Subject key identifier:   F4:9D:7B:82:F2:D1:E4:3E:BE:84:14:F0:12:AF:FF:FC:02:34:7C:04
Authority key identifier: 82:82:1E:92:CC:27:00:76:19:30:39:8E:23:80:C2:3A:A4:75:5F:16
Certificate issuer:       /CN=82821e92cc2700761930398e2380c23aa4755f16
Certificate serial:       019D98F43ADD87706E66C2E84DDC14E4E767
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
Manifest number:          0976
Signing time:             Fri 17 Apr 2026 01:00:35 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:35 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:35 +0000
Files and hashes:         1: goIekswnAHYZMDmOI4DCOqR1XxY.crl (hash: BbYSagC5ce4u4pZAsDB7CCpgQENPeo1jtaD8V25z1vQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:3a:dd:87:70:6e:66:c2:e8:4d:dc:14:e4:e7:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82821e92cc2700761930398e2380c23aa4755f16
        Validity
            Not Before: Apr 17 01:00:35 2026 GMT
            Not After : Apr 18 01:00:35 2026 GMT
        Subject: CN=f49d7b82f2d1e43ebe8414f012affffc02347c04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:01:c7:e3:f7:45:ab:b9:7e:ec:2a:3c:a1:40:
                    e5:f6:72:d8:fc:92:9f:1f:2e:88:20:7c:e0:0a:59:
                    59:73:e1:c4:1d:84:34:58:4a:3c:03:5e:c0:52:c2:
                    a5:40:2f:f7:bf:10:4a:fe:a2:a7:83:d9:1d:4c:4e:
                    7a:03:7c:ca:24:b2:5e:36:cb:9a:ab:82:4c:94:43:
                    8c:44:7e:eb:9b:43:83:18:6c:4e:cf:c8:4c:fd:a5:
                    75:97:59:9d:ba:4b:49:93:3d:0b:eb:f8:1c:60:ed:
                    b7:81:4d:76:ff:20:ba:c6:1f:7b:d8:96:a0:f7:08:
                    92:89:ff:3f:e3:3f:19:ba:68:f2:8c:8d:83:79:4d:
                    c4:f2:39:b2:66:d5:ae:22:e5:95:f6:d8:ee:0e:19:
                    d2:e6:ec:a9:af:61:84:6e:17:59:ea:da:88:e3:6d:
                    0f:af:b0:ce:5d:0b:1b:f6:41:83:0b:e1:da:ff:20:
                    c5:67:41:d2:e5:7b:38:ca:9e:90:34:3f:13:e6:23:
                    9e:b1:ac:b1:f9:e8:26:2e:d6:fc:bf:74:38:f7:73:
                    da:d9:97:1b:cd:75:3a:e3:c2:82:30:50:45:82:9c:
                    2b:28:47:32:0d:6f:5b:7b:0d:f8:d5:53:24:9e:fc:
                    fd:d2:eb:23:0c:3b:96:65:88:2c:19:31:88:65:48:
                    d0:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:9D:7B:82:F2:D1:E4:3E:BE:84:14:F0:12:AF:FF:FC:02:34:7C:04
            X509v3 Authority Key Identifier:
                keyid:82:82:1E:92:CC:27:00:76:19:30:39:8E:23:80:C2:3A:A4:75:5F:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:14:03:d9:2b:9e:fe:e4:da:1f:e6:3e:9a:0a:7b:8d:91:41:
         d5:76:23:20:48:93:c7:5b:80:47:05:4f:e9:dd:97:7e:ba:72:
         1c:db:93:dc:c0:ec:0e:86:89:90:7d:d2:51:15:55:9a:bb:cf:
         32:ee:c4:82:56:0a:8d:a4:79:2a:e0:38:37:c1:8b:a6:35:3c:
         9a:b6:1a:e3:b8:1b:ed:59:40:5b:74:2b:d5:1a:fa:3f:8e:ef:
         a4:f1:2d:15:11:cb:7c:53:a1:dd:b9:66:46:22:e0:ec:7f:2f:
         be:a6:8e:40:a5:dd:c2:13:c7:bd:a9:9f:ce:bc:01:e8:53:6f:
         a9:f5:bc:2a:5c:62:55:e1:62:5c:7f:30:12:fd:f0:6a:27:a6:
         3d:18:4b:ea:cd:ec:98:5d:c1:d3:c3:28:65:c4:b6:df:2c:16:
         ad:6f:c3:fa:72:f1:52:86:a2:81:21:1a:32:5b:ad:fb:aa:4e:
         27:4a:7b:6d:77:89:ae:76:77:fa:1c:3e:1d:11:b3:28:cc:90:
         c0:21:e3:64:a1:3f:26:88:a4:30:aa:1f:0e:78:c1:05:ff:4e:
         0b:f1:db:66:98:e6:d6:85:06:4d:ed:66:37:b2:04:ff:77:a5:
         e9:b9:f6:57:74:76:bf:a9:1b:b9:5e:72:f0:16:a6:93:98:e3:
         b6:97:2f:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9Drdh3BuZsLoTdwU5OdnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyODIxZTkyY2MyNzAwNzYxOTMwMzk4ZTIzODBjMjNhYTQ3
NTVmMTYwHhcNMjYwNDE3MDEwMDM1WhcNMjYwNDE4MDEwMDM1WjAzMTEwLwYDVQQD
EyhmNDlkN2I4MmYyZDFlNDNlYmU4NDE0ZjAxMmFmZmZmYzAyMzQ3YzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgHH4/dFq7l+7Co8oUDl9nLY/JKf
Hy6IIHzgCllZc+HEHYQ0WEo8A17AUsKlQC/3vxBK/qKng9kdTE56A3zKJLJeNsua
q4JMlEOMRH7rm0ODGGxOz8hM/aV1l1mduktJkz0L6/gcYO23gU12/yC6xh972Jag
9wiSif8/4z8ZumjyjI2DeU3E8jmyZtWuIuWV9tjuDhnS5uypr2GEbhdZ6tqI420P
r7DOXQsb9kGDC+Ha/yDFZ0HS5Xs4yp6QND8T5iOesayx+egmLtb8v3Q493Pa2Zcb
zXU648KCMFBFgpwrKEcyDW9bew341VMknvz90usjDDuWZYgsGTGIZUjQSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPSde4Ly0eQ+voQU8BKv//wCNHwEMB8GA1UdIwQY
MBaAFIKCHpLMJwB2GTA5jiOAwjqkdV8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xYjNiYzAtZmFlZC00OGZiLWIzZjAt
MDhiNjJiOGVmZTcxLzEvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8xYjNiYzAtZmFlZC00OGZiLWIzZjAtMDhiNjJiOGVmZTcx
LzEvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQRQD2Sue
/uTaH+Y+mgp7jZFB1XYjIEiTx1uARwVP6d2XfrpyHNuT3MDsDoaJkH3SURVVmrvP
Mu7EglYKjaR5KuA4N8GLpjU8mrYa47gb7VlAW3Qr1Rr6P47vpPEtFRHLfFOh3blm
RiLg7H8vvqaOQKXdwhPHvamfzrwB6FNvqfW8KlxiVeFiXH8wEv3waiemPRhL6s3s
mF3B08MoZcS23ywWrW/D+nLxUoaigSEaMlut+6pOJ0p7bXeJrnZ3+hw+HRGzKMyQ
wCHjZKE/JoikMKofDnjBBf9OC/HbZpjm1oUGTe1mN7IE/3el6bn2V3R2v6kbuV5y
8Bamk5jjtpcvlg==
-----END CERTIFICATE-----