Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
File:                     Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft (raw, json)
Hash identifier:          ewT+T6eHztWJTi1uwqeNEYKD6NT4lSz7ESoGFIzsz/4=
Subject key identifier:   25:91:0D:C0:E6:A1:14:1A:FE:ED:E0:4D:2D:FC:4D:AF:DA:09:AF:EC
Authority key identifier: 46:8E:CB:A1:0E:75:99:A0:30:AA:61:30:88:68:8A:6C:26:D6:2D:75
Certificate issuer:       /CN=468ecba10e7599a030aa613088688a6c26d62d75
Certificate serial:       019D984F88E6E3F481417F3EADF62B4DF880
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
Manifest number:          1551
Signing time:             Thu 16 Apr 2026 22:00:42 +0000
Manifest this update:     Thu 16 Apr 2026 22:00:42 +0000
Manifest next update:     Fri 17 Apr 2026 22:00:42 +0000
Files and hashes:         1: Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl (hash: 64QTYthhW6+NEk21putTEfZyTKU4Bd8zIRiCRkULYtc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:4f:88:e6:e3:f4:81:41:7f:3e:ad:f6:2b:4d:f8:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=468ecba10e7599a030aa613088688a6c26d62d75
        Validity
            Not Before: Apr 16 22:00:42 2026 GMT
            Not After : Apr 17 22:00:42 2026 GMT
        Subject: CN=25910dc0e6a1141afeede04d2dfc4dafda09afec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:e8:41:45:a3:84:b6:35:fe:2f:d9:9b:ed:a2:
                    98:c6:ae:46:50:22:3b:cc:14:b0:43:50:33:4f:3a:
                    90:58:ca:7d:08:34:3d:d2:4e:f4:4a:98:bf:69:05:
                    f6:de:80:9a:09:6a:57:f1:58:9f:93:4b:75:6a:cc:
                    60:3a:78:8d:a0:f3:95:55:79:9c:8e:a6:bb:5a:15:
                    10:ea:c4:8e:8a:6d:80:5a:ca:fc:5a:11:43:ff:ab:
                    66:16:0c:e5:d7:53:a5:7d:f7:37:d5:58:d5:f5:a9:
                    a9:e4:49:52:bc:90:13:93:4a:a3:42:e1:7b:29:d6:
                    a4:cb:76:10:c0:a6:44:33:7a:61:b3:43:19:67:9b:
                    eb:b1:81:33:09:81:6b:d2:a4:12:49:f0:f1:18:71:
                    74:0a:a1:d8:b8:5d:5b:65:06:e2:66:4a:ad:71:d4:
                    09:39:7d:a9:4f:ec:50:f7:4c:3e:c5:17:5f:fc:e6:
                    d8:d8:33:95:b6:25:75:29:62:c2:36:92:30:27:5b:
                    8f:89:87:26:bf:5a:3c:c6:7e:db:27:96:df:98:11:
                    a9:24:b5:cf:2c:ed:d7:0c:82:8a:c9:c1:86:73:35:
                    92:15:f5:a6:a9:26:b5:16:20:9a:4a:fa:fa:63:c0:
                    26:7d:d5:84:b7:57:c1:40:b8:8c:f2:8e:b9:5f:08:
                    77:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:91:0D:C0:E6:A1:14:1A:FE:ED:E0:4D:2D:FC:4D:AF:DA:09:AF:EC
            X509v3 Authority Key Identifier:
                keyid:46:8E:CB:A1:0E:75:99:A0:30:AA:61:30:88:68:8A:6C:26:D6:2D:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cc:20:e5:33:ce:c4:cb:51:f6:d3:c3:8e:dd:87:9f:b7:8d:48:
         a1:54:e1:db:10:2f:93:9a:46:15:19:7e:a8:b9:0c:4c:7b:07:
         0d:70:c2:ba:72:4e:fb:ff:0b:11:b3:6c:08:e8:e1:82:e3:78:
         a5:2b:2d:09:93:91:d9:62:2b:a4:fa:2a:12:ab:f2:a9:00:8b:
         08:e9:a9:46:55:be:84:b8:d1:29:11:fd:56:2f:fe:b3:0e:9d:
         27:65:86:43:a4:84:86:74:bd:74:29:dd:67:dd:c2:ed:54:49:
         68:df:da:6e:9a:19:1b:9a:9a:4c:06:09:34:d9:c3:c7:dd:42:
         70:5e:a5:68:a9:c8:d4:ee:db:82:0d:a9:26:d7:2a:35:9f:94:
         7f:e3:ff:67:40:85:9c:d4:c4:0b:f2:02:1a:4b:d5:d2:50:0e:
         ab:b7:a6:91:a4:60:74:d7:62:0e:90:85:62:27:2f:ad:a9:35:
         0f:10:a5:0f:6a:14:12:de:fa:85:66:7b:06:1f:bc:ed:18:17:
         7c:39:82:60:b2:c2:10:91:07:69:cc:b5:e7:61:62:11:b9:bd:
         ff:79:72:1a:09:67:f6:99:0b:07:0f:1f:e1:54:8e:06:2e:db:
         8b:fe:61:e3:d9:53:d7:b5:d4:f3:b5:6d:5d:af:97:e7:fd:7c:
         2c:7e:29:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YT4jm4/SBQX8+rfYrTfiAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OGVjYmExMGU3NTk5YTAzMGFhNjEzMDg4Njg4YTZjMjZk
NjJkNzUwHhcNMjYwNDE2MjIwMDQyWhcNMjYwNDE3MjIwMDQyWjAzMTEwLwYDVQQD
EygyNTkxMGRjMGU2YTExNDFhZmVlZGUwNGQyZGZjNGRhZmRhMDlhZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+hBRaOEtjX+L9mb7aKYxq5GUCI7
zBSwQ1AzTzqQWMp9CDQ90k70Spi/aQX23oCaCWpX8Vifk0t1asxgOniNoPOVVXmc
jqa7WhUQ6sSOim2AWsr8WhFD/6tmFgzl11Olffc31VjV9amp5ElSvJATk0qjQuF7
Kdaky3YQwKZEM3phs0MZZ5vrsYEzCYFr0qQSSfDxGHF0CqHYuF1bZQbiZkqtcdQJ
OX2pT+xQ90w+xRdf/ObY2DOVtiV1KWLCNpIwJ1uPiYcmv1o8xn7bJ5bfmBGpJLXP
LO3XDIKKycGGczWSFfWmqSa1FiCaSvr6Y8AmfdWEt1fBQLiM8o65Xwh3nwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCWRDcDmoRQa/u3gTS38Ta/aCa/sMB8GA1UdIwQY
MBaAFEaOy6EOdZmgMKphMIhoimwm1i11MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mMWVhNTAtNGUwNS00YWJkLTg5Mjct
ZGY3ZTBiZDZmODE2LzEvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mMWVhNTAtNGUwNS00YWJkLTg5MjctZGY3ZTBiZDZmODE2
LzEvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzCDlM87E
y1H208OO3Yeft41IoVTh2xAvk5pGFRl+qLkMTHsHDXDCunJO+/8LEbNsCOjhguN4
pSstCZOR2WIrpPoqEqvyqQCLCOmpRlW+hLjRKRH9Vi/+sw6dJ2WGQ6SEhnS9dCnd
Z93C7VRJaN/abpoZG5qaTAYJNNnDx91CcF6laKnI1O7bgg2pJtcqNZ+Uf+P/Z0CF
nNTEC/ICGkvV0lAOq7emkaRgdNdiDpCFYicvrak1DxClD2oUEt76hWZ7Bh+87RgX
fDmCYLLCEJEHacy152FiEbm9/3lyGgln9pkLBw8f4VSOBi7bi/5h49lT17XU87Vt
Xa+X5/18LH4pQA==
-----END CERTIFICATE-----