Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft
File:                     Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft (raw, json)
Hash identifier:          QkbqtHu76hDuiTG366gi2xC0HcT1CfgDKrRBBukzpmY=
Subject key identifier:   52:C5:E2:94:CC:0B:3A:7A:7A:7C:8E:8B:E6:BC:2B:FF:F9:91:7C:74
Authority key identifier: 16:86:F7:BE:9B:A1:71:C3:27:46:AB:4E:D2:0B:E8:82:BD:30:43:56
Certificate issuer:       /CN=1686f7be9ba171c32746ab4ed20be882bd304356
Certificate serial:       019D9A06ECA759716071C3BD5748EBD1A01A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Fob3vpuhccMnRqtO0gvogr0wQ1Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft
Manifest number:          0651
Signing time:             Fri 17 Apr 2026 06:00:38 +0000
Manifest this update:     Fri 17 Apr 2026 06:00:38 +0000
Manifest next update:     Sat 18 Apr 2026 06:00:38 +0000
Files and hashes:         1: Fob3vpuhccMnRqtO0gvogr0wQ1Y.crl (hash: 6IgGLQzwrNsIHrZVmeoMlhmpOe+cJpzg+quTlyygDuw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Fob3vpuhccMnRqtO0gvogr0wQ1Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 06:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:06:ec:a7:59:71:60:71:c3:bd:57:48:eb:d1:a0:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1686f7be9ba171c32746ab4ed20be882bd304356
        Validity
            Not Before: Apr 17 06:00:38 2026 GMT
            Not After : Apr 18 06:00:38 2026 GMT
        Subject: CN=52c5e294cc0b3a7a7a7c8e8be6bc2bfff9917c74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:5b:ac:69:d0:78:0d:ad:d3:19:62:ae:ed:a0:
                    be:a4:4e:5c:b1:c7:14:24:9f:33:f3:51:81:f7:c6:
                    e6:fb:99:1d:03:3e:3a:3a:48:ad:99:69:96:db:23:
                    61:67:f7:a4:c3:9f:71:aa:29:51:b4:7d:da:6b:3c:
                    69:24:ac:ac:2a:10:fe:0f:b8:43:54:b9:61:07:a7:
                    85:01:c8:09:b2:c2:b5:92:e0:e1:a1:5b:f8:50:e2:
                    9d:a7:b0:b8:0d:b3:53:9f:50:a6:f4:c6:7f:82:cf:
                    cd:d3:de:68:a8:34:8b:d8:5a:f5:e2:6f:ab:eb:f9:
                    dc:56:d7:9e:eb:0f:0b:d5:5f:f6:a3:b6:76:16:b4:
                    92:f9:54:4e:ad:b8:36:90:98:9d:e1:87:ce:a6:c9:
                    e8:d0:b5:fd:1f:a1:f2:3d:c8:69:b8:82:f6:71:87:
                    2d:6d:c3:dc:7b:78:60:23:0b:7e:af:58:14:cb:3d:
                    46:24:4a:8c:f6:47:89:e3:bc:7b:ba:a4:a6:2b:33:
                    19:bc:20:0d:22:99:f0:07:4b:78:16:11:2e:41:17:
                    58:a2:1d:51:7f:85:28:ff:e7:1d:23:1c:62:45:cc:
                    16:e9:3d:8b:ec:d4:68:3a:d1:c9:ea:48:b3:87:ec:
                    c4:7a:7d:ee:f3:b8:dd:dc:65:bd:a0:88:f8:c6:ee:
                    c3:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:C5:E2:94:CC:0B:3A:7A:7A:7C:8E:8B:E6:BC:2B:FF:F9:91:7C:74
            X509v3 Authority Key Identifier:
                keyid:16:86:F7:BE:9B:A1:71:C3:27:46:AB:4E:D2:0B:E8:82:BD:30:43:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fob3vpuhccMnRqtO0gvogr0wQ1Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b9:c6:74:e1:f7:ea:40:18:21:c9:01:b9:9b:0f:c7:99:3d:44:
         7d:bf:3c:19:f3:d6:d1:05:17:bf:d4:8e:83:3b:07:29:2a:3f:
         1a:6c:a5:0e:85:76:59:3e:0f:e5:c0:1a:4c:8c:57:da:ff:89:
         b6:90:ba:66:5f:64:d5:e6:9a:a6:19:54:1b:0e:ab:9c:71:e8:
         8a:7d:f7:00:7f:84:19:a2:2d:3d:28:e8:e5:c5:92:0d:97:78:
         d4:09:13:ca:27:ba:bc:f4:95:7c:08:b1:8c:43:c9:90:93:ce:
         eb:6e:ed:be:16:52:c5:70:74:2e:09:0a:7f:66:a0:f0:94:36:
         20:1b:9c:38:bf:ed:5f:5d:a3:79:bc:35:fe:4e:1f:0e:f2:ca:
         bf:99:87:1d:47:81:91:96:53:4e:e3:49:2d:46:e5:a5:48:36:
         e6:19:21:76:80:bd:22:18:c0:df:09:19:7c:90:91:45:fa:05:
         c9:9e:1b:4b:20:cd:6f:6e:4e:e8:b7:be:01:db:58:dc:80:f9:
         a4:4f:b9:a6:ef:23:c1:3f:51:3e:a8:91:3e:90:66:48:1f:a0:
         f8:e0:45:24:4a:e7:f9:f1:5b:b0:d6:99:76:2b:b1:f6:05:e4:
         59:bf:d8:0f:23:e2:3c:01:17:32:5a:99:e3:6a:99:64:10:c0:
         d4:f7:0b:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aBuynWXFgccO9V0jr0aAaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ODZmN2JlOWJhMTcxYzMyNzQ2YWI0ZWQyMGJlODgyYmQz
MDQzNTYwHhcNMjYwNDE3MDYwMDM4WhcNMjYwNDE4MDYwMDM4WjAzMTEwLwYDVQQD
Eyg1MmM1ZTI5NGNjMGIzYTdhN2E3YzhlOGJlNmJjMmJmZmY5OTE3Yzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVusadB4Da3TGWKu7aC+pE5csccU
JJ8z81GB98bm+5kdAz46OkitmWmW2yNhZ/ekw59xqilRtH3aazxpJKysKhD+D7hD
VLlhB6eFAcgJssK1kuDhoVv4UOKdp7C4DbNTn1Cm9MZ/gs/N095oqDSL2Fr14m+r
6/ncVtee6w8L1V/2o7Z2FrSS+VROrbg2kJid4YfOpsno0LX9H6HyPchpuIL2cYct
bcPce3hgIwt+r1gUyz1GJEqM9keJ47x7uqSmKzMZvCANIpnwB0t4FhEuQRdYoh1R
f4Uo/+cdIxxiRcwW6T2L7NRoOtHJ6kizh+zEen3u87jd3GW9oIj4xu7DGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFLF4pTMCzp6enyOi+a8K//5kXx0MB8GA1UdIwQY
MBaAFBaG976boXHDJ0arTtIL6IK9MENWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm9iM3ZwdWhjY01uUnF0TzBndm9ncjB3UTFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy83Y2E4MDgtYzc5NS00MGVmLThhNDkt
NzRhOThjYjY2ZmZmLzEvRm9iM3ZwdWhjY01uUnF0TzBndm9ncjB3UTFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy83Y2E4MDgtYzc5NS00MGVmLThhNDktNzRhOThjYjY2ZmZm
LzEvRm9iM3ZwdWhjY01uUnF0TzBndm9ncjB3UTFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAucZ04ffq
QBghyQG5mw/HmT1Efb88GfPW0QUXv9SOgzsHKSo/GmylDoV2WT4P5cAaTIxX2v+J
tpC6Zl9k1eaaphlUGw6rnHHoin33AH+EGaItPSjo5cWSDZd41AkTyie6vPSVfAix
jEPJkJPO627tvhZSxXB0LgkKf2ag8JQ2IBucOL/tX12jebw1/k4fDvLKv5mHHUeB
kZZTTuNJLUblpUg25hkhdoC9IhjA3wkZfJCRRfoFyZ4bSyDNb25O6Le+AdtY3ID5
pE+5pu8jwT9RPqiRPpBmSB+g+OBFJErn+fFbsNaZdiux9gXkWb/YDyPiPAEXMlqZ
42qZZBDA1PcLpA==
-----END CERTIFICATE-----