Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/70bfd7-711d-4ad9-82f7-2f3c0032e446/1/X06OdhPaoX6FqhB4yOwlXPGNQio.mft
File:                     X06OdhPaoX6FqhB4yOwlXPGNQio.mft (raw, json)
Hash identifier:          srJBqy3m4Sb5peFRmmalz0wQzlQYwaJcvHUnUBmXtkA=
Subject key identifier:   AC:6F:3D:D6:65:9A:6C:13:2D:C2:E3:45:FA:73:9A:FA:7B:07:4F:BE
Authority key identifier: 5F:4E:8E:76:13:DA:A1:7E:85:AA:10:78:C8:EC:25:5C:F1:8D:42:2A
Certificate issuer:       /CN=5f4e8e7613daa17e85aa1078c8ec255cf18d422a
Certificate serial:       019D9AE31D58A6E0C29AF918EA1AC56027C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X06OdhPaoX6FqhB4yOwlXPGNQio.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/70bfd7-711d-4ad9-82f7-2f3c0032e446/1/X06OdhPaoX6FqhB4yOwlXPGNQio.mft
Manifest number:          0FED
Signing time:             Fri 17 Apr 2026 10:01:08 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:08 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:08 +0000
Files and hashes:         1: X06OdhPaoX6FqhB4yOwlXPGNQio.crl (hash: KbwOki3qjKkhLhd7EC8f1rTreArEGKYgjKgfqMZXXZw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/70bfd7-711d-4ad9-82f7-2f3c0032e446/1/X06OdhPaoX6FqhB4yOwlXPGNQio.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/70bfd7-711d-4ad9-82f7-2f3c0032e446/1/X06OdhPaoX6FqhB4yOwlXPGNQio.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X06OdhPaoX6FqhB4yOwlXPGNQio.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:1d:58:a6:e0:c2:9a:f9:18:ea:1a:c5:60:27:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f4e8e7613daa17e85aa1078c8ec255cf18d422a
        Validity
            Not Before: Apr 17 10:01:08 2026 GMT
            Not After : Apr 18 10:01:08 2026 GMT
        Subject: CN=ac6f3dd6659a6c132dc2e345fa739afa7b074fbe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:20:87:f9:4a:14:e0:37:59:d3:b6:27:d2:89:
                    f3:91:20:89:6b:4f:24:f6:04:0d:3e:fc:41:20:02:
                    9c:0d:c1:ac:37:9a:62:53:9f:23:e6:da:d7:36:51:
                    90:6d:ab:b7:09:ca:41:8e:1b:25:30:7f:d1:f3:a3:
                    0f:b1:28:81:6a:30:97:1f:7c:5c:1e:f9:45:ce:00:
                    ce:4f:ba:cf:bd:ab:e2:54:c9:94:42:e3:b6:2e:c7:
                    89:76:b4:d5:30:b6:ff:c6:26:35:22:e1:43:85:49:
                    d1:8c:ba:0b:3f:99:20:c1:a3:db:4f:27:30:49:e3:
                    34:62:b1:82:62:d9:ca:64:43:d5:2a:62:0e:78:2d:
                    d5:60:50:5c:56:27:80:2f:72:4e:ae:3e:17:63:9c:
                    ab:42:c9:c1:be:1b:ca:43:4c:b5:96:24:65:0b:29:
                    d4:b0:0b:77:cb:6a:e0:30:62:b9:38:30:1c:8d:23:
                    f6:c3:48:99:71:53:8e:ec:af:40:69:c1:3f:79:45:
                    a4:bf:79:a1:3a:31:d6:79:5a:7c:40:f2:66:6c:94:
                    cf:8a:5b:7e:dc:56:7d:3f:12:cd:a8:45:bb:05:81:
                    c0:af:bb:e8:66:1f:25:6c:e7:4c:ef:1f:38:ad:b3:
                    37:d2:f3:16:8a:3e:e2:56:0a:d5:2d:52:48:12:f5:
                    e6:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:6F:3D:D6:65:9A:6C:13:2D:C2:E3:45:FA:73:9A:FA:7B:07:4F:BE
            X509v3 Authority Key Identifier:
                keyid:5F:4E:8E:76:13:DA:A1:7E:85:AA:10:78:C8:EC:25:5C:F1:8D:42:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X06OdhPaoX6FqhB4yOwlXPGNQio.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/70bfd7-711d-4ad9-82f7-2f3c0032e446/1/X06OdhPaoX6FqhB4yOwlXPGNQio.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/70bfd7-711d-4ad9-82f7-2f3c0032e446/1/X06OdhPaoX6FqhB4yOwlXPGNQio.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:4b:e4:ba:3d:ae:05:da:7a:03:28:ed:83:21:17:f2:08:f9:
         d2:5a:bc:42:6b:35:8f:c7:cc:2f:24:46:97:5c:f4:56:0c:2f:
         44:7d:2e:a3:c9:59:af:19:88:0c:db:70:5b:54:d2:0d:17:57:
         99:c9:99:50:82:09:cb:cc:6e:5c:7d:44:56:3b:2f:6b:f0:62:
         05:2e:1a:47:c7:42:d1:b0:5b:f1:0b:52:27:7c:a2:e3:af:48:
         bc:df:8f:0c:3f:8d:2c:8c:6e:9f:bc:3e:8b:45:9a:88:d9:cc:
         6a:dd:e3:19:82:55:75:20:28:44:f2:fb:48:42:bd:82:29:83:
         7b:ad:da:3b:b9:f5:06:b5:01:45:dc:91:72:ae:e5:0f:c7:05:
         96:13:26:86:a0:36:5a:77:56:88:13:d8:5b:6a:4f:34:4a:fe:
         6d:83:4b:6a:01:cc:78:26:88:54:f0:fb:d6:a8:b2:35:e9:92:
         fd:4a:a4:2e:bb:8e:c5:80:14:7c:7d:d6:d8:3b:a6:5e:66:21:
         1b:86:b1:4b:0b:81:08:70:a7:b8:49:25:c7:a0:eb:ec:18:28:
         bd:73:92:d4:a7:8f:d0:97:de:4f:8f:aa:9d:77:a9:c2:14:29:
         5a:46:88:6c:16:04:6b:4c:89:7b:d7:82:45:81:9a:d6:4b:79:
         23:2e:21:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4x1YpuDCmvkY6hrFYCfEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNGU4ZTc2MTNkYWExN2U4NWFhMTA3OGM4ZWMyNTVjZjE4
ZDQyMmEwHhcNMjYwNDE3MTAwMTA4WhcNMjYwNDE4MTAwMTA4WjAzMTEwLwYDVQQD
EyhhYzZmM2RkNjY1OWE2YzEzMmRjMmUzNDVmYTczOWFmYTdiMDc0ZmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSCH+UoU4DdZ07Yn0onzkSCJa08k
9gQNPvxBIAKcDcGsN5piU58j5trXNlGQbau3CcpBjhslMH/R86MPsSiBajCXH3xc
HvlFzgDOT7rPvaviVMmUQuO2LseJdrTVMLb/xiY1IuFDhUnRjLoLP5kgwaPbTycw
SeM0YrGCYtnKZEPVKmIOeC3VYFBcVieAL3JOrj4XY5yrQsnBvhvKQ0y1liRlCynU
sAt3y2rgMGK5ODAcjSP2w0iZcVOO7K9AacE/eUWkv3mhOjHWeVp8QPJmbJTPilt+
3FZ9PxLNqEW7BYHAr7voZh8lbOdM7x84rbM30vMWij7iVgrVLVJIEvXmiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKxvPdZlmmwTLcLjRfpzmvp7B0++MB8GA1UdIwQY
MBaAFF9OjnYT2qF+haoQeMjsJVzxjUIqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDA2T2RoUGFvWDZGcWhCNHlPd2xYUEdOUWlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy83MGJmZDctNzExZC00YWQ5LTgyZjct
MmYzYzAwMzJlNDQ2LzEvWDA2T2RoUGFvWDZGcWhCNHlPd2xYUEdOUWlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy83MGJmZDctNzExZC00YWQ5LTgyZjctMmYzYzAwMzJlNDQ2
LzEvWDA2T2RoUGFvWDZGcWhCNHlPd2xYUEdOUWlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALEvkuj2u
Bdp6AyjtgyEX8gj50lq8Qms1j8fMLyRGl1z0VgwvRH0uo8lZrxmIDNtwW1TSDRdX
mcmZUIIJy8xuXH1EVjsva/BiBS4aR8dC0bBb8QtSJ3yi469IvN+PDD+NLIxun7w+
i0WaiNnMat3jGYJVdSAoRPL7SEK9gimDe63aO7n1BrUBRdyRcq7lD8cFlhMmhqA2
WndWiBPYW2pPNEr+bYNLagHMeCaIVPD71qiyNemS/UqkLruOxYAUfH3W2DumXmYh
G4axSwuBCHCnuEklx6Dr7BgovXOS1KeP0JfeT4+qnXepwhQpWkaIbBYEa0yJe9eC
RYGa1kt5Iy4hBQ==
-----END CERTIFICATE-----