Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
File:                     9bMQ6dROhHDWzYAJWQZssA8pHvo.mft (raw, json)
Hash identifier:          zCXAfVRP+1zmbBdXs9KUfp7L60vQApUsxGPrettseG0=
Subject key identifier:   02:59:08:9E:0F:76:49:97:13:C1:94:13:4B:70:5A:E0:0B:F4:63:83
Authority key identifier: F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA
Certificate issuer:       /CN=f5b310e9d44e8470d6cd800959066cb00f291efa
Certificate serial:       019D98F42BB2B28086D78737C4085E9C4DE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
Manifest number:          1325
Signing time:             Fri 17 Apr 2026 01:00:31 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:31 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:31 +0000
Files and hashes:         1: 9bMQ6dROhHDWzYAJWQZssA8pHvo.crl (hash: hJtkUT/Vl7aS7QneZns04Cq7HGemKhSmng8j/dUNNmM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:2b:b2:b2:80:86:d7:87:37:c4:08:5e:9c:4d:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5b310e9d44e8470d6cd800959066cb00f291efa
        Validity
            Not Before: Apr 17 01:00:31 2026 GMT
            Not After : Apr 18 01:00:31 2026 GMT
        Subject: CN=0259089e0f76499713c194134b705ae00bf46383
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:ad:bd:94:45:30:f7:0c:4b:7f:1f:3c:4a:9d:
                    cf:05:ed:d9:87:53:00:d0:81:a4:13:58:5d:76:44:
                    9b:cb:3c:d8:70:9a:3a:96:ef:fa:df:3e:e4:07:99:
                    d2:5c:63:bf:df:69:47:e3:5b:9e:28:84:91:ea:97:
                    bc:95:58:ba:8c:2d:71:93:7d:76:c4:06:dd:2f:76:
                    aa:bb:cb:4e:f3:3f:9d:ce:61:bc:6f:a9:5f:01:29:
                    69:52:ba:87:7a:f7:d9:b3:62:9a:41:22:81:f6:03:
                    46:4f:7e:56:a6:85:43:6c:cb:ab:08:0c:9a:e9:ae:
                    ed:14:1d:b5:75:b6:93:b3:88:a6:50:e1:a6:7e:fc:
                    cb:33:78:57:d2:36:9c:94:b0:63:f0:c0:8b:84:fb:
                    18:df:fa:f7:95:be:b8:75:eb:df:e3:9d:d4:13:8b:
                    29:aa:aa:21:36:5b:0a:18:8e:d9:22:61:06:de:32:
                    63:11:f4:3e:5f:87:be:36:05:ad:95:00:56:0a:18:
                    d8:c5:49:44:59:51:3f:58:c8:96:0b:e7:89:bb:d5:
                    a1:85:aa:30:9e:cd:50:71:4b:36:b3:7d:8f:a0:43:
                    78:25:76:44:04:4d:81:55:da:7f:1b:f7:26:15:77:
                    25:b3:93:bc:53:17:fb:cf:6e:37:34:d7:c7:ec:87:
                    f6:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:59:08:9E:0F:76:49:97:13:C1:94:13:4B:70:5A:E0:0B:F4:63:83
            X509v3 Authority Key Identifier:
                keyid:F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:b1:c2:c2:2b:fb:e4:39:2f:1b:b3:7b:56:07:e1:12:df:9b:
         4d:54:8c:ba:9f:2b:21:08:21:7e:f7:88:97:13:1a:21:08:3b:
         11:c2:37:4a:d7:27:7d:31:32:37:2e:ff:45:58:05:89:22:57:
         25:d3:a4:99:10:b7:2e:01:55:24:de:2d:38:03:a7:a4:2c:d0:
         c9:3c:b2:8e:2b:6c:25:12:5f:57:02:44:7e:96:35:27:db:48:
         be:63:b0:1e:44:95:6c:c2:dd:5b:6f:d6:23:4b:c6:ee:b9:58:
         08:35:56:87:e4:90:f0:97:64:dc:17:7d:a4:b7:75:2d:5a:db:
         8a:f3:5e:28:6c:8a:09:ab:06:e7:3e:14:16:0f:6c:bb:f0:bc:
         54:e3:91:d8:b0:ee:65:54:48:3c:64:3e:fa:1d:dc:79:84:50:
         60:31:41:56:cb:b8:4a:ab:6d:9f:4c:c5:f1:04:8f:f6:5a:da:
         46:ba:02:d3:8f:ca:58:e4:95:28:18:a5:ea:46:df:6d:76:bb:
         0b:16:b3:9c:dd:f7:27:2b:c5:c0:09:62:ba:30:cc:c6:b2:1f:
         77:8c:63:57:18:aa:79:a6:74:fa:05:5c:f0:8b:cb:f3:39:b5:
         57:29:90:f8:66:c9:e9:95:96:35:9b:b2:8c:12:12:db:9c:14:
         6e:5c:53:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9CuysoCG14c3xAhenE3lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YjMxMGU5ZDQ0ZTg0NzBkNmNkODAwOTU5MDY2Y2IwMGYy
OTFlZmEwHhcNMjYwNDE3MDEwMDMxWhcNMjYwNDE4MDEwMDMxWjAzMTEwLwYDVQQD
EygwMjU5MDg5ZTBmNzY0OTk3MTNjMTk0MTM0YjcwNWFlMDBiZjQ2MzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo629lEUw9wxLfx88Sp3PBe3Zh1MA
0IGkE1hddkSbyzzYcJo6lu/63z7kB5nSXGO/32lH41ueKISR6pe8lVi6jC1xk312
xAbdL3aqu8tO8z+dzmG8b6lfASlpUrqHevfZs2KaQSKB9gNGT35WpoVDbMurCAya
6a7tFB21dbaTs4imUOGmfvzLM3hX0jaclLBj8MCLhPsY3/r3lb64devf453UE4sp
qqohNlsKGI7ZImEG3jJjEfQ+X4e+NgWtlQBWChjYxUlEWVE/WMiWC+eJu9Whhaow
ns1QcUs2s32PoEN4JXZEBE2BVdp/G/cmFXcls5O8Uxf7z243NNfH7If2ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAJZCJ4PdkmXE8GUE0twWuAL9GODMB8GA1UdIwQY
MBaAFPWzEOnUToRw1s2ACVkGbLAPKR76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYt
ZTgzNmViM2QyZjFmLzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYtZTgzNmViM2QyZjFm
LzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApbHCwiv7
5DkvG7N7VgfhEt+bTVSMup8rIQghfveIlxMaIQg7EcI3StcnfTEyNy7/RVgFiSJX
JdOkmRC3LgFVJN4tOAOnpCzQyTyyjitsJRJfVwJEfpY1J9tIvmOwHkSVbMLdW2/W
I0vG7rlYCDVWh+SQ8Jdk3Bd9pLd1LVrbivNeKGyKCasG5z4UFg9su/C8VOOR2LDu
ZVRIPGQ++h3ceYRQYDFBVsu4Sqttn0zF8QSP9lraRroC04/KWOSVKBil6kbfbXa7
CxaznN33JyvFwAliujDMxrIfd4xjVxiqeaZ0+gVc8IvL8zm1VymQ+GbJ6ZWWNZuy
jBIS25wUblxTvA==
-----END CERTIFICATE-----