Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/MptRPmVwb8qlQ6EaDkLSixCd87Y.mft
File:                     MptRPmVwb8qlQ6EaDkLSixCd87Y.mft (raw, json)
Hash identifier:          UxyBmPPH/IP3ECrTSVATZ444iGbpJoV4o3ytDLQnlRs=
Subject key identifier:   14:0B:76:E7:57:97:F6:12:AC:0B:B4:50:6E:9C:0E:49:87:5F:FA:F5
Authority key identifier: 32:9B:51:3E:65:70:6F:CA:A5:43:A1:1A:0E:42:D2:8B:10:9D:F3:B6
Certificate issuer:       /CN=329b513e65706fcaa543a11a0e42d28b109df3b6
Certificate serial:       019D992BB1DA49CDF7924C06F1D863725820
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MptRPmVwb8qlQ6EaDkLSixCd87Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/MptRPmVwb8qlQ6EaDkLSixCd87Y.mft
Manifest number:          15CF
Signing time:             Fri 17 Apr 2026 02:01:10 +0000
Manifest this update:     Fri 17 Apr 2026 02:01:10 +0000
Manifest next update:     Sat 18 Apr 2026 02:01:10 +0000
Files and hashes:         1: MptRPmVwb8qlQ6EaDkLSixCd87Y.crl (hash: MPW0+xVFvCLoR7YWE0k82jFxAF3GTzmF5gxT/l03QLA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/MptRPmVwb8qlQ6EaDkLSixCd87Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/MptRPmVwb8qlQ6EaDkLSixCd87Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MptRPmVwb8qlQ6EaDkLSixCd87Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:2b:b1:da:49:cd:f7:92:4c:06:f1:d8:63:72:58:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=329b513e65706fcaa543a11a0e42d28b109df3b6
        Validity
            Not Before: Apr 17 02:01:10 2026 GMT
            Not After : Apr 18 02:01:10 2026 GMT
        Subject: CN=140b76e75797f612ac0bb4506e9c0e49875ffaf5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:52:d0:47:a9:df:a4:fd:60:72:b6:89:42:fe:
                    36:78:9a:53:21:9f:d2:6a:8d:7a:ba:25:93:75:27:
                    57:31:4e:f1:04:3d:e1:27:27:c2:04:46:61:59:a4:
                    62:f9:d0:d6:d9:5f:72:e3:ab:f4:2d:d3:c9:6f:ac:
                    95:26:fe:c8:15:f4:74:88:42:d2:36:85:78:9c:4d:
                    72:92:1d:c8:43:e4:3c:23:dd:81:49:dc:88:f7:1c:
                    23:ff:11:16:92:7e:bb:0e:43:37:9a:32:85:98:f5:
                    70:e4:3c:8f:50:ae:0b:59:b6:f2:c7:cc:fb:65:42:
                    6f:bc:5d:3a:90:b1:ce:3f:23:1f:10:f4:12:f1:01:
                    dc:71:42:b7:24:a1:cc:06:a2:eb:65:02:d5:78:d1:
                    73:5c:5f:2b:e5:dd:fe:27:d4:3c:84:32:ec:86:de:
                    78:c4:1e:e6:0d:8c:d6:68:bc:bb:07:26:12:a1:ba:
                    a4:81:b0:8b:97:96:61:fe:ef:d8:f6:30:c8:76:d7:
                    0c:23:d8:1f:18:5a:8e:d8:f3:55:d9:9c:28:83:69:
                    d2:ce:c6:12:3d:41:af:30:51:99:1f:53:c6:37:c7:
                    97:96:22:c1:e1:4b:90:fe:cc:cb:86:e4:88:84:f7:
                    7f:bd:5c:73:00:a8:58:31:73:29:0d:64:35:6f:5a:
                    fa:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:0B:76:E7:57:97:F6:12:AC:0B:B4:50:6E:9C:0E:49:87:5F:FA:F5
            X509v3 Authority Key Identifier:
                keyid:32:9B:51:3E:65:70:6F:CA:A5:43:A1:1A:0E:42:D2:8B:10:9D:F3:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MptRPmVwb8qlQ6EaDkLSixCd87Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/MptRPmVwb8qlQ6EaDkLSixCd87Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/MptRPmVwb8qlQ6EaDkLSixCd87Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:28:80:55:4a:5d:ed:84:38:53:51:41:8d:eb:23:2d:5d:df:
         b3:0d:29:90:26:3b:6a:8d:4e:0e:23:3d:87:aa:8a:b1:95:c7:
         ee:7e:2e:29:b2:71:9b:81:48:06:ad:eb:a3:85:94:4a:3b:92:
         ed:19:40:43:ab:24:1c:f3:54:a8:d8:47:a6:da:4f:da:10:d0:
         ee:2d:82:00:b7:f4:b4:c3:79:eb:f7:70:36:a4:ec:88:6b:b0:
         95:98:f1:0c:65:f4:df:97:7f:11:52:10:20:e4:61:37:96:76:
         15:43:4b:16:52:72:bc:38:c7:b4:71:d8:d7:23:09:2a:08:4a:
         a4:46:42:2c:1d:f9:ac:b1:6d:bc:5b:8c:3a:21:1b:73:ab:2d:
         f9:c0:99:a5:f1:2a:59:ab:dc:50:d3:85:89:e4:9c:a6:58:1a:
         74:28:f1:e5:58:14:67:f6:59:80:2e:f1:29:f9:f0:b1:ff:9a:
         02:93:4c:0f:52:10:9a:f2:16:24:cb:af:4e:72:01:81:a3:2b:
         29:89:bc:85:81:79:cd:20:82:65:17:6d:cd:cd:eb:93:f6:08:
         8a:e5:6d:a9:97:4b:b4:1c:c1:c3:76:40:e1:87:fd:26:29:91:
         7f:f3:c5:3f:d8:5f:93:7a:50:7b:3e:2f:b6:77:8d:27:45:1d:
         a7:b4:34:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZK7HaSc33kkwG8dhjclggMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyOWI1MTNlNjU3MDZmY2FhNTQzYTExYTBlNDJkMjhiMTA5
ZGYzYjYwHhcNMjYwNDE3MDIwMTEwWhcNMjYwNDE4MDIwMTEwWjAzMTEwLwYDVQQD
EygxNDBiNzZlNzU3OTdmNjEyYWMwYmI0NTA2ZTljMGU0OTg3NWZmYWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVLQR6nfpP1gcraJQv42eJpTIZ/S
ao16uiWTdSdXMU7xBD3hJyfCBEZhWaRi+dDW2V9y46v0LdPJb6yVJv7IFfR0iELS
NoV4nE1ykh3IQ+Q8I92BSdyI9xwj/xEWkn67DkM3mjKFmPVw5DyPUK4LWbbyx8z7
ZUJvvF06kLHOPyMfEPQS8QHccUK3JKHMBqLrZQLVeNFzXF8r5d3+J9Q8hDLsht54
xB7mDYzWaLy7ByYSobqkgbCLl5Zh/u/Y9jDIdtcMI9gfGFqO2PNV2Zwog2nSzsYS
PUGvMFGZH1PGN8eXliLB4UuQ/szLhuSIhPd/vVxzAKhYMXMpDWQ1b1r6UQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBQLdudXl/YSrAu0UG6cDkmHX/r1MB8GA1UdIwQY
MBaAFDKbUT5lcG/KpUOhGg5C0osQnfO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXB0UlBtVndiOHFsUTZFYURrTFNpeENkODdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8wYWRjZDgtOGE0Yi00OTIzLWJmMzYt
ODE0YTYxMWVjYTYwLzEvTXB0UlBtVndiOHFsUTZFYURrTFNpeENkODdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8wYWRjZDgtOGE0Yi00OTIzLWJmMzYtODE0YTYxMWVjYTYw
LzEvTXB0UlBtVndiOHFsUTZFYURrTFNpeENkODdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbCiAVUpd
7YQ4U1FBjesjLV3fsw0pkCY7ao1ODiM9h6qKsZXH7n4uKbJxm4FIBq3ro4WUSjuS
7RlAQ6skHPNUqNhHptpP2hDQ7i2CALf0tMN56/dwNqTsiGuwlZjxDGX035d/EVIQ
IORhN5Z2FUNLFlJyvDjHtHHY1yMJKghKpEZCLB35rLFtvFuMOiEbc6st+cCZpfEq
WavcUNOFieScplgadCjx5VgUZ/ZZgC7xKfnwsf+aApNMD1IQmvIWJMuvTnIBgaMr
KYm8hYF5zSCCZRdtzc3rk/YIiuVtqZdLtBzBw3ZA4Yf9JimRf/PFP9hfk3pQez4v
tneNJ0Udp7Q0Mw==
-----END CERTIFICATE-----