Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
File:                     249r9UNKqjLT5fETsAxbsUAvZ_Y.mft (raw, json)
Hash identifier:          winMni3ljXpAImGASjkaQPLfONAzea/RDYluMRURSzM=
Subject key identifier:   0C:D4:9C:C1:10:0F:6B:3F:ED:A5:64:41:C3:81:80:E0:BE:8D:89:2B
Authority key identifier: DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6
Certificate issuer:       /CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6
Certificate serial:       019D984FF24EBA4400CF5E286B9BE35F2244
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
Manifest number:          09B5
Signing time:             Thu 16 Apr 2026 22:01:09 +0000
Manifest this update:     Thu 16 Apr 2026 22:01:09 +0000
Manifest next update:     Fri 17 Apr 2026 22:01:09 +0000
Files and hashes:         1: 249r9UNKqjLT5fETsAxbsUAvZ_Y.crl (hash: Hqtu3uA2Gqx32lYxA0lHVuTybgat0RLMKUzLMu9S3tA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:4f:f2:4e:ba:44:00:cf:5e:28:6b:9b:e3:5f:22:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6
        Validity
            Not Before: Apr 16 22:01:09 2026 GMT
            Not After : Apr 17 22:01:09 2026 GMT
        Subject: CN=0cd49cc1100f6b3feda56441c38180e0be8d892b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:dd:fc:eb:fb:58:d0:5f:5c:e9:29:b2:01:61:
                    6e:38:13:7e:2d:76:3a:60:83:fd:14:3e:87:2b:db:
                    ec:c4:c9:d8:2d:86:ef:66:c8:cb:d1:56:bf:63:a4:
                    57:32:ce:51:85:d2:4c:80:51:84:64:ea:e4:77:de:
                    97:5e:77:ff:57:8b:30:d3:cc:d5:1a:cb:1d:ee:5a:
                    7d:9b:14:e7:07:54:fd:a3:79:97:1a:62:7d:1c:9c:
                    70:74:7a:6c:f9:7e:1c:7e:1f:c4:f2:56:62:d6:c2:
                    0e:0f:a7:58:f9:3b:d1:e2:19:4c:27:a2:f6:78:18:
                    6b:24:1d:c9:18:37:53:95:0d:49:f1:49:11:06:53:
                    c0:c6:c6:c6:af:75:5b:e0:96:03:ee:37:38:ec:f9:
                    25:c6:d8:4a:50:c3:69:c6:79:35:f3:11:a0:13:0f:
                    a6:01:ca:e0:27:f6:c4:76:28:b2:36:98:ca:56:95:
                    53:af:0c:0e:d2:96:68:9f:7c:c2:bd:6b:a0:45:b6:
                    89:78:3a:0a:b5:96:c2:6e:7b:39:70:33:86:bc:9e:
                    81:6a:1f:16:50:00:a0:53:29:47:40:5e:2d:a5:a0:
                    10:25:0f:56:60:2e:c6:7c:68:f9:32:ff:95:bb:74:
                    a4:47:81:16:64:e7:fc:33:76:b2:6d:93:3e:2d:26:
                    1b:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:D4:9C:C1:10:0F:6B:3F:ED:A5:64:41:C3:81:80:E0:BE:8D:89:2B
            X509v3 Authority Key Identifier:
                keyid:DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:e7:2f:e4:24:7c:90:d2:93:cd:60:d8:7e:ff:d2:76:d8:3a:
         a4:4f:3b:6b:a6:4d:88:7a:41:94:7e:85:67:60:63:a9:cd:7b:
         08:c9:64:c0:57:4e:af:ff:79:76:c3:5b:28:1e:3b:57:6a:d3:
         00:e2:26:92:87:b4:e9:fe:de:18:60:94:c1:b8:2f:47:4e:82:
         c0:40:a4:42:c3:da:38:73:54:eb:e5:65:a5:a9:4f:4d:2a:c8:
         7c:cd:ff:e1:1e:20:92:86:11:00:1f:de:1e:bb:38:bb:d8:8c:
         27:a6:bb:09:c3:31:43:d1:1d:3f:93:5f:6c:c5:6a:e6:7c:66:
         9b:c6:64:12:df:5e:2c:8d:93:98:1d:cf:06:bb:85:44:62:ed:
         14:1c:92:ad:64:6e:03:f3:e5:a8:91:bb:ed:81:4f:34:79:da:
         97:93:35:b4:89:a0:cc:e1:ea:cb:f8:5b:5f:6f:e4:3f:fa:6b:
         a6:ab:34:3e:bc:f1:9b:15:11:ee:60:a6:cd:97:89:ab:4e:a4:
         38:79:a0:9a:1f:25:87:61:85:29:43:46:7d:e8:e0:5b:8d:57:
         b0:44:2c:dc:ec:d7:43:60:e2:96:77:24:0a:3e:2b:7f:7d:64:
         65:9d:12:82:bf:1f:29:80:dd:0d:09:1d:9a:f4:bf:9a:1e:3b:
         5b:03:a5:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YT/JOukQAz14oa5vjXyJEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOGY2YmY1NDM0YWFhMzJkM2U1ZjExM2IwMGM1YmIxNDAy
ZjY3ZjYwHhcNMjYwNDE2MjIwMTA5WhcNMjYwNDE3MjIwMTA5WjAzMTEwLwYDVQQD
EygwY2Q0OWNjMTEwMGY2YjNmZWRhNTY0NDFjMzgxODBlMGJlOGQ4OTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAid386/tY0F9c6SmyAWFuOBN+LXY6
YIP9FD6HK9vsxMnYLYbvZsjL0Va/Y6RXMs5RhdJMgFGEZOrkd96XXnf/V4sw08zV
Gssd7lp9mxTnB1T9o3mXGmJ9HJxwdHps+X4cfh/E8lZi1sIOD6dY+TvR4hlMJ6L2
eBhrJB3JGDdTlQ1J8UkRBlPAxsbGr3Vb4JYD7jc47PklxthKUMNpxnk18xGgEw+m
AcrgJ/bEdiiyNpjKVpVTrwwO0pZon3zCvWugRbaJeDoKtZbCbns5cDOGvJ6Bah8W
UACgUylHQF4tpaAQJQ9WYC7GfGj5Mv+Vu3SkR4EWZOf8M3aybZM+LSYbbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAzUnMEQD2s/7aVkQcOBgOC+jYkrMB8GA1UdIwQY
MBaAFNuPa/VDSqoy0+XxE7AMW7FAL2f2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEt
ZDk3OTY3OTRjNjFjLzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEtZDk3OTY3OTRjNjFj
LzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArOcv5CR8
kNKTzWDYfv/Sdtg6pE87a6ZNiHpBlH6FZ2Bjqc17CMlkwFdOr/95dsNbKB47V2rT
AOImkoe06f7eGGCUwbgvR06CwECkQsPaOHNU6+VlpalPTSrIfM3/4R4gkoYRAB/e
Hrs4u9iMJ6a7CcMxQ9EdP5NfbMVq5nxmm8ZkEt9eLI2TmB3PBruFRGLtFBySrWRu
A/PlqJG77YFPNHnal5M1tImgzOHqy/hbX2/kP/prpqs0PrzxmxUR7mCmzZeJq06k
OHmgmh8lh2GFKUNGfejgW41XsEQs3OzXQ2DilnckCj4rf31kZZ0Sgr8fKYDdDQkd
mvS/mh47WwOl5g==
-----END CERTIFICATE-----