Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft
File:                     RmSgU4XAYmgVApGX6xUGSF09bRw.mft (raw, json)
Hash identifier:          kpHC/46DnAlEO4f0nf3Xws+2OeUej6MaiukuxPREGms=
Subject key identifier:   4F:23:B6:B8:70:08:F3:F1:EB:C7:10:11:40:BA:B5:3F:2A:D8:6F:9D
Authority key identifier: 46:64:A0:53:85:C0:62:68:15:02:91:97:EB:15:06:48:5D:3D:6D:1C
Certificate issuer:       /CN=4664a05385c0626815029197eb1506485d3d6d1c
Certificate serial:       019D9A3EFB7291A65D24BA571AD338CB9425
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RmSgU4XAYmgVApGX6xUGSF09bRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft
Manifest number:          0A17
Signing time:             Fri 17 Apr 2026 07:01:51 +0000
Manifest this update:     Fri 17 Apr 2026 07:01:51 +0000
Manifest next update:     Sat 18 Apr 2026 07:01:51 +0000
Files and hashes:         1: RmSgU4XAYmgVApGX6xUGSF09bRw.crl (hash: SCr0428V6YVhkMokxg1Q6iopUesbxv6C1Zx8oW25c4s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RmSgU4XAYmgVApGX6xUGSF09bRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:3e:fb:72:91:a6:5d:24:ba:57:1a:d3:38:cb:94:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4664a05385c0626815029197eb1506485d3d6d1c
        Validity
            Not Before: Apr 17 07:01:51 2026 GMT
            Not After : Apr 18 07:01:51 2026 GMT
        Subject: CN=4f23b6b87008f3f1ebc7101140bab53f2ad86f9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:5d:1b:2c:ec:9c:89:14:77:05:0d:12:c2:33:
                    cb:63:c9:bf:bf:05:b4:9c:5c:e0:0f:e8:f7:1f:92:
                    d8:bc:57:de:2b:7d:a7:ec:5f:40:43:e5:32:c3:44:
                    8b:5e:44:c0:c3:02:80:11:6d:7a:74:05:0e:9c:c5:
                    6a:04:b7:e1:b9:dc:54:cf:19:9a:05:86:5b:d8:86:
                    7b:41:fc:d1:76:c9:ac:d8:32:e8:3d:d4:5d:a0:d4:
                    82:ae:dd:48:33:56:80:41:0c:d5:3d:ed:36:0c:b3:
                    d0:35:e3:f9:ee:58:5e:88:09:65:75:46:14:40:bc:
                    71:bd:78:90:4d:7a:c9:cb:3f:8e:2c:21:b0:40:3c:
                    a3:61:51:72:02:b7:a9:41:e2:51:2a:72:09:81:f2:
                    82:c8:05:38:00:f4:0b:1a:40:16:3e:e5:2d:2f:19:
                    c0:20:d6:8c:fe:18:e3:14:a1:17:02:07:93:9e:c6:
                    05:e1:cc:ee:6f:69:13:59:23:9b:4c:df:8b:2c:7c:
                    3b:10:a5:1c:91:3f:32:f0:d0:f4:19:a2:f6:5d:2c:
                    7f:6c:11:12:eb:fa:71:80:6b:17:89:a5:56:5d:2a:
                    f6:53:3e:12:f3:c6:c7:9a:f1:9d:03:8e:1f:9d:44:
                    b8:88:89:14:f5:01:eb:e4:64:7f:3e:c8:78:52:20:
                    94:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:23:B6:B8:70:08:F3:F1:EB:C7:10:11:40:BA:B5:3F:2A:D8:6F:9D
            X509v3 Authority Key Identifier:
                keyid:46:64:A0:53:85:C0:62:68:15:02:91:97:EB:15:06:48:5D:3D:6D:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RmSgU4XAYmgVApGX6xUGSF09bRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:ef:7d:b5:fb:12:fa:ff:32:4e:e6:15:d4:1f:ec:ed:76:57:
         f2:98:ae:e8:37:1e:c2:4e:05:06:1b:ff:42:00:d7:6f:66:35:
         13:5c:7e:8e:c4:16:f4:43:96:3b:f2:57:6d:18:1b:49:81:aa:
         17:0f:3d:d8:1e:3a:00:cb:d6:bd:f4:7e:95:a3:d9:4f:59:93:
         e6:4d:7d:76:c0:cf:3a:39:9b:d4:68:a6:de:cd:d4:e4:22:72:
         93:3f:f6:90:cf:48:c4:a7:6f:81:c3:cc:4a:2f:a7:65:5a:04:
         4b:dd:4f:31:5a:27:d2:55:96:4f:e0:86:a3:7c:9f:09:35:82:
         49:f9:27:2b:18:7d:e3:5f:d9:f4:da:50:96:73:57:4e:25:91:
         5c:f9:55:81:8a:69:9d:50:56:0a:4a:23:df:e2:af:0a:9a:20:
         40:18:74:c7:7d:e2:3b:ce:ed:3f:03:16:98:05:a1:d9:56:88:
         26:27:6f:cc:eb:46:14:22:ed:12:69:37:ac:88:62:12:2d:7c:
         bf:bf:1b:71:09:96:00:ac:8d:ee:43:ee:bd:54:5a:77:6d:96:
         3d:44:d7:76:19:59:c1:d3:f3:1d:fb:d7:e6:52:a3:16:44:f7:
         69:ab:1f:2e:32:db:bc:3e:e2:a4:3b:26:cd:97:ec:f8:56:11:
         a9:44:19:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPvtykaZdJLpXGtM4y5QlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NjRhMDUzODVjMDYyNjgxNTAyOTE5N2ViMTUwNjQ4NWQz
ZDZkMWMwHhcNMjYwNDE3MDcwMTUxWhcNMjYwNDE4MDcwMTUxWjAzMTEwLwYDVQQD
Eyg0ZjIzYjZiODcwMDhmM2YxZWJjNzEwMTE0MGJhYjUzZjJhZDg2ZjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw10bLOyciRR3BQ0SwjPLY8m/vwW0
nFzgD+j3H5LYvFfeK32n7F9AQ+Uyw0SLXkTAwwKAEW16dAUOnMVqBLfhudxUzxma
BYZb2IZ7QfzRdsms2DLoPdRdoNSCrt1IM1aAQQzVPe02DLPQNeP57lheiAlldUYU
QLxxvXiQTXrJyz+OLCGwQDyjYVFyArepQeJRKnIJgfKCyAU4APQLGkAWPuUtLxnA
INaM/hjjFKEXAgeTnsYF4czub2kTWSObTN+LLHw7EKUckT8y8ND0GaL2XSx/bBES
6/pxgGsXiaVWXSr2Uz4S88bHmvGdA44fnUS4iIkU9QHr5GR/Psh4UiCURQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE8jtrhwCPPx68cQEUC6tT8q2G+dMB8GA1UdIwQY
MBaAFEZkoFOFwGJoFQKRl+sVBkhdPW0cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm1TZ1U0WEFZbWdWQXBHWDZ4VUdTRjA5YlJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9iZDc2NDYtYWRkOS00ODU5LTlkZTkt
OWM4NDg1NDgzZDU5LzEvUm1TZ1U0WEFZbWdWQXBHWDZ4VUdTRjA5YlJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9iZDc2NDYtYWRkOS00ODU5LTlkZTktOWM4NDg1NDgzZDU5
LzEvUm1TZ1U0WEFZbWdWQXBHWDZ4VUdTRjA5YlJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFe99tfsS
+v8yTuYV1B/s7XZX8piu6Dcewk4FBhv/QgDXb2Y1E1x+jsQW9EOWO/JXbRgbSYGq
Fw892B46AMvWvfR+laPZT1mT5k19dsDPOjmb1Gim3s3U5CJykz/2kM9IxKdvgcPM
Si+nZVoES91PMVon0lWWT+CGo3yfCTWCSfknKxh941/Z9NpQlnNXTiWRXPlVgYpp
nVBWCkoj3+KvCpogQBh0x33iO87tPwMWmAWh2VaIJidvzOtGFCLtEmk3rIhiEi18
v78bcQmWAKyN7kPuvVRad22WPUTXdhlZwdPzHfvX5lKjFkT3aasfLjLbvD7ipDsm
zZfs+FYRqUQZqg==
-----END CERTIFICATE-----