Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
File:                     q6N0OU_hCA1kohnX01pJRi6Omaw.mft (raw, json)
Hash identifier:          T3hsVHfpsEi1YNwjwUsY1et0g14bLbfVZpmrazdwUTY=
Subject key identifier:   20:C6:A0:72:F6:4A:8C:50:1F:11:74:89:19:48:EE:70:A0:32:CB:27
Authority key identifier: AB:A3:74:39:4F:E1:08:0D:64:A2:19:D7:D3:5A:49:46:2E:8E:99:AC
Certificate issuer:       /CN=aba374394fe1080d64a219d7d35a49462e8e99ac
Certificate serial:       019D9998D4743815CE74E4DA8F2F77E74C9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
Manifest number:          09CE
Signing time:             Fri 17 Apr 2026 04:00:23 +0000
Manifest this update:     Fri 17 Apr 2026 04:00:23 +0000
Manifest next update:     Sat 18 Apr 2026 04:00:23 +0000
Files and hashes:         1: q6N0OU_hCA1kohnX01pJRi6Omaw.crl (hash: Hu4o2NnqQu60RWLTbLQ3G4d7AtN7MVmT36DW291vxr8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:98:d4:74:38:15:ce:74:e4:da:8f:2f:77:e7:4c:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aba374394fe1080d64a219d7d35a49462e8e99ac
        Validity
            Not Before: Apr 17 04:00:23 2026 GMT
            Not After : Apr 18 04:00:23 2026 GMT
        Subject: CN=20c6a072f64a8c501f1174891948ee70a032cb27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:bf:44:85:76:d8:68:84:02:08:36:8f:02:43:
                    1a:fe:60:9e:71:1a:fb:fc:2f:c9:d6:b3:52:3a:c2:
                    e3:69:34:74:93:28:93:81:1d:82:f4:4d:a4:7e:b8:
                    5a:2c:80:54:c7:be:c7:cc:6f:93:0f:d6:68:0c:34:
                    f1:b5:89:cd:ae:94:01:ac:3b:6e:c3:d0:6b:bf:80:
                    b6:44:83:1c:b5:44:64:d4:c7:88:45:8d:a7:e9:0e:
                    48:48:f3:12:77:59:3f:55:e5:b9:a0:03:ec:e1:3f:
                    6e:98:4c:70:ee:ad:c4:b0:3d:5d:45:30:9d:38:eb:
                    2a:f2:15:12:bb:2d:eb:1e:77:0d:3d:6d:a2:37:1c:
                    e5:e1:34:0e:c0:4d:ce:55:ea:28:11:f0:44:d8:30:
                    e7:8c:3e:11:c3:44:cf:19:aa:e9:a7:af:98:39:2d:
                    74:50:33:ff:90:54:3a:77:8e:03:7a:8c:49:9e:d5:
                    dd:a0:83:b3:9c:51:8f:5c:4f:00:d5:0f:92:41:8b:
                    30:a1:41:dc:db:29:13:18:7c:54:fe:2a:13:f5:c2:
                    a3:8b:9f:d1:e6:61:91:77:22:36:b7:41:3e:7e:14:
                    92:5d:57:3f:94:19:b3:a3:45:11:5b:ad:12:a4:6e:
                    33:d6:15:69:76:b0:cc:81:60:61:f8:56:c2:da:38:
                    31:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:C6:A0:72:F6:4A:8C:50:1F:11:74:89:19:48:EE:70:A0:32:CB:27
            X509v3 Authority Key Identifier:
                keyid:AB:A3:74:39:4F:E1:08:0D:64:A2:19:D7:D3:5A:49:46:2E:8E:99:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:1b:f9:e2:01:bb:d5:1d:19:96:be:57:88:4a:39:79:5f:61:
         58:52:6b:ea:8c:ad:32:87:db:62:84:a7:8e:49:c1:c8:b1:b5:
         75:2e:32:ba:79:48:c3:8f:19:a3:ed:ab:6e:e2:98:c6:bf:bb:
         34:db:03:d4:a7:d8:a8:8b:1e:b3:55:5a:cf:fd:8c:8d:52:52:
         4b:4c:9b:b7:7f:5b:81:9f:53:93:5a:4e:89:5b:e0:ca:01:05:
         2c:ab:19:49:e2:c1:b0:7e:2d:a4:f0:2e:e3:9c:d6:0d:12:98:
         8d:37:d4:56:94:dc:da:a1:1b:ee:b5:96:d7:50:6c:94:3c:e8:
         e5:93:24:29:d9:58:03:28:71:ac:2b:be:11:2e:c3:65:24:fc:
         87:59:03:b0:92:51:b9:50:b1:6b:26:ec:b2:9e:23:ec:dd:9f:
         11:7f:1b:6e:50:e7:f9:11:61:0d:d1:61:22:58:44:40:ff:e7:
         03:a8:32:e3:30:8c:36:ef:30:a5:16:8a:7a:05:18:1c:56:c0:
         81:7d:80:de:13:3d:f5:49:3e:8a:8d:0f:26:1a:e3:3f:28:a9:
         62:11:4d:a1:03:1a:53:33:8c:f7:5d:ce:7f:1e:fb:a6:d0:66:
         c9:11:e6:87:ca:46:6a:4b:67:fd:9e:16:59:e0:a5:d3:3a:9f:
         36:ef:92:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmNR0OBXOdOTajy9350ycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYTM3NDM5NGZlMTA4MGQ2NGEyMTlkN2QzNWE0OTQ2MmU4
ZTk5YWMwHhcNMjYwNDE3MDQwMDIzWhcNMjYwNDE4MDQwMDIzWjAzMTEwLwYDVQQD
EygyMGM2YTA3MmY2NGE4YzUwMWYxMTc0ODkxOTQ4ZWU3MGEwMzJjYjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr79EhXbYaIQCCDaPAkMa/mCecRr7
/C/J1rNSOsLjaTR0kyiTgR2C9E2kfrhaLIBUx77HzG+TD9ZoDDTxtYnNrpQBrDtu
w9Brv4C2RIMctURk1MeIRY2n6Q5ISPMSd1k/VeW5oAPs4T9umExw7q3EsD1dRTCd
OOsq8hUSuy3rHncNPW2iNxzl4TQOwE3OVeooEfBE2DDnjD4Rw0TPGarpp6+YOS10
UDP/kFQ6d44DeoxJntXdoIOznFGPXE8A1Q+SQYswoUHc2ykTGHxU/ioT9cKji5/R
5mGRdyI2t0E+fhSSXVc/lBmzo0URW60SpG4z1hVpdrDMgWBh+FbC2jgxrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCDGoHL2SoxQHxF0iRlI7nCgMssnMB8GA1UdIwQY
MBaAFKujdDlP4QgNZKIZ19NaSUYujpmsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84MTA0YzAtYmU2Mi00MDE3LTkxY2Yt
MjJjODdkZmY4ZDQxLzEvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84MTA0YzAtYmU2Mi00MDE3LTkxY2YtMjJjODdkZmY4ZDQx
LzEvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjRv54gG7
1R0Zlr5XiEo5eV9hWFJr6oytMofbYoSnjknByLG1dS4yunlIw48Zo+2rbuKYxr+7
NNsD1KfYqIses1Vaz/2MjVJSS0ybt39bgZ9Tk1pOiVvgygEFLKsZSeLBsH4tpPAu
45zWDRKYjTfUVpTc2qEb7rWW11BslDzo5ZMkKdlYAyhxrCu+ES7DZST8h1kDsJJR
uVCxaybssp4j7N2fEX8bblDn+RFhDdFhIlhEQP/nA6gy4zCMNu8wpRaKegUYHFbA
gX2A3hM99Uk+io0PJhrjPyipYhFNoQMaUzOM913Ofx77ptBmyRHmh8pGaktn/Z4W
WeCl0zqfNu+SpQ==
-----END CERTIFICATE-----