Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/0893d0-d1a1-4276-a5b7-ee2bcf186f24/1/rkIjS6xhcScD45im1b8EjFyfQDI.mft
File:                     rkIjS6xhcScD45im1b8EjFyfQDI.mft (raw, json)
Hash identifier:          fFQ6UkpKh7bEacPATm7ktA39gllPfavnasDnrY6Pf1g=
Subject key identifier:   9D:E0:1B:46:80:82:2F:C9:96:3B:5F:C7:F1:04:FC:01:9C:98:8F:ED
Authority key identifier: AE:42:23:4B:AC:61:71:27:03:E3:98:A6:D5:BF:04:8C:5C:9F:40:32
Certificate issuer:       /CN=ae42234bac61712703e398a6d5bf048c5c9f4032
Certificate serial:       019D99CFE0D93C26A983845FB5562AA886F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rkIjS6xhcScD45im1b8EjFyfQDI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/0893d0-d1a1-4276-a5b7-ee2bcf186f24/1/rkIjS6xhcScD45im1b8EjFyfQDI.mft
Manifest number:          09F3
Signing time:             Fri 17 Apr 2026 05:00:30 +0000
Manifest this update:     Fri 17 Apr 2026 05:00:30 +0000
Manifest next update:     Sat 18 Apr 2026 05:00:30 +0000
Files and hashes:         1: rkIjS6xhcScD45im1b8EjFyfQDI.crl (hash: KW6lCG2AGH7Q+kUc5tGK/PzJM7AabJmQdsaUb5wn3pE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/0893d0-d1a1-4276-a5b7-ee2bcf186f24/1/rkIjS6xhcScD45im1b8EjFyfQDI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/0893d0-d1a1-4276-a5b7-ee2bcf186f24/1/rkIjS6xhcScD45im1b8EjFyfQDI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rkIjS6xhcScD45im1b8EjFyfQDI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:cf:e0:d9:3c:26:a9:83:84:5f:b5:56:2a:a8:86:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae42234bac61712703e398a6d5bf048c5c9f4032
        Validity
            Not Before: Apr 17 05:00:30 2026 GMT
            Not After : Apr 18 05:00:30 2026 GMT
        Subject: CN=9de01b4680822fc9963b5fc7f104fc019c988fed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:d6:2b:a2:d8:a9:7c:f9:2d:86:e4:ac:2e:09:
                    3f:54:9b:62:09:c2:da:56:b0:80:b3:79:0b:eb:04:
                    14:0b:9c:6c:ff:57:97:1c:c1:25:cc:c3:e5:c3:3f:
                    a5:ee:6c:b0:ac:fc:00:24:fc:57:21:60:15:e9:68:
                    6e:c8:3b:f7:71:9d:4c:68:10:8d:17:91:41:b5:b6:
                    62:c8:fc:19:19:31:5f:96:a4:8f:ec:aa:74:90:a2:
                    09:88:58:3a:8f:6f:15:30:db:f3:32:38:e8:60:8a:
                    d5:a3:ff:3a:01:21:ec:b0:ff:bb:d9:33:bb:6a:e6:
                    3e:4c:c6:52:99:8e:ab:c3:84:39:0e:1d:e1:78:e2:
                    35:02:8d:f7:5f:0a:c7:01:d7:fa:10:6d:3a:0d:1d:
                    92:dd:3e:04:4b:17:be:b9:1f:75:a1:65:78:54:67:
                    e5:45:c2:db:45:b3:f2:cf:6c:ba:f0:3c:60:9f:4b:
                    7a:b1:92:db:15:c9:fb:7d:29:18:ea:b9:4e:ab:78:
                    62:32:b2:5a:5a:2d:18:1b:bd:aa:0a:92:8a:a2:41:
                    11:f7:d2:f0:2b:2a:c5:eb:b8:84:4b:fe:c0:20:b3:
                    c4:e2:58:0c:a9:6d:d0:ae:cd:f0:eb:c9:8c:f6:cf:
                    1e:74:e5:f1:a9:93:08:0b:a7:a0:42:86:73:6e:35:
                    d2:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:E0:1B:46:80:82:2F:C9:96:3B:5F:C7:F1:04:FC:01:9C:98:8F:ED
            X509v3 Authority Key Identifier:
                keyid:AE:42:23:4B:AC:61:71:27:03:E3:98:A6:D5:BF:04:8C:5C:9F:40:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rkIjS6xhcScD45im1b8EjFyfQDI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/0893d0-d1a1-4276-a5b7-ee2bcf186f24/1/rkIjS6xhcScD45im1b8EjFyfQDI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/0893d0-d1a1-4276-a5b7-ee2bcf186f24/1/rkIjS6xhcScD45im1b8EjFyfQDI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:11:15:b6:fb:cb:11:75:0e:bf:4c:f7:15:5f:c5:60:1c:12:
         dc:f0:05:66:1c:1d:d9:54:73:51:53:86:31:73:b2:08:e3:c4:
         1e:47:b7:84:7d:4d:6a:16:a0:95:40:f5:ec:83:96:96:bf:f4:
         34:75:27:20:9e:d9:88:24:a6:44:9b:54:2d:87:7f:f5:44:7b:
         88:fe:1d:ab:64:ae:62:12:ee:40:bf:17:15:23:c4:88:17:8d:
         d6:d6:4c:0f:77:17:e9:86:6d:48:9a:65:1b:1f:2a:cb:9e:f2:
         97:35:79:20:b4:da:68:ce:5e:ce:cc:96:37:74:64:dd:41:7c:
         2e:8a:c8:fe:b4:81:68:c0:41:05:f5:aa:ba:83:69:76:ad:13:
         4b:c0:0c:d1:de:2d:9b:bc:20:80:65:2d:64:e1:31:2e:71:34:
         2c:d4:25:06:dc:c2:5c:68:7c:53:44:c7:75:42:a8:71:6d:24:
         3b:40:da:1b:1d:29:20:aa:f4:30:43:7c:6e:93:03:68:b6:e8:
         37:de:b8:0e:0a:cf:1b:4f:43:5e:11:39:31:fd:d8:ab:74:d5:
         6c:57:f0:ce:28:5f:04:0b:be:cd:11:66:8c:92:c5:09:af:6d:
         98:0a:85:20:7f:47:d5:25:9d:4b:9e:4d:a6:b0:38:08:31:ca:
         16:d5:b2:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Zz+DZPCapg4RftVYqqIb3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNDIyMzRiYWM2MTcxMjcwM2UzOThhNmQ1YmYwNDhjNWM5
ZjQwMzIwHhcNMjYwNDE3MDUwMDMwWhcNMjYwNDE4MDUwMDMwWjAzMTEwLwYDVQQD
Eyg5ZGUwMWI0NjgwODIyZmM5OTYzYjVmYzdmMTA0ZmMwMTljOTg4ZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutYrotipfPkthuSsLgk/VJtiCcLa
VrCAs3kL6wQUC5xs/1eXHMElzMPlwz+l7mywrPwAJPxXIWAV6WhuyDv3cZ1MaBCN
F5FBtbZiyPwZGTFflqSP7Kp0kKIJiFg6j28VMNvzMjjoYIrVo/86ASHssP+72TO7
auY+TMZSmY6rw4Q5Dh3heOI1Ao33XwrHAdf6EG06DR2S3T4ESxe+uR91oWV4VGfl
RcLbRbPyz2y68Dxgn0t6sZLbFcn7fSkY6rlOq3hiMrJaWi0YG72qCpKKokER99Lw
KyrF67iES/7AILPE4lgMqW3Qrs3w68mM9s8edOXxqZMIC6egQoZzbjXSxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ3gG0aAgi/Jljtfx/EE/AGcmI/tMB8GA1UdIwQY
MBaAFK5CI0usYXEnA+OYptW/BIxcn0AyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmtJalM2eGhjU2NENDVpbTFiOEVqRnlmUURJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8wODkzZDAtZDFhMS00Mjc2LWE1Yjct
ZWUyYmNmMTg2ZjI0LzEvcmtJalM2eGhjU2NENDVpbTFiOEVqRnlmUURJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8wODkzZDAtZDFhMS00Mjc2LWE1YjctZWUyYmNmMTg2ZjI0
LzEvcmtJalM2eGhjU2NENDVpbTFiOEVqRnlmUURJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHREVtvvL
EXUOv0z3FV/FYBwS3PAFZhwd2VRzUVOGMXOyCOPEHke3hH1NahaglUD17IOWlr/0
NHUnIJ7ZiCSmRJtULYd/9UR7iP4dq2SuYhLuQL8XFSPEiBeN1tZMD3cX6YZtSJpl
Gx8qy57ylzV5ILTaaM5ezsyWN3Rk3UF8LorI/rSBaMBBBfWquoNpdq0TS8AM0d4t
m7wggGUtZOExLnE0LNQlBtzCXGh8U0THdUKocW0kO0DaGx0pIKr0MEN8bpMDaLbo
N964DgrPG09DXhE5Mf3Yq3TVbFfwzihfBAu+zRFmjJLFCa9tmAqFIH9H1SWdS55N
prA4CDHKFtWySg==
-----END CERTIFICATE-----