Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft
File:                     97KiPZsF9XV53i8CRJtmYD4-Vzo.mft (raw, json)
Hash identifier:          Nn+ggmo0YyR/WVvqKpqFsEgY/8NIkXoMwr5cLckBgf8=
Subject key identifier:   33:EF:59:EF:9C:51:73:CD:D3:B8:24:C1:2D:39:E3:A2:98:A5:EE:A7
Authority key identifier: F7:B2:A2:3D:9B:05:F5:75:79:DE:2F:02:44:9B:66:60:3E:3E:57:3A
Certificate issuer:       /CN=f7b2a23d9b05f57579de2f02449b66603e3e573a
Certificate serial:       019D9A3EC07FAB0EA848F5E8CA1752BDB4C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft
Manifest number:          1475
Signing time:             Fri 17 Apr 2026 07:01:36 +0000
Manifest this update:     Fri 17 Apr 2026 07:01:36 +0000
Manifest next update:     Sat 18 Apr 2026 07:01:36 +0000
Files and hashes:         1: 97KiPZsF9XV53i8CRJtmYD4-Vzo.crl (hash: l6LYBr7h2Sfq8S5v7FUJTAvKHUe2zdXUts8tQGZN0m8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:3e:c0:7f:ab:0e:a8:48:f5:e8:ca:17:52:bd:b4:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f7b2a23d9b05f57579de2f02449b66603e3e573a
        Validity
            Not Before: Apr 17 07:01:36 2026 GMT
            Not After : Apr 18 07:01:36 2026 GMT
        Subject: CN=33ef59ef9c5173cdd3b824c12d39e3a298a5eea7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:bc:40:96:f2:e1:d2:f4:1e:1a:52:18:71:eb:
                    64:cd:fe:49:67:73:2a:0e:c9:05:6e:0b:09:a3:d3:
                    20:8f:04:f7:c6:b7:4e:15:1a:09:6b:c7:14:e6:be:
                    5c:ca:f5:58:f7:31:c7:53:a6:97:be:b4:31:8a:ce:
                    6b:e7:7d:3c:5a:82:41:70:50:e8:1d:66:72:42:eb:
                    40:0a:d8:f1:fb:6d:b4:3f:d2:b3:ac:39:92:54:c5:
                    43:99:cb:be:9b:4e:46:74:62:c9:d5:50:7e:af:f7:
                    58:83:6c:c2:a7:fd:d8:32:85:ce:d6:5c:a7:82:c4:
                    aa:05:7d:b0:8f:fc:21:26:d7:b0:96:50:27:ed:96:
                    dc:01:48:4e:48:f8:37:5d:8e:c1:53:44:57:18:d5:
                    80:2e:68:60:43:5f:87:fc:78:81:23:94:05:aa:b9:
                    2c:5a:5b:6a:fd:8b:0c:e1:47:54:db:0a:b4:94:02:
                    8f:e3:db:23:dc:8a:f3:b2:84:73:ba:29:1d:66:36:
                    24:ab:35:3b:eb:c6:ae:9f:42:79:c5:06:37:f5:9b:
                    b5:47:df:0f:87:ae:c2:03:d9:54:b4:47:1b:18:c3:
                    e4:a6:cd:96:ea:d4:91:1c:27:bb:52:05:a7:08:4c:
                    63:9a:7a:3f:41:d4:5b:5f:d1:be:e8:91:3d:ce:0f:
                    1c:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:EF:59:EF:9C:51:73:CD:D3:B8:24:C1:2D:39:E3:A2:98:A5:EE:A7
            X509v3 Authority Key Identifier:
                keyid:F7:B2:A2:3D:9B:05:F5:75:79:DE:2F:02:44:9B:66:60:3E:3E:57:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:43:21:c1:e6:b7:51:b2:5d:ae:b4:9a:3a:4c:7e:9b:95:cd:
         d6:18:4f:9e:65:34:33:d0:10:68:7c:ef:77:0b:76:c0:63:e3:
         1c:e0:d1:7b:72:d7:96:7c:42:47:7d:35:30:b6:df:1d:d6:fc:
         9f:cb:57:c3:8d:75:23:9a:de:20:5a:1e:d0:c9:f0:0a:96:9a:
         b3:cd:1f:96:35:11:6e:5e:d1:97:2d:72:3e:74:b3:50:e9:13:
         c0:a6:da:70:bd:ec:74:21:c6:0e:ae:3a:2c:62:e9:cb:d8:80:
         00:f3:ca:a0:5e:c9:3e:b1:08:6f:41:0b:44:ce:b0:0f:56:08:
         1e:0d:dc:30:40:97:88:1f:16:f8:f8:cb:8b:8e:1b:89:74:42:
         1b:73:57:e1:55:47:61:c5:f9:f1:10:c0:6e:9f:fa:61:c9:5a:
         1e:1d:24:3f:4c:06:79:f3:af:d9:7c:58:37:ac:2a:04:89:47:
         1c:1a:7c:a1:00:8c:ff:89:23:1e:e9:00:c5:41:43:02:00:3c:
         f8:50:1f:dd:82:bb:bb:ea:9b:73:e5:38:37:4c:f2:95:a8:1c:
         95:bf:8c:2a:d6:71:1e:70:2e:6d:66:13:b2:91:91:92:ed:af:
         53:8a:a3:12:8b:a7:09:0d:97:b2:dc:86:69:b1:01:b1:77:8f:
         68:4d:1a:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPsB/qw6oSPXoyhdSvbTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YjJhMjNkOWIwNWY1NzU3OWRlMmYwMjQ0OWI2NjYwM2Uz
ZTU3M2EwHhcNMjYwNDE3MDcwMTM2WhcNMjYwNDE4MDcwMTM2WjAzMTEwLwYDVQQD
EygzM2VmNTllZjljNTE3M2NkZDNiODI0YzEyZDM5ZTNhMjk4YTVlZWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbxAlvLh0vQeGlIYcetkzf5JZ3Mq
DskFbgsJo9MgjwT3xrdOFRoJa8cU5r5cyvVY9zHHU6aXvrQxis5r5308WoJBcFDo
HWZyQutACtjx+220P9KzrDmSVMVDmcu+m05GdGLJ1VB+r/dYg2zCp/3YMoXO1lyn
gsSqBX2wj/whJtewllAn7ZbcAUhOSPg3XY7BU0RXGNWALmhgQ1+H/HiBI5QFqrks
Wltq/YsM4UdU2wq0lAKP49sj3IrzsoRzuikdZjYkqzU768aun0J5xQY39Zu1R98P
h67CA9lUtEcbGMPkps2W6tSRHCe7UgWnCExjmno/QdRbX9G+6JE9zg8cpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDPvWe+cUXPN07gkwS0546KYpe6nMB8GA1UdIwQY
MBaAFPeyoj2bBfV1ed4vAkSbZmA+Plc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8wYTFiN2YtZGZkMi00NmY5LTgzMTMt
NWJlNmE3NTlmMzE4LzEvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8wYTFiN2YtZGZkMi00NmY5LTgzMTMtNWJlNmE3NTlmMzE4
LzEvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASEMhwea3
UbJdrrSaOkx+m5XN1hhPnmU0M9AQaHzvdwt2wGPjHODRe3LXlnxCR301MLbfHdb8
n8tXw411I5reIFoe0MnwCpaas80fljURbl7Rly1yPnSzUOkTwKbacL3sdCHGDq46
LGLpy9iAAPPKoF7JPrEIb0ELRM6wD1YIHg3cMECXiB8W+PjLi44biXRCG3NX4VVH
YcX58RDAbp/6YclaHh0kP0wGefOv2XxYN6wqBIlHHBp8oQCM/4kjHukAxUFDAgA8
+FAf3YK7u+qbc+U4N0zylagclb+MKtZxHnAubWYTspGRku2vU4qjEounCQ2XstyG
abEBsXePaE0aIQ==
-----END CERTIFICATE-----