Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.mft
File:                     j39d3CK0NKz6QNZ-5QsEKQxw27M.mft (raw, json)
Hash identifier:          JHvlTbjmSaFRCIGCLNcV1ildrjga5ejeA+Iqf1D9kUA=
Subject key identifier:   A6:55:23:9B:E2:7E:99:FF:D5:85:E6:79:45:C1:C4:72:06:18:20:B6
Authority key identifier: 8F:7F:5D:DC:22:B4:34:AC:FA:40:D6:7E:E5:0B:04:29:0C:70:DB:B3
Certificate issuer:       /CN=8f7f5ddc22b434acfa40d67ee50b04290c70dbb3
Certificate serial:       019D9AE30D83D293D929488AA02BF466864B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j39d3CK0NKz6QNZ-5QsEKQxw27M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.mft
Manifest number:          0A58
Signing time:             Fri 17 Apr 2026 10:01:04 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:04 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:04 +0000
Files and hashes:         1: j39d3CK0NKz6QNZ-5QsEKQxw27M.crl (hash: 1XikR2mS2hkmF3VoQzFpxgRjyOUaQX5NtwzV5GRIETA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j39d3CK0NKz6QNZ-5QsEKQxw27M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:0d:83:d2:93:d9:29:48:8a:a0:2b:f4:66:86:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f7f5ddc22b434acfa40d67ee50b04290c70dbb3
        Validity
            Not Before: Apr 17 10:01:04 2026 GMT
            Not After : Apr 18 10:01:04 2026 GMT
        Subject: CN=a655239be27e99ffd585e67945c1c472061820b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:71:35:47:8c:f6:8f:2d:2b:16:63:85:72:83:
                    de:fe:60:c3:13:dd:cc:51:41:ab:79:71:20:8f:f9:
                    1b:8f:91:42:56:ed:02:e7:81:8e:bd:35:93:0a:ec:
                    b6:5f:fb:01:7e:bc:69:f8:8a:0e:cc:6e:e4:cf:c9:
                    a4:0f:b8:36:90:7f:b3:16:d2:74:8f:da:4a:56:69:
                    de:82:b1:86:19:aa:80:06:db:0c:e3:45:fc:64:08:
                    a9:82:06:e6:51:78:a0:98:6c:cd:3d:3f:aa:fc:a6:
                    6a:25:2d:c2:50:7a:ee:2a:9b:cb:fb:60:64:6e:5f:
                    d1:0c:47:9a:8c:03:e6:fa:bc:d1:0b:43:43:b8:9a:
                    71:2f:7b:3a:ed:90:a1:97:28:62:5a:0d:23:2e:56:
                    a8:61:07:e9:b1:d1:34:d7:50:a1:ad:1e:c1:cd:19:
                    93:d5:15:15:a7:c4:f4:69:56:88:6f:dd:0b:ba:9f:
                    e1:69:3f:13:9e:b0:57:0d:ac:1b:77:86:b9:9a:f3:
                    64:20:5d:46:bb:84:a4:32:e6:9a:00:57:18:fc:b1:
                    2f:02:dd:ef:8e:71:0c:74:a0:d5:ff:fe:0d:b2:35:
                    93:d1:45:6c:07:af:60:67:3c:1a:66:c3:b8:80:bb:
                    49:7d:13:d3:da:f8:94:01:8e:db:65:d8:c5:fa:7a:
                    15:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:55:23:9B:E2:7E:99:FF:D5:85:E6:79:45:C1:C4:72:06:18:20:B6
            X509v3 Authority Key Identifier:
                keyid:8F:7F:5D:DC:22:B4:34:AC:FA:40:D6:7E:E5:0B:04:29:0C:70:DB:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j39d3CK0NKz6QNZ-5QsEKQxw27M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:0d:8e:3a:2b:3c:fc:d3:ea:d4:dd:06:28:c8:41:59:19:2b:
         77:1f:22:eb:2a:19:17:74:a2:9c:b5:c7:a7:97:27:e3:08:cf:
         8e:63:02:99:e7:31:72:3b:5a:27:b7:bc:69:36:8f:1a:c9:23:
         4f:92:52:5e:d9:39:0e:57:0f:f9:4e:0c:72:34:54:00:91:eb:
         d2:98:60:67:34:02:05:7c:b3:9b:d1:20:e2:12:5c:ef:e1:00:
         a3:3b:2c:59:e9:b9:4a:14:85:cf:df:ce:85:6e:4f:3b:59:4f:
         a3:ce:86:40:ad:16:37:a5:ad:55:ef:cb:90:04:19:fb:e2:d0:
         f2:1c:ab:50:73:4e:7b:4a:47:b0:71:a9:90:11:c1:95:9e:e5:
         d6:71:66:93:ec:88:92:35:82:96:b0:92:fb:09:db:68:78:f5:
         f3:21:cf:32:cc:f7:36:23:5d:19:dc:66:95:14:43:89:69:f0:
         b4:5f:9f:3c:b3:36:d4:09:67:3f:59:ac:d0:3f:f8:53:0c:a2:
         bc:1b:2e:94:3b:11:38:7e:ba:6f:7f:c6:95:66:e2:24:4e:6e:
         e4:c4:42:e2:b1:89:8f:14:b6:89:1d:4d:61:46:6b:77:04:60:
         fd:16:91:9b:d2:56:30:5c:56:ce:74:f3:91:74:b0:97:31:ba:
         17:bf:7c:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4w2D0pPZKUiKoCv0ZoZLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmN2Y1ZGRjMjJiNDM0YWNmYTQwZDY3ZWU1MGIwNDI5MGM3
MGRiYjMwHhcNMjYwNDE3MTAwMTA0WhcNMjYwNDE4MTAwMTA0WjAzMTEwLwYDVQQD
EyhhNjU1MjM5YmUyN2U5OWZmZDU4NWU2Nzk0NWMxYzQ3MjA2MTgyMGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9XE1R4z2jy0rFmOFcoPe/mDDE93M
UUGreXEgj/kbj5FCVu0C54GOvTWTCuy2X/sBfrxp+IoOzG7kz8mkD7g2kH+zFtJ0
j9pKVmnegrGGGaqABtsM40X8ZAipggbmUXigmGzNPT+q/KZqJS3CUHruKpvL+2Bk
bl/RDEeajAPm+rzRC0NDuJpxL3s67ZChlyhiWg0jLlaoYQfpsdE011ChrR7BzRmT
1RUVp8T0aVaIb90Lup/haT8TnrBXDawbd4a5mvNkIF1Gu4SkMuaaAFcY/LEvAt3v
jnEMdKDV//4NsjWT0UVsB69gZzwaZsO4gLtJfRPT2viUAY7bZdjF+noVBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKZVI5vifpn/1YXmeUXBxHIGGCC2MB8GA1UdIwQY
MBaAFI9/XdwitDSs+kDWfuULBCkMcNuzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajM5ZDNDSzBOS3o2UU5aLTVRc0VLUXh3MjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82OWZkNjktMmMyNy00ODcwLTljYzkt
MzJkYWM0YjE0MGVkLzEvajM5ZDNDSzBOS3o2UU5aLTVRc0VLUXh3MjdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82OWZkNjktMmMyNy00ODcwLTljYzktMzJkYWM0YjE0MGVk
LzEvajM5ZDNDSzBOS3o2UU5aLTVRc0VLUXh3MjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOg2OOis8
/NPq1N0GKMhBWRkrdx8i6yoZF3SinLXHp5cn4wjPjmMCmecxcjtaJ7e8aTaPGskj
T5JSXtk5DlcP+U4McjRUAJHr0phgZzQCBXyzm9Eg4hJc7+EAozssWem5ShSFz9/O
hW5PO1lPo86GQK0WN6WtVe/LkAQZ++LQ8hyrUHNOe0pHsHGpkBHBlZ7l1nFmk+yI
kjWClrCS+wnbaHj18yHPMsz3NiNdGdxmlRRDiWnwtF+fPLM21AlnP1ms0D/4Uwyi
vBsulDsROH66b3/GlWbiJE5u5MRC4rGJjxS2iR1NYUZrdwRg/RaRm9JWMFxWznTz
kXSwlzG6F798wg==
-----END CERTIFICATE-----