Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.mft
File:                     j31CCyNDzZHsI_UImoNC6J1tkWU.mft (raw, json)
Hash identifier:          +O2XzdgF4dNZlJ27m3c6bA8i+A0B7bM3Q7k4De7eeJk=
Subject key identifier:   8D:D6:EF:70:01:F0:85:66:3A:3D:46:11:DF:67:D9:C2:A2:28:72:54
Authority key identifier: 8F:7D:42:0B:23:43:CD:91:EC:23:F5:08:9A:83:42:E8:9D:6D:91:65
Certificate issuer:       /CN=8f7d420b2343cd91ec23f5089a8342e89d6d9165
Certificate serial:       019D98F4BDA8DC4AC6A5A3DAC19E0A85B63A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j31CCyNDzZHsI_UImoNC6J1tkWU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.mft
Manifest number:          1227
Signing time:             Fri 17 Apr 2026 01:01:09 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:09 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:09 +0000
Files and hashes:         1: j31CCyNDzZHsI_UImoNC6J1tkWU.crl (hash: smhAsosSbYou9QgoDex9+N/cC6Hjc7pqZhAc06h7zV0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j31CCyNDzZHsI_UImoNC6J1tkWU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:bd:a8:dc:4a:c6:a5:a3:da:c1:9e:0a:85:b6:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f7d420b2343cd91ec23f5089a8342e89d6d9165
        Validity
            Not Before: Apr 17 01:01:09 2026 GMT
            Not After : Apr 18 01:01:09 2026 GMT
        Subject: CN=8dd6ef7001f085663a3d4611df67d9c2a2287254
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:78:d7:bb:da:e6:81:bd:8a:3b:8b:ee:c5:45:
                    72:5c:a1:68:e8:3b:5c:94:30:cd:51:4b:66:58:71:
                    07:0e:43:2f:6c:88:23:40:9e:ba:d0:0f:f2:00:1f:
                    d1:d1:d0:26:a5:7c:e7:70:8d:aa:af:ef:88:28:ac:
                    9e:5d:a4:df:39:e1:f6:73:5b:40:97:2c:d4:fd:24:
                    96:a1:54:fb:69:c4:5e:47:08:37:88:db:91:75:3a:
                    8e:48:a6:bc:16:c6:72:29:b9:ce:ee:19:06:ff:ad:
                    57:f2:da:3e:ce:76:5a:30:ff:89:65:87:02:f0:09:
                    fc:30:2d:d7:43:28:b3:57:19:0c:37:f5:5a:fd:13:
                    cf:ce:cb:ad:e0:f0:74:77:ef:48:c6:0f:c4:1b:14:
                    ed:ec:0f:61:af:77:15:e4:0c:34:cf:d9:21:c7:3c:
                    d2:97:49:c9:44:83:00:15:0a:7f:63:8c:40:c6:21:
                    9f:5d:87:30:27:7e:ff:7a:1e:03:a4:9f:ac:c7:77:
                    b1:d4:72:8e:94:93:98:d0:6a:ab:a9:5e:43:ed:49:
                    3a:b8:62:1b:65:6c:26:de:ec:aa:81:96:9a:94:ec:
                    69:48:de:00:5d:47:3b:c1:70:35:a9:b2:cd:64:f9:
                    48:3b:91:78:dd:6c:8b:0a:9b:d2:e0:1f:5a:04:23:
                    1c:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:D6:EF:70:01:F0:85:66:3A:3D:46:11:DF:67:D9:C2:A2:28:72:54
            X509v3 Authority Key Identifier:
                keyid:8F:7D:42:0B:23:43:CD:91:EC:23:F5:08:9A:83:42:E8:9D:6D:91:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j31CCyNDzZHsI_UImoNC6J1tkWU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:61:90:8f:41:63:69:66:3e:9c:d9:ff:e4:34:88:4a:38:ed:
         2e:2c:44:31:f9:91:21:c9:1c:32:3c:bd:1b:ac:65:d3:4c:04:
         f3:a2:0f:ff:97:0e:19:71:d0:cd:d6:51:07:c6:94:7a:2e:21:
         f5:8b:7b:a8:67:3a:ae:85:25:c1:91:f3:a5:bd:b6:41:c3:98:
         cf:03:7b:26:7a:fe:05:c2:d3:3e:6d:f2:25:76:a8:d9:a8:3b:
         4c:32:eb:fa:34:08:54:aa:6b:a3:3e:6b:da:4c:a1:1d:9d:fc:
         98:7b:52:6c:df:f0:18:51:1f:40:51:d6:7f:ab:66:48:3a:61:
         21:18:8c:ea:3a:1a:ae:9a:74:8b:c1:33:b7:e6:36:1e:a8:66:
         b2:a4:05:1b:91:cd:bc:e6:50:26:03:fc:bf:76:3e:6e:c7:f5:
         f2:24:4c:dc:5b:24:e7:bd:bb:8d:72:04:d5:b2:f0:ec:ed:19:
         6a:ea:12:8a:f2:29:8e:da:38:15:b4:9c:02:84:cb:07:08:e7:
         e0:bc:21:ca:7d:c8:ac:e8:e1:dc:05:12:eb:bb:78:c1:b7:1c:
         7e:ba:3a:f7:13:6e:d0:5e:44:e2:ea:3d:74:2c:c8:d7:df:84:
         79:3b:aa:60:42:af:29:c8:e9:21:77:59:61:66:b8:19:63:ab:
         4f:1f:30:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9L2o3ErGpaPawZ4KhbY6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmN2Q0MjBiMjM0M2NkOTFlYzIzZjUwODlhODM0MmU4OWQ2
ZDkxNjUwHhcNMjYwNDE3MDEwMTA5WhcNMjYwNDE4MDEwMTA5WjAzMTEwLwYDVQQD
Eyg4ZGQ2ZWY3MDAxZjA4NTY2M2EzZDQ2MTFkZjY3ZDljMmEyMjg3MjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5XjXu9rmgb2KO4vuxUVyXKFo6Dtc
lDDNUUtmWHEHDkMvbIgjQJ660A/yAB/R0dAmpXzncI2qr++IKKyeXaTfOeH2c1tA
lyzU/SSWoVT7acReRwg3iNuRdTqOSKa8FsZyKbnO7hkG/61X8to+znZaMP+JZYcC
8An8MC3XQyizVxkMN/Va/RPPzsut4PB0d+9Ixg/EGxTt7A9hr3cV5Aw0z9khxzzS
l0nJRIMAFQp/Y4xAxiGfXYcwJ37/eh4DpJ+sx3ex1HKOlJOY0GqrqV5D7Uk6uGIb
ZWwm3uyqgZaalOxpSN4AXUc7wXA1qbLNZPlIO5F43WyLCpvS4B9aBCMcVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI3W73AB8IVmOj1GEd9n2cKiKHJUMB8GA1UdIwQY
MBaAFI99QgsjQ82R7CP1CJqDQuidbZFlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajMxQ0N5TkR6WkhzSV9VSW1vTkM2SjF0a1dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kMTc2NjUtNjhiNC00OTZiLTlkOWEt
YzVlMTcyMmEwYzY4LzEvajMxQ0N5TkR6WkhzSV9VSW1vTkM2SjF0a1dVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kMTc2NjUtNjhiNC00OTZiLTlkOWEtYzVlMTcyMmEwYzY4
LzEvajMxQ0N5TkR6WkhzSV9VSW1vTkM2SjF0a1dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALGGQj0Fj
aWY+nNn/5DSISjjtLixEMfmRIckcMjy9G6xl00wE86IP/5cOGXHQzdZRB8aUei4h
9Yt7qGc6roUlwZHzpb22QcOYzwN7Jnr+BcLTPm3yJXao2ag7TDLr+jQIVKproz5r
2kyhHZ38mHtSbN/wGFEfQFHWf6tmSDphIRiM6joarpp0i8Ezt+Y2HqhmsqQFG5HN
vOZQJgP8v3Y+bsf18iRM3Fsk5727jXIE1bLw7O0ZauoSivIpjto4FbScAoTLBwjn
4Lwhyn3IrOjh3AUS67t4wbccfro69xNu0F5E4uo9dCzI19+EeTuqYEKvKcjpIXdZ
YWa4GWOrTx8wKA==
-----END CERTIFICATE-----