Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
File:                     IKo_sAxQTBoJEqNJWo49uvPZako.mft (raw, json)
Hash identifier:          Yy+8pW7WU4XK49RVNG/xsW7GD93/RmnqhhvUy/SJnmg=
Subject key identifier:   01:CD:9A:1F:E1:74:F5:E4:82:9D:1F:60:AB:CA:55:A8:C7:3E:26:FC
Authority key identifier: 20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A
Certificate issuer:       /CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
Certificate serial:       019D9AE2923638E94FA3ED80C7F3A718B9D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
Manifest number:          08E6
Signing time:             Fri 17 Apr 2026 10:00:32 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:32 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:32 +0000
Files and hashes:         1: IKo_sAxQTBoJEqNJWo49uvPZako.crl (hash: ut6dtGnfdrwCkD6FsRZE3AIFvq7w+UK70Wd5Iv/TDRw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:92:36:38:e9:4f:a3:ed:80:c7:f3:a7:18:b9:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
        Validity
            Not Before: Apr 17 10:00:32 2026 GMT
            Not After : Apr 18 10:00:32 2026 GMT
        Subject: CN=01cd9a1fe174f5e4829d1f60abca55a8c73e26fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:5e:95:bc:1d:fc:e1:8c:22:c8:d7:bf:3e:88:
                    ba:24:9e:33:4b:ab:93:2a:77:cf:2d:27:bf:84:c4:
                    d8:66:07:b4:ed:80:c1:7c:3e:37:7d:24:45:0c:5e:
                    26:f6:33:37:f3:d1:76:f5:17:7b:b0:32:81:0d:14:
                    ad:5a:c4:c2:6b:c1:60:a5:bc:fe:30:80:21:a6:bd:
                    7c:8b:49:5d:9d:d1:02:ce:88:7f:98:bb:fe:2b:c4:
                    4d:50:8d:5b:98:92:47:82:22:73:a7:a9:67:d2:43:
                    02:34:ec:9a:74:d7:3d:da:75:e9:ef:8a:93:b2:52:
                    05:7e:2e:fb:7e:38:05:5c:f7:e5:97:1a:d3:1a:84:
                    ed:bd:f6:99:e7:49:a1:05:df:79:25:f0:e0:d1:f6:
                    4f:58:90:8f:bd:30:af:86:88:5b:4d:e9:38:c8:f5:
                    f1:3e:60:3c:52:5e:2f:6e:7f:c3:a5:c4:54:2b:d1:
                    ed:08:5d:5f:77:c2:7b:35:c7:3a:4b:5e:4d:b6:f1:
                    23:5c:75:3b:b8:55:24:05:8a:fb:1f:0a:06:3f:e6:
                    3d:1f:89:d3:c3:6c:1c:f3:84:7b:78:02:b6:ca:af:
                    19:19:28:58:d1:bc:1d:7d:ea:1b:84:e1:28:15:fa:
                    83:2f:55:9c:13:6c:58:a7:51:32:80:18:1c:c4:10:
                    f8:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:CD:9A:1F:E1:74:F5:E4:82:9D:1F:60:AB:CA:55:A8:C7:3E:26:FC
            X509v3 Authority Key Identifier:
                keyid:20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:10:59:67:9c:67:4a:29:33:be:21:f4:02:38:01:37:7b:9b:
         a3:74:de:53:fd:d6:75:1c:7a:2c:a4:60:21:89:08:17:51:0c:
         65:8f:9c:91:19:5c:b5:ee:0d:93:2f:fe:09:54:13:83:7e:9d:
         39:90:a1:01:53:16:ca:3e:98:4e:20:f8:17:51:43:07:53:da:
         1c:4d:2e:56:43:cc:05:28:f2:9e:04:87:ac:e8:26:90:0d:fd:
         7b:56:ef:5c:d8:3f:5e:53:b2:f3:53:d2:20:d2:c5:15:d8:6f:
         63:2b:e9:ff:30:2a:15:fe:80:0a:6f:2e:3f:2b:ba:32:f4:ad:
         e2:d9:2e:f5:4c:ac:b4:80:d4:2c:7d:40:ae:2e:ec:b5:2c:ca:
         46:81:75:ea:32:64:d5:e0:99:cc:aa:30:65:95:11:ee:58:b8:
         a6:53:88:4a:96:a8:78:e6:73:3b:66:ed:25:9d:1d:45:06:5b:
         19:53:d4:e9:99:b8:81:b3:86:fe:70:8c:5b:ec:20:e9:01:75:
         50:e1:75:ec:12:37:a5:25:16:ae:46:f0:5a:7d:2b:af:d5:6c:
         c8:86:29:85:24:08:15:58:95:09:c5:f3:ec:89:a8:8f:2d:37:
         65:ce:de:6b:9a:7e:3c:d6:83:57:45:ee:7c:68:6f:10:57:b6:
         0e:d6:ce:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4pI2OOlPo+2Ax/OnGLnTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYWEzZmIwMGM1MDRjMWEwOTEyYTM0OTVhOGUzZGJhZjNk
OTZhNGEwHhcNMjYwNDE3MTAwMDMyWhcNMjYwNDE4MTAwMDMyWjAzMTEwLwYDVQQD
EygwMWNkOWExZmUxNzRmNWU0ODI5ZDFmNjBhYmNhNTVhOGM3M2UyNmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn16VvB384YwiyNe/Poi6JJ4zS6uT
KnfPLSe/hMTYZge07YDBfD43fSRFDF4m9jM389F29Rd7sDKBDRStWsTCa8Fgpbz+
MIAhpr18i0ldndECzoh/mLv+K8RNUI1bmJJHgiJzp6ln0kMCNOyadNc92nXp74qT
slIFfi77fjgFXPfllxrTGoTtvfaZ50mhBd95JfDg0fZPWJCPvTCvhohbTek4yPXx
PmA8Ul4vbn/DpcRUK9HtCF1fd8J7Ncc6S15NtvEjXHU7uFUkBYr7HwoGP+Y9H4nT
w2wc84R7eAK2yq8ZGShY0bwdfeobhOEoFfqDL1WcE2xYp1EygBgcxBD45QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAHNmh/hdPXkgp0fYKvKVajHPib8MB8GA1UdIwQY
MBaAFCCqP7AMUEwaCRKjSVqOPbrz2WpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgt
ZDc0YTRkNGY1MmI0LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgtZDc0YTRkNGY1MmI0
LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAURBZZ5xn
SikzviH0AjgBN3ubo3TeU/3WdRx6LKRgIYkIF1EMZY+ckRlcte4Nky/+CVQTg36d
OZChAVMWyj6YTiD4F1FDB1PaHE0uVkPMBSjyngSHrOgmkA39e1bvXNg/XlOy81PS
INLFFdhvYyvp/zAqFf6ACm8uPyu6MvSt4tku9UystIDULH1Ari7stSzKRoF16jJk
1eCZzKowZZUR7li4plOISpaoeOZzO2btJZ0dRQZbGVPU6Zm4gbOG/nCMW+wg6QF1
UOF17BI3pSUWrkbwWn0rr9VsyIYphSQIFViVCcXz7Imojy03Zc7ea5p+PNaDV0Xu
fGhvEFe2DtbOsg==
-----END CERTIFICATE-----