Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
File:                     RZzMG7ARYGhoBts1qTNRshs-YNw.mft (raw, json)
Hash identifier:          Yo9m84Y5Q5gnI9esuxc+a1QXPBOdys1sdZAz3n31cFI=
Subject key identifier:   88:0D:8E:E7:3C:0A:2A:CF:EB:96:5E:E8:83:93:DA:6C:6B:37:BB:1B
Authority key identifier: 45:9C:CC:1B:B0:11:60:68:68:06:DB:35:A9:33:51:B2:1B:3E:60:DC
Certificate issuer:       /CN=459ccc1bb01160686806db35a93351b21b3e60dc
Certificate serial:       019D9A3DE9072F10956B3BB0055CB9FEB81E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
Manifest number:          1637
Signing time:             Fri 17 Apr 2026 07:00:41 +0000
Manifest this update:     Fri 17 Apr 2026 07:00:41 +0000
Manifest next update:     Sat 18 Apr 2026 07:00:41 +0000
Files and hashes:         1: RZzMG7ARYGhoBts1qTNRshs-YNw.crl (hash: el8TrBv10y7PpOUUNbud82RJPBBoHQa6D3NDNSx2I5o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:3d:e9:07:2f:10:95:6b:3b:b0:05:5c:b9:fe:b8:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=459ccc1bb01160686806db35a93351b21b3e60dc
        Validity
            Not Before: Apr 17 07:00:41 2026 GMT
            Not After : Apr 18 07:00:41 2026 GMT
        Subject: CN=880d8ee73c0a2acfeb965ee88393da6c6b37bb1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:02:0f:d7:78:ed:a7:96:68:e2:7d:8b:ed:69:
                    c0:24:d1:0e:39:4a:42:96:ad:58:90:a4:33:aa:84:
                    b7:f1:a5:12:65:f1:56:f7:3c:65:91:6c:04:06:b4:
                    31:83:fe:cd:e2:d3:c7:eb:39:b9:7f:d5:36:9c:44:
                    70:01:08:01:57:38:01:ad:4b:aa:4a:e5:2f:34:a1:
                    58:d0:84:9f:83:06:94:df:c2:55:e0:47:a0:ff:34:
                    31:c9:b4:d2:c6:92:76:34:48:e2:fb:7f:ac:66:80:
                    00:21:80:ab:60:92:6f:0d:dc:e7:a2:9b:1e:1d:6b:
                    5a:7d:11:60:58:84:c6:0c:e9:55:ec:ef:73:d6:e6:
                    f7:df:c9:fa:9b:9a:35:ae:13:46:af:2a:5b:3f:ac:
                    f1:f6:8a:bb:b6:70:c5:e7:1b:dc:17:ce:8b:b1:fe:
                    88:4d:8a:4a:24:45:12:09:53:a6:6a:69:a0:92:8b:
                    0d:05:78:2a:d4:aa:f3:2f:ee:6a:dd:57:30:b9:f2:
                    b4:75:8e:83:8b:60:ee:82:96:6f:47:ae:58:2d:38:
                    98:58:f8:60:46:bc:ba:dd:e9:9f:3d:22:d6:2c:24:
                    76:aa:7b:38:64:1d:e1:ab:ec:6a:3b:2a:9e:48:68:
                    1c:0a:1b:e5:2e:0c:0e:c7:50:0a:51:4b:2f:86:a3:
                    4d:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:0D:8E:E7:3C:0A:2A:CF:EB:96:5E:E8:83:93:DA:6C:6B:37:BB:1B
            X509v3 Authority Key Identifier:
                keyid:45:9C:CC:1B:B0:11:60:68:68:06:DB:35:A9:33:51:B2:1B:3E:60:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:7f:d4:a9:0f:d1:95:32:11:fa:fe:5a:55:c6:fd:e5:08:76:
         49:5b:e7:5d:b0:54:87:96:bd:68:89:be:6d:3d:a7:51:2c:d3:
         d9:25:04:79:9a:99:ba:bc:86:c1:dc:be:a0:42:49:11:ff:f8:
         35:ea:b6:97:61:3a:c7:50:88:7a:8a:64:32:00:33:04:45:3b:
         c5:0c:e9:5d:43:a5:b0:a3:93:f9:2a:d7:85:f4:8e:7c:14:59:
         0d:84:d0:e1:f8:42:94:c3:82:da:0a:2b:62:4d:d3:b1:67:e8:
         fb:7f:fa:29:4f:c5:fd:52:39:c3:e6:82:42:65:36:56:fb:98:
         ea:c3:06:ed:7e:a6:dc:2f:ff:6f:ea:f0:b6:57:c8:5a:77:7a:
         e0:a6:09:ed:f5:51:4a:dc:91:53:fc:7a:0a:70:c7:c0:b1:08:
         cc:9c:3e:f4:f8:30:b9:ca:8c:aa:01:95:09:c5:c1:e5:c5:c8:
         d3:51:d9:8d:db:2a:38:c0:89:7f:d9:bf:87:75:dc:6a:42:71:
         8a:5d:ef:fc:bd:d0:23:be:a1:82:db:57:ab:9e:f8:fa:8a:7d:
         23:f8:f1:34:41:0c:ae:93:19:a5:32:40:3b:dd:46:b5:e5:b2:
         fe:1e:c3:e8:3f:34:17:6f:e4:09:b0:c9:0d:5c:3e:91:69:fa:
         5c:e9:ec:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPekHLxCVazuwBVy5/rgeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OWNjYzFiYjAxMTYwNjg2ODA2ZGIzNWE5MzM1MWIyMWIz
ZTYwZGMwHhcNMjYwNDE3MDcwMDQxWhcNMjYwNDE4MDcwMDQxWjAzMTEwLwYDVQQD
Eyg4ODBkOGVlNzNjMGEyYWNmZWI5NjVlZTg4MzkzZGE2YzZiMzdiYjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QIP13jtp5Zo4n2L7WnAJNEOOUpC
lq1YkKQzqoS38aUSZfFW9zxlkWwEBrQxg/7N4tPH6zm5f9U2nERwAQgBVzgBrUuq
SuUvNKFY0ISfgwaU38JV4Eeg/zQxybTSxpJ2NEji+3+sZoAAIYCrYJJvDdznopse
HWtafRFgWITGDOlV7O9z1ub338n6m5o1rhNGrypbP6zx9oq7tnDF5xvcF86Lsf6I
TYpKJEUSCVOmammgkosNBXgq1KrzL+5q3VcwufK0dY6Di2DugpZvR65YLTiYWPhg
Rry63emfPSLWLCR2qns4ZB3hq+xqOyqeSGgcChvlLgwOx1AKUUsvhqNNvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIgNjuc8CirP65Ze6IOT2mxrN7sbMB8GA1UdIwQY
MBaAFEWczBuwEWBoaAbbNakzUbIbPmDcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC82MGQzMzgtNGIzNi00MDU0LWI0YmMt
NjQ3M2IwOTJhYWRkLzEvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC82MGQzMzgtNGIzNi00MDU0LWI0YmMtNjQ3M2IwOTJhYWRk
LzEvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqH/UqQ/R
lTIR+v5aVcb95Qh2SVvnXbBUh5a9aIm+bT2nUSzT2SUEeZqZuryGwdy+oEJJEf/4
Neq2l2E6x1CIeopkMgAzBEU7xQzpXUOlsKOT+SrXhfSOfBRZDYTQ4fhClMOC2gor
Yk3TsWfo+3/6KU/F/VI5w+aCQmU2VvuY6sMG7X6m3C//b+rwtlfIWnd64KYJ7fVR
StyRU/x6CnDHwLEIzJw+9PgwucqMqgGVCcXB5cXI01HZjdsqOMCJf9m/h3XcakJx
il3v/L3QI76hgttXq574+op9I/jxNEEMrpMZpTJAO91GteWy/h7D6D80F2/kCbDJ
DVw+kWn6XOnsMQ==
-----END CERTIFICATE-----