Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
File:                     Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft (raw, json)
Hash identifier:          Cny7UPbaaIAFEQPXBs9v3WxXsuAb0ZkZez94qsAJ9a8=
Subject key identifier:   70:97:74:AF:4D:01:09:5B:B3:60:78:2F:4B:1E:B2:E7:C1:D2:96:DE
Authority key identifier: 63:A8:CA:16:66:20:6D:2C:F1:2B:50:78:72:EA:D0:F5:A7:93:D0:E0
Certificate issuer:       /CN=63a8ca1666206d2cf12b507872ead0f5a793d0e0
Certificate serial:       019D9B87EA1792BC8D97B8E1C62BA54ACCD4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
Manifest number:          0A4D
Signing time:             Fri 17 Apr 2026 13:01:08 +0000
Manifest this update:     Fri 17 Apr 2026 13:01:08 +0000
Manifest next update:     Sat 18 Apr 2026 13:01:08 +0000
Files and hashes:         1: Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl (hash: DAZDDY19pWNf6IWKgC6TaHJInoK6dyQ3RqhR9yMeWN0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:87:ea:17:92:bc:8d:97:b8:e1:c6:2b:a5:4a:cc:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63a8ca1666206d2cf12b507872ead0f5a793d0e0
        Validity
            Not Before: Apr 17 13:01:08 2026 GMT
            Not After : Apr 18 13:01:08 2026 GMT
        Subject: CN=709774af4d01095bb360782f4b1eb2e7c1d296de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:66:8e:26:3b:1e:d3:4a:f9:97:9b:8e:05:66:
                    b6:e6:81:0c:a1:16:08:19:fc:a1:d3:40:3c:49:92:
                    9a:fd:6b:39:f7:80:d8:59:4b:76:2a:25:c6:50:ba:
                    63:ea:7b:7c:16:a0:93:cb:90:88:2f:ae:7e:24:55:
                    80:6c:3c:5f:7c:ea:aa:99:d8:c9:77:ee:ac:04:2f:
                    dc:ea:ed:f7:77:3f:52:65:71:17:d2:45:a6:1e:86:
                    10:61:10:9d:d0:0e:44:69:57:2b:c1:b3:19:d6:2e:
                    e0:21:4b:52:ed:e4:c2:c4:3d:d4:a1:20:20:e2:29:
                    8e:93:4b:fa:a5:67:82:ea:92:a3:09:5f:8c:95:0a:
                    81:03:f9:7c:8c:5a:a9:36:72:5d:a8:61:e1:4f:6d:
                    08:11:51:e2:55:39:02:4f:9d:79:e2:4d:46:cb:ca:
                    92:7a:50:45:6b:70:32:79:34:1f:81:e5:6a:a1:82:
                    25:e2:76:ea:cb:e7:d7:f5:50:6c:6a:86:1a:bc:3d:
                    36:fe:55:53:22:8e:21:6e:43:dc:6a:1e:1a:6e:1f:
                    57:eb:15:4f:21:fa:7b:15:45:f8:2c:e1:a9:ea:0d:
                    62:eb:dc:48:c8:da:5d:79:ee:44:a2:14:b9:48:6c:
                    3b:e1:6c:77:a4:b9:08:0a:4d:fd:06:0c:1b:58:b2:
                    4b:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:97:74:AF:4D:01:09:5B:B3:60:78:2F:4B:1E:B2:E7:C1:D2:96:DE
            X509v3 Authority Key Identifier:
                keyid:63:A8:CA:16:66:20:6D:2C:F1:2B:50:78:72:EA:D0:F5:A7:93:D0:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:cd:a4:e4:27:49:cf:79:f4:69:f5:62:49:0f:0b:35:18:91:
         18:48:52:5b:a9:7e:6b:e1:b8:1e:a2:b1:95:fa:36:1e:f8:7d:
         ba:be:c0:12:0c:77:5e:5a:43:21:90:e9:d7:e0:eb:a5:fd:a5:
         86:3c:f8:a7:4c:40:0c:ba:b3:1a:5d:a0:d6:09:51:06:67:2b:
         6f:80:a6:d5:b0:b8:86:91:69:ee:9c:38:26:89:e8:e3:18:14:
         8e:d3:0d:2e:4d:6e:bb:fd:55:76:1a:6f:7f:d2:89:a3:3e:bd:
         3a:6a:d2:50:ef:28:02:fa:b0:b2:59:ff:85:c4:fd:b9:56:c0:
         43:ae:38:89:45:f4:54:f6:d0:b6:56:19:40:64:0e:d0:06:a8:
         06:a9:43:ff:60:64:12:3c:c9:9a:d7:64:2b:a7:ad:ab:76:ca:
         3e:82:7b:27:6e:8a:5b:38:9b:f2:8a:92:fc:58:cf:72:07:8b:
         41:49:7c:e7:be:27:7d:d6:f8:9b:57:83:f3:43:c5:1e:f1:f8:
         00:18:84:9f:91:3e:27:f6:77:50:4d:2e:b0:8f:b2:42:06:ea:
         e8:16:b2:52:c9:e9:6d:f8:fc:93:22:12:31:fb:9a:b9:9c:c1:
         6e:5a:ab:a5:f7:11:46:6e:cf:47:6e:df:07:c5:6e:99:6f:68:
         9e:c6:c2:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bh+oXkryNl7jhxiulSszUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYThjYTE2NjYyMDZkMmNmMTJiNTA3ODcyZWFkMGY1YTc5
M2QwZTAwHhcNMjYwNDE3MTMwMTA4WhcNMjYwNDE4MTMwMTA4WjAzMTEwLwYDVQQD
Eyg3MDk3NzRhZjRkMDEwOTViYjM2MDc4MmY0YjFlYjJlN2MxZDI5NmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2aOJjse00r5l5uOBWa25oEMoRYI
Gfyh00A8SZKa/Ws594DYWUt2KiXGULpj6nt8FqCTy5CIL65+JFWAbDxffOqqmdjJ
d+6sBC/c6u33dz9SZXEX0kWmHoYQYRCd0A5EaVcrwbMZ1i7gIUtS7eTCxD3UoSAg
4imOk0v6pWeC6pKjCV+MlQqBA/l8jFqpNnJdqGHhT20IEVHiVTkCT5154k1Gy8qS
elBFa3AyeTQfgeVqoYIl4nbqy+fX9VBsaoYavD02/lVTIo4hbkPcah4abh9X6xVP
Ifp7FUX4LOGp6g1i69xIyNpdee5EohS5SGw74Wx3pLkICk39BgwbWLJLFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHCXdK9NAQlbs2B4L0sesufB0pbeMB8GA1UdIwQY
MBaAFGOoyhZmIG0s8StQeHLq0PWnk9DgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8wNDQ2YjEtZGYyZi00MjYxLWExYmEt
NzVhYjIxZjNiM2QwLzEvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8wNDQ2YjEtZGYyZi00MjYxLWExYmEtNzVhYjIxZjNiM2Qw
LzEvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABM2k5CdJ
z3n0afViSQ8LNRiRGEhSW6l+a+G4HqKxlfo2Hvh9ur7AEgx3XlpDIZDp1+Drpf2l
hjz4p0xADLqzGl2g1glRBmcrb4Cm1bC4hpFp7pw4Jono4xgUjtMNLk1uu/1Vdhpv
f9KJoz69OmrSUO8oAvqwsln/hcT9uVbAQ644iUX0VPbQtlYZQGQO0AaoBqlD/2Bk
EjzJmtdkK6etq3bKPoJ7J26KWzib8oqS/FjPcgeLQUl8574nfdb4m1eD80PFHvH4
ABiEn5E+J/Z3UE0usI+yQgbq6BayUsnpbfj8kyISMfuauZzBblqrpfcRRm7PR27f
B8VumW9onsbCIA==
-----END CERTIFICATE-----