Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft
File:                     ALlD7lfDXyx_T-wGhel9YDsHytI.mft (raw, json)
Hash identifier:          73fxMVGNo9EZtKQAasbVWq9HOGQiccVIbw3QMd37GJ0=
Subject key identifier:   FD:60:C1:8B:72:30:0F:87:BB:37:CB:67:1D:6C:49:6B:1B:8C:E2:68
Authority key identifier: 00:B9:43:EE:57:C3:5F:2C:7F:4F:EC:06:85:E9:7D:60:3B:07:CA:D2
Certificate issuer:       /CN=00b943ee57c35f2c7f4fec0685e97d603b07cad2
Certificate serial:       019D98500876A2A339FF737F64837BC665C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft
Manifest number:          0C83
Signing time:             Thu 16 Apr 2026 22:01:14 +0000
Manifest this update:     Thu 16 Apr 2026 22:01:14 +0000
Manifest next update:     Fri 17 Apr 2026 22:01:14 +0000
Files and hashes:         1: ALlD7lfDXyx_T-wGhel9YDsHytI.crl (hash: uoRcJ9CWpj1urbkoSLVs+m2Z4Brq7FPq+6XVt6BqVvU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:50:08:76:a2:a3:39:ff:73:7f:64:83:7b:c6:65:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00b943ee57c35f2c7f4fec0685e97d603b07cad2
        Validity
            Not Before: Apr 16 22:01:14 2026 GMT
            Not After : Apr 17 22:01:14 2026 GMT
        Subject: CN=fd60c18b72300f87bb37cb671d6c496b1b8ce268
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:db:37:de:fa:7e:d2:01:64:e1:8c:06:bd:83:
                    05:57:13:7c:c2:1e:35:55:94:24:da:f3:c9:43:83:
                    8c:d4:4c:b6:f0:b7:b4:d3:5a:7c:36:72:1d:bf:d9:
                    d2:f5:c3:81:97:6f:2a:6f:27:44:b1:d0:c5:c2:43:
                    45:2c:0f:4b:f5:56:ce:ba:2b:f9:21:d9:90:32:3f:
                    dc:f3:07:88:54:83:f5:76:3b:32:96:03:c5:09:bb:
                    8e:c8:5c:10:a6:cd:35:52:ab:26:ce:26:03:06:01:
                    8e:e1:af:f7:0a:42:74:64:d3:0a:53:7f:9e:2d:c8:
                    9f:10:69:69:c5:1a:60:50:46:32:7f:0b:48:50:fe:
                    13:c9:73:55:a5:1d:f5:fe:8e:85:4f:2d:bb:2a:96:
                    e4:e2:38:de:92:f3:4e:52:32:23:b6:3d:e7:0a:dc:
                    23:91:d1:ef:fc:e5:d3:63:9a:26:91:37:63:f0:a5:
                    4f:70:59:3c:e1:36:46:fe:54:26:97:7d:10:5a:51:
                    d6:54:39:7e:27:1b:6d:a1:15:6a:84:c0:c0:4e:5a:
                    31:44:ed:86:d5:b1:a9:67:3a:2d:74:2e:79:fe:69:
                    fb:c4:a0:ee:70:81:1b:46:ed:6f:be:6a:77:b0:6a:
                    9a:f5:5a:39:31:6d:db:84:81:fe:fa:85:30:f3:d4:
                    1d:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:60:C1:8B:72:30:0F:87:BB:37:CB:67:1D:6C:49:6B:1B:8C:E2:68
            X509v3 Authority Key Identifier:
                keyid:00:B9:43:EE:57:C3:5F:2C:7F:4F:EC:06:85:E9:7D:60:3B:07:CA:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:8e:41:85:c7:ba:1d:d1:31:32:bd:8b:27:0e:30:4a:42:92:
         33:2e:ec:87:d2:bf:8a:50:78:bc:a3:13:6e:31:dc:24:da:07:
         cf:ec:77:9c:75:b4:c9:90:dd:d7:b8:9f:94:17:6e:af:3b:1f:
         1f:c6:e6:4e:c3:60:da:69:65:14:5d:80:29:b4:6f:52:1d:33:
         93:e3:e2:c0:4b:8b:6c:de:03:85:3f:e8:39:65:1d:94:85:28:
         5f:8c:ea:76:b9:96:07:3a:39:50:b0:dd:a3:d5:2c:b1:1b:6c:
         fa:dd:02:38:04:fd:bf:65:24:f2:d0:a2:fb:c8:f6:31:d7:57:
         e6:0c:f7:7a:5b:20:94:16:03:c5:7a:6b:87:b9:ac:f8:19:c4:
         8c:e4:f3:83:98:fb:2a:6e:54:f6:53:27:43:28:3f:2f:eb:ed:
         4e:bf:c5:a2:62:62:aa:c3:51:18:6e:d9:66:ec:4d:89:34:61:
         a2:c1:15:f6:db:5b:36:40:1d:ab:a6:fc:fb:63:07:1d:ee:48:
         6b:7c:36:7f:aa:17:3d:eb:3e:8f:52:3c:df:c0:42:6f:5b:26:
         25:54:88:82:1b:51:c4:d6:32:cd:8b:49:f9:56:98:f3:1b:de:
         a7:50:b2:dc:87:8f:28:d0:44:6e:63:90:30:90:a5:54:01:9a:
         d5:79:e1:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YUAh2oqM5/3N/ZIN7xmXFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYjk0M2VlNTdjMzVmMmM3ZjRmZWMwNjg1ZTk3ZDYwM2Iw
N2NhZDIwHhcNMjYwNDE2MjIwMTE0WhcNMjYwNDE3MjIwMTE0WjAzMTEwLwYDVQQD
EyhmZDYwYzE4YjcyMzAwZjg3YmIzN2NiNjcxZDZjNDk2YjFiOGNlMjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9s33vp+0gFk4YwGvYMFVxN8wh41
VZQk2vPJQ4OM1Ey28Le001p8NnIdv9nS9cOBl28qbydEsdDFwkNFLA9L9VbOuiv5
IdmQMj/c8weIVIP1djsylgPFCbuOyFwQps01UqsmziYDBgGO4a/3CkJ0ZNMKU3+e
LcifEGlpxRpgUEYyfwtIUP4TyXNVpR31/o6FTy27Kpbk4jjekvNOUjIjtj3nCtwj
kdHv/OXTY5omkTdj8KVPcFk84TZG/lQml30QWlHWVDl+JxttoRVqhMDATloxRO2G
1bGpZzotdC55/mn7xKDucIEbRu1vvmp3sGqa9Vo5MW3bhIH++oUw89Qd4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP1gwYtyMA+HuzfLZx1sSWsbjOJoMB8GA1UdIwQY
MBaAFAC5Q+5Xw18sf0/sBoXpfWA7B8rSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS80OGYwOWUtNzM4Ni00MTM5LTkxYzgt
M2M4OGU0MGU3MTFjLzEvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS80OGYwOWUtNzM4Ni00MTM5LTkxYzgtM2M4OGU0MGU3MTFj
LzEvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY45Bhce6
HdExMr2LJw4wSkKSMy7sh9K/ilB4vKMTbjHcJNoHz+x3nHW0yZDd17iflBdurzsf
H8bmTsNg2mllFF2AKbRvUh0zk+PiwEuLbN4DhT/oOWUdlIUoX4zqdrmWBzo5ULDd
o9UssRts+t0COAT9v2Uk8tCi+8j2MddX5gz3elsglBYDxXprh7ms+BnEjOTzg5j7
Km5U9lMnQyg/L+vtTr/FomJiqsNRGG7ZZuxNiTRhosEV9ttbNkAdq6b8+2MHHe5I
a3w2f6oXPes+j1I838BCb1smJVSIghtRxNYyzYtJ+VaY8xvep1Cy3IePKNBEbmOQ
MJClVAGa1XnhhQ==
-----END CERTIFICATE-----