Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
File:                     d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft (raw, json)
Hash identifier:          DsdK6rcckOnkVQ4RpvzSTgQijo1DyUrZBaskwndRxJE=
Subject key identifier:   72:1F:C3:1C:A0:DB:D4:3C:48:46:92:B5:AD:BB:A0:AC:4A:53:11:A3
Authority key identifier: 77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC
Certificate issuer:       /CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
Certificate serial:       019D98F5117E2EE273030523B98CD312F54F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
Manifest number:          0AEA
Signing time:             Fri 17 Apr 2026 01:01:30 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:30 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:30 +0000
Files and hashes:         1: d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl (hash: N9Z5C364+vTTxR9g+RLB11xyuKNsgP+fWS9tR55B01I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f5:11:7e:2e:e2:73:03:05:23:b9:8c:d3:12:f5:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
        Validity
            Not Before: Apr 17 01:01:30 2026 GMT
            Not After : Apr 18 01:01:30 2026 GMT
        Subject: CN=721fc31ca0dbd43c484692b5adbba0ac4a5311a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:33:35:00:4d:0a:56:c7:1a:54:a4:c7:f0:4c:
                    24:a9:b0:bf:89:5e:c4:fc:f7:e2:58:77:80:d7:b3:
                    8e:57:6f:6a:fd:1e:90:60:0c:0a:fc:f1:29:2d:fd:
                    a5:3d:8e:bc:ab:2e:a8:34:98:7d:1b:e7:8a:a6:5d:
                    4e:e4:68:e0:b1:da:fc:85:d4:45:d5:2d:f1:00:05:
                    2a:40:10:fe:43:18:68:60:38:7e:9b:bb:df:63:33:
                    79:60:a0:3e:c1:80:cc:5a:ec:c3:0c:3a:ae:d0:b2:
                    dc:22:76:64:e9:00:8c:db:5d:92:f3:a3:79:95:45:
                    6e:b2:f5:70:1d:25:58:ae:48:cf:8c:d3:0c:c3:5a:
                    28:16:1d:e6:8f:22:20:ee:0f:8d:b7:3a:a1:ea:c2:
                    0d:72:e1:9e:87:6e:b3:37:da:5c:97:0b:b1:ff:d1:
                    87:bb:e6:41:eb:c5:7f:7a:2a:e9:8b:a2:d9:f7:96:
                    99:89:dc:1a:0d:4c:45:70:3f:7d:62:e4:7a:69:4a:
                    be:3b:d6:a8:78:89:ee:9e:62:f2:ae:5e:ea:79:59:
                    34:0f:db:c3:1f:c4:6d:82:ca:33:a8:52:59:d3:22:
                    92:98:5f:94:9b:ae:2d:cb:29:76:58:86:93:46:4d:
                    41:6e:eb:b3:d9:6d:84:cf:28:8e:ca:cc:7f:78:79:
                    2a:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:1F:C3:1C:A0:DB:D4:3C:48:46:92:B5:AD:BB:A0:AC:4A:53:11:A3
            X509v3 Authority Key Identifier:
                keyid:77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:84:ca:f3:a5:13:66:80:38:f8:6c:04:4b:91:6b:46:ec:e6:
         ed:0d:71:b8:11:dc:a4:47:e9:dc:0c:d6:1d:05:38:1b:12:d1:
         88:d6:2b:64:f8:06:c2:e1:4f:5c:a5:33:e4:56:0b:96:89:9b:
         16:1d:ab:2d:20:d4:64:92:f4:f6:09:ef:d8:63:b8:79:59:27:
         34:55:e9:cd:76:53:95:08:49:35:be:60:57:7d:ee:6d:c1:62:
         0e:90:0a:58:5d:58:7c:6a:73:09:2f:89:20:07:51:29:90:35:
         57:b3:77:ca:e1:b9:65:3b:ab:44:22:5f:6a:47:f5:8f:e8:75:
         ca:f3:33:4a:89:d6:99:6e:3a:aa:89:09:33:8e:f7:e1:c6:79:
         b2:b1:0c:55:91:b7:ed:03:2c:3f:2c:3f:43:78:04:c4:45:8a:
         85:07:b4:8e:05:61:03:a0:8a:39:6f:64:1d:93:1f:e3:d9:c6:
         0c:c4:13:12:b4:54:97:14:cb:d6:a2:b2:9e:93:2d:d3:b8:20:
         b2:49:00:70:83:61:d8:2e:36:4a:08:bd:cf:0e:4a:4f:54:37:
         1a:57:91:eb:d4:6d:f6:19:c2:37:bf:d2:c3:46:05:1e:c1:e3:
         06:c8:63:d2:93:ca:40:af:6f:85:c0:1e:39:46:2d:ad:a6:03:
         2a:6c:95:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9RF+LuJzAwUjuYzTEvVPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NjNlNDdmYzg1MGFjYzhmZmRhMDZlM2RhMjNhNGE0NDRj
MmQ2ZmMwHhcNMjYwNDE3MDEwMTMwWhcNMjYwNDE4MDEwMTMwWjAzMTEwLwYDVQQD
Eyg3MjFmYzMxY2EwZGJkNDNjNDg0NjkyYjVhZGJiYTBhYzRhNTMxMWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTM1AE0KVscaVKTH8EwkqbC/iV7E
/PfiWHeA17OOV29q/R6QYAwK/PEpLf2lPY68qy6oNJh9G+eKpl1O5Gjgsdr8hdRF
1S3xAAUqQBD+QxhoYDh+m7vfYzN5YKA+wYDMWuzDDDqu0LLcInZk6QCM212S86N5
lUVusvVwHSVYrkjPjNMMw1ooFh3mjyIg7g+Ntzqh6sINcuGeh26zN9pclwux/9GH
u+ZB68V/eirpi6LZ95aZidwaDUxFcD99YuR6aUq+O9aoeInunmLyrl7qeVk0D9vD
H8RtgsozqFJZ0yKSmF+Um64tyyl2WIaTRk1Bbuuz2W2EzyiOysx/eHkqCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHIfwxyg29Q8SEaSta27oKxKUxGjMB8GA1UdIwQY
MBaAFHdj5H/IUKzI/9oG49ojpKREwtb8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTkt
MmZmOWQ0MmVlMjEzLzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTktMmZmOWQ0MmVlMjEz
LzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAToTK86UT
ZoA4+GwES5FrRuzm7Q1xuBHcpEfp3AzWHQU4GxLRiNYrZPgGwuFPXKUz5FYLlomb
Fh2rLSDUZJL09gnv2GO4eVknNFXpzXZTlQhJNb5gV33ubcFiDpAKWF1YfGpzCS+J
IAdRKZA1V7N3yuG5ZTurRCJfakf1j+h1yvMzSonWmW46qokJM4734cZ5srEMVZG3
7QMsPyw/Q3gExEWKhQe0jgVhA6CKOW9kHZMf49nGDMQTErRUlxTL1qKynpMt07gg
skkAcINh2C42Sgi9zw5KT1Q3GleR69Rt9hnCN7/Sw0YFHsHjBshj0pPKQK9vhcAe
OUYtraYDKmyVPA==
-----END CERTIFICATE-----