Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
File:                     IM56QQse-G8hrSE9PXNmhvdwjrk.mft (raw, json)
Hash identifier:          zacOUcy2pTrr1zkOQElcWHsLqL2LySsfv26yLoMI6PM=
Subject key identifier:   CC:6C:05:E1:49:F4:75:AE:3A:CD:0F:A0:DA:C1:BB:D1:FE:EC:A6:0E
Authority key identifier: 20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9
Certificate issuer:       /CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
Certificate serial:       019D9A06EDF270BBD8DA4A35A9FCA9B0799B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
Manifest number:          0853
Signing time:             Fri 17 Apr 2026 06:00:38 +0000
Manifest this update:     Fri 17 Apr 2026 06:00:38 +0000
Manifest next update:     Sat 18 Apr 2026 06:00:38 +0000
Files and hashes:         1: IM56QQse-G8hrSE9PXNmhvdwjrk.crl (hash: 8Mui0XxcP+ahmvUlcxkyMbLQWRYGZgoh7lSTW0tUriE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 06:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:06:ed:f2:70:bb:d8:da:4a:35:a9:fc:a9:b0:79:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
        Validity
            Not Before: Apr 17 06:00:38 2026 GMT
            Not After : Apr 18 06:00:38 2026 GMT
        Subject: CN=cc6c05e149f475ae3acd0fa0dac1bbd1feeca60e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:9e:19:14:ae:57:46:43:68:68:ce:62:f7:17:
                    44:9f:e4:82:a1:d9:cb:1e:3c:5b:7b:c7:5a:36:be:
                    4d:0b:f4:20:88:a0:6e:4a:7f:71:1b:22:ad:f8:18:
                    1a:ab:9f:ec:b9:79:7e:a1:e5:f4:5c:9a:e8:af:7c:
                    b0:e3:eb:99:e7:47:21:6d:8d:20:90:c0:01:72:b4:
                    15:23:3c:61:1f:cc:19:c8:47:6d:d7:37:f8:7f:4d:
                    a2:8d:84:5e:6c:14:a9:8a:be:fa:74:9e:3e:b6:bc:
                    25:ea:4a:3d:3f:e6:c6:8c:75:80:9b:b6:4a:4c:c1:
                    9a:82:7e:33:67:58:af:60:76:e6:98:6f:81:d4:dc:
                    db:a8:f0:19:88:0e:97:49:96:cd:6e:62:dd:f2:ed:
                    43:64:4f:09:b0:da:3e:ca:ab:37:e4:03:40:ab:3a:
                    0d:ca:9d:95:40:f0:3c:c4:a0:bd:0d:a3:96:0f:3b:
                    ee:05:ad:bc:fc:97:d2:bf:ba:49:59:40:3b:e6:bc:
                    f5:cd:26:d2:cf:f1:ae:87:d1:c8:0b:31:e6:50:a2:
                    17:f9:cd:77:8e:c2:86:13:fc:0e:41:27:66:8b:e1:
                    ec:77:f3:58:23:1e:d3:bd:31:12:2f:35:7c:c8:83:
                    a6:3c:35:2a:bd:a8:7d:88:cc:26:5c:4c:c5:1a:e2:
                    a9:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:6C:05:E1:49:F4:75:AE:3A:CD:0F:A0:DA:C1:BB:D1:FE:EC:A6:0E
            X509v3 Authority Key Identifier:
                keyid:20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cd:4d:8c:96:98:d0:c3:c2:17:af:25:0d:ac:d5:e5:f2:eb:4a:
         54:c3:22:4a:4f:65:29:43:f8:f9:71:97:d5:33:6b:9d:f4:24:
         22:0b:1e:27:f2:a8:31:60:fd:cb:9c:d4:a8:b7:38:4d:b0:8f:
         e9:65:67:c8:56:05:9d:3f:10:3a:bd:c5:4e:43:c3:8f:bd:40:
         77:12:da:c8:a8:e2:1d:5f:56:a7:96:a3:a3:36:ad:4a:3b:85:
         d4:b6:9c:ed:3e:55:0c:cb:fc:24:5a:23:84:63:25:37:ce:c8:
         c4:52:da:a6:5f:8b:60:da:a2:d5:4e:df:bb:b9:4d:8f:7e:68:
         08:7a:75:f2:18:fa:83:53:4b:03:3a:e5:a5:eb:f0:46:6d:e7:
         aa:7b:46:c8:56:1e:1c:fc:56:c6:ae:3d:c8:2a:42:d4:ca:4a:
         61:32:57:3e:67:49:98:1c:88:53:87:1f:38:5e:ba:b9:f3:91:
         92:2b:b7:da:4d:9a:64:3f:7d:da:ee:46:70:1d:f9:67:09:63:
         fa:c1:ff:6c:6b:75:5c:e4:f1:e3:b0:94:ba:0d:6c:2d:0a:22:
         b8:20:14:9e:1b:6b:6f:3d:1d:16:6c:a9:06:3d:22:59:6f:53:
         d7:21:dc:bd:cd:be:96:7c:5a:15:86:76:e4:90:28:ff:f2:c0:
         04:89:be:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aBu3ycLvY2ko1qfypsHmbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2U3YTQxMGIxZWY4NmYyMWFkMjEzZDNkNzM2Njg2Zjc3
MDhlYjkwHhcNMjYwNDE3MDYwMDM4WhcNMjYwNDE4MDYwMDM4WjAzMTEwLwYDVQQD
EyhjYzZjMDVlMTQ5ZjQ3NWFlM2FjZDBmYTBkYWMxYmJkMWZlZWNhNjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZ4ZFK5XRkNoaM5i9xdEn+SCodnL
Hjxbe8daNr5NC/QgiKBuSn9xGyKt+Bgaq5/suXl+oeX0XJror3yw4+uZ50chbY0g
kMABcrQVIzxhH8wZyEdt1zf4f02ijYRebBSpir76dJ4+trwl6ko9P+bGjHWAm7ZK
TMGagn4zZ1ivYHbmmG+B1NzbqPAZiA6XSZbNbmLd8u1DZE8JsNo+yqs35ANAqzoN
yp2VQPA8xKC9DaOWDzvuBa28/JfSv7pJWUA75rz1zSbSz/Guh9HICzHmUKIX+c13
jsKGE/wOQSdmi+Hsd/NYIx7TvTESLzV8yIOmPDUqvah9iMwmXEzFGuKpGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMxsBeFJ9HWuOs0PoNrBu9H+7KYOMB8GA1UdIwQY
MBaAFCDOekELHvhvIa0hPT1zZob3cI65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDIt
YThkMDMxYWExNDNmLzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDItYThkMDMxYWExNDNm
LzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzU2MlpjQ
w8IXryUNrNXl8utKVMMiSk9lKUP4+XGX1TNrnfQkIgseJ/KoMWD9y5zUqLc4TbCP
6WVnyFYFnT8QOr3FTkPDj71AdxLayKjiHV9Wp5ajozatSjuF1Lac7T5VDMv8JFoj
hGMlN87IxFLapl+LYNqi1U7fu7lNj35oCHp18hj6g1NLAzrlpevwRm3nqntGyFYe
HPxWxq49yCpC1MpKYTJXPmdJmByIU4cfOF66ufORkiu32k2aZD992u5GcB35Zwlj
+sH/bGt1XOTx47CUug1sLQoiuCAUnhtrbz0dFmypBj0iWW9T1yHcvc2+lnxaFYZ2
5JAo//LABIm+Kw==
-----END CERTIFICATE-----