Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft
File:                     dLJ8XVaEhkhT31uBVyIS7eMizgo.mft (raw, json)
Hash identifier:          csgjfjDYgqhvVYL58Wrss25YHHmyT33HHnPiuhbzzdc=
Subject key identifier:   CB:0D:18:05:EE:A2:B3:8D:7D:E3:B3:13:19:48:99:19:DD:CA:EC:5D
Authority key identifier: 74:B2:7C:5D:56:84:86:48:53:DF:5B:81:57:22:12:ED:E3:22:CE:0A
Certificate issuer:       /CN=74b27c5d5684864853df5b81572212ede322ce0a
Certificate serial:       019DA3E6381BBABA8AF2C50F8D0A584E9122
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft
Manifest number:          059B
Signing time:             Sun 19 Apr 2026 04:01:06 +0000
Manifest this update:     Sun 19 Apr 2026 04:01:06 +0000
Manifest next update:     Mon 20 Apr 2026 04:01:06 +0000
Files and hashes:         1: dLJ8XVaEhkhT31uBVyIS7eMizgo.crl (hash: U6hRckZ9PvrryOKww2eFYoho8vFRv2YLe41yq522Aow=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:e6:38:1b:ba:ba:8a:f2:c5:0f:8d:0a:58:4e:91:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74b27c5d5684864853df5b81572212ede322ce0a
        Validity
            Not Before: Apr 19 04:01:06 2026 GMT
            Not After : Apr 20 04:01:06 2026 GMT
        Subject: CN=cb0d1805eea2b38d7de3b31319489919ddcaec5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:5c:70:29:90:2d:91:b7:bf:05:06:bb:c1:4d:
                    d2:7c:9d:d2:b0:8c:1e:4f:02:f0:d1:45:f5:eb:46:
                    13:11:b3:86:5e:2a:17:af:ee:3b:8f:b7:9d:c8:e8:
                    d1:c4:a8:78:9a:fd:9b:0e:27:95:38:16:1a:35:87:
                    4e:15:25:ad:e6:82:5f:a6:17:a6:66:ef:43:9d:35:
                    26:4a:d5:9c:25:56:49:de:f2:36:c0:ea:2c:2a:5e:
                    f8:80:1d:a6:99:cb:70:1d:ea:e7:e7:66:e6:d8:83:
                    e5:64:ad:46:cd:ab:f6:2c:ed:86:1b:26:49:ab:b9:
                    e5:cd:3e:41:6f:36:d3:47:2e:71:92:77:3f:69:b4:
                    ce:4b:e3:fd:cb:e2:a8:9e:da:c4:92:b2:e4:4e:04:
                    02:6b:5b:1d:a7:18:d4:3e:30:2e:0f:00:b7:42:23:
                    6b:0b:13:77:81:97:d0:2b:39:5b:5a:55:90:b9:bd:
                    71:e9:74:c6:70:df:0b:ef:6b:a0:99:3d:b9:ee:41:
                    1f:39:ef:c1:8e:7c:d4:cd:a0:37:42:81:c4:6d:fb:
                    4b:6f:5f:0a:69:b3:77:58:91:61:87:a9:48:ac:89:
                    c2:9a:a1:ec:40:f8:47:b2:d1:a0:f9:b5:1c:ef:f5:
                    76:f7:17:cd:b8:44:69:ff:d7:c7:3e:71:de:f4:f8:
                    13:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:0D:18:05:EE:A2:B3:8D:7D:E3:B3:13:19:48:99:19:DD:CA:EC:5D
            X509v3 Authority Key Identifier:
                keyid:74:B2:7C:5D:56:84:86:48:53:DF:5B:81:57:22:12:ED:E3:22:CE:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:96:01:56:7e:a2:47:51:45:c3:8a:a5:b5:66:1a:d1:1f:91:
         51:db:67:da:35:50:db:e7:44:c3:b3:19:cc:6e:55:d8:8b:8d:
         28:42:15:b8:ec:b1:cf:1a:9a:f4:3d:27:3b:74:de:c5:4e:fd:
         b0:aa:4c:9f:2c:f2:94:05:2e:84:12:c3:b1:6c:73:0e:43:7f:
         6f:70:bc:a4:39:c6:90:e5:ec:31:85:b9:b2:d9:28:19:5c:d6:
         ab:c4:3f:f2:19:d6:b6:79:c1:59:8d:75:43:fc:6e:52:b7:5c:
         44:70:19:cb:e1:05:0b:54:14:11:91:f2:79:b6:03:ed:36:e6:
         1a:fc:e1:9f:93:9c:42:ff:41:ac:6a:90:a3:52:66:12:61:83:
         64:ec:db:d0:db:f3:d6:b5:2b:3c:79:ec:8e:0c:bb:42:e7:e7:
         2a:69:08:10:d9:34:ca:d7:29:83:a8:12:b8:29:fe:af:a3:f8:
         d9:4d:08:19:12:47:aa:46:1f:ee:2b:b6:de:bd:c6:3f:0f:d7:
         42:7d:bb:32:9e:09:96:ab:be:f7:10:b2:f2:b0:82:83:6d:2d:
         bd:ef:4c:7f:ce:ad:71:14:5a:97:53:8b:4d:af:11:7a:00:16:
         9a:08:da:c1:74:1b:bb:06:ba:2b:7a:4c:73:3b:cc:7b:14:97:
         20:0c:50:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2j5jgburqK8sUPjQpYTpEiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YjI3YzVkNTY4NDg2NDg1M2RmNWI4MTU3MjIxMmVkZTMy
MmNlMGEwHhcNMjYwNDE5MDQwMTA2WhcNMjYwNDIwMDQwMTA2WjAzMTEwLwYDVQQD
EyhjYjBkMTgwNWVlYTJiMzhkN2RlM2IzMTMxOTQ4OTkxOWRkY2FlYzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplxwKZAtkbe/BQa7wU3SfJ3SsIwe
TwLw0UX160YTEbOGXioXr+47j7edyOjRxKh4mv2bDieVOBYaNYdOFSWt5oJfphem
Zu9DnTUmStWcJVZJ3vI2wOosKl74gB2mmctwHern52bm2IPlZK1Gzav2LO2GGyZJ
q7nlzT5BbzbTRy5xknc/abTOS+P9y+KontrEkrLkTgQCa1sdpxjUPjAuDwC3QiNr
CxN3gZfQKzlbWlWQub1x6XTGcN8L72ugmT257kEfOe/BjnzUzaA3QoHEbftLb18K
abN3WJFhh6lIrInCmqHsQPhHstGg+bUc7/V29xfNuERp/9fHPnHe9PgToQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMsNGAXuorONfeOzExlImRndyuxdMB8GA1UdIwQY
MBaAFHSyfF1WhIZIU99bgVciEu3jIs4KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8yOTk2NTYtNzQ0YS00ZGFhLThjZmQt
MDEwYTk4NTZmNzg1LzEvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8yOTk2NTYtNzQ0YS00ZGFhLThjZmQtMDEwYTk4NTZmNzg1
LzEvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADpYBVn6i
R1FFw4qltWYa0R+RUdtn2jVQ2+dEw7MZzG5V2IuNKEIVuOyxzxqa9D0nO3TexU79
sKpMnyzylAUuhBLDsWxzDkN/b3C8pDnGkOXsMYW5stkoGVzWq8Q/8hnWtnnBWY11
Q/xuUrdcRHAZy+EFC1QUEZHyebYD7TbmGvzhn5OcQv9BrGqQo1JmEmGDZOzb0Nvz
1rUrPHnsjgy7QufnKmkIENk0ytcpg6gSuCn+r6P42U0IGRJHqkYf7iu23r3GPw/X
Qn27Mp4Jlqu+9xCy8rCCg20tve9Mf86tcRRal1OLTa8RegAWmgjawXQbuwa6K3pM
czvMexSXIAxQSg==
-----END CERTIFICATE-----