Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
File:                     pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft (raw, json)
Hash identifier:          j0YYz4ifkxMhfF9p+QV/sMosLtgF68IfI5s1mRqg+V4=
Subject key identifier:   9A:52:2B:5A:F8:14:72:17:FA:A7:3C:DE:D1:80:88:D6:45:C7:5D:80
Authority key identifier: A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34
Certificate issuer:       /CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
Certificate serial:       019D9AE2669BF8185E7A266311615C7CC741
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
Manifest number:          1892
Signing time:             Fri 17 Apr 2026 10:00:21 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:21 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:21 +0000
Files and hashes:         1: pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl (hash: WG5JQtHIR/JAc9wHUBluBBPAHm9Wq6Eq229QDUl0i0E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 10:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:66:9b:f8:18:5e:7a:26:63:11:61:5c:7c:c7:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
        Validity
            Not Before: Apr 17 10:00:21 2026 GMT
            Not After : Apr 18 10:00:21 2026 GMT
        Subject: CN=9a522b5af8147217faa73cded18088d645c75d80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:61:47:95:28:2c:aa:00:f9:fc:75:4a:d6:15:
                    3a:af:f0:be:56:cf:28:ab:95:a7:2d:a5:d1:12:bd:
                    80:40:2d:ad:b2:d1:28:68:cf:08:19:e4:16:e4:02:
                    d9:66:8c:15:8a:83:67:c5:11:da:66:e1:20:2a:e4:
                    82:47:0c:9f:70:83:56:d4:9e:a8:f8:e0:ce:f9:a8:
                    ce:1a:bb:c5:b0:88:39:d2:2b:ce:04:4f:0c:28:fb:
                    02:cc:88:96:38:4f:da:0b:13:30:4a:f2:b8:69:d0:
                    8a:28:8d:db:be:02:0d:bf:85:ae:db:1e:ee:4a:8f:
                    7c:7f:ee:ca:a3:23:e7:96:e9:1a:4b:0c:e1:5b:fb:
                    59:83:48:e8:79:e5:27:96:75:f5:f8:a7:32:74:df:
                    19:99:10:bf:21:98:4e:53:9a:48:64:ec:bb:4f:71:
                    9d:a2:dc:f7:f4:42:d4:96:7f:d9:d5:1d:87:77:f8:
                    4c:6f:c1:e1:87:1c:da:c1:27:1f:0b:99:fc:a5:b5:
                    96:a8:81:c8:d7:09:0a:10:d8:23:ef:b0:02:73:35:
                    25:fc:74:e6:89:4a:d8:9a:5c:9d:16:b0:b6:b8:c8:
                    46:dc:c7:c7:e1:72:f7:15:7f:b6:69:19:91:29:89:
                    d7:91:48:0b:f2:97:ba:44:64:fb:14:d4:77:a9:1d:
                    dc:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:52:2B:5A:F8:14:72:17:FA:A7:3C:DE:D1:80:88:D6:45:C7:5D:80
            X509v3 Authority Key Identifier:
                keyid:A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:5d:40:ff:a9:e6:46:7f:d5:be:fe:b5:7a:18:6b:48:b7:83:
         92:91:42:80:3a:4d:5a:b6:ec:02:22:2a:cb:1f:1b:65:51:2f:
         53:28:a7:e1:fb:77:76:2d:c9:2e:31:a6:8f:0c:d9:23:cc:4c:
         2a:70:a8:3c:60:33:69:4e:5c:55:d2:c2:77:74:58:fb:53:43:
         e9:18:38:a1:4e:33:4a:34:82:2b:ec:ff:0d:6f:de:f1:3b:b3:
         7e:f5:c8:94:fe:f2:04:72:a9:73:b3:e2:3b:e3:a0:25:6f:a4:
         7b:58:2f:07:ad:4f:8a:78:c1:e6:24:13:57:b1:87:3f:e4:31:
         cf:98:ad:2d:aa:8b:8b:a9:6f:76:e8:14:3f:53:a1:d7:ca:bb:
         4f:05:57:b5:97:7f:f3:d5:60:6a:53:1c:38:ea:64:73:21:85:
         01:8c:44:0f:4e:ad:11:ca:f7:fe:78:08:31:29:31:5a:7f:47:
         fd:fd:41:21:b6:9e:5f:8c:00:29:a1:89:52:8e:94:1c:de:ae:
         19:9d:dc:f8:ea:d4:ef:ff:aa:88:b1:71:e4:2d:34:28:66:69:
         04:b5:7c:7d:c7:b0:a0:de:07:a0:87:82:e6:b7:7b:d8:73:e7:
         3e:70:7b:d5:00:b3:3c:75:48:c5:99:0a:e7:bc:6c:e4:68:ab:
         6b:82:f4:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4mab+BheeiZjEWFcfMdBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZDM4MDQxYWU0ZTczMTU3NzI0YWE5ZjNlZTA0MzA1ZTVm
MTI4MzQwHhcNMjYwNDE3MTAwMDIxWhcNMjYwNDE4MTAwMDIxWjAzMTEwLwYDVQQD
Eyg5YTUyMmI1YWY4MTQ3MjE3ZmFhNzNjZGVkMTgwODhkNjQ1Yzc1ZDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmFHlSgsqgD5/HVK1hU6r/C+Vs8o
q5WnLaXREr2AQC2tstEoaM8IGeQW5ALZZowVioNnxRHaZuEgKuSCRwyfcINW1J6o
+ODO+ajOGrvFsIg50ivOBE8MKPsCzIiWOE/aCxMwSvK4adCKKI3bvgINv4Wu2x7u
So98f+7KoyPnlukaSwzhW/tZg0joeeUnlnX1+KcydN8ZmRC/IZhOU5pIZOy7T3Gd
otz39ELUln/Z1R2Hd/hMb8HhhxzawScfC5n8pbWWqIHI1wkKENgj77ACczUl/HTm
iUrYmlydFrC2uMhG3MfH4XL3FX+2aRmRKYnXkUgL8pe6RGT7FNR3qR3chwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJpSK1r4FHIX+qc83tGAiNZFx12AMB8GA1UdIwQY
MBaAFKTTgEGuTnMVdySqnz7gQwXl8Sg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYt
MTg2YjI4Njg1NGJlLzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYtMTg2YjI4Njg1NGJl
LzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmV1A/6nm
Rn/Vvv61ehhrSLeDkpFCgDpNWrbsAiIqyx8bZVEvUyin4ft3di3JLjGmjwzZI8xM
KnCoPGAzaU5cVdLCd3RY+1ND6Rg4oU4zSjSCK+z/DW/e8TuzfvXIlP7yBHKpc7Pi
O+OgJW+ke1gvB61PinjB5iQTV7GHP+Qxz5itLaqLi6lvdugUP1Oh18q7TwVXtZd/
89VgalMcOOpkcyGFAYxED06tEcr3/ngIMSkxWn9H/f1BIbaeX4wAKaGJUo6UHN6u
GZ3c+OrU7/+qiLFx5C00KGZpBLV8fcewoN4HoIeC5rd72HPnPnB71QCzPHVIxZkK
57xs5Gira4L0JA==
-----END CERTIFICATE-----