Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
File:                     JQfjIVuSyGWOv0lfa4fOC6anvSc.mft (raw, json)
Hash identifier:          okyzj6C+BnoyKdedtb1aO0wH6TPRShLbpEPCG3BB5X0=
Subject key identifier:   4B:B3:FC:94:1D:B7:EB:55:44:02:B0:F3:77:11:14:7F:70:E1:13:F1
Authority key identifier: 25:07:E3:21:5B:92:C8:65:8E:BF:49:5F:6B:87:CE:0B:A6:A7:BD:27
Certificate issuer:       /CN=2507e3215b92c8658ebf495f6b87ce0ba6a7bd27
Certificate serial:       019D99993F93D5C7AF7B46821C0C4F735E93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
Manifest number:          0A61
Signing time:             Fri 17 Apr 2026 04:00:50 +0000
Manifest this update:     Fri 17 Apr 2026 04:00:50 +0000
Manifest next update:     Sat 18 Apr 2026 04:00:50 +0000
Files and hashes:         1: JQfjIVuSyGWOv0lfa4fOC6anvSc.crl (hash: BWQRN6Bl0xJBMO9MyOCaKl2luuBvmat9LWYl/R8ZCVI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:99:3f:93:d5:c7:af:7b:46:82:1c:0c:4f:73:5e:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2507e3215b92c8658ebf495f6b87ce0ba6a7bd27
        Validity
            Not Before: Apr 17 04:00:50 2026 GMT
            Not After : Apr 18 04:00:50 2026 GMT
        Subject: CN=4bb3fc941db7eb554402b0f37711147f70e113f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:56:07:03:a5:f2:e3:74:93:f8:65:3b:aa:36:
                    ac:50:ef:85:51:ee:90:fb:99:85:37:7d:02:88:0d:
                    00:be:f0:90:21:5f:6c:b8:11:6b:91:5c:3f:62:ae:
                    a9:8c:d3:73:4a:ef:9b:94:b5:e8:88:23:10:f1:40:
                    68:fc:c8:f3:85:f8:72:21:a5:85:e3:4d:9f:66:fe:
                    aa:9c:d0:10:9a:9e:4f:73:9a:f5:fb:e4:b7:5c:47:
                    0a:79:78:2f:6c:67:53:93:da:3d:8e:3d:d6:02:3b:
                    7a:f2:8a:38:cd:14:34:ce:96:29:28:4a:3a:4e:e4:
                    0f:db:a6:37:66:83:be:2f:46:f0:34:53:03:ce:cd:
                    e3:70:a1:23:a9:f5:48:45:6b:a0:bb:0d:06:2b:a4:
                    b4:87:30:61:e2:02:d4:b3:69:8f:e8:27:6c:8a:99:
                    14:1c:a1:54:66:fb:2e:10:1f:d9:2d:6c:ec:b3:da:
                    be:61:24:14:23:dc:68:e6:c7:de:7f:c4:c2:02:fe:
                    d5:a1:65:ba:fa:72:d5:88:6d:c2:8c:19:cf:b0:7a:
                    02:31:e9:b7:fd:1f:0f:d4:52:3f:c2:3e:d4:63:7b:
                    bb:1f:51:10:92:a6:c4:7c:a2:5c:80:f6:c7:1e:04:
                    3c:0c:bd:cd:61:27:00:17:3a:65:cd:90:0a:2a:fc:
                    1b:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:B3:FC:94:1D:B7:EB:55:44:02:B0:F3:77:11:14:7F:70:E1:13:F1
            X509v3 Authority Key Identifier:
                keyid:25:07:E3:21:5B:92:C8:65:8E:BF:49:5F:6B:87:CE:0B:A6:A7:BD:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:a5:82:27:d7:fe:d4:da:12:c5:dc:87:e9:30:76:03:f1:38:
         98:94:71:77:66:ba:dc:61:4c:03:ac:8b:0a:bf:fc:78:6b:86:
         1b:76:94:d7:63:61:bb:33:c1:50:57:70:fe:b4:31:f1:94:73:
         d8:bc:e8:2f:95:c6:e4:76:ce:cc:6e:2c:4d:e5:14:24:b6:b9:
         f7:fb:9f:7e:d7:31:59:6a:35:e2:80:60:67:db:a5:60:e9:b8:
         8e:55:87:f4:e7:42:4f:7c:f5:4e:7f:65:c7:0c:bf:db:24:30:
         e2:2a:99:1b:7f:65:40:bd:97:00:81:fb:d0:cc:49:37:9a:70:
         6e:cd:6a:46:38:5d:13:02:f2:57:ef:72:7f:3d:87:c9:f9:bb:
         8d:1d:7c:8e:73:6a:33:8e:22:f4:d1:90:c3:c0:b7:6d:cd:f9:
         3c:13:7a:92:a4:4e:b9:19:29:83:00:0e:b5:0e:a0:fd:1d:07:
         60:df:d9:4a:93:bd:dd:fc:5c:1a:a1:41:a7:50:77:59:26:99:
         0f:58:03:7b:b8:58:eb:3f:e2:bc:fa:76:96:a1:47:99:83:02:
         f6:f8:1a:86:fb:7b:bc:42:dd:58:45:d6:79:a0:2c:6e:85:fb:
         de:a5:21:e1:1c:2c:dd:a6:f0:06:16:54:8c:57:d3:a9:99:ee:
         0a:8f:83:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmT+T1ceve0aCHAxPc16TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MDdlMzIxNWI5MmM4NjU4ZWJmNDk1ZjZiODdjZTBiYTZh
N2JkMjcwHhcNMjYwNDE3MDQwMDUwWhcNMjYwNDE4MDQwMDUwWjAzMTEwLwYDVQQD
Eyg0YmIzZmM5NDFkYjdlYjU1NDQwMmIwZjM3NzExMTQ3ZjcwZTExM2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlYHA6Xy43ST+GU7qjasUO+FUe6Q
+5mFN30CiA0AvvCQIV9suBFrkVw/Yq6pjNNzSu+blLXoiCMQ8UBo/MjzhfhyIaWF
402fZv6qnNAQmp5Pc5r1++S3XEcKeXgvbGdTk9o9jj3WAjt68oo4zRQ0zpYpKEo6
TuQP26Y3ZoO+L0bwNFMDzs3jcKEjqfVIRWuguw0GK6S0hzBh4gLUs2mP6CdsipkU
HKFUZvsuEB/ZLWzss9q+YSQUI9xo5sfef8TCAv7VoWW6+nLViG3CjBnPsHoCMem3
/R8P1FI/wj7UY3u7H1EQkqbEfKJcgPbHHgQ8DL3NYScAFzplzZAKKvwbeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEuz/JQdt+tVRAKw83cRFH9w4RPxMB8GA1UdIwQY
MBaAFCUH4yFbkshljr9JX2uHzgump70nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80ZWVmMWItYzMwYi00ZWQ3LWFmMmEt
MDFjMzU2YjczZjBkLzEvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80ZWVmMWItYzMwYi00ZWQ3LWFmMmEtMDFjMzU2YjczZjBk
LzEvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWKWCJ9f+
1NoSxdyH6TB2A/E4mJRxd2a63GFMA6yLCr/8eGuGG3aU12NhuzPBUFdw/rQx8ZRz
2LzoL5XG5HbOzG4sTeUUJLa59/ufftcxWWo14oBgZ9ulYOm4jlWH9OdCT3z1Tn9l
xwy/2yQw4iqZG39lQL2XAIH70MxJN5pwbs1qRjhdEwLyV+9yfz2Hyfm7jR18jnNq
M44i9NGQw8C3bc35PBN6kqROuRkpgwAOtQ6g/R0HYN/ZSpO93fxcGqFBp1B3WSaZ
D1gDe7hY6z/ivPp2lqFHmYMC9vgahvt7vELdWEXWeaAsboX73qUh4Rws3abwBhZU
jFfTqZnuCo+D9A==
-----END CERTIFICATE-----