Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
File:                     v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft (raw, json)
Hash identifier:          e+UkoM51Ea2b1axBOBvZVLExMjeYFdzWs4c9IoIwg5w=
Subject key identifier:   47:06:0E:B9:51:C4:A9:5F:66:0A:9C:AC:77:7D:47:BD:0A:1A:CE:96
Authority key identifier: BF:42:40:9A:1F:8C:1C:EE:59:74:DB:8A:42:E1:EB:67:2E:E8:34:36
Certificate issuer:       /CN=bf42409a1f8c1cee5974db8a42e1eb672ee83436
Certificate serial:       019D9AE2E997011FC559568BC5B14FCBEBE4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
Manifest number:          0F61
Signing time:             Fri 17 Apr 2026 10:00:55 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:55 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:55 +0000
Files and hashes:         1: v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl (hash: VE1O3YPUTfjt0H+1/O89gTqB4UiKb/VtuWyC0EnoMZg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 10:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:e9:97:01:1f:c5:59:56:8b:c5:b1:4f:cb:eb:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf42409a1f8c1cee5974db8a42e1eb672ee83436
        Validity
            Not Before: Apr 17 10:00:55 2026 GMT
            Not After : Apr 18 10:00:55 2026 GMT
        Subject: CN=47060eb951c4a95f660a9cac777d47bd0a1ace96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:1d:03:51:ca:62:4f:fc:0a:af:a0:c6:9a:18:
                    56:0d:99:d5:a4:a3:71:5a:20:9f:ff:b2:d4:c0:cf:
                    77:c7:b3:c9:70:81:f9:db:ac:2d:6c:d7:6e:58:cb:
                    49:37:dd:59:95:71:8b:38:c4:22:83:75:e8:0a:0b:
                    5a:b5:2e:97:13:24:44:01:b4:bd:e0:8e:c9:61:b1:
                    2e:2b:3a:8d:2c:89:8c:b4:25:e1:bc:3e:b6:21:36:
                    1a:3f:ca:d5:cb:2a:49:fa:b3:99:51:b4:bd:e0:98:
                    9e:95:23:9c:90:dd:14:b6:b4:56:4d:10:ae:1e:e0:
                    62:13:37:c9:6c:44:74:ad:e0:7e:e3:79:93:67:24:
                    f7:75:be:7c:8e:d0:25:96:02:39:38:38:99:1e:b3:
                    82:8f:6b:c5:2a:6f:8a:cc:f0:c7:ea:a8:8e:94:37:
                    06:4d:e7:82:a5:84:07:f6:09:15:c8:00:ce:53:19:
                    21:54:b2:24:25:a1:fd:dc:57:3d:55:c7:15:fb:fc:
                    40:a0:a8:f7:85:91:ee:dc:81:0d:b1:be:0b:93:fd:
                    70:64:f7:5f:bf:6d:8f:f2:83:0e:f1:72:22:3d:89:
                    6c:ec:26:81:8b:31:2d:cd:b8:ef:b4:bd:e1:84:c3:
                    d9:3d:91:a5:bc:b0:3b:0c:8e:c9:68:24:72:b0:d1:
                    91:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:06:0E:B9:51:C4:A9:5F:66:0A:9C:AC:77:7D:47:BD:0A:1A:CE:96
            X509v3 Authority Key Identifier:
                keyid:BF:42:40:9A:1F:8C:1C:EE:59:74:DB:8A:42:E1:EB:67:2E:E8:34:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:93:78:9e:09:e6:ab:bd:2c:fc:61:9c:11:dc:3d:de:c0:43:
         28:00:ae:0c:20:cf:b7:d8:e7:3e:9b:08:d0:71:06:0e:c4:a1:
         02:e3:03:9d:c6:4f:10:67:cc:58:e4:ad:e7:32:55:5e:16:4a:
         27:ee:c3:e1:68:d5:82:3a:04:77:8e:ce:51:35:70:61:58:c0:
         c5:5a:1e:74:c4:b4:42:e0:be:d1:9e:60:63:8a:f3:72:3e:d2:
         14:ec:58:16:ef:66:28:6f:c7:6d:7e:65:49:58:af:79:05:4c:
         ea:4f:de:c1:60:cb:a6:8c:66:6f:dc:69:34:f2:20:91:d3:65:
         6a:88:19:39:ba:f5:d7:0b:b8:87:ed:e9:6d:cc:71:01:a2:d8:
         51:e3:98:38:49:17:c2:42:e4:d9:0b:52:ae:23:5d:d5:b2:26:
         d4:9d:3c:6f:05:ae:4a:b7:ed:54:07:b9:56:b5:ff:c7:86:73:
         8c:8b:e7:b0:7f:09:29:0a:9c:fd:27:8d:9e:75:d4:a5:88:bc:
         93:c4:16:6e:9f:4d:ea:5c:6d:f1:b4:68:00:3c:7c:7f:cd:bb:
         0a:4c:6e:f0:02:92:0f:3a:8e:42:53:06:e4:84:1a:01:55:2d:
         81:21:dc:f7:aa:10:e3:66:d5:ae:e7:7b:80:9a:88:8d:36:fa:
         ea:c8:78:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4umXAR/FWVaLxbFPy+vkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNDI0MDlhMWY4YzFjZWU1OTc0ZGI4YTQyZTFlYjY3MmVl
ODM0MzYwHhcNMjYwNDE3MTAwMDU1WhcNMjYwNDE4MTAwMDU1WjAzMTEwLwYDVQQD
Eyg0NzA2MGViOTUxYzRhOTVmNjYwYTljYWM3NzdkNDdiZDBhMWFjZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqx0DUcpiT/wKr6DGmhhWDZnVpKNx
WiCf/7LUwM93x7PJcIH526wtbNduWMtJN91ZlXGLOMQig3XoCgtatS6XEyREAbS9
4I7JYbEuKzqNLImMtCXhvD62ITYaP8rVyypJ+rOZUbS94JielSOckN0UtrRWTRCu
HuBiEzfJbER0reB+43mTZyT3db58jtAllgI5ODiZHrOCj2vFKm+KzPDH6qiOlDcG
TeeCpYQH9gkVyADOUxkhVLIkJaH93Fc9VccV+/xAoKj3hZHu3IENsb4Lk/1wZPdf
v22P8oMO8XIiPYls7CaBizEtzbjvtL3hhMPZPZGlvLA7DI7JaCRysNGREwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEcGDrlRxKlfZgqcrHd9R70KGs6WMB8GA1UdIwQY
MBaAFL9CQJofjBzuWXTbikLh62cu6DQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My81NzJiNGEtZDIzMC00NjAzLThhNDIt
YTUxZjQ2YmI3NDY0LzEvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My81NzJiNGEtZDIzMC00NjAzLThhNDItYTUxZjQ2YmI3NDY0
LzEvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmZN4ngnm
q70s/GGcEdw93sBDKACuDCDPt9jnPpsI0HEGDsShAuMDncZPEGfMWOSt5zJVXhZK
J+7D4WjVgjoEd47OUTVwYVjAxVoedMS0QuC+0Z5gY4rzcj7SFOxYFu9mKG/HbX5l
SViveQVM6k/ewWDLpoxmb9xpNPIgkdNlaogZObr11wu4h+3pbcxxAaLYUeOYOEkX
wkLk2QtSriNd1bIm1J08bwWuSrftVAe5VrX/x4ZzjIvnsH8JKQqc/SeNnnXUpYi8
k8QWbp9N6lxt8bRoADx8f827Ckxu8AKSDzqOQlMG5IQaAVUtgSHc96oQ42bVrud7
gJqIjTb66sh48w==
-----END CERTIFICATE-----