Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1a07b0-9976-4d55-b722-a2a11a0a6d74/1/sLQvCUy6l0wfrsa97BVg9mOHiRE.mft
File:                     sLQvCUy6l0wfrsa97BVg9mOHiRE.mft (raw, json)
Hash identifier:          OopNZ9kti4y7tJmf68MkeVAzxcY7L2lZD9U269qNfqA=
Subject key identifier:   00:36:87:A6:E5:41:3D:93:C5:90:B7:EF:4B:D1:A5:41:24:3E:0D:76
Authority key identifier: B0:B4:2F:09:4C:BA:97:4C:1F:AE:C6:BD:EC:15:60:F6:63:87:89:11
Certificate issuer:       /CN=b0b42f094cba974c1faec6bdec1560f663878911
Certificate serial:       019D9AE2A184AD85B872E55CB3C215DE038F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sLQvCUy6l0wfrsa97BVg9mOHiRE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/1a07b0-9976-4d55-b722-a2a11a0a6d74/1/sLQvCUy6l0wfrsa97BVg9mOHiRE.mft
Manifest number:          1553
Signing time:             Fri 17 Apr 2026 10:00:36 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:36 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:36 +0000
Files and hashes:         1: sLQvCUy6l0wfrsa97BVg9mOHiRE.crl (hash: 4EjGvnTmz+djoIcn6RiB/Ckt9xP1iQbY87Ynls05bb4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/1a07b0-9976-4d55-b722-a2a11a0a6d74/1/sLQvCUy6l0wfrsa97BVg9mOHiRE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/1a07b0-9976-4d55-b722-a2a11a0a6d74/1/sLQvCUy6l0wfrsa97BVg9mOHiRE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sLQvCUy6l0wfrsa97BVg9mOHiRE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:a1:84:ad:85:b8:72:e5:5c:b3:c2:15:de:03:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0b42f094cba974c1faec6bdec1560f663878911
        Validity
            Not Before: Apr 17 10:00:36 2026 GMT
            Not After : Apr 18 10:00:36 2026 GMT
        Subject: CN=003687a6e5413d93c590b7ef4bd1a541243e0d76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:18:ba:bd:cc:12:c3:3f:2b:0b:9c:6b:a5:66:
                    7f:39:02:b6:ef:9e:0a:6a:db:70:82:2d:51:4b:71:
                    25:1d:c8:22:69:64:e1:9f:c9:68:82:33:60:8c:fa:
                    e4:d5:ba:56:6f:0e:d8:7f:00:c6:a8:0d:34:01:54:
                    46:1a:52:38:e1:74:65:79:5d:ab:00:6c:c8:f8:ae:
                    dc:11:d6:c3:b9:e8:50:73:25:7d:97:bc:c5:38:40:
                    1a:a2:3d:61:b5:9b:12:ac:9c:0f:8f:80:83:ef:f9:
                    8d:cb:f8:a8:80:4f:ee:f2:83:99:50:95:cd:0d:2c:
                    dc:9a:a1:d9:dc:8b:63:ab:61:2e:3d:e0:9a:80:cf:
                    a2:43:0c:8d:44:13:c1:7f:13:d2:64:f3:f2:99:16:
                    ab:6b:f0:7b:db:4f:00:a0:f4:7d:17:a2:29:8f:3b:
                    bc:3a:ee:f7:63:79:a8:77:c8:aa:b0:20:5c:22:9f:
                    57:91:2a:82:dd:3b:cc:6d:58:29:21:3a:ce:bc:77:
                    c6:a1:bf:3d:73:fc:25:a6:e5:43:ab:75:8a:31:27:
                    aa:ac:9d:88:cc:2f:b0:82:68:c8:c3:63:48:07:bf:
                    c0:3d:5b:46:10:4b:cd:9c:1a:9e:10:ca:8e:0b:36:
                    4b:bb:90:d5:c0:76:d4:ae:e8:62:10:b6:7e:10:0b:
                    d2:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:36:87:A6:E5:41:3D:93:C5:90:B7:EF:4B:D1:A5:41:24:3E:0D:76
            X509v3 Authority Key Identifier:
                keyid:B0:B4:2F:09:4C:BA:97:4C:1F:AE:C6:BD:EC:15:60:F6:63:87:89:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sLQvCUy6l0wfrsa97BVg9mOHiRE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1a07b0-9976-4d55-b722-a2a11a0a6d74/1/sLQvCUy6l0wfrsa97BVg9mOHiRE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1a07b0-9976-4d55-b722-a2a11a0a6d74/1/sLQvCUy6l0wfrsa97BVg9mOHiRE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:36:11:35:2f:15:e7:15:64:f9:59:56:bd:e5:3d:72:78:99:
         44:dc:c1:60:25:61:a8:dc:42:a5:dc:ae:f4:c4:c2:75:d2:6d:
         cc:81:bc:40:e5:15:92:6a:73:7e:0c:22:7e:95:7b:86:67:a3:
         6b:eb:5d:6e:e6:23:84:02:17:03:3d:f1:6e:2d:2a:1c:70:c8:
         5d:c9:b1:6a:0b:a1:8b:fd:5b:08:88:86:51:88:6d:55:a5:88:
         44:6f:a7:d1:85:7a:8b:ad:dd:98:91:5c:f4:af:45:bd:17:e6:
         79:51:bd:82:01:f2:f5:c8:1f:48:7a:67:88:b4:d1:34:47:1c:
         18:b4:11:d6:60:ba:a0:44:96:12:82:d1:c3:d0:a2:cf:19:f0:
         c5:e0:39:0d:48:6f:e6:d6:22:89:0b:1a:8d:d4:78:8b:f8:7a:
         f0:81:97:fb:0a:0e:83:f4:b5:36:61:38:03:df:df:da:5d:2f:
         b9:b6:16:9b:c1:69:9f:d3:83:af:91:20:86:f1:e9:d8:98:63:
         73:40:a4:b1:2b:cc:1d:b9:4e:cf:8a:d3:4c:9e:78:af:8d:8b:
         c3:8e:f3:7c:8f:2c:cb:41:fd:43:9b:0a:94:98:f1:ba:ff:5d:
         6d:95:30:20:20:c3:43:d2:07:a4:b6:8a:53:4c:b1:e0:b4:a2:
         6c:e8:80:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4qGErYW4cuVcs8IV3gOPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYjQyZjA5NGNiYTk3NGMxZmFlYzZiZGVjMTU2MGY2NjM4
Nzg5MTEwHhcNMjYwNDE3MTAwMDM2WhcNMjYwNDE4MTAwMDM2WjAzMTEwLwYDVQQD
EygwMDM2ODdhNmU1NDEzZDkzYzU5MGI3ZWY0YmQxYTU0MTI0M2UwZDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRi6vcwSwz8rC5xrpWZ/OQK2754K
attwgi1RS3ElHcgiaWThn8logjNgjPrk1bpWbw7YfwDGqA00AVRGGlI44XRleV2r
AGzI+K7cEdbDuehQcyV9l7zFOEAaoj1htZsSrJwPj4CD7/mNy/iogE/u8oOZUJXN
DSzcmqHZ3Itjq2EuPeCagM+iQwyNRBPBfxPSZPPymRara/B7208AoPR9F6Ipjzu8
Ou73Y3mod8iqsCBcIp9XkSqC3TvMbVgpITrOvHfGob89c/wlpuVDq3WKMSeqrJ2I
zC+wgmjIw2NIB7/APVtGEEvNnBqeEMqOCzZLu5DVwHbUruhiELZ+EAvSVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAA2h6blQT2TxZC370vRpUEkPg12MB8GA1UdIwQY
MBaAFLC0LwlMupdMH67GvewVYPZjh4kRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0xRdkNVeTZsMHdmcnNhOTdCVmc5bU9IaVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYTA3YjAtOTk3Ni00ZDU1LWI3MjIt
YTJhMTFhMGE2ZDc0LzEvc0xRdkNVeTZsMHdmcnNhOTdCVmc5bU9IaVJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xYTA3YjAtOTk3Ni00ZDU1LWI3MjItYTJhMTFhMGE2ZDc0
LzEvc0xRdkNVeTZsMHdmcnNhOTdCVmc5bU9IaVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdzYRNS8V
5xVk+VlWveU9cniZRNzBYCVhqNxCpdyu9MTCddJtzIG8QOUVkmpzfgwifpV7hmej
a+tdbuYjhAIXAz3xbi0qHHDIXcmxaguhi/1bCIiGUYhtVaWIRG+n0YV6i63dmJFc
9K9FvRfmeVG9ggHy9cgfSHpniLTRNEccGLQR1mC6oESWEoLRw9CizxnwxeA5DUhv
5tYiiQsajdR4i/h68IGX+woOg/S1NmE4A9/f2l0vubYWm8Fpn9ODr5EghvHp2Jhj
c0CksSvMHblOz4rTTJ54r42Lw47zfI8sy0H9Q5sKlJjxuv9dbZUwICDDQ9IHpLaK
U0yx4LSibOiAaQ==
-----END CERTIFICATE-----