Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
File:                     AkhBfH_pzOxbnarMCPznmdZzCIw.mft (raw, json)
Hash identifier:          fHORiKZsm+6Drt3fSsIomFCyE5j/gixY3Wgh/wU/2Zk=
Subject key identifier:   64:88:2F:10:82:41:92:96:DD:B9:B9:85:C5:81:C0:9E:79:F5:CF:52
Authority key identifier: 02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C
Certificate issuer:       /CN=0248417c7fe9ccec5b9daacc08fce799d673088c
Certificate serial:       019D9AE3A3CD233A2F12D085090F55A67FCA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
Manifest number:          10F8
Signing time:             Fri 17 Apr 2026 10:01:42 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:42 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:42 +0000
Files and hashes:         1: AkhBfH_pzOxbnarMCPznmdZzCIw.crl (hash: 81jXGI1iydPCu97TmDbXDlefEqSi0qiaahoVx+s3Uk0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:a3:cd:23:3a:2f:12:d0:85:09:0f:55:a6:7f:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0248417c7fe9ccec5b9daacc08fce799d673088c
        Validity
            Not Before: Apr 17 10:01:42 2026 GMT
            Not After : Apr 18 10:01:42 2026 GMT
        Subject: CN=64882f1082419296ddb9b985c581c09e79f5cf52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:75:28:01:7e:bc:f9:0a:23:e4:ae:a4:6f:33:
                    43:7b:63:7d:a8:c3:56:77:c9:27:c8:9d:20:55:60:
                    3b:d5:43:4f:31:e5:94:94:25:5f:9c:1e:2a:d5:45:
                    c4:5a:57:21:60:2f:df:06:b0:e2:43:49:2a:d9:7f:
                    7a:e8:99:6d:69:32:c8:51:fc:81:ff:30:42:76:30:
                    90:e5:8a:87:ad:af:15:0d:40:51:58:ef:5c:25:f6:
                    71:1e:e8:6e:7a:5f:fb:79:51:0b:6c:2d:52:22:6b:
                    52:96:28:c8:f2:2d:c0:71:64:41:2e:91:af:cc:59:
                    9b:50:17:83:21:af:45:4b:8d:96:db:72:1f:63:e7:
                    97:83:eb:19:e3:71:f9:e1:77:20:a4:aa:0d:5e:22:
                    98:14:f4:75:91:ec:86:e4:72:66:07:dd:57:98:30:
                    1f:88:bd:b7:8c:e4:d2:f8:42:a1:29:43:81:26:c1:
                    43:46:4e:85:69:ff:5a:54:dc:c3:b5:50:c7:80:a8:
                    75:77:ca:03:1a:b2:25:76:f5:61:77:e8:c8:3f:ff:
                    40:cc:0f:2f:cb:f0:c9:c0:a0:4e:6c:55:a7:fa:6f:
                    d8:f2:ad:55:0f:81:c1:ea:3f:54:67:da:88:fc:2d:
                    d1:d9:63:4c:26:07:29:91:96:e4:f0:86:4e:33:de:
                    b6:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:88:2F:10:82:41:92:96:DD:B9:B9:85:C5:81:C0:9E:79:F5:CF:52
            X509v3 Authority Key Identifier:
                keyid:02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:1b:b4:81:05:2c:7b:32:19:e3:4e:14:9b:9e:c4:03:7d:d0:
         05:ea:3e:e5:eb:b0:06:e8:ef:98:fe:05:b5:0c:c3:d7:78:6f:
         d8:2a:bc:6a:ff:2b:6a:e0:65:3c:95:a4:34:5e:e7:40:72:62:
         7f:7b:ba:cb:98:07:7b:1f:8d:69:93:be:64:c7:12:d1:45:9a:
         d2:f8:79:55:aa:60:d5:75:42:f7:21:0a:8b:f3:ca:70:b7:20:
         f9:b5:26:2a:5f:ac:03:c6:19:fa:0e:0d:88:e1:e2:51:e2:10:
         87:4e:4a:77:64:df:91:d2:0f:2c:9b:78:31:5f:96:0b:be:8f:
         3d:09:fe:1d:34:d2:37:7d:17:7a:e5:6b:7d:74:33:86:e3:fc:
         4d:c0:47:63:55:ca:78:33:80:c2:a2:90:eb:9e:d1:e1:da:f9:
         eb:a4:5c:9a:dc:cc:70:45:90:c9:42:12:96:05:3b:78:3f:60:
         a2:c3:0e:18:be:84:e7:b1:ed:ca:a0:e3:e2:aa:36:3f:be:29:
         f2:a1:d2:fb:2e:ab:fe:4d:47:ee:45:7d:fb:5b:de:0d:1a:83:
         78:50:87:65:d6:89:be:21:04:ab:f4:1e:74:30:84:53:f3:da:
         ba:cd:42:da:7b:48:5e:83:69:7b:ca:bd:2a:43:72:27:90:1f:
         e1:f6:1d:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a46PNIzovEtCFCQ9Vpn/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNDg0MTdjN2ZlOWNjZWM1YjlkYWFjYzA4ZmNlNzk5ZDY3
MzA4OGMwHhcNMjYwNDE3MTAwMTQyWhcNMjYwNDE4MTAwMTQyWjAzMTEwLwYDVQQD
Eyg2NDg4MmYxMDgyNDE5Mjk2ZGRiOWI5ODVjNTgxYzA5ZTc5ZjVjZjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nUoAX68+Qoj5K6kbzNDe2N9qMNW
d8knyJ0gVWA71UNPMeWUlCVfnB4q1UXEWlchYC/fBrDiQ0kq2X966JltaTLIUfyB
/zBCdjCQ5YqHra8VDUBRWO9cJfZxHuhuel/7eVELbC1SImtSlijI8i3AcWRBLpGv
zFmbUBeDIa9FS42W23IfY+eXg+sZ43H54XcgpKoNXiKYFPR1keyG5HJmB91XmDAf
iL23jOTS+EKhKUOBJsFDRk6Faf9aVNzDtVDHgKh1d8oDGrIldvVhd+jIP/9AzA8v
y/DJwKBObFWn+m/Y8q1VD4HB6j9UZ9qI/C3R2WNMJgcpkZbk8IZOM962qwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGSILxCCQZKW3bm5hcWBwJ559c9SMB8GA1UdIwQY
MBaAFAJIQXx/6czsW52qzAj855nWcwiMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUt
NjNjNzA3NDQxYmE2LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUtNjNjNzA3NDQxYmE2
LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKxu0gQUs
ezIZ404Um57EA33QBeo+5euwBujvmP4FtQzD13hv2Cq8av8rauBlPJWkNF7nQHJi
f3u6y5gHex+NaZO+ZMcS0UWa0vh5Vapg1XVC9yEKi/PKcLcg+bUmKl+sA8YZ+g4N
iOHiUeIQh05Kd2TfkdIPLJt4MV+WC76PPQn+HTTSN30XeuVrfXQzhuP8TcBHY1XK
eDOAwqKQ657R4dr566RcmtzMcEWQyUISlgU7eD9gosMOGL6E57HtyqDj4qo2P74p
8qHS+y6r/k1H7kV9+1veDRqDeFCHZdaJviEEq/QedDCEU/Paus1C2ntIXoNpe8q9
KkNyJ5Af4fYd/Q==
-----END CERTIFICATE-----