Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
File:                     rfjUKjroBc6WqpT66fW0QG_0VZk.mft (raw, json)
Hash identifier:          Gio7ND9jfVC1aMcytV2blir1JYfbzCJfnudHI1PskYM=
Subject key identifier:   25:37:6A:E6:9C:DF:B0:93:4B:CA:DD:F9:27:5F:FA:C3:67:07:ED:C0
Authority key identifier: AD:F8:D4:2A:3A:E8:05:CE:96:AA:94:FA:E9:F5:B4:40:6F:F4:55:99
Certificate issuer:       /CN=adf8d42a3ae805ce96aa94fae9f5b4406ff45599
Certificate serial:       019D9B87DCE6440709B3A98CBF79079A4D63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
Manifest number:          0629
Signing time:             Fri 17 Apr 2026 13:01:05 +0000
Manifest this update:     Fri 17 Apr 2026 13:01:05 +0000
Manifest next update:     Sat 18 Apr 2026 13:01:05 +0000
Files and hashes:         1: rfjUKjroBc6WqpT66fW0QG_0VZk.crl (hash: HjK7tQRt3FQegT9kTiaxC8W/c+Jc+23IyrRdXFqMyI8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 13:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:87:dc:e6:44:07:09:b3:a9:8c:bf:79:07:9a:4d:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=adf8d42a3ae805ce96aa94fae9f5b4406ff45599
        Validity
            Not Before: Apr 17 13:01:05 2026 GMT
            Not After : Apr 18 13:01:05 2026 GMT
        Subject: CN=25376ae69cdfb0934bcaddf9275ffac36707edc0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:38:a2:8b:86:33:6d:c6:9a:1a:25:7f:f3:a3:
                    8c:4b:4b:ce:5d:83:1d:ba:87:57:c4:b2:47:2a:e2:
                    e8:42:d3:60:57:29:d0:19:2e:c3:36:2b:e5:ad:4d:
                    92:0d:13:1d:3e:44:34:9a:f2:83:a4:3d:79:9b:94:
                    9a:45:e5:93:72:8e:0a:05:cf:4f:20:46:24:fc:f0:
                    59:2b:78:c1:73:03:8b:5d:d4:34:64:ca:d9:4f:66:
                    37:f4:54:7d:08:5d:c6:9f:96:43:99:8f:e5:ec:47:
                    f5:e3:ab:2f:a9:d9:09:69:d0:66:5d:20:a1:ee:df:
                    ec:70:19:50:9e:b4:fb:29:91:cb:c1:23:9a:79:40:
                    17:5a:4a:93:52:12:b2:0b:f4:48:f6:23:0c:c8:9e:
                    77:b3:22:4b:e3:96:88:ad:e6:f5:68:c7:8f:36:c2:
                    7a:bb:5f:dd:cd:0a:48:43:24:fa:e2:ce:4f:75:7c:
                    2a:d7:ac:d3:9c:16:36:fd:c2:a5:c1:e9:23:53:05:
                    96:20:41:0e:a9:4b:86:8e:43:ba:96:e4:4a:3b:2a:
                    68:5c:d7:2e:de:d8:b2:c1:d7:37:87:d5:a2:e3:54:
                    5e:4c:8a:18:28:a9:3d:c8:07:fa:7f:d0:ef:96:f0:
                    56:cf:f8:78:e7:5b:bc:ab:1b:26:06:29:6e:ad:5a:
                    fc:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:37:6A:E6:9C:DF:B0:93:4B:CA:DD:F9:27:5F:FA:C3:67:07:ED:C0
            X509v3 Authority Key Identifier:
                keyid:AD:F8:D4:2A:3A:E8:05:CE:96:AA:94:FA:E9:F5:B4:40:6F:F4:55:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:2e:ec:25:e7:5f:40:80:10:3e:ee:41:5b:a5:46:ad:72:9b:
         fd:fc:dc:7a:94:95:4d:70:a5:8d:a0:5e:55:48:9d:ed:02:03:
         ae:74:de:79:ee:ff:99:35:f3:87:4f:7a:1b:6d:d5:2e:4f:0e:
         9e:d9:42:b0:49:dd:18:13:b1:b3:02:8b:e8:56:49:72:e9:e0:
         10:46:61:e8:55:08:ef:c7:3e:76:5a:ea:ab:52:94:e1:20:3a:
         f5:b9:b2:3d:16:24:98:40:0f:60:1e:27:0f:d6:4e:29:c6:c9:
         f5:97:2f:7b:27:8f:42:60:b0:4c:6e:9e:21:97:ba:3e:d2:16:
         9c:7f:f3:7c:03:19:9c:cd:44:5c:3d:28:08:46:35:6d:c1:02:
         00:52:f2:15:a3:3d:a9:aa:5a:9e:56:ba:35:46:af:64:da:89:
         bc:c2:a6:c4:82:f2:0c:cf:1d:73:0e:76:94:04:9e:a2:ad:1c:
         ec:13:0c:97:02:04:f8:b9:ee:b5:c6:97:2b:49:f9:94:1c:72:
         f4:6a:47:a8:1e:bf:d1:00:aa:67:f4:26:cb:07:34:b0:38:32:
         3f:36:91:02:eb:9d:ec:02:b5:f8:8e:8b:61:4b:57:b5:ce:d5:
         08:ab:ec:aa:9e:9d:16:cf:61:14:4b:cb:82:e5:93:d6:9e:9b:
         78:c9:9a:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bh9zmRAcJs6mMv3kHmk1jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjhkNDJhM2FlODA1Y2U5NmFhOTRmYWU5ZjViNDQwNmZm
NDU1OTkwHhcNMjYwNDE3MTMwMTA1WhcNMjYwNDE4MTMwMTA1WjAzMTEwLwYDVQQD
EygyNTM3NmFlNjljZGZiMDkzNGJjYWRkZjkyNzVmZmFjMzY3MDdlZGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoziii4YzbcaaGiV/86OMS0vOXYMd
uodXxLJHKuLoQtNgVynQGS7DNivlrU2SDRMdPkQ0mvKDpD15m5SaReWTco4KBc9P
IEYk/PBZK3jBcwOLXdQ0ZMrZT2Y39FR9CF3Gn5ZDmY/l7Ef146svqdkJadBmXSCh
7t/scBlQnrT7KZHLwSOaeUAXWkqTUhKyC/RI9iMMyJ53syJL45aIreb1aMePNsJ6
u1/dzQpIQyT64s5PdXwq16zTnBY2/cKlwekjUwWWIEEOqUuGjkO6luRKOypoXNcu
3tiywdc3h9Wi41ReTIoYKKk9yAf6f9DvlvBWz/h451u8qxsmBilurVr86wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCU3auac37CTS8rd+Sdf+sNnB+3AMB8GA1UdIwQY
MBaAFK341Co66AXOlqqU+un1tEBv9FWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81YjIzMDUtOTdmZC00NzMwLWIxYTAt
YTc3OWI5OTNkZjU4LzEvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi81YjIzMDUtOTdmZC00NzMwLWIxYTAtYTc3OWI5OTNkZjU4
LzEvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHC7sJedf
QIAQPu5BW6VGrXKb/fzcepSVTXCljaBeVUid7QIDrnTeee7/mTXzh096G23VLk8O
ntlCsEndGBOxswKL6FZJcungEEZh6FUI78c+dlrqq1KU4SA69bmyPRYkmEAPYB4n
D9ZOKcbJ9ZcveyePQmCwTG6eIZe6PtIWnH/zfAMZnM1EXD0oCEY1bcECAFLyFaM9
qapanla6NUavZNqJvMKmxILyDM8dcw52lASeoq0c7BMMlwIE+LnutcaXK0n5lBxy
9GpHqB6/0QCqZ/Qmywc0sDgyPzaRAuud7AK1+I6LYUtXtc7VCKvsqp6dFs9hFEvL
guWT1p6beMma8g==
-----END CERTIFICATE-----