Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/60ce7e-1923-4993-900c-7d5eb1831ef1/1/bFFhS2v7bGGHg2dpEb3zvIKfl9c.mft
File:                     bFFhS2v7bGGHg2dpEb3zvIKfl9c.mft (raw, json)
Hash identifier:          Q9fS1ak6c54AfNeRkHxj9IrzPw+rfL9CPm4VF2l+XVo=
Subject key identifier:   B9:55:E7:2E:6B:09:F8:BE:84:C8:A2:7F:60:78:37:8A:2A:3E:35:A4
Authority key identifier: 6C:51:61:4B:6B:FB:6C:61:87:83:67:69:11:BD:F3:BC:82:9F:97:D7
Certificate issuer:       /CN=6c51614b6bfb6c618783676911bdf3bc829f97d7
Certificate serial:       019DA4F8A9C36675B277AB786E862A2F42C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bFFhS2v7bGGHg2dpEb3zvIKfl9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/60ce7e-1923-4993-900c-7d5eb1831ef1/1/bFFhS2v7bGGHg2dpEb3zvIKfl9c.mft
Manifest number:          1559
Signing time:             Sun 19 Apr 2026 09:00:52 +0000
Manifest this update:     Sun 19 Apr 2026 09:00:52 +0000
Manifest next update:     Mon 20 Apr 2026 09:00:52 +0000
Files and hashes:         1: bFFhS2v7bGGHg2dpEb3zvIKfl9c.crl (hash: LXZOwKrpYahIo7QuJ1uPc96zUMp8rxKP8FQqW/9mwaY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/60ce7e-1923-4993-900c-7d5eb1831ef1/1/bFFhS2v7bGGHg2dpEb3zvIKfl9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/60ce7e-1923-4993-900c-7d5eb1831ef1/1/bFFhS2v7bGGHg2dpEb3zvIKfl9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bFFhS2v7bGGHg2dpEb3zvIKfl9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 04:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:f8:a9:c3:66:75:b2:77:ab:78:6e:86:2a:2f:42:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c51614b6bfb6c618783676911bdf3bc829f97d7
        Validity
            Not Before: Apr 19 09:00:52 2026 GMT
            Not After : Apr 20 09:00:52 2026 GMT
        Subject: CN=b955e72e6b09f8be84c8a27f6078378a2a3e35a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:c0:74:b9:19:67:5b:db:6c:09:61:8e:6a:62:
                    38:df:f4:2f:8f:8c:ae:fa:51:65:25:24:90:1f:9f:
                    8c:c8:3e:b4:74:c6:4e:f5:84:1a:3a:ef:ba:8c:72:
                    d7:ac:03:29:30:28:36:56:c5:19:cd:61:11:b3:dd:
                    e2:cb:2e:ca:e0:5c:cd:ff:91:74:6b:18:3b:80:9f:
                    78:ad:99:ff:e4:06:12:0f:83:1c:3b:71:e6:1b:1c:
                    4d:3f:a8:c4:1d:6e:00:86:cb:8c:b5:b5:f1:fe:8f:
                    c6:36:cf:d6:a4:c9:cd:65:b7:4d:65:6e:24:0c:e2:
                    1e:09:df:74:a1:2b:f7:46:47:8f:d8:17:7c:32:57:
                    5e:b6:a1:14:59:bf:87:dd:bf:72:d1:a3:88:10:0c:
                    ed:16:73:30:04:9f:73:c6:2d:d3:a7:e6:b1:21:a4:
                    d8:26:8e:e7:27:5c:ec:7d:4e:69:1b:85:c5:e5:7e:
                    c2:62:39:87:80:8e:6a:0a:5f:62:5c:91:b3:c0:53:
                    e9:95:cb:ae:9d:e9:c2:72:22:d0:51:71:b6:fd:05:
                    ec:cd:6e:6a:3d:66:eb:7f:64:d0:07:23:5f:6b:08:
                    12:63:0c:6c:ab:75:7a:40:b7:3a:f2:38:5c:83:ba:
                    e0:3a:dc:78:03:14:05:52:d0:6e:ff:ff:19:dd:74:
                    2b:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:55:E7:2E:6B:09:F8:BE:84:C8:A2:7F:60:78:37:8A:2A:3E:35:A4
            X509v3 Authority Key Identifier:
                keyid:6C:51:61:4B:6B:FB:6C:61:87:83:67:69:11:BD:F3:BC:82:9F:97:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bFFhS2v7bGGHg2dpEb3zvIKfl9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/60ce7e-1923-4993-900c-7d5eb1831ef1/1/bFFhS2v7bGGHg2dpEb3zvIKfl9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/60ce7e-1923-4993-900c-7d5eb1831ef1/1/bFFhS2v7bGGHg2dpEb3zvIKfl9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:f1:6e:3a:2d:7e:f2:d7:1d:09:e8:ad:c6:62:62:bd:1c:c0:
         11:6c:54:9f:6e:b8:44:0f:b3:2f:6d:75:41:d3:28:e8:67:26:
         38:c0:94:64:30:db:bc:35:bc:bc:05:1f:8d:ad:96:08:d8:3a:
         80:8a:96:a8:21:5c:a9:69:1f:c5:90:39:b6:b1:b9:f7:7a:82:
         98:93:e3:71:c6:9a:4d:fc:16:a6:85:8b:3a:cf:22:f0:14:81:
         54:ce:78:00:f9:7f:64:72:4e:2a:f0:89:46:39:db:39:86:b1:
         b6:52:cd:c4:41:85:d9:fa:6e:18:0d:46:f4:0a:35:d8:4b:39:
         f4:b8:4c:22:92:31:c8:a4:ec:0b:63:97:06:2e:5f:86:dd:c5:
         88:c9:66:c3:c7:d9:6e:0a:20:7f:ef:1e:36:fa:6c:d1:fb:cf:
         45:fc:75:7b:75:ec:04:4b:95:9c:51:2f:59:b9:37:62:6c:bc:
         6a:c9:03:9f:ca:30:df:68:b5:ce:7a:d8:d2:d0:40:e4:1d:59:
         60:ee:76:62:6a:de:28:67:a5:8a:80:27:4c:29:6d:c3:12:9f:
         19:f4:79:6e:de:60:b9:af:2b:0b:49:45:c3:b0:3a:3b:5f:f7:
         03:7a:10:e7:c7:a0:d6:92:48:13:f2:23:9c:24:c5:78:f8:3b:
         18:72:2e:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2k+KnDZnWyd6t4boYqL0LHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNTE2MTRiNmJmYjZjNjE4NzgzNjc2OTExYmRmM2JjODI5
Zjk3ZDcwHhcNMjYwNDE5MDkwMDUyWhcNMjYwNDIwMDkwMDUyWjAzMTEwLwYDVQQD
EyhiOTU1ZTcyZTZiMDlmOGJlODRjOGEyN2Y2MDc4Mzc4YTJhM2UzNWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsB0uRlnW9tsCWGOamI43/Qvj4yu
+lFlJSSQH5+MyD60dMZO9YQaOu+6jHLXrAMpMCg2VsUZzWERs93iyy7K4FzN/5F0
axg7gJ94rZn/5AYSD4McO3HmGxxNP6jEHW4AhsuMtbXx/o/GNs/WpMnNZbdNZW4k
DOIeCd90oSv3RkeP2Bd8MldetqEUWb+H3b9y0aOIEAztFnMwBJ9zxi3Tp+axIaTY
Jo7nJ1zsfU5pG4XF5X7CYjmHgI5qCl9iXJGzwFPplcuunenCciLQUXG2/QXszW5q
PWbrf2TQByNfawgSYwxsq3V6QLc68jhcg7rgOtx4AxQFUtBu//8Z3XQrPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLlV5y5rCfi+hMiif2B4N4oqPjWkMB8GA1UdIwQY
MBaAFGxRYUtr+2xhh4NnaRG987yCn5fXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkZGaFMydjdiR0dIZzJkcEViM3p2SUtmbDljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi82MGNlN2UtMTkyMy00OTkzLTkwMGMt
N2Q1ZWIxODMxZWYxLzEvYkZGaFMydjdiR0dIZzJkcEViM3p2SUtmbDljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi82MGNlN2UtMTkyMy00OTkzLTkwMGMtN2Q1ZWIxODMxZWYx
LzEvYkZGaFMydjdiR0dIZzJkcEViM3p2SUtmbDljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPfFuOi1+
8tcdCeitxmJivRzAEWxUn264RA+zL211QdMo6GcmOMCUZDDbvDW8vAUfja2WCNg6
gIqWqCFcqWkfxZA5trG593qCmJPjccaaTfwWpoWLOs8i8BSBVM54APl/ZHJOKvCJ
RjnbOYaxtlLNxEGF2fpuGA1G9Ao12Es59LhMIpIxyKTsC2OXBi5fht3FiMlmw8fZ
bgogf+8eNvps0fvPRfx1e3XsBEuVnFEvWbk3Ymy8askDn8ow32i1znrY0tBA5B1Z
YO52YmreKGelioAnTCltwxKfGfR5bt5gua8rC0lFw7A6O1/3A3oQ58eg1pJIE/Ij
nCTFePg7GHIuhA==
-----END CERTIFICATE-----