Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
File:                     lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft (raw, json)
Hash identifier:          0lMcIg1S9jVeBtUw2zi9NC5Ly5w62/AB1Wd3S76kyQI=
Subject key identifier:   26:06:F0:60:52:9D:1F:81:4B:D9:32:4C:63:50:FB:3B:D2:6C:2F:9E
Authority key identifier: 94:62:21:F7:9A:BE:A6:D3:C0:C3:48:06:42:59:0D:D0:AE:0C:AA:3B
Certificate issuer:       /CN=946221f79abea6d3c0c3480642590dd0ae0caa3b
Certificate serial:       019DA48ADAF2120A112FD0CA5602F1D1345A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
Manifest number:          15C7
Signing time:             Sun 19 Apr 2026 07:00:56 +0000
Manifest this update:     Sun 19 Apr 2026 07:00:56 +0000
Manifest next update:     Mon 20 Apr 2026 07:00:56 +0000
Files and hashes:         1: lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl (hash: 7CVl7ud1dL5UvEWWjZhKEilT2cNR7Avh5l53oCEf+28=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 04:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:8a:da:f2:12:0a:11:2f:d0:ca:56:02:f1:d1:34:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=946221f79abea6d3c0c3480642590dd0ae0caa3b
        Validity
            Not Before: Apr 19 07:00:56 2026 GMT
            Not After : Apr 20 07:00:56 2026 GMT
        Subject: CN=2606f060529d1f814bd9324c6350fb3bd26c2f9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:9a:df:9f:21:e1:bc:5a:58:0f:82:1e:57:b0:
                    ea:88:0b:be:b5:1e:8a:66:46:07:f3:3c:80:2a:50:
                    84:3a:42:9d:e5:73:70:16:f1:25:b1:d3:bc:13:33:
                    30:60:3d:a0:6d:b6:0f:3e:26:73:b1:18:42:22:eb:
                    02:bc:cd:70:63:f9:81:32:30:16:ba:c0:54:b8:9e:
                    f5:51:ac:9c:7a:aa:24:ea:05:d0:3b:ac:5c:07:87:
                    54:f3:76:80:59:98:89:5c:4b:f6:b5:1f:d4:e7:35:
                    9a:51:64:08:c6:75:3a:8a:37:87:a1:a8:fb:0b:ac:
                    d8:ab:6e:93:3e:b6:f0:8e:5d:9d:61:a7:2b:f3:01:
                    58:7e:5a:84:53:38:48:ca:db:9d:da:9a:af:0a:0e:
                    7d:a3:a7:1d:0e:e6:ff:64:a7:d8:34:4e:83:9f:bf:
                    35:4f:0d:9b:40:b9:a2:aa:c8:78:66:1c:b3:a0:ac:
                    7a:bb:f1:bc:5e:e3:51:04:3a:4b:41:e9:06:b0:67:
                    22:c6:4b:a7:22:6c:fc:a2:fc:de:f8:23:ae:32:84:
                    14:3c:c1:e8:11:be:61:3e:3b:f9:da:0d:b7:c2:0e:
                    39:a2:30:33:e5:c0:e2:69:9a:c9:4c:7f:3f:0c:cd:
                    d7:72:5d:f8:39:29:29:93:1e:2c:eb:f2:14:44:16:
                    a9:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:06:F0:60:52:9D:1F:81:4B:D9:32:4C:63:50:FB:3B:D2:6C:2F:9E
            X509v3 Authority Key Identifier:
                keyid:94:62:21:F7:9A:BE:A6:D3:C0:C3:48:06:42:59:0D:D0:AE:0C:AA:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:c8:f3:01:83:6b:27:62:f2:e5:06:e7:59:b3:b6:c3:98:d6:
         63:95:63:1b:bb:b5:89:17:13:f6:79:eb:a4:1e:51:a0:6d:39:
         d1:43:4b:4a:f7:70:cd:19:19:e3:18:c6:33:d7:51:86:30:82:
         68:e5:64:f6:9f:05:40:7d:ec:24:96:9a:72:d5:86:64:a3:40:
         e5:74:98:1c:b7:95:c7:87:11:69:e5:a5:58:bd:45:eb:51:be:
         f1:a5:e3:57:83:b5:47:90:88:76:6c:b8:84:81:bd:b4:e2:a0:
         0a:71:d9:57:0e:55:4c:06:05:ea:9b:4f:0a:d3:eb:04:8d:09:
         61:39:24:f9:00:73:d9:04:8e:08:23:45:1e:8e:1c:ee:e0:0d:
         c1:47:4a:67:35:1a:01:5c:a0:5d:ec:b6:f4:a1:46:59:b7:66:
         ac:52:3e:e2:57:75:89:b6:fb:10:6e:3c:3b:db:5f:37:ae:72:
         ae:05:aa:08:1b:14:6b:3c:f8:18:11:91:42:68:07:5b:94:65:
         30:f6:3c:99:fb:a0:b2:19:77:0b:7e:56:05:59:cd:4a:e6:20:
         60:ae:1d:2f:13:ff:87:1c:5a:fa:f4:14:66:35:58:c0:cf:10:
         54:da:54:62:1b:5e:c1:a1:92:fe:65:89:b7:e3:4f:56:bc:a2:
         60:34:bf:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kitryEgoRL9DKVgLx0TRaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NjIyMWY3OWFiZWE2ZDNjMGMzNDgwNjQyNTkwZGQwYWUw
Y2FhM2IwHhcNMjYwNDE5MDcwMDU2WhcNMjYwNDIwMDcwMDU2WjAzMTEwLwYDVQQD
EygyNjA2ZjA2MDUyOWQxZjgxNGJkOTMyNGM2MzUwZmIzYmQyNmMyZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZrfnyHhvFpYD4IeV7DqiAu+tR6K
ZkYH8zyAKlCEOkKd5XNwFvElsdO8EzMwYD2gbbYPPiZzsRhCIusCvM1wY/mBMjAW
usBUuJ71Uayceqok6gXQO6xcB4dU83aAWZiJXEv2tR/U5zWaUWQIxnU6ijeHoaj7
C6zYq26TPrbwjl2dYacr8wFYflqEUzhIytud2pqvCg59o6cdDub/ZKfYNE6Dn781
Tw2bQLmiqsh4ZhyzoKx6u/G8XuNRBDpLQekGsGcixkunImz8ovze+COuMoQUPMHo
Eb5hPjv52g23wg45ojAz5cDiaZrJTH8/DM3Xcl34OSkpkx4s6/IURBapWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCYG8GBSnR+BS9kyTGNQ+zvSbC+eMB8GA1UdIwQY
MBaAFJRiIfeavqbTwMNIBkJZDdCuDKo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi84ZDlhYTUtZDUyYS00ODZmLWI2NGMt
N2M2MDVkMzIxNjVkLzEvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi84ZDlhYTUtZDUyYS00ODZmLWI2NGMtN2M2MDVkMzIxNjVk
LzEvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdcjzAYNr
J2Ly5QbnWbO2w5jWY5VjG7u1iRcT9nnrpB5RoG050UNLSvdwzRkZ4xjGM9dRhjCC
aOVk9p8FQH3sJJaactWGZKNA5XSYHLeVx4cRaeWlWL1F61G+8aXjV4O1R5CIdmy4
hIG9tOKgCnHZVw5VTAYF6ptPCtPrBI0JYTkk+QBz2QSOCCNFHo4c7uANwUdKZzUa
AVygXey29KFGWbdmrFI+4ld1ibb7EG48O9tfN65yrgWqCBsUazz4GBGRQmgHW5Rl
MPY8mfugshl3C35WBVnNSuYgYK4dLxP/hxxa+vQUZjVYwM8QVNpUYhtewaGS/mWJ
t+NPVryiYDS/Lg==
-----END CERTIFICATE-----