Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/993364-d85f-4007-96ec-49ac28142318/1/iXlCagvNkDpVJkksxa97TysO2wQ.mft
File:                     iXlCagvNkDpVJkksxa97TysO2wQ.mft (raw, json)
Hash identifier:          GTdTtucnEKMzK7sYj4Fg6B81UiBCU4TJ6vujF0QaB1k=
Subject key identifier:   3D:96:35:15:95:32:44:29:62:D2:4A:F2:75:D2:B2:7C:E9:8F:B4:11
Authority key identifier: 89:79:42:6A:0B:CD:90:3A:55:26:49:2C:C5:AF:7B:4F:2B:0E:DB:04
Certificate issuer:       /CN=8979426a0bcd903a5526492cc5af7b4f2b0edb04
Certificate serial:       019D9818DB9B2C7ACA55BCA250CA6C84BBBA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iXlCagvNkDpVJkksxa97TysO2wQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/993364-d85f-4007-96ec-49ac28142318/1/iXlCagvNkDpVJkksxa97TysO2wQ.mft
Manifest number:          0842
Signing time:             Thu 16 Apr 2026 21:00:59 +0000
Manifest this update:     Thu 16 Apr 2026 21:00:59 +0000
Manifest next update:     Fri 17 Apr 2026 21:00:59 +0000
Files and hashes:         1: iXlCagvNkDpVJkksxa97TysO2wQ.crl (hash: sLqvxZRjCx/aHnkgRpBCItCIKCo7d4NgJn1Oa1OTffs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/993364-d85f-4007-96ec-49ac28142318/1/iXlCagvNkDpVJkksxa97TysO2wQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/993364-d85f-4007-96ec-49ac28142318/1/iXlCagvNkDpVJkksxa97TysO2wQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iXlCagvNkDpVJkksxa97TysO2wQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 21:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:18:db:9b:2c:7a:ca:55:bc:a2:50:ca:6c:84:bb:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8979426a0bcd903a5526492cc5af7b4f2b0edb04
        Validity
            Not Before: Apr 16 21:00:59 2026 GMT
            Not After : Apr 17 21:00:59 2026 GMT
        Subject: CN=3d9635159532442962d24af275d2b27ce98fb411
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fb:41:31:26:5a:d1:eb:95:36:84:53:18:be:a5:
                    76:79:7c:6b:8f:08:82:ca:d7:5b:fd:fe:b1:50:95:
                    a8:86:bc:d2:b5:bb:37:82:58:44:fc:02:b0:db:cf:
                    58:e3:13:ae:11:14:78:37:09:dd:bb:6a:4a:fb:be:
                    5b:20:9a:b0:dc:15:e2:2e:d6:6a:64:9c:7b:88:e6:
                    d7:cc:7b:14:35:2d:ae:ac:af:05:98:89:b5:94:6f:
                    c6:31:02:56:a1:f6:5c:34:5a:90:0c:62:34:de:91:
                    40:7d:64:3c:e5:3a:10:57:53:4e:1b:34:b8:e9:2b:
                    1b:53:9b:80:78:d9:37:48:be:20:40:65:88:bc:9d:
                    2f:49:32:de:61:b3:3d:b1:7d:b5:0c:da:7d:01:ae:
                    17:14:d3:c7:dd:e7:46:de:be:ff:25:0f:14:e7:33:
                    68:df:c0:08:fa:27:5f:ea:62:6f:a7:1a:c8:11:40:
                    95:41:a9:32:ed:bf:87:ed:bb:55:f2:ff:41:23:51:
                    24:da:02:54:45:ce:99:14:26:2e:5e:da:18:4e:8b:
                    dc:40:43:bf:fb:e1:21:e0:31:02:dd:1d:3e:74:f0:
                    73:53:1e:b0:5c:36:db:35:5b:6b:86:18:d6:d0:54:
                    5d:c8:2a:97:8f:85:fe:f4:9b:56:5d:ed:d0:29:5d:
                    73:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:96:35:15:95:32:44:29:62:D2:4A:F2:75:D2:B2:7C:E9:8F:B4:11
            X509v3 Authority Key Identifier:
                keyid:89:79:42:6A:0B:CD:90:3A:55:26:49:2C:C5:AF:7B:4F:2B:0E:DB:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iXlCagvNkDpVJkksxa97TysO2wQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/993364-d85f-4007-96ec-49ac28142318/1/iXlCagvNkDpVJkksxa97TysO2wQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/993364-d85f-4007-96ec-49ac28142318/1/iXlCagvNkDpVJkksxa97TysO2wQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:e4:b4:d8:c7:c4:3a:c5:b6:db:6c:9e:4b:b2:e9:1e:1d:ad:
         fa:c6:6e:6f:be:81:77:f3:c0:b3:d1:10:ed:10:b8:d9:5e:77:
         e4:5d:f2:ce:a9:40:b5:ac:fb:5a:fb:f9:1f:a6:3f:de:66:d3:
         aa:c3:c6:d7:0d:a3:08:28:c3:cf:b3:64:49:2e:2d:33:04:bd:
         b4:59:4a:dc:4d:03:b2:62:5f:69:f9:98:2b:70:8e:e6:28:40:
         e5:79:89:af:ec:2a:f1:81:fc:6d:56:0f:01:3b:66:41:6b:2a:
         3b:50:5e:58:5d:80:fa:32:39:54:54:ff:9f:f5:b8:54:15:7a:
         72:1d:74:41:dc:84:35:af:32:e9:80:00:cf:68:f6:03:e3:7f:
         cc:57:ac:16:34:8e:3c:84:78:cf:68:0b:df:da:cc:fa:dc:98:
         e2:47:01:8d:a0:51:4b:33:07:22:85:a3:1a:de:3b:e1:4d:e8:
         19:a8:9b:7b:a3:93:32:9b:f9:e0:c8:98:fc:00:64:eb:e0:eb:
         d9:f9:a0:b5:28:29:e5:5d:e2:5d:47:76:8e:1e:65:6e:1b:62:
         bf:8b:3e:71:b4:51:73:6a:3c:5e:62:2b:cc:38:1f:16:b7:c5:
         42:c5:9d:76:85:ad:0c:a0:0c:ae:0d:59:bc:2c:86:2a:5e:6f:
         2c:60:4d:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YGNubLHrKVbyiUMpshLu6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5Nzk0MjZhMGJjZDkwM2E1NTI2NDkyY2M1YWY3YjRmMmIw
ZWRiMDQwHhcNMjYwNDE2MjEwMDU5WhcNMjYwNDE3MjEwMDU5WjAzMTEwLwYDVQQD
EygzZDk2MzUxNTk1MzI0NDI5NjJkMjRhZjI3NWQyYjI3Y2U5OGZiNDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+0ExJlrR65U2hFMYvqV2eXxrjwiC
ytdb/f6xUJWohrzStbs3glhE/AKw289Y4xOuERR4Nwndu2pK+75bIJqw3BXiLtZq
ZJx7iObXzHsUNS2urK8FmIm1lG/GMQJWofZcNFqQDGI03pFAfWQ85ToQV1NOGzS4
6SsbU5uAeNk3SL4gQGWIvJ0vSTLeYbM9sX21DNp9Aa4XFNPH3edG3r7/JQ8U5zNo
38AI+idf6mJvpxrIEUCVQaky7b+H7btV8v9BI1Ek2gJURc6ZFCYuXtoYTovcQEO/
++Eh4DEC3R0+dPBzUx6wXDbbNVtrhhjW0FRdyCqXj4X+9JtWXe3QKV1zTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2WNRWVMkQpYtJK8nXSsnzpj7QRMB8GA1UdIwQY
MBaAFIl5QmoLzZA6VSZJLMWve08rDtsEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVhsQ2Fndk5rRHBWSmtrc3hhOTdUeXNPMndRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi85OTMzNjQtZDg1Zi00MDA3LTk2ZWMt
NDlhYzI4MTQyMzE4LzEvaVhsQ2Fndk5rRHBWSmtrc3hhOTdUeXNPMndRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi85OTMzNjQtZDg1Zi00MDA3LTk2ZWMtNDlhYzI4MTQyMzE4
LzEvaVhsQ2Fndk5rRHBWSmtrc3hhOTdUeXNPMndRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfOS02MfE
OsW222yeS7LpHh2t+sZub76Bd/PAs9EQ7RC42V535F3yzqlAtaz7Wvv5H6Y/3mbT
qsPG1w2jCCjDz7NkSS4tMwS9tFlK3E0DsmJfafmYK3CO5ihA5XmJr+wq8YH8bVYP
ATtmQWsqO1BeWF2A+jI5VFT/n/W4VBV6ch10QdyENa8y6YAAz2j2A+N/zFesFjSO
PIR4z2gL39rM+tyY4kcBjaBRSzMHIoWjGt474U3oGaibe6OTMpv54MiY/ABk6+Dr
2fmgtSgp5V3iXUd2jh5lbhtiv4s+cbRRc2o8XmIrzDgfFrfFQsWddoWtDKAMrg1Z
vCyGKl5vLGBNHw==
-----END CERTIFICATE-----