Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
File:                     iqrwV67ry_cGh34qqnSjljgL4hU.mft (raw, json)
Hash identifier:          nX7mg6Hzl0cYHCPg0EtQIVLMSwIRut8zsN/gv5KeRMA=
Subject key identifier:   62:74:F4:DC:61:77:7F:D6:9E:F7:6E:6F:B5:B9:1C:4A:80:38:D7:77
Authority key identifier: 8A:AA:F0:57:AE:EB:CB:F7:06:87:7E:2A:AA:74:A3:96:38:0B:E2:15
Certificate issuer:       /CN=8aaaf057aeebcbf706877e2aaa74a396380be215
Certificate serial:       019D9B87C08955DBF5012B4DB7FDE5793CB5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iqrwV67ry_cGh34qqnSjljgL4hU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
Manifest number:          0654
Signing time:             Fri 17 Apr 2026 13:00:58 +0000
Manifest this update:     Fri 17 Apr 2026 13:00:58 +0000
Manifest next update:     Sat 18 Apr 2026 13:00:58 +0000
Files and hashes:         1: iqrwV67ry_cGh34qqnSjljgL4hU.crl (hash: F5HXYwOyUHsS/TzFX1EVq17ukqDofpW3Gj380LIDCtc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iqrwV67ry_cGh34qqnSjljgL4hU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 13:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:87:c0:89:55:db:f5:01:2b:4d:b7:fd:e5:79:3c:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8aaaf057aeebcbf706877e2aaa74a396380be215
        Validity
            Not Before: Apr 17 13:00:58 2026 GMT
            Not After : Apr 18 13:00:58 2026 GMT
        Subject: CN=6274f4dc61777fd69ef76e6fb5b91c4a8038d777
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:67:00:56:31:f8:ab:7d:bc:7a:b0:70:0c:57:
                    28:42:f2:bd:61:1c:88:25:10:08:2c:4f:89:3d:b7:
                    5d:db:36:43:91:74:cf:08:75:c5:99:ae:93:35:96:
                    57:51:1c:76:84:54:e7:fa:d8:04:ba:0b:76:a1:28:
                    84:89:a0:ea:22:cf:60:17:db:87:ac:55:9d:9c:8a:
                    f8:26:37:aa:84:2a:f2:b4:bd:67:73:2e:d4:b1:1d:
                    54:2a:4b:9a:5a:ca:6e:a6:5d:5c:2f:ea:23:6e:ab:
                    a8:c8:70:18:d5:77:43:dc:dc:68:bb:9a:95:fc:0a:
                    e8:88:99:2b:17:52:d3:4a:ab:45:8b:97:df:b5:df:
                    70:05:dd:24:fa:d3:28:2c:4a:09:27:84:39:3c:9a:
                    de:64:0c:59:ae:90:44:9a:42:e3:54:1f:2a:04:f1:
                    9e:10:1a:43:67:d0:ef:ec:61:4c:26:d8:e7:f4:11:
                    b6:81:f9:4b:1c:dc:a2:8c:c3:82:b7:2e:52:35:f8:
                    c8:01:c5:b1:1f:c9:fc:12:7c:fc:10:6f:82:71:ad:
                    c8:3e:bd:fe:73:fa:68:18:88:2f:a6:6c:08:58:c8:
                    b3:d9:be:e3:d4:54:35:31:e9:97:a8:3b:d7:40:65:
                    1f:7f:9e:ad:0a:a9:49:18:d4:05:55:ca:dc:bf:25:
                    c3:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:74:F4:DC:61:77:7F:D6:9E:F7:6E:6F:B5:B9:1C:4A:80:38:D7:77
            X509v3 Authority Key Identifier:
                keyid:8A:AA:F0:57:AE:EB:CB:F7:06:87:7E:2A:AA:74:A3:96:38:0B:E2:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqrwV67ry_cGh34qqnSjljgL4hU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:95:a8:da:96:59:e1:fb:6e:bc:81:60:64:bf:80:a7:4a:1a:
         c4:39:71:ea:95:80:a9:15:2a:13:ef:12:54:74:ed:1a:c7:80:
         89:6e:25:2a:c2:72:e6:b4:b3:4f:f9:77:9a:df:85:1e:d0:68:
         c1:30:23:6f:8d:00:54:2d:16:9d:66:84:06:ae:85:be:64:fb:
         34:64:97:71:12:8c:51:47:23:c8:de:be:31:2f:ea:2b:27:aa:
         e7:59:3b:18:31:27:d0:09:2a:38:39:09:92:35:e1:8b:d7:57:
         8d:61:20:cf:99:b8:88:7f:b7:15:f5:41:76:5a:9a:a2:d8:06:
         8f:bc:fb:08:55:30:49:9b:4f:b7:a0:85:7a:78:8e:48:7c:fe:
         8b:f4:00:54:b2:a9:74:17:5d:28:2b:80:75:da:3b:77:cb:82:
         f6:66:0c:02:1b:8f:f7:de:e3:ec:1a:88:f1:db:cd:b3:4b:d3:
         d7:fb:3b:73:cb:69:da:57:e2:be:5d:2c:26:49:f9:18:3a:3c:
         7c:78:5e:14:ae:97:aa:83:e2:98:8c:64:7c:20:f9:93:1e:b9:
         18:d3:a7:66:4c:f7:15:2e:83:40:e7:98:fb:0a:14:a9:53:c3:
         80:25:f0:cf:b1:44:ca:a8:2c:68:8d:b7:ff:49:6b:a8:ee:54:
         89:be:f9:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bh8CJVdv1AStNt/3leTy1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYWFmMDU3YWVlYmNiZjcwNjg3N2UyYWFhNzRhMzk2Mzgw
YmUyMTUwHhcNMjYwNDE3MTMwMDU4WhcNMjYwNDE4MTMwMDU4WjAzMTEwLwYDVQQD
Eyg2Mjc0ZjRkYzYxNzc3ZmQ2OWVmNzZlNmZiNWI5MWM0YTgwMzhkNzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2cAVjH4q328erBwDFcoQvK9YRyI
JRAILE+JPbdd2zZDkXTPCHXFma6TNZZXURx2hFTn+tgEugt2oSiEiaDqIs9gF9uH
rFWdnIr4JjeqhCrytL1ncy7UsR1UKkuaWspupl1cL+ojbquoyHAY1XdD3Nxou5qV
/AroiJkrF1LTSqtFi5fftd9wBd0k+tMoLEoJJ4Q5PJreZAxZrpBEmkLjVB8qBPGe
EBpDZ9Dv7GFMJtjn9BG2gflLHNyijMOCty5SNfjIAcWxH8n8Enz8EG+Cca3IPr3+
c/poGIgvpmwIWMiz2b7j1FQ1MemXqDvXQGUff56tCqlJGNQFVcrcvyXD9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGJ09Nxhd3/Wnvdub7W5HEqAONd3MB8GA1UdIwQY
MBaAFIqq8Feu68v3Bod+Kqp0o5Y4C+IVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXFyd1Y2N3J5X2NHaDM0cXFuU2psamdMNGhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8yMjQwYTktNTRkNS00YjgyLTg3MzEt
NTMwOTBiM2JhYTgxLzEvaXFyd1Y2N3J5X2NHaDM0cXFuU2psamdMNGhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8yMjQwYTktNTRkNS00YjgyLTg3MzEtNTMwOTBiM2JhYTgx
LzEvaXFyd1Y2N3J5X2NHaDM0cXFuU2psamdMNGhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGJWo2pZZ
4ftuvIFgZL+Ap0oaxDlx6pWAqRUqE+8SVHTtGseAiW4lKsJy5rSzT/l3mt+FHtBo
wTAjb40AVC0WnWaEBq6FvmT7NGSXcRKMUUcjyN6+MS/qKyeq51k7GDEn0AkqODkJ
kjXhi9dXjWEgz5m4iH+3FfVBdlqaotgGj7z7CFUwSZtPt6CFeniOSHz+i/QAVLKp
dBddKCuAddo7d8uC9mYMAhuP997j7BqI8dvNs0vT1/s7c8tp2lfivl0sJkn5GDo8
fHheFK6XqoPimIxkfCD5kx65GNOnZkz3FS6DQOeY+woUqVPDgCXwz7FEyqgsaI23
/0lrqO5Uib75QA==
-----END CERTIFICATE-----