Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft
File:                     mSAfYJ56iT2obPDrvKS79HJ51hc.mft (raw, json)
Hash identifier:          BrWPZ5hFV2fBC5kuCGkAIKcKArPCcN0wcIA3y5042Cs=
Subject key identifier:   6B:61:73:C1:F4:AA:71:7F:E0:6B:02:22:3C:ED:76:CC:DC:F1:4B:8B
Authority key identifier: 99:20:1F:60:9E:7A:89:3D:A8:6C:F0:EB:BC:A4:BB:F4:72:79:D6:17
Certificate issuer:       /CN=99201f609e7a893da86cf0ebbca4bbf47279d617
Certificate serial:       019D9818D6B82128FC8E0858ACFC5E1EF861
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mSAfYJ56iT2obPDrvKS79HJ51hc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft
Manifest number:          075C
Signing time:             Thu 16 Apr 2026 21:00:57 +0000
Manifest this update:     Thu 16 Apr 2026 21:00:57 +0000
Manifest next update:     Fri 17 Apr 2026 21:00:57 +0000
Files and hashes:         1: mSAfYJ56iT2obPDrvKS79HJ51hc.crl (hash: Q+9fbHiFMnrcdXni61aWACzWVirfKx4d/e7N5ku/uG8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mSAfYJ56iT2obPDrvKS79HJ51hc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 21:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:18:d6:b8:21:28:fc:8e:08:58:ac:fc:5e:1e:f8:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99201f609e7a893da86cf0ebbca4bbf47279d617
        Validity
            Not Before: Apr 16 21:00:57 2026 GMT
            Not After : Apr 17 21:00:57 2026 GMT
        Subject: CN=6b6173c1f4aa717fe06b02223ced76ccdcf14b8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:09:b7:b5:44:8c:27:9b:00:75:40:39:4b:23:
                    e7:c3:01:4f:c0:83:e0:86:0f:33:cd:12:81:06:8a:
                    32:67:b2:14:e2:77:f0:1d:de:2b:8c:9c:19:89:3b:
                    e9:8c:0e:12:4e:f8:2e:cd:d3:50:fc:1d:02:e7:38:
                    b3:0f:2f:d9:fe:84:c7:3e:8e:d5:ac:18:35:51:89:
                    9c:bd:e8:5a:f2:33:58:de:84:08:1e:90:91:3b:08:
                    db:54:4e:5f:f1:02:53:d8:74:14:24:a0:0b:e0:d2:
                    3b:29:33:ac:f7:1a:91:15:83:b8:f6:eb:f8:80:78:
                    b6:eb:a4:1e:a2:fb:04:88:97:c6:43:48:84:c9:32:
                    37:36:01:14:07:6f:21:9c:15:16:32:49:f8:49:cb:
                    ce:f9:2e:73:db:db:93:5e:a2:3b:6a:ad:11:b0:2d:
                    0d:c6:a5:6b:6a:01:e9:d3:6d:af:0c:37:29:75:6e:
                    70:4e:87:c3:9a:01:cc:9a:a6:a3:8b:a6:d2:93:3e:
                    c5:ee:14:4b:6b:f6:95:29:0a:e5:c0:75:82:81:33:
                    4e:49:8d:f2:21:ac:be:28:13:84:67:4c:b8:96:b5:
                    c9:99:b0:cd:1b:7e:6c:57:ca:fb:dd:3a:01:0e:ee:
                    63:83:07:75:78:4e:93:91:fd:f5:80:43:19:08:16:
                    30:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:61:73:C1:F4:AA:71:7F:E0:6B:02:22:3C:ED:76:CC:DC:F1:4B:8B
            X509v3 Authority Key Identifier:
                keyid:99:20:1F:60:9E:7A:89:3D:A8:6C:F0:EB:BC:A4:BB:F4:72:79:D6:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSAfYJ56iT2obPDrvKS79HJ51hc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:7f:9c:df:17:e9:0e:9d:cb:32:ad:3c:a1:e9:cb:71:e7:ff:
         1e:81:8c:5b:03:c5:6e:d4:75:a4:04:b8:45:c9:d9:61:d1:bb:
         0a:ac:1a:2a:81:3a:55:28:49:1f:63:f2:35:5a:a9:2e:9c:16:
         bf:1a:e1:9d:b3:a9:07:49:b7:9e:f5:4c:39:43:4c:f5:2d:39:
         d9:44:8b:d5:64:26:4d:03:f5:d8:67:f3:4a:6a:1b:35:68:72:
         59:12:d7:05:b2:02:58:db:21:a0:a4:3b:ce:78:99:59:73:f5:
         44:65:58:42:7e:fb:ed:e5:20:68:f2:22:71:b5:ab:f0:18:7f:
         85:37:7b:ee:53:45:b1:11:fb:36:a9:f9:98:ee:dc:82:92:7e:
         5f:22:ce:48:a1:aa:bf:a8:b2:fb:20:18:ed:f2:11:71:6f:0e:
         99:81:bb:ec:75:66:32:d2:a0:fd:95:55:8f:44:19:ec:8f:56:
         db:73:2a:b2:00:09:01:f0:44:e0:b6:cf:36:c3:71:fc:d4:c2:
         59:ca:97:34:a3:1b:b5:49:f1:45:2d:da:5d:82:1b:41:ba:0f:
         2a:b3:20:0e:f7:f7:bb:4e:b9:0b:04:cb:7f:f1:04:8f:c8:48:
         04:06:c0:15:21:7b:34:73:33:3c:ec:7a:44:3e:48:c0:e1:90:
         3e:d4:58:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YGNa4ISj8jghYrPxeHvhhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MjAxZjYwOWU3YTg5M2RhODZjZjBlYmJjYTRiYmY0NzI3
OWQ2MTcwHhcNMjYwNDE2MjEwMDU3WhcNMjYwNDE3MjEwMDU3WjAzMTEwLwYDVQQD
Eyg2YjYxNzNjMWY0YWE3MTdmZTA2YjAyMjIzY2VkNzZjY2RjZjE0YjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwm3tUSMJ5sAdUA5SyPnwwFPwIPg
hg8zzRKBBooyZ7IU4nfwHd4rjJwZiTvpjA4STvguzdNQ/B0C5zizDy/Z/oTHPo7V
rBg1UYmcveha8jNY3oQIHpCROwjbVE5f8QJT2HQUJKAL4NI7KTOs9xqRFYO49uv4
gHi266QeovsEiJfGQ0iEyTI3NgEUB28hnBUWMkn4ScvO+S5z29uTXqI7aq0RsC0N
xqVragHp022vDDcpdW5wTofDmgHMmqaji6bSkz7F7hRLa/aVKQrlwHWCgTNOSY3y
Iay+KBOEZ0y4lrXJmbDNG35sV8r73ToBDu5jgwd1eE6Tkf31gEMZCBYwRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGthc8H0qnF/4GsCIjztdszc8UuLMB8GA1UdIwQY
MBaAFJkgH2Ceeok9qGzw67yku/RyedYXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVNBZllKNTZpVDJvYlBEcnZLUzc5SEo1MWhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni82NTM2ZjktODdkZC00ZWRkLWIwMWMt
YjIzMTcyZWI4MWZiLzEvbVNBZllKNTZpVDJvYlBEcnZLUzc5SEo1MWhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni82NTM2ZjktODdkZC00ZWRkLWIwMWMtYjIzMTcyZWI4MWZi
LzEvbVNBZllKNTZpVDJvYlBEcnZLUzc5SEo1MWhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFn+c3xfp
Dp3LMq08oenLcef/HoGMWwPFbtR1pAS4RcnZYdG7CqwaKoE6VShJH2PyNVqpLpwW
vxrhnbOpB0m3nvVMOUNM9S052USL1WQmTQP12GfzSmobNWhyWRLXBbICWNshoKQ7
zniZWXP1RGVYQn777eUgaPIicbWr8Bh/hTd77lNFsRH7Nqn5mO7cgpJ+XyLOSKGq
v6iy+yAY7fIRcW8OmYG77HVmMtKg/ZVVj0QZ7I9W23MqsgAJAfBE4LbPNsNx/NTC
WcqXNKMbtUnxRS3aXYIbQboPKrMgDvf3u065CwTLf/EEj8hIBAbAFSF7NHMzPOx6
RD5IwOGQPtRY7g==
-----END CERTIFICATE-----