Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.mft
File:                     IhQgnik48W3KWTVwH6aG2Q_De54.mft (raw, json)
Hash identifier:          zQO5JrsHI0o6j/R/guFdzo3Y0i+pg1HPSb3lrh9U4vI=
Subject key identifier:   2C:3B:91:47:04:76:03:93:62:8F:75:77:04:64:2E:70:A8:C1:2D:AE
Authority key identifier: 22:14:20:9E:29:38:F1:6D:CA:59:35:70:1F:A6:86:D9:0F:C3:7B:9E
Certificate issuer:       /CN=2214209e2938f16dca5935701fa686d90fc37b9e
Certificate serial:       019D9AE36540E46E4F3A02F903B72517B9A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IhQgnik48W3KWTVwH6aG2Q_De54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.mft
Manifest number:          074E
Signing time:             Fri 17 Apr 2026 10:01:26 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:26 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:26 +0000
Files and hashes:         1: IhQgnik48W3KWTVwH6aG2Q_De54.crl (hash: S3ttlLJP+5aixUiAxN95PnPxdWMbBGdOMv0XdIrsWEk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IhQgnik48W3KWTVwH6aG2Q_De54.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 10:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:65:40:e4:6e:4f:3a:02:f9:03:b7:25:17:b9:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2214209e2938f16dca5935701fa686d90fc37b9e
        Validity
            Not Before: Apr 17 10:01:26 2026 GMT
            Not After : Apr 18 10:01:26 2026 GMT
        Subject: CN=2c3b914704760393628f757704642e70a8c12dae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:c3:64:8d:fa:f9:96:1d:38:91:02:91:4e:ff:
                    8a:4d:01:3a:d5:a1:82:49:8b:f0:36:47:a0:ef:19:
                    6a:d1:14:67:c6:8f:0b:5d:87:92:5c:93:ad:99:eb:
                    72:75:04:eb:a1:bb:39:f4:e4:dd:04:97:97:73:c2:
                    22:0b:9a:a9:ab:dd:eb:81:e4:c3:3f:00:36:2d:7b:
                    d8:f8:f6:0d:74:93:6d:e6:53:37:05:e4:6b:4a:bf:
                    e0:64:a7:8f:25:47:c8:38:a9:e2:25:d1:7c:86:55:
                    40:a1:1e:94:ae:a2:76:ad:4b:e8:a7:29:4c:4e:4d:
                    44:19:61:b2:98:cd:40:e1:f5:c9:4a:32:f0:a2:02:
                    de:6c:d8:d8:a1:f3:93:68:a3:9a:8e:72:25:ee:39:
                    12:7c:fe:56:a2:44:c1:eb:e3:5d:ed:99:4e:2b:11:
                    2a:60:1d:20:1f:fe:06:b3:2e:63:f0:65:9c:cd:22:
                    1d:7a:d5:c0:ac:e1:ab:2c:57:8a:0d:c3:88:86:0a:
                    56:8d:ab:42:93:4b:19:10:4d:7c:7a:11:74:bd:53:
                    0e:d8:0b:82:bc:04:84:16:eb:1b:72:42:1c:9a:f2:
                    96:79:90:85:fa:f0:38:f1:e0:79:2d:17:32:a4:39:
                    37:a7:51:0a:3f:a2:4a:ea:cb:8e:92:71:60:ac:12:
                    bd:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:3B:91:47:04:76:03:93:62:8F:75:77:04:64:2E:70:A8:C1:2D:AE
            X509v3 Authority Key Identifier:
                keyid:22:14:20:9E:29:38:F1:6D:CA:59:35:70:1F:A6:86:D9:0F:C3:7B:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IhQgnik48W3KWTVwH6aG2Q_De54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/9f46c0-90be-41cc-ad5d-4add393a723e/1/IhQgnik48W3KWTVwH6aG2Q_De54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:b9:39:44:fe:8f:5b:47:16:e0:22:04:fc:06:15:d6:fb:35:
         b0:4f:5b:f6:c5:86:5e:79:70:87:35:35:77:eb:f5:05:11:ad:
         1b:50:1c:4f:60:e3:ba:38:34:08:6e:0d:3c:32:d0:e8:b5:b9:
         eb:8e:39:6c:db:40:77:5b:3d:e0:e2:2e:00:61:47:86:48:46:
         05:59:3a:94:5c:27:e2:2c:58:8e:6a:ca:9e:52:83:37:43:f5:
         69:de:c7:33:da:31:c3:d3:53:37:9e:44:fc:59:eb:97:1b:09:
         1b:e3:2f:a9:81:24:ec:f4:8c:61:18:88:f7:8a:cd:14:15:ae:
         65:7f:3e:37:b4:f8:c4:09:23:c3:f7:d8:f0:93:a3:06:d8:82:
         c2:7d:83:df:e0:92:25:d3:3f:fd:6a:d2:84:1d:f4:9e:0a:e7:
         b1:30:dd:80:36:3c:f3:bc:11:2a:e3:dd:18:5c:21:33:aa:e0:
         08:e9:eb:b8:72:66:83:67:b9:79:92:ca:b2:c2:86:b2:82:1b:
         08:6b:ff:f8:43:b9:72:cf:2a:51:aa:56:ea:43:90:77:c5:89:
         03:0d:14:ab:f6:2d:c5:de:af:a2:b0:45:da:f6:27:c1:ba:94:
         d4:cf:65:37:45:69:3a:cb:27:b3:0c:e0:c8:d2:27:f6:1d:74:
         4b:d9:90:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a42VA5G5POgL5A7clF7mgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMTQyMDllMjkzOGYxNmRjYTU5MzU3MDFmYTY4NmQ5MGZj
MzdiOWUwHhcNMjYwNDE3MTAwMTI2WhcNMjYwNDE4MTAwMTI2WjAzMTEwLwYDVQQD
EygyYzNiOTE0NzA0NzYwMzkzNjI4Zjc1NzcwNDY0MmU3MGE4YzEyZGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8Nkjfr5lh04kQKRTv+KTQE61aGC
SYvwNkeg7xlq0RRnxo8LXYeSXJOtmetydQTrobs59OTdBJeXc8IiC5qpq93rgeTD
PwA2LXvY+PYNdJNt5lM3BeRrSr/gZKePJUfIOKniJdF8hlVAoR6UrqJ2rUvopylM
Tk1EGWGymM1A4fXJSjLwogLebNjYofOTaKOajnIl7jkSfP5WokTB6+Nd7ZlOKxEq
YB0gH/4Gsy5j8GWczSIdetXArOGrLFeKDcOIhgpWjatCk0sZEE18ehF0vVMO2AuC
vASEFusbckIcmvKWeZCF+vA48eB5LRcypDk3p1EKP6JK6suOknFgrBK9ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCw7kUcEdgOTYo91dwRkLnCowS2uMB8GA1UdIwQY
MBaAFCIUIJ4pOPFtylk1cB+mhtkPw3ueMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWhRZ25pazQ4VzNLV1RWd0g2YUcyUV9EZTU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi85ZjQ2YzAtOTBiZS00MWNjLWFkNWQt
NGFkZDM5M2E3MjNlLzEvSWhRZ25pazQ4VzNLV1RWd0g2YUcyUV9EZTU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi85ZjQ2YzAtOTBiZS00MWNjLWFkNWQtNGFkZDM5M2E3MjNl
LzEvSWhRZ25pazQ4VzNLV1RWd0g2YUcyUV9EZTU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADrk5RP6P
W0cW4CIE/AYV1vs1sE9b9sWGXnlwhzU1d+v1BRGtG1AcT2Djujg0CG4NPDLQ6LW5
6445bNtAd1s94OIuAGFHhkhGBVk6lFwn4ixYjmrKnlKDN0P1ad7HM9oxw9NTN55E
/FnrlxsJG+MvqYEk7PSMYRiI94rNFBWuZX8+N7T4xAkjw/fY8JOjBtiCwn2D3+CS
JdM//WrShB30ngrnsTDdgDY887wRKuPdGFwhM6rgCOnruHJmg2e5eZLKssKGsoIb
CGv/+EO5cs8qUapW6kOQd8WJAw0Uq/Ytxd6vorBF2vYnwbqU1M9lN0VpOssnswzg
yNIn9h10S9mQ/g==
-----END CERTIFICATE-----