Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft
File:                     9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft (raw, json)
Hash identifier:          /ODBxrNgr+QBCTG9ztdl1BCB2HDKF8JkKhjopPh9CQY=
Subject key identifier:   3B:1E:84:C6:A4:EE:47:A1:E7:53:3D:88:F0:EE:81:25:FA:B4:B5:28
Authority key identifier: F4:ED:5E:5D:BB:A1:EA:B6:D3:95:8E:59:41:82:9C:9D:A1:B2:C6:7F
Certificate issuer:       /CN=f4ed5e5dbba1eab6d3958e5941829c9da1b2c67f
Certificate serial:       019D98F449ADD07EFE08F7CBC7D43A04DE9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft
Manifest number:          0CCD
Signing time:             Fri 17 Apr 2026 01:00:39 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:39 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:39 +0000
Files and hashes:         1: 9O1eXbuh6rbTlY5ZQYKcnaGyxn8.crl (hash: 0PoleXhXjBzhew5sI+HXNTAKdl6sAYPqRjEy0SNBMsk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:49:ad:d0:7e:fe:08:f7:cb:c7:d4:3a:04:de:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4ed5e5dbba1eab6d3958e5941829c9da1b2c67f
        Validity
            Not Before: Apr 17 01:00:39 2026 GMT
            Not After : Apr 18 01:00:39 2026 GMT
        Subject: CN=3b1e84c6a4ee47a1e7533d88f0ee8125fab4b528
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:1d:1b:8b:8e:f1:44:6a:64:c2:84:9d:1a:e6:
                    5b:f0:cc:74:a6:65:a7:52:69:3f:27:d7:cb:61:7a:
                    0d:4e:19:9f:dd:38:c0:f2:43:13:69:3b:d9:c7:29:
                    6e:3c:10:78:05:22:a6:41:a5:c8:49:a4:78:be:9c:
                    a6:f3:fa:38:ef:5b:db:d4:21:83:b5:f0:e4:2e:ba:
                    98:e1:a9:2f:7f:d0:90:2c:96:a6:be:ea:dd:40:0a:
                    ed:46:13:ba:ca:7d:e1:39:6a:1f:f9:ca:c6:97:b8:
                    20:d4:89:92:ca:99:39:c0:17:60:10:11:c8:79:13:
                    49:f4:73:73:c6:3a:38:7c:e4:47:1a:1e:60:f6:3c:
                    e6:05:21:50:21:3c:d9:c4:06:58:1c:c1:a4:10:fd:
                    f5:30:09:d9:36:21:d7:c4:f6:06:d1:36:ca:e7:64:
                    4c:cb:04:93:6c:4e:f0:16:48:6e:e6:d7:52:b0:c1:
                    38:1f:9f:57:f4:e0:63:14:ad:b2:22:ab:bf:0b:e5:
                    90:fd:da:9e:fb:6f:64:59:ef:09:6b:03:5d:22:7b:
                    77:49:2d:30:be:16:c9:10:80:1f:b2:78:cb:10:3a:
                    61:32:55:06:c7:5e:e3:1e:d0:62:5b:e4:10:86:85:
                    57:b7:b3:de:82:44:c7:e1:51:25:75:46:00:d6:c4:
                    1c:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:1E:84:C6:A4:EE:47:A1:E7:53:3D:88:F0:EE:81:25:FA:B4:B5:28
            X509v3 Authority Key Identifier:
                keyid:F4:ED:5E:5D:BB:A1:EA:B6:D3:95:8E:59:41:82:9C:9D:A1:B2:C6:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:94:47:98:9a:b2:3b:de:99:5e:04:64:8f:73:8b:33:06:c1:
         85:62:81:83:f6:2a:4b:73:14:1a:35:38:b3:3e:87:37:8a:3a:
         94:29:7a:22:60:a8:a1:91:f2:70:3f:bd:38:ba:72:cb:14:ef:
         2b:2b:39:5d:da:24:1d:ce:2a:da:a8:1d:7c:b6:46:42:99:98:
         70:ea:06:80:4b:a6:ef:41:f4:0f:28:87:e4:b2:e7:b5:6f:df:
         64:c7:4a:43:5a:7d:8b:25:c9:60:30:ec:b0:62:14:49:8d:c1:
         d4:c8:87:ae:33:05:a8:ba:51:fc:79:19:07:77:ca:eb:e4:15:
         42:4a:78:88:8c:48:d2:82:88:b3:a4:9a:6e:e8:42:10:d6:1a:
         1c:cf:dd:11:48:ca:13:ab:fe:96:a8:d4:bd:d0:0c:c0:68:92:
         92:ec:72:24:f9:dd:71:c3:a0:c7:5f:40:2f:d0:7c:5e:97:c1:
         c3:06:dd:5f:76:b4:dc:ff:20:ae:96:b7:04:04:65:e6:ff:47:
         7c:6e:ec:dd:79:bb:8c:50:39:79:7c:ac:25:19:0e:e5:07:5d:
         d8:ea:4a:8e:d3:99:9b:d9:30:dd:02:70:84:32:e4:bf:3b:b2:
         3f:3b:54:30:28:4c:80:8a:07:96:f2:53:8c:11:02:02:08:90:
         01:3d:6c:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9Emt0H7+CPfLx9Q6BN6dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZWQ1ZTVkYmJhMWVhYjZkMzk1OGU1OTQxODI5YzlkYTFi
MmM2N2YwHhcNMjYwNDE3MDEwMDM5WhcNMjYwNDE4MDEwMDM5WjAzMTEwLwYDVQQD
EygzYjFlODRjNmE0ZWU0N2ExZTc1MzNkODhmMGVlODEyNWZhYjRiNTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlx0bi47xRGpkwoSdGuZb8Mx0pmWn
Umk/J9fLYXoNThmf3TjA8kMTaTvZxyluPBB4BSKmQaXISaR4vpym8/o471vb1CGD
tfDkLrqY4akvf9CQLJamvurdQArtRhO6yn3hOWof+crGl7gg1ImSypk5wBdgEBHI
eRNJ9HNzxjo4fORHGh5g9jzmBSFQITzZxAZYHMGkEP31MAnZNiHXxPYG0TbK52RM
ywSTbE7wFkhu5tdSsME4H59X9OBjFK2yIqu/C+WQ/dqe+29kWe8JawNdInt3SS0w
vhbJEIAfsnjLEDphMlUGx17jHtBiW+QQhoVXt7PegkTH4VEldUYA1sQcpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDsehMak7keh51M9iPDugSX6tLUoMB8GA1UdIwQY
MBaAFPTtXl27oeq205WOWUGCnJ2hssZ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU8xZVhidWg2cmJUbFk1WlFZS2NuYUd5eG44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9hZmM4NmMtMjViMC00NzRjLWE1YzQt
ZGIxYTZiYmNiYjcyLzEvOU8xZVhidWg2cmJUbFk1WlFZS2NuYUd5eG44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9hZmM4NmMtMjViMC00NzRjLWE1YzQtZGIxYTZiYmNiYjcy
LzEvOU8xZVhidWg2cmJUbFk1WlFZS2NuYUd5eG44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAApRHmJqy
O96ZXgRkj3OLMwbBhWKBg/YqS3MUGjU4sz6HN4o6lCl6ImCooZHycD+9OLpyyxTv
Kys5XdokHc4q2qgdfLZGQpmYcOoGgEum70H0DyiH5LLntW/fZMdKQ1p9iyXJYDDs
sGIUSY3B1MiHrjMFqLpR/HkZB3fK6+QVQkp4iIxI0oKIs6SabuhCENYaHM/dEUjK
E6v+lqjUvdAMwGiSkuxyJPndccOgx19AL9B8XpfBwwbdX3a03P8grpa3BARl5v9H
fG7s3Xm7jFA5eXysJRkO5Qdd2OpKjtOZm9kw3QJwhDLkvzuyPztUMChMgIoHlvJT
jBECAgiQAT1sKA==
-----END CERTIFICATE-----