Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
File:                     cUt8OIAz4WI_xti-t69cOUJRkds.mft (raw, json)
Hash identifier:          pV9j82+BxDyg5ocTI56Z9kudEA1eSoBxiW1wOefevVw=
Subject key identifier:   59:C4:61:B2:6B:3F:84:40:2E:C6:A6:24:2F:C4:04:91:DC:6D:C0:21
Authority key identifier: 71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB
Certificate issuer:       /CN=714b7c388033e1623fc6d8beb7af5c39425191db
Certificate serial:       019DA48AC67951D4850D96049909CD5EDA7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
Manifest number:          0A7E
Signing time:             Sun 19 Apr 2026 07:00:51 +0000
Manifest this update:     Sun 19 Apr 2026 07:00:51 +0000
Manifest next update:     Mon 20 Apr 2026 07:00:51 +0000
Files and hashes:         1: cUt8OIAz4WI_xti-t69cOUJRkds.crl (hash: yq3rGDIczVsGPNuakZkkKa1waa0djr82/XfTB5ReMEs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:8a:c6:79:51:d4:85:0d:96:04:99:09:cd:5e:da:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=714b7c388033e1623fc6d8beb7af5c39425191db
        Validity
            Not Before: Apr 19 07:00:51 2026 GMT
            Not After : Apr 20 07:00:51 2026 GMT
        Subject: CN=59c461b26b3f84402ec6a6242fc40491dc6dc021
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:77:f2:f5:f3:ab:0b:dc:37:dc:82:96:1c:60:
                    95:97:86:f0:0e:66:b2:c4:b9:a5:28:66:03:d1:26:
                    f6:c3:4c:26:c2:2a:1a:f0:31:db:5c:01:93:22:d7:
                    d5:03:26:1b:ad:3f:a8:bd:98:a0:59:cb:bb:ef:43:
                    fb:1c:25:35:6b:09:ef:6f:54:a0:38:df:37:0a:7d:
                    b2:b0:0c:f5:2a:43:dd:ed:cf:74:2e:ec:28:fd:10:
                    67:5a:6b:bf:5e:54:f2:75:d3:18:6e:5e:96:e3:41:
                    b2:f1:47:6d:8c:84:90:92:9e:f0:41:44:c1:5b:18:
                    64:73:d8:53:25:2e:53:a8:85:62:74:c4:44:d2:3f:
                    06:76:92:83:8a:21:93:5b:c3:91:c2:e7:32:68:21:
                    ef:ae:a1:65:24:93:e4:4b:11:18:db:4a:26:c1:e4:
                    f4:80:2e:3a:88:a3:ab:e5:10:10:d5:c4:c5:5c:57:
                    b7:31:ed:e1:ba:7d:6c:34:e1:ca:f9:7f:70:09:fc:
                    f8:4d:58:b9:c8:6c:5a:b5:13:7d:92:aa:b4:ef:1b:
                    c1:97:bb:04:4c:68:7b:8c:3b:07:07:07:a5:cf:44:
                    1d:05:37:36:0d:34:da:77:78:c6:90:1a:f6:b4:9a:
                    e7:2e:d0:4f:eb:aa:e0:ff:b1:64:fa:21:a6:fa:12:
                    2f:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:C4:61:B2:6B:3F:84:40:2E:C6:A6:24:2F:C4:04:91:DC:6D:C0:21
            X509v3 Authority Key Identifier:
                keyid:71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:0c:44:87:3a:8a:0f:82:d0:56:24:c6:0d:3a:73:51:8d:d7:
         71:6a:6a:8c:81:08:68:b9:ad:36:aa:d6:df:16:f7:f7:09:fd:
         5f:8b:51:67:06:67:dc:46:7d:9d:3e:a0:c6:fe:94:69:d5:2c:
         4f:24:73:08:9b:c9:3e:bd:07:a5:c9:e6:30:47:0c:45:28:44:
         b6:b3:73:86:05:a4:6f:e5:a3:09:ee:62:63:e0:4e:37:75:0f:
         c6:f9:a6:49:99:c4:89:39:4f:3f:0a:e4:03:16:73:34:51:d3:
         43:25:f1:21:52:c0:56:3b:33:73:e5:2d:82:c0:5a:f6:6b:1a:
         d4:b9:06:f0:23:a2:be:e6:33:1c:12:c4:4e:e8:78:91:73:9c:
         b6:6a:5c:29:e2:67:11:f0:ed:a2:25:54:e2:7e:09:34:ad:40:
         e1:6d:37:58:8a:84:4d:fa:ed:15:03:7d:da:ee:ec:33:39:8b:
         c9:45:07:9d:ae:92:64:5e:ae:23:1b:9d:ac:25:69:ae:48:05:
         79:76:c2:29:b2:06:79:1b:25:d1:f8:d1:98:1e:80:38:59:ca:
         bc:bc:dc:19:bf:3f:fc:ba:fe:f3:fe:e9:37:33:c5:39:53:73:
         e4:06:7a:a6:15:52:f0:fc:bb:ba:e8:38:0e:b1:46:9f:4c:f4:
         3c:38:cc:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kisZ5UdSFDZYEmQnNXtp/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNGI3YzM4ODAzM2UxNjIzZmM2ZDhiZWI3YWY1YzM5NDI1
MTkxZGIwHhcNMjYwNDE5MDcwMDUxWhcNMjYwNDIwMDcwMDUxWjAzMTEwLwYDVQQD
Eyg1OWM0NjFiMjZiM2Y4NDQwMmVjNmE2MjQyZmM0MDQ5MWRjNmRjMDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonfy9fOrC9w33IKWHGCVl4bwDmay
xLmlKGYD0Sb2w0wmwioa8DHbXAGTItfVAyYbrT+ovZigWcu770P7HCU1awnvb1Sg
ON83Cn2ysAz1KkPd7c90Luwo/RBnWmu/XlTyddMYbl6W40Gy8UdtjISQkp7wQUTB
Wxhkc9hTJS5TqIVidMRE0j8GdpKDiiGTW8ORwucyaCHvrqFlJJPkSxEY20omweT0
gC46iKOr5RAQ1cTFXFe3Me3hun1sNOHK+X9wCfz4TVi5yGxatRN9kqq07xvBl7sE
TGh7jDsHBwelz0QdBTc2DTTad3jGkBr2tJrnLtBP66rg/7Fk+iGm+hIv9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFnEYbJrP4RALsamJC/EBJHcbcAhMB8GA1UdIwQY
MBaAFHFLfDiAM+FiP8bYvrevXDlCUZHbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTIt
YTAzOGJlMTViOTdiLzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTItYTAzOGJlMTViOTdi
LzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATAxEhzqK
D4LQViTGDTpzUY3XcWpqjIEIaLmtNqrW3xb39wn9X4tRZwZn3EZ9nT6gxv6UadUs
TyRzCJvJPr0HpcnmMEcMRShEtrNzhgWkb+WjCe5iY+BON3UPxvmmSZnEiTlPPwrk
AxZzNFHTQyXxIVLAVjszc+UtgsBa9msa1LkG8COivuYzHBLETuh4kXOctmpcKeJn
EfDtoiVU4n4JNK1A4W03WIqETfrtFQN92u7sMzmLyUUHna6SZF6uIxudrCVprkgF
eXbCKbIGeRsl0fjRmB6AOFnKvLzcGb8//Lr+8/7pNzPFOVNz5AZ6phVS8Py7uug4
DrFGn0z0PDjMjw==
-----END CERTIFICATE-----