Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.mft
File:                     P2LKnF7__TIKvS2Px-j4Nee70es.mft (raw, json)
Hash identifier:          mbp2wOlFcMrfW5xn9Oek5xaxVtK6kzEGF+ej+1A2dno=
Subject key identifier:   EE:B7:ED:78:C6:D3:E3:2C:FE:87:DF:56:0B:2E:9F:1A:A1:D9:C6:7A
Authority key identifier: 3F:62:CA:9C:5E:FF:FD:32:0A:BD:2D:8F:C7:E8:F8:35:E7:BB:D1:EB
Certificate issuer:       /CN=3f62ca9c5efffd320abd2d8fc7e8f835e7bbd1eb
Certificate serial:       019D98BDACD5C6F8FFAE3574AD2EA12822C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P2LKnF7__TIKvS2Px-j4Nee70es.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.mft
Manifest number:          0CBA
Signing time:             Fri 17 Apr 2026 00:01:00 +0000
Manifest this update:     Fri 17 Apr 2026 00:01:00 +0000
Manifest next update:     Sat 18 Apr 2026 00:01:00 +0000
Files and hashes:         1: P2LKnF7__TIKvS2Px-j4Nee70es.crl (hash: 1OELNRmkOCyOziLqJXApB0cSoTrVhOGzb0WHilR/iUI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/P2LKnF7__TIKvS2Px-j4Nee70es.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:bd:ac:d5:c6:f8:ff:ae:35:74:ad:2e:a1:28:22:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f62ca9c5efffd320abd2d8fc7e8f835e7bbd1eb
        Validity
            Not Before: Apr 17 00:01:00 2026 GMT
            Not After : Apr 18 00:01:00 2026 GMT
        Subject: CN=eeb7ed78c6d3e32cfe87df560b2e9f1aa1d9c67a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:e0:30:cd:aa:b4:0f:b9:ea:41:fe:dd:51:cf:
                    75:d6:1e:65:77:67:a8:8d:19:8a:03:03:6d:87:2e:
                    ad:e5:ca:f5:b5:35:1f:37:fb:53:57:98:d8:13:df:
                    8f:e3:ee:b1:b0:a7:f2:64:f6:90:fe:dc:ef:c2:1b:
                    a6:a0:23:87:1b:b8:e1:33:eb:b5:72:5c:5d:15:42:
                    3d:66:3a:86:ba:84:2c:5c:9f:f1:d4:16:8c:cc:5c:
                    4f:d7:88:57:db:ad:c2:12:d2:c7:16:73:d9:12:66:
                    d1:17:e6:6d:a8:85:99:f2:c3:50:a1:36:b4:89:54:
                    0e:f1:b3:e7:9c:25:9b:1d:04:65:a7:30:ed:66:d7:
                    5f:68:e2:e7:d7:ef:af:42:75:c7:0f:7d:67:b5:bd:
                    c7:e2:df:bd:76:f2:83:82:58:67:2d:7d:45:6d:1c:
                    ab:f9:62:c8:08:eb:f5:48:74:37:47:92:ce:5d:88:
                    f5:ec:cd:56:66:89:b8:95:bd:a1:81:1a:26:ea:a9:
                    25:4e:e3:f6:f0:98:2e:31:5f:e0:f6:aa:bd:23:63:
                    31:4d:fe:c7:75:92:d4:56:fc:63:d0:3e:50:7f:df:
                    1b:22:76:5b:f4:50:d6:db:7c:ee:d7:2b:2b:53:5a:
                    37:4e:02:db:1a:53:00:c3:73:db:7b:b9:51:51:69:
                    ee:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:B7:ED:78:C6:D3:E3:2C:FE:87:DF:56:0B:2E:9F:1A:A1:D9:C6:7A
            X509v3 Authority Key Identifier:
                keyid:3F:62:CA:9C:5E:FF:FD:32:0A:BD:2D:8F:C7:E8:F8:35:E7:BB:D1:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P2LKnF7__TIKvS2Px-j4Nee70es.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:f3:f3:7d:56:53:4c:27:30:62:9b:ce:02:ce:55:09:5b:5e:
         42:17:74:6c:90:de:93:53:6c:93:e6:4a:5d:9e:a0:a3:25:8a:
         c6:ec:4c:d5:b3:1e:ac:70:ba:2d:2a:57:43:0f:ca:65:4e:d9:
         e0:6c:7b:cd:ff:3b:81:ea:a8:b6:78:91:f9:4e:9c:e0:30:fe:
         9b:5d:71:0c:63:bb:f2:85:49:b4:e4:96:70:6e:f2:70:6f:07:
         60:fa:52:23:cb:85:99:de:da:54:b5:fd:55:9e:4b:96:4a:ce:
         18:75:d8:80:84:13:8d:85:9b:27:06:3b:f1:c7:2e:c9:05:ed:
         c1:78:13:62:17:41:5e:5d:99:92:9a:8e:9b:a8:bb:48:73:7e:
         c9:98:4b:5e:d9:8c:ec:c0:6a:b4:38:5b:65:e0:7d:73:b2:ca:
         e7:41:7d:d9:82:a8:bc:a0:35:e8:a3:21:c4:65:6f:11:50:ea:
         fe:98:17:a8:95:d2:58:ad:12:62:62:56:9c:83:5b:39:e4:b9:
         a5:72:e7:73:8f:be:a7:08:2b:e0:2c:5a:d6:48:d3:2b:7b:01:
         fa:1f:1a:62:11:fb:65:cb:1a:61:ab:1a:bd:08:71:84:e4:5d:
         06:7e:1f:bf:ce:4c:24:a2:1e:d9:9f:52:63:7a:ea:30:03:18:
         da:fe:1a:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YvazVxvj/rjV0rS6hKCLEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNjJjYTljNWVmZmZkMzIwYWJkMmQ4ZmM3ZThmODM1ZTdi
YmQxZWIwHhcNMjYwNDE3MDAwMTAwWhcNMjYwNDE4MDAwMTAwWjAzMTEwLwYDVQQD
EyhlZWI3ZWQ3OGM2ZDNlMzJjZmU4N2RmNTYwYjJlOWYxYWExZDljNjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeAwzaq0D7nqQf7dUc911h5ld2eo
jRmKAwNthy6t5cr1tTUfN/tTV5jYE9+P4+6xsKfyZPaQ/tzvwhumoCOHG7jhM+u1
clxdFUI9ZjqGuoQsXJ/x1BaMzFxP14hX263CEtLHFnPZEmbRF+ZtqIWZ8sNQoTa0
iVQO8bPnnCWbHQRlpzDtZtdfaOLn1++vQnXHD31ntb3H4t+9dvKDglhnLX1FbRyr
+WLICOv1SHQ3R5LOXYj17M1WZom4lb2hgRom6qklTuP28JguMV/g9qq9I2MxTf7H
dZLUVvxj0D5Qf98bInZb9FDW23zu1ysrU1o3TgLbGlMAw3Pbe7lRUWnuAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO637XjG0+Ms/offVgsunxqh2cZ6MB8GA1UdIwQY
MBaAFD9iypxe//0yCr0tj8fo+DXnu9HrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDJMS25GN19fVElLdlMyUHgtajROZWU3MGVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9hMzYxY2ItZjhiZS00YjUwLTk4Njkt
MDA5MDgwZThkZmY1LzEvUDJMS25GN19fVElLdlMyUHgtajROZWU3MGVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9hMzYxY2ItZjhiZS00YjUwLTk4NjktMDA5MDgwZThkZmY1
LzEvUDJMS25GN19fVElLdlMyUHgtajROZWU3MGVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO/PzfVZT
TCcwYpvOAs5VCVteQhd0bJDek1Nsk+ZKXZ6goyWKxuxM1bMerHC6LSpXQw/KZU7Z
4Gx7zf87geqotniR+U6c4DD+m11xDGO78oVJtOSWcG7ycG8HYPpSI8uFmd7aVLX9
VZ5LlkrOGHXYgIQTjYWbJwY78ccuyQXtwXgTYhdBXl2ZkpqOm6i7SHN+yZhLXtmM
7MBqtDhbZeB9c7LK50F92YKovKA16KMhxGVvEVDq/pgXqJXSWK0SYmJWnINbOeS5
pXLnc4++pwgr4Cxa1kjTK3sB+h8aYhH7ZcsaYasavQhxhORdBn4fv85MJKIe2Z9S
Y3rqMAMY2v4a7Q==
-----END CERTIFICATE-----