Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
File:                     kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft (raw, json)
Hash identifier:          FXxIsSkGKDmUtJwd1UiSt//XHDK2VHXBzzuYbuJj5D4=
Subject key identifier:   DD:C8:BE:83:70:04:BB:50:58:A3:7C:A2:C8:79:C8:AA:D0:FE:69:23
Authority key identifier: 90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A
Certificate issuer:       /CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
Certificate serial:       019D99623C112DC5715CC173E909A9F7C6AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
Manifest number:          07EB
Signing time:             Fri 17 Apr 2026 03:00:45 +0000
Manifest this update:     Fri 17 Apr 2026 03:00:45 +0000
Manifest next update:     Sat 18 Apr 2026 03:00:45 +0000
Files and hashes:         1: kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl (hash: VB9bnEGPPhjalOE/VNKYQ0Wa+q+3haN9tUjo6SS1C6w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 03:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:3c:11:2d:c5:71:5c:c1:73:e9:09:a9:f7:c6:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
        Validity
            Not Before: Apr 17 03:00:45 2026 GMT
            Not After : Apr 18 03:00:45 2026 GMT
        Subject: CN=ddc8be837004bb5058a37ca2c879c8aad0fe6923
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:7a:04:c0:3b:13:26:46:77:d7:24:44:4d:85:
                    67:e9:6b:18:b4:86:d3:b5:b8:60:71:09:9d:1b:ca:
                    72:d1:32:26:00:e3:24:16:be:d4:6d:bb:93:dc:6d:
                    b2:03:cc:3b:40:ce:b5:33:33:38:89:d5:ae:70:01:
                    64:33:3c:92:db:3e:9b:cc:7d:db:b2:f6:6e:ae:8c:
                    c1:f5:b6:fa:a6:91:45:a4:6e:6f:64:e4:d1:31:f9:
                    f1:b8:38:48:df:9d:f7:3e:20:4b:e0:71:71:76:c7:
                    d2:b1:54:c8:1f:99:98:c2:f4:e7:11:d6:f2:53:4f:
                    88:69:9e:41:3f:6a:49:5d:f4:ae:ae:9f:b8:c1:54:
                    83:db:6a:ea:6b:f5:4c:93:8d:de:a4:e0:da:a2:ec:
                    dc:99:f0:b3:08:93:f2:08:d7:4b:1f:49:e7:d4:54:
                    17:e9:73:5c:21:bd:1f:e1:d1:8b:c7:8d:f7:15:99:
                    70:2d:0b:ee:46:fb:56:d6:7a:ac:be:ce:1f:92:74:
                    ea:0b:88:02:77:1b:d6:51:6d:c6:04:ca:44:33:47:
                    26:6e:2c:ce:0e:96:4e:3e:1c:96:c2:15:95:7e:9a:
                    d5:d6:9c:69:5b:62:e3:f0:b4:bc:6b:06:2d:92:a3:
                    14:83:91:ce:d6:a7:39:1f:d5:ce:aa:aa:e7:37:b1:
                    10:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:C8:BE:83:70:04:BB:50:58:A3:7C:A2:C8:79:C8:AA:D0:FE:69:23
            X509v3 Authority Key Identifier:
                keyid:90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:45:51:5d:fa:c9:ee:f0:0a:62:af:0d:b0:fe:2a:a0:d6:3d:
         65:6b:22:c6:8a:cd:18:79:0f:94:7b:a3:d7:d7:61:cf:38:2e:
         5f:d0:e5:59:fd:84:cc:e4:cb:c1:46:55:69:41:85:fc:6d:0d:
         86:50:42:ee:07:19:cb:91:84:5d:f6:2a:bb:89:9b:ae:eb:89:
         e1:6c:7c:57:1e:e1:e4:9e:7e:52:cc:e7:6c:23:bc:b9:8b:7b:
         ad:70:aa:4c:36:8e:4e:31:15:d9:0d:85:da:f9:db:67:cc:5e:
         cb:15:5e:b2:af:b0:b0:d2:d2:a6:f8:14:ed:4a:d3:47:36:62:
         55:e5:ed:2f:ee:8e:dc:ea:09:8c:8d:1f:4b:41:b5:b0:24:85:
         d3:92:a4:2d:cf:49:58:95:2b:64:9f:7b:79:07:41:a7:d5:39:
         6f:af:08:77:5d:f3:85:cf:26:1f:95:8f:fd:f5:1c:55:d2:6b:
         c7:49:45:05:18:d5:35:f7:1a:24:5d:63:26:f7:d3:1b:fd:53:
         d1:9c:60:98:9d:65:de:cb:20:7a:fb:35:11:35:fe:58:3d:bc:
         9e:8a:2f:8f:51:f7:b0:3c:e0:a8:95:4c:7c:04:d1:d3:11:64:
         00:34:4a:12:65:15:e3:cb:b8:ee:03:a9:73:de:82:25:69:69:
         01:9a:72:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYjwRLcVxXMFz6Qmp98aqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwMzYxMGNmMmE1NDY0M2EwYTFiNmIxNTFmYTY2ZTMyNTAw
NGNiNGEwHhcNMjYwNDE3MDMwMDQ1WhcNMjYwNDE4MDMwMDQ1WjAzMTEwLwYDVQQD
EyhkZGM4YmU4MzcwMDRiYjUwNThhMzdjYTJjODc5YzhhYWQwZmU2OTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnoEwDsTJkZ31yRETYVn6WsYtIbT
tbhgcQmdG8py0TImAOMkFr7UbbuT3G2yA8w7QM61MzM4idWucAFkMzyS2z6bzH3b
svZurozB9bb6ppFFpG5vZOTRMfnxuDhI3533PiBL4HFxdsfSsVTIH5mYwvTnEdby
U0+IaZ5BP2pJXfSurp+4wVSD22rqa/VMk43epODaouzcmfCzCJPyCNdLH0nn1FQX
6XNcIb0f4dGLx433FZlwLQvuRvtW1nqsvs4fknTqC4gCdxvWUW3GBMpEM0cmbizO
DpZOPhyWwhWVfprV1pxpW2Lj8LS8awYtkqMUg5HO1qc5H9XOqqrnN7EQzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN3IvoNwBLtQWKN8osh5yKrQ/mkjMB8GA1UdIwQY
MBaAFJA2EM8qVGQ6ChtrFR+mbjJQBMtKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYt
YmM1M2YzODhmYWZhLzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYtYmM1M2YzODhmYWZh
LzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnEVRXfrJ
7vAKYq8NsP4qoNY9ZWsixorNGHkPlHuj19dhzzguX9DlWf2EzOTLwUZVaUGF/G0N
hlBC7gcZy5GEXfYqu4mbruuJ4Wx8Vx7h5J5+UsznbCO8uYt7rXCqTDaOTjEV2Q2F
2vnbZ8xeyxVesq+wsNLSpvgU7UrTRzZiVeXtL+6O3OoJjI0fS0G1sCSF05KkLc9J
WJUrZJ97eQdBp9U5b68Id13zhc8mH5WP/fUcVdJrx0lFBRjVNfcaJF1jJvfTG/1T
0ZxgmJ1l3ssgevs1ETX+WD28noovj1H3sDzgqJVMfATR0xFkADRKEmUV48u47gOp
c96CJWlpAZpyEw==
-----END CERTIFICATE-----