Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
File:                     pffZAsirU0AJh6GIKrJ_fPoBt0A.mft (raw, json)
Hash identifier:          EgVK2ND9DqMw3kbBkbGlbaYC0OHvfY6/AY8Ql2BpsTI=
Subject key identifier:   DE:93:EF:5D:02:47:D6:5E:0E:35:EE:72:E9:44:74:7F:21:9D:29:17
Authority key identifier: A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40
Certificate issuer:       /CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
Certificate serial:       019D9B877E6A69F7394E2A9279872FF68BBD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
Manifest number:          051B
Signing time:             Fri 17 Apr 2026 13:00:41 +0000
Manifest this update:     Fri 17 Apr 2026 13:00:41 +0000
Manifest next update:     Sat 18 Apr 2026 13:00:41 +0000
Files and hashes:         1: pffZAsirU0AJh6GIKrJ_fPoBt0A.crl (hash: gym0qmzx3mHul9p7y0zerXpNtDygqh75qamJ+96zaa0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 13:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:87:7e:6a:69:f7:39:4e:2a:92:79:87:2f:f6:8b:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
        Validity
            Not Before: Apr 17 13:00:41 2026 GMT
            Not After : Apr 18 13:00:41 2026 GMT
        Subject: CN=de93ef5d0247d65e0e35ee72e944747f219d2917
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:d5:de:7c:64:bd:df:46:a9:9a:cb:f6:fc:46:
                    80:22:c9:30:e9:03:f0:82:9a:ec:01:31:ac:98:55:
                    4c:fc:15:31:56:f1:ed:46:b1:36:fc:0c:bb:9c:cc:
                    a1:a6:34:3b:22:e2:12:6e:84:0f:c2:d3:87:66:1a:
                    12:9f:a2:0d:76:d7:f7:92:ac:82:8a:a1:fa:69:c2:
                    fc:f7:a1:07:b3:16:04:a6:a0:47:ca:74:d6:83:9d:
                    a3:1e:ed:c5:4d:9d:9b:8b:a7:d6:62:a1:ed:c4:96:
                    6e:0c:5d:2c:a9:eb:03:92:0f:eb:c3:af:66:62:03:
                    f4:24:60:1e:26:00:55:04:8f:33:36:2f:43:23:9d:
                    67:2a:4e:bf:f1:66:1c:13:4f:72:1f:e7:8c:50:c8:
                    e6:f4:ae:42:75:65:64:3d:6f:4b:e8:0b:29:9e:06:
                    ba:45:b3:70:2b:2d:f3:66:17:9b:1f:c3:60:65:b5:
                    a4:cf:7d:26:30:c8:0c:e0:aa:68:3a:7a:6a:3d:67:
                    dc:88:f5:fd:c7:da:62:e5:bf:76:12:c9:36:33:ec:
                    df:e1:25:7d:6c:c4:93:63:ab:50:9d:14:cd:57:91:
                    df:13:2b:4e:25:ae:e0:a3:bc:a8:cb:ef:8a:68:e6:
                    24:76:2f:d5:7c:63:73:1f:13:c1:9b:4a:eb:ae:6c:
                    47:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:93:EF:5D:02:47:D6:5E:0E:35:EE:72:E9:44:74:7F:21:9D:29:17
            X509v3 Authority Key Identifier:
                keyid:A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:97:12:84:f0:28:d8:f7:fe:9e:d2:78:34:fe:bc:80:01:11:
         b4:e6:49:eb:10:28:53:41:02:39:59:fd:ad:13:37:d6:3e:f9:
         a9:01:7b:80:ef:89:72:29:07:bb:d6:29:6d:ac:b6:12:65:25:
         2c:05:8c:a2:d4:8a:66:e2:c9:f7:09:63:b1:03:ce:aa:08:82:
         ab:c6:fc:56:90:c6:19:68:81:96:07:a2:dd:ad:1c:61:fc:23:
         d4:d9:3e:0b:00:59:e7:6b:f1:a3:68:b2:e9:49:87:a0:72:94:
         01:68:8e:ec:bf:b9:ba:9d:36:c3:06:f9:84:44:e5:05:52:e1:
         a4:6f:30:93:c9:26:84:8e:d7:71:8f:22:e3:f1:2d:bb:6e:6d:
         46:a8:f7:02:b9:2e:23:15:b3:f8:32:c7:e2:22:f6:0a:32:58:
         02:61:c3:3e:f6:b8:01:a6:0b:63:d1:0d:ad:2d:5e:48:c7:e3:
         d6:cd:f8:14:e2:b8:84:4b:41:c6:5d:23:a4:1f:c9:7d:f8:51:
         19:b8:b4:c4:85:63:16:d1:a0:ad:b8:50:e6:d6:dd:d0:24:80:
         61:d8:ad:d2:00:61:91:4d:ed:cd:9f:02:21:8d:a0:f6:12:b6:
         36:d7:2a:51:bf:eb:63:1e:77:dc:b2:ad:23:ba:84:fc:1c:93:
         06:ee:44:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bh35qafc5TiqSeYcv9ou9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZjdkOTAyYzhhYjUzNDAwOTg3YTE4ODJhYjI3ZjdjZmEw
MWI3NDAwHhcNMjYwNDE3MTMwMDQxWhcNMjYwNDE4MTMwMDQxWjAzMTEwLwYDVQQD
EyhkZTkzZWY1ZDAyNDdkNjVlMGUzNWVlNzJlOTQ0NzQ3ZjIxOWQyOTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtXefGS930apmsv2/EaAIskw6QPw
gprsATGsmFVM/BUxVvHtRrE2/Ay7nMyhpjQ7IuISboQPwtOHZhoSn6INdtf3kqyC
iqH6acL896EHsxYEpqBHynTWg52jHu3FTZ2bi6fWYqHtxJZuDF0sqesDkg/rw69m
YgP0JGAeJgBVBI8zNi9DI51nKk6/8WYcE09yH+eMUMjm9K5CdWVkPW9L6Aspnga6
RbNwKy3zZhebH8NgZbWkz30mMMgM4KpoOnpqPWfciPX9x9pi5b92Esk2M+zf4SV9
bMSTY6tQnRTNV5HfEytOJa7go7yoy++KaOYkdi/VfGNzHxPBm0rrrmxHtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN6T710CR9ZeDjXuculEdH8hnSkXMB8GA1UdIwQY
MBaAFKX32QLIq1NACYehiCqyf3z6AbdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYt
MmQ2NWUwNjY4N2RlLzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYtMmQ2NWUwNjY4N2Rl
LzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs5cShPAo
2Pf+ntJ4NP68gAERtOZJ6xAoU0ECOVn9rRM31j75qQF7gO+JcikHu9Ypbay2EmUl
LAWMotSKZuLJ9wljsQPOqgiCq8b8VpDGGWiBlgei3a0cYfwj1Nk+CwBZ52vxo2iy
6UmHoHKUAWiO7L+5up02wwb5hETlBVLhpG8wk8kmhI7XcY8i4/Etu25tRqj3Arku
IxWz+DLH4iL2CjJYAmHDPva4AaYLY9ENrS1eSMfj1s34FOK4hEtBxl0jpB/JffhR
Gbi0xIVjFtGgrbhQ5tbd0CSAYdit0gBhkU3tzZ8CIY2g9hK2NtcqUb/rYx533LKt
I7qE/ByTBu5ECQ==
-----END CERTIFICATE-----