Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
File:                     ba7zApYp3gKduYq3tOm9IhwomRw.mft (raw, json)
Hash identifier:          Z0fXQ7EWZk1EG/ADVl6ByCoMlCekFo+kYOKnQrM/oWY=
Subject key identifier:   94:9D:84:37:23:FB:FC:78:BD:F5:8F:A3:B9:A3:F6:EF:6F:6B:88:3A
Authority key identifier: 6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C
Certificate issuer:       /CN=6daef3029629de029db98ab7b4e9bd221c28991c
Certificate serial:       019D9AE2C7836CE8587CFDB1970062A3A34A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
Manifest number:          0EAB
Signing time:             Fri 17 Apr 2026 10:00:46 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:46 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:46 +0000
Files and hashes:         1: ba7zApYp3gKduYq3tOm9IhwomRw.crl (hash: 6DGvlUFEamQwrZNPloI20jOPRQkv2NE61vnriS0c/RQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:c7:83:6c:e8:58:7c:fd:b1:97:00:62:a3:a3:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6daef3029629de029db98ab7b4e9bd221c28991c
        Validity
            Not Before: Apr 17 10:00:46 2026 GMT
            Not After : Apr 18 10:00:46 2026 GMT
        Subject: CN=949d843723fbfc78bdf58fa3b9a3f6ef6f6b883a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:42:da:98:df:3c:bc:1b:d9:e0:63:7f:aa:28:
                    72:0e:68:80:2b:07:e7:f7:fd:b0:fb:02:89:39:6d:
                    f3:cc:36:f0:da:31:f2:3b:e3:4d:98:74:39:95:ae:
                    52:c3:1e:0d:f6:c9:4c:2f:6e:30:68:51:88:1b:d1:
                    6d:e9:4a:6f:61:34:cb:eb:d2:87:03:18:4f:6b:87:
                    7b:c6:39:80:09:21:e5:84:92:a6:8f:35:0b:f5:07:
                    3d:0c:62:5f:03:7f:74:30:4e:46:b1:08:61:aa:6e:
                    88:d4:cb:ff:3e:c1:58:b5:be:a7:8e:59:77:2e:6d:
                    2f:b9:04:6a:de:88:c4:a6:47:ce:c4:b1:1b:02:c3:
                    13:16:19:74:23:02:97:af:dc:65:8f:40:93:6c:9a:
                    1f:13:88:29:6a:3a:c9:cf:0d:d8:cd:92:ec:2b:f9:
                    75:55:b2:ff:4d:37:b2:4f:16:53:45:9f:07:6c:b5:
                    b5:d1:7c:52:f0:87:27:9c:fe:cc:29:0a:83:49:f1:
                    25:e9:2b:2b:3c:5c:4b:fd:53:4c:a2:25:e7:03:1e:
                    c2:f9:e9:c1:98:79:a5:66:eb:7f:25:06:19:9f:d8:
                    5c:de:f5:47:d6:76:2a:d6:b9:bf:3e:19:f0:30:11:
                    0b:04:09:ee:9d:2d:0f:6d:32:c4:f5:9a:ec:e8:84:
                    34:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:9D:84:37:23:FB:FC:78:BD:F5:8F:A3:B9:A3:F6:EF:6F:6B:88:3A
            X509v3 Authority Key Identifier:
                keyid:6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:60:0f:19:5f:af:b8:be:c6:71:f0:74:42:49:7b:f1:c4:27:
         4b:2f:3d:1d:67:99:cf:2e:7b:4d:8c:43:54:69:42:aa:ff:af:
         89:de:7f:08:d5:cc:f2:3d:23:19:db:4b:34:74:a1:a6:53:3c:
         8b:f8:b1:11:fb:05:9f:71:39:8e:e7:1f:00:bf:e2:41:a3:ce:
         56:72:26:59:72:7a:ca:80:a2:b5:0e:05:a4:53:1c:1c:3f:09:
         5d:8c:ac:4b:02:b4:45:0f:6d:87:6d:48:cd:29:24:34:a2:0a:
         08:ca:d4:59:0c:43:dc:dc:6c:2a:bd:ca:ab:e9:7e:66:1d:ee:
         8f:df:d7:05:dc:3f:24:67:58:fc:db:aa:98:b9:35:27:22:fc:
         f2:89:14:6a:2c:ec:a1:51:f4:5a:4e:71:d1:72:91:f2:0a:5f:
         20:5d:dc:8e:01:b5:eb:fe:c9:4e:65:91:ac:b8:40:cf:cc:00:
         d1:03:2b:e8:ec:fb:e4:40:3b:5c:2e:64:b5:f1:21:46:3a:b7:
         94:84:f2:62:b2:b2:dd:a3:26:74:c6:9e:af:89:06:f8:cc:87:
         6d:72:f6:6d:44:66:d1:39:0b:ad:65:ec:d4:33:54:13:4e:06:
         f6:46:3e:d1:af:3c:ba:88:b8:0e:a3:32:82:7e:9f:e8:97:be:
         49:22:4b:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4seDbOhYfP2xlwBio6NKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYWVmMzAyOTYyOWRlMDI5ZGI5OGFiN2I0ZTliZDIyMWMy
ODk5MWMwHhcNMjYwNDE3MTAwMDQ2WhcNMjYwNDE4MTAwMDQ2WjAzMTEwLwYDVQQD
Eyg5NDlkODQzNzIzZmJmYzc4YmRmNThmYTNiOWEzZjZlZjZmNmI4ODNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0LamN88vBvZ4GN/qihyDmiAKwfn
9/2w+wKJOW3zzDbw2jHyO+NNmHQ5la5Swx4N9slML24waFGIG9Ft6UpvYTTL69KH
AxhPa4d7xjmACSHlhJKmjzUL9Qc9DGJfA390ME5GsQhhqm6I1Mv/PsFYtb6njll3
Lm0vuQRq3ojEpkfOxLEbAsMTFhl0IwKXr9xlj0CTbJofE4gpajrJzw3YzZLsK/l1
VbL/TTeyTxZTRZ8HbLW10XxS8IcnnP7MKQqDSfEl6SsrPFxL/VNMoiXnAx7C+enB
mHmlZut/JQYZn9hc3vVH1nYq1rm/PhnwMBELBAnunS0PbTLE9Zrs6IQ0BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJSdhDcj+/x4vfWPo7mj9u9va4g6MB8GA1UdIwQY
MBaAFG2u8wKWKd4CnbmKt7TpvSIcKJkcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDIt
Y2RlNDA0ODA1YjEwLzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDItY2RlNDA0ODA1YjEw
LzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApmAPGV+v
uL7GcfB0Qkl78cQnSy89HWeZzy57TYxDVGlCqv+vid5/CNXM8j0jGdtLNHShplM8
i/ixEfsFn3E5jucfAL/iQaPOVnImWXJ6yoCitQ4FpFMcHD8JXYysSwK0RQ9th21I
zSkkNKIKCMrUWQxD3NxsKr3Kq+l+Zh3uj9/XBdw/JGdY/NuqmLk1JyL88okUaizs
oVH0Wk5x0XKR8gpfIF3cjgG16/7JTmWRrLhAz8wA0QMr6Oz75EA7XC5ktfEhRjq3
lITyYrKy3aMmdMaer4kG+MyHbXL2bURm0TkLrWXs1DNUE04G9kY+0a88uoi4DqMy
gn6f6Je+SSJL5g==
-----END CERTIFICATE-----