Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.mft
File:                     k-DpokYd9Py54i53cLJhOgckE4g.mft (raw, json)
Hash identifier:          fyaUrfRPpC9mdpHKpWHDC5moRF2kjfEu3Z/V02cr46w=
Subject key identifier:   B5:39:0D:31:0F:1D:0C:FF:70:99:AF:D8:7D:73:55:3A:E3:34:77:C7
Authority key identifier: 93:E0:E9:A2:46:1D:F4:FC:B9:E2:2E:77:70:B2:61:3A:07:24:13:88
Certificate issuer:       /CN=93e0e9a2461df4fcb9e22e7770b2613a07241388
Certificate serial:       019D999980F081CD5A41EDD628F45D4C28B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k-DpokYd9Py54i53cLJhOgckE4g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.mft
Manifest number:          1850
Signing time:             Fri 17 Apr 2026 04:01:07 +0000
Manifest this update:     Fri 17 Apr 2026 04:01:07 +0000
Manifest next update:     Sat 18 Apr 2026 04:01:07 +0000
Files and hashes:         1: k-DpokYd9Py54i53cLJhOgckE4g.crl (hash: 3xeNi5fAUcd/HYOoWvRhZ0uc8pLdP0zNut+AUuasSP4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/k-DpokYd9Py54i53cLJhOgckE4g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:99:80:f0:81:cd:5a:41:ed:d6:28:f4:5d:4c:28:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93e0e9a2461df4fcb9e22e7770b2613a07241388
        Validity
            Not Before: Apr 17 04:01:07 2026 GMT
            Not After : Apr 18 04:01:07 2026 GMT
        Subject: CN=b5390d310f1d0cff7099afd87d73553ae33477c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:0f:be:9e:74:16:27:f3:cb:60:1a:41:a6:7f:
                    1f:7a:77:4b:50:f7:cc:80:90:d0:f9:44:1e:6f:6d:
                    fe:83:1c:f9:f4:32:85:fd:f5:3d:ff:e9:6e:72:95:
                    ec:29:95:f4:8a:f6:42:f0:79:41:b6:71:3d:82:00:
                    c1:d6:94:80:b2:42:f8:a5:5b:9b:af:c1:75:e1:de:
                    cc:4a:f6:82:d8:19:6e:f2:05:bf:65:f6:2f:04:1d:
                    b4:74:73:f3:b8:9d:7f:ce:2c:e1:a5:cd:e6:d2:95:
                    4a:1e:44:de:54:96:8b:e4:31:3a:e6:f1:e9:54:a9:
                    90:a8:1d:b0:74:9b:45:4f:ff:9c:17:e5:42:6f:9f:
                    8d:b5:3e:44:a1:70:2e:20:e0:90:77:b4:01:6c:cf:
                    9d:b7:ca:4e:35:37:9a:ae:9c:7d:e5:fe:a4:9a:26:
                    99:50:aa:f9:91:6d:db:db:ab:4d:1f:00:eb:40:ba:
                    9b:66:cf:b7:aa:b5:81:3c:73:66:43:21:f5:34:86:
                    ed:1b:1d:8c:44:8c:87:0e:98:68:8c:36:0e:9f:a2:
                    f7:93:b2:53:8e:7e:25:4e:2a:46:c3:ca:78:f8:30:
                    41:54:40:63:00:0f:0f:5b:c6:96:53:9d:a0:26:b6:
                    0a:c7:72:5d:af:2b:1f:46:3a:9e:0c:e8:ef:7e:7a:
                    49:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:39:0D:31:0F:1D:0C:FF:70:99:AF:D8:7D:73:55:3A:E3:34:77:C7
            X509v3 Authority Key Identifier:
                keyid:93:E0:E9:A2:46:1D:F4:FC:B9:E2:2E:77:70:B2:61:3A:07:24:13:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-DpokYd9Py54i53cLJhOgckE4g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:0e:83:e3:08:85:87:17:a5:fb:55:24:ce:cb:f0:00:36:34:
         f7:1f:e1:50:12:46:14:da:78:5c:e2:c6:0a:63:2e:dc:d5:45:
         44:07:51:d0:3b:48:79:c9:6a:3f:de:41:49:8f:5e:76:6a:22:
         4e:f0:d3:64:d8:60:09:80:a8:f7:8f:bd:57:f7:c0:6d:59:ea:
         e9:53:fa:ac:2a:3e:f5:20:0e:4a:3a:84:69:cf:30:12:88:a9:
         26:3a:ea:03:9a:42:81:b8:9b:d5:4d:a9:da:4b:03:30:21:fd:
         f6:f1:f1:86:19:03:3f:14:77:23:06:9b:04:40:d2:ca:cd:33:
         c0:b4:80:13:a6:d0:ff:2c:ea:31:97:9c:20:d2:9a:2f:f4:42:
         17:5e:ca:bb:86:ef:e7:ba:ed:36:81:30:e7:e2:fd:df:bd:ce:
         17:37:92:01:1e:60:c0:0c:b6:95:07:74:68:71:c1:19:1c:82:
         ee:bc:7b:74:6f:de:e3:b2:4b:58:57:d4:d3:b5:8b:dc:c5:85:
         cb:aa:bd:80:99:88:d8:96:2c:c1:e9:3d:90:d1:5b:46:7a:0c:
         6a:ac:34:5d:33:7c:d8:86:0a:fd:7d:85:77:a4:e0:54:bd:d9:
         e8:40:39:c1:74:b3:a6:8d:d7:1d:d7:74:74:db:4f:f1:6d:82:
         62:94:1b:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmYDwgc1aQe3WKPRdTCiyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZTBlOWEyNDYxZGY0ZmNiOWUyMmU3NzcwYjI2MTNhMDcy
NDEzODgwHhcNMjYwNDE3MDQwMTA3WhcNMjYwNDE4MDQwMTA3WjAzMTEwLwYDVQQD
EyhiNTM5MGQzMTBmMWQwY2ZmNzA5OWFmZDg3ZDczNTUzYWUzMzQ3N2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsw++nnQWJ/PLYBpBpn8fendLUPfM
gJDQ+UQeb23+gxz59DKF/fU9/+lucpXsKZX0ivZC8HlBtnE9ggDB1pSAskL4pVub
r8F14d7MSvaC2Blu8gW/ZfYvBB20dHPzuJ1/zizhpc3m0pVKHkTeVJaL5DE65vHp
VKmQqB2wdJtFT/+cF+VCb5+NtT5EoXAuIOCQd7QBbM+dt8pONTearpx95f6kmiaZ
UKr5kW3b26tNHwDrQLqbZs+3qrWBPHNmQyH1NIbtGx2MRIyHDphojDYOn6L3k7JT
jn4lTipGw8p4+DBBVEBjAA8PW8aWU52gJrYKx3JdrysfRjqeDOjvfnpJWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLU5DTEPHQz/cJmv2H1zVTrjNHfHMB8GA1UdIwQY
MBaAFJPg6aJGHfT8ueIud3CyYToHJBOIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay1EcG9rWWQ5UHk1NGk1M2NMSmhPZ2NrRTRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC80MWU1ODQtOWNmNy00YzYyLTlmNjEt
MGUyZTM2MDE5ODQ5LzEvay1EcG9rWWQ5UHk1NGk1M2NMSmhPZ2NrRTRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC80MWU1ODQtOWNmNy00YzYyLTlmNjEtMGUyZTM2MDE5ODQ5
LzEvay1EcG9rWWQ5UHk1NGk1M2NMSmhPZ2NrRTRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADA6D4wiF
hxel+1UkzsvwADY09x/hUBJGFNp4XOLGCmMu3NVFRAdR0DtIeclqP95BSY9edmoi
TvDTZNhgCYCo94+9V/fAbVnq6VP6rCo+9SAOSjqEac8wEoipJjrqA5pCgbib1U2p
2ksDMCH99vHxhhkDPxR3IwabBEDSys0zwLSAE6bQ/yzqMZecINKaL/RCF17Ku4bv
57rtNoEw5+L9373OFzeSAR5gwAy2lQd0aHHBGRyC7rx7dG/e47JLWFfU07WL3MWF
y6q9gJmI2JYswek9kNFbRnoMaqw0XTN82IYK/X2Fd6TgVL3Z6EA5wXSzpo3XHdd0
dNtP8W2CYpQbEw==
-----END CERTIFICATE-----