Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
File:                     M1lkDZyLY0Pghqr4vosw6MMdK40.mft (raw, json)
Hash identifier:          /3hpRz6WtzO0yDgStHF4MSLTHN9DabZxjIjShfXQXeo=
Subject key identifier:   BC:4B:AC:7D:C1:AE:1C:5C:C5:9C:E0:76:0A:6E:89:B3:A0:82:ED:E4
Authority key identifier: 33:59:64:0D:9C:8B:63:43:E0:86:AA:F8:BE:8B:30:E8:C3:1D:2B:8D
Certificate issuer:       /CN=3359640d9c8b6343e086aaf8be8b30e8c31d2b8d
Certificate serial:       019D98F4386B69E5B478955F830009FDD914
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
Manifest number:          0648
Signing time:             Fri 17 Apr 2026 01:00:35 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:35 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:35 +0000
Files and hashes:         1: M1lkDZyLY0Pghqr4vosw6MMdK40.crl (hash: ha9lNlcDgNE+XM0VkXPwxFSz2TxireZWCYL/j4OXyxw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:38:6b:69:e5:b4:78:95:5f:83:00:09:fd:d9:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3359640d9c8b6343e086aaf8be8b30e8c31d2b8d
        Validity
            Not Before: Apr 17 01:00:35 2026 GMT
            Not After : Apr 18 01:00:35 2026 GMT
        Subject: CN=bc4bac7dc1ae1c5cc59ce0760a6e89b3a082ede4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:e1:8f:32:35:df:a6:59:0c:d7:87:3c:8c:26:
                    31:20:82:11:44:f0:92:f5:e6:eb:aa:7b:d4:8e:f7:
                    ad:ce:7f:54:e0:cd:32:6e:93:69:4b:38:25:86:1e:
                    94:53:c7:f8:fc:ae:77:c4:2f:64:c9:c9:6d:ec:9e:
                    35:3f:32:fe:e6:5d:c0:46:1d:fe:f0:7b:2f:70:76:
                    9c:58:bb:6d:84:88:0c:e8:86:8f:c3:21:be:72:58:
                    87:5f:b3:fe:b5:62:f0:d3:1d:cb:b2:cb:56:c7:97:
                    a7:fd:34:d3:c8:32:88:5c:6c:98:92:b1:d9:1e:e9:
                    d8:b5:f7:10:b7:38:c0:8e:29:00:85:5a:0f:b0:da:
                    77:07:f9:da:2f:33:d5:8a:ed:e5:a7:df:5b:9d:9a:
                    a6:f6:5f:08:aa:ed:80:32:11:d3:4b:78:21:66:8d:
                    0e:02:b2:8d:86:b5:e4:3e:83:47:81:88:9b:24:58:
                    42:8e:6d:f7:a2:19:ee:6b:f8:7d:b9:04:15:80:92:
                    81:c6:ca:c0:de:6b:1d:d5:bc:89:b2:ec:14:dd:5f:
                    d7:bb:c6:e3:c5:a8:d1:49:a1:cd:38:2f:f6:e5:ae:
                    98:17:93:0e:06:ed:9b:8d:62:6b:3c:27:c3:99:77:
                    b4:1a:95:47:87:5c:a1:db:ac:15:77:15:47:a5:f9:
                    a2:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:4B:AC:7D:C1:AE:1C:5C:C5:9C:E0:76:0A:6E:89:B3:A0:82:ED:E4
            X509v3 Authority Key Identifier:
                keyid:33:59:64:0D:9C:8B:63:43:E0:86:AA:F8:BE:8B:30:E8:C3:1D:2B:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:1c:e4:e9:87:04:4a:bd:a6:a0:9d:52:bf:22:ac:2e:89:39:
         36:c9:bf:64:97:40:e0:00:e0:2f:d5:17:db:15:fb:52:fb:47:
         58:7b:60:5e:a2:24:90:df:f9:30:0f:46:2d:d0:ec:ba:56:f1:
         d4:c6:ad:a3:96:05:d5:bd:7f:e4:f8:a1:44:dd:5a:27:1f:77:
         e7:8d:f3:e3:05:4a:a4:4d:2f:36:c9:e9:a2:33:a5:a5:a0:60:
         5f:12:0f:d0:ad:a1:0b:39:fa:06:8b:0b:3f:ab:02:9a:da:93:
         f0:e9:6f:16:6b:1f:c6:67:4c:82:c2:cb:7e:d8:1c:f2:b2:c7:
         20:91:06:3c:49:22:20:1a:22:43:06:09:5c:8e:85:4b:ac:8d:
         64:73:94:17:ad:5b:a7:48:d0:ba:99:5b:38:83:89:ee:b9:6d:
         a5:cd:23:71:21:b7:a8:28:05:eb:a5:03:c8:2f:d6:71:fb:f8:
         ee:72:28:4a:a9:12:8c:a3:7e:b0:29:2a:3a:ab:37:bf:b3:e6:
         aa:d2:df:fa:54:15:93:09:5c:ca:1f:a0:88:59:24:16:0c:19:
         81:56:cc:33:32:09:63:33:b7:9f:a4:3b:1b:12:64:ed:8d:65:
         a5:e4:85:f7:a5:f6:1e:63:08:7c:8d:6b:83:bc:ba:e1:4c:17:
         13:ea:8f:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9DhraeW0eJVfgwAJ/dkUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNTk2NDBkOWM4YjYzNDNlMDg2YWFmOGJlOGIzMGU4YzMx
ZDJiOGQwHhcNMjYwNDE3MDEwMDM1WhcNMjYwNDE4MDEwMDM1WjAzMTEwLwYDVQQD
EyhiYzRiYWM3ZGMxYWUxYzVjYzU5Y2UwNzYwYTZlODliM2EwODJlZGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOGPMjXfplkM14c8jCYxIIIRRPCS
9ebrqnvUjvetzn9U4M0ybpNpSzglhh6UU8f4/K53xC9kyclt7J41PzL+5l3ARh3+
8HsvcHacWLtthIgM6IaPwyG+cliHX7P+tWLw0x3LsstWx5en/TTTyDKIXGyYkrHZ
HunYtfcQtzjAjikAhVoPsNp3B/naLzPViu3lp99bnZqm9l8Iqu2AMhHTS3ghZo0O
ArKNhrXkPoNHgYibJFhCjm33ohnua/h9uQQVgJKBxsrA3msd1byJsuwU3V/Xu8bj
xajRSaHNOC/25a6YF5MOBu2bjWJrPCfDmXe0GpVHh1yh26wVdxVHpfmi7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLxLrH3BrhxcxZzgdgpuibOggu3kMB8GA1UdIwQY
MBaAFDNZZA2ci2ND4Iaq+L6LMOjDHSuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9kMzMwYzktM2EwMC00ZTg1LThhNzQt
YmRkYzMxNDNiMzEzLzEvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9kMzMwYzktM2EwMC00ZTg1LThhNzQtYmRkYzMxNDNiMzEz
LzEvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApRzk6YcE
Sr2moJ1SvyKsLok5Nsm/ZJdA4ADgL9UX2xX7UvtHWHtgXqIkkN/5MA9GLdDsulbx
1Mato5YF1b1/5PihRN1aJx93543z4wVKpE0vNsnpojOlpaBgXxIP0K2hCzn6BosL
P6sCmtqT8OlvFmsfxmdMgsLLftgc8rLHIJEGPEkiIBoiQwYJXI6FS6yNZHOUF61b
p0jQuplbOIOJ7rltpc0jcSG3qCgF66UDyC/Wcfv47nIoSqkSjKN+sCkqOqs3v7Pm
qtLf+lQVkwlcyh+giFkkFgwZgVbMMzIJYzO3n6Q7GxJk7Y1lpeSF96X2HmMIfI1r
g7y64UwXE+qP2w==
-----END CERTIFICATE-----