Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
File:                     0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft (raw, json)
Hash identifier:          rEUzJCvzpkG90a0XkA1cO/JkAT/97xMQjArgMaVdACY=
Subject key identifier:   79:F9:67:3C:19:18:9B:17:0E:D4:C0:22:CA:F8:69:E9:47:E5:C4:E6
Authority key identifier: D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95
Certificate issuer:       /CN=d170d4dde23a92166a67bb13f60bc70b667d8695
Certificate serial:       019D9B504A0C9C257649534B51F857DE35FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
Manifest number:          15F9
Signing time:             Fri 17 Apr 2026 12:00:23 +0000
Manifest this update:     Fri 17 Apr 2026 12:00:23 +0000
Manifest next update:     Sat 18 Apr 2026 12:00:23 +0000
Files and hashes:         1: 0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl (hash: 8CycABcW04cj3/tQE3cHAGL+nZfWBHjRWzC2AGJSlug=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:50:4a:0c:9c:25:76:49:53:4b:51:f8:57:de:35:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d170d4dde23a92166a67bb13f60bc70b667d8695
        Validity
            Not Before: Apr 17 12:00:23 2026 GMT
            Not After : Apr 18 12:00:23 2026 GMT
        Subject: CN=79f9673c19189b170ed4c022caf869e947e5c4e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:58:3d:63:62:9e:6c:8e:f0:4b:32:90:d9:20:
                    e2:af:c9:7f:ea:af:40:f4:4b:b3:65:da:5e:0c:35:
                    75:85:45:0d:48:46:14:1e:7d:5b:d7:3f:e2:b6:fb:
                    78:9b:89:38:98:8f:e9:45:88:98:c0:aa:a1:15:d3:
                    ba:98:bb:ff:4b:d4:c0:73:1c:cc:b6:dd:1b:39:69:
                    6e:87:9f:59:fc:b9:09:d0:33:5d:ed:04:0f:77:63:
                    91:cc:d2:ac:d4:3b:0b:65:2e:c9:63:49:dd:8c:77:
                    78:6d:dc:6f:99:d4:90:0c:4e:16:70:84:31:4d:cf:
                    1f:20:92:ae:54:85:cc:39:b4:fd:df:8b:a9:5a:33:
                    9c:ab:a1:c9:d3:26:59:34:5e:91:c0:95:e0:3d:c4:
                    f8:8e:05:76:df:b2:c5:43:97:a8:07:06:71:ad:e5:
                    b1:81:51:a0:cf:fa:a5:17:e6:f1:d3:90:36:0e:00:
                    77:cd:4c:1e:bf:59:f1:61:32:cc:c5:a0:76:fe:19:
                    87:04:99:35:73:d3:ee:3c:89:5e:e0:4a:87:e1:13:
                    4c:27:fc:70:07:b1:68:53:ab:df:52:31:7a:a6:e2:
                    fb:0f:b5:3d:7a:03:71:42:cf:43:ad:b4:26:fa:64:
                    87:7b:ef:5f:8c:30:8d:32:8b:50:96:45:b9:29:37:
                    0f:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:F9:67:3C:19:18:9B:17:0E:D4:C0:22:CA:F8:69:E9:47:E5:C4:E6
            X509v3 Authority Key Identifier:
                keyid:D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:e9:f9:b4:54:42:d2:07:4c:d7:f0:97:07:61:46:b5:fb:61:
         52:d0:c4:2a:30:cd:ca:39:d7:74:53:27:06:1d:e6:c5:de:52:
         22:ea:6b:95:5f:b6:2f:5a:4a:a1:2c:57:60:70:03:74:4c:68:
         cc:e4:f7:d7:0c:63:e8:a8:44:ad:cf:07:5b:ed:43:b8:e6:dc:
         cc:7f:3c:b3:41:83:c5:ce:d6:db:04:7f:04:1a:b5:6e:ca:7f:
         6d:a8:35:f7:22:ee:49:85:ee:12:ac:03:46:ab:69:c6:f5:13:
         ff:ac:cd:2f:8f:ce:f4:80:be:f7:d0:6c:55:be:47:c7:aa:89:
         65:a0:70:97:45:0f:52:ae:3f:fd:45:fd:9e:46:d0:41:1f:98:
         24:9b:b6:48:38:c9:1b:01:64:8f:7a:9c:4f:4d:75:c5:a0:81:
         d0:78:c7:5d:a7:6d:aa:e2:b8:1b:1f:d6:d8:67:2a:d6:26:24:
         64:07:dd:3e:e8:97:95:66:c0:64:62:e1:60:87:c3:12:04:4d:
         4e:28:d3:9f:76:ff:75:45:38:58:4c:50:1b:83:16:67:8f:90:
         61:fa:d8:52:76:a4:69:cd:48:a9:97:75:bc:22:e1:83:51:2c:
         99:85:98:4f:97:26:db:08:c7:07:bc:9f:2d:3f:e2:4c:93:26:
         0a:1a:85:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUEoMnCV2SVNLUfhX3jX6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxNzBkNGRkZTIzYTkyMTY2YTY3YmIxM2Y2MGJjNzBiNjY3
ZDg2OTUwHhcNMjYwNDE3MTIwMDIzWhcNMjYwNDE4MTIwMDIzWjAzMTEwLwYDVQQD
Eyg3OWY5NjczYzE5MTg5YjE3MGVkNGMwMjJjYWY4NjllOTQ3ZTVjNGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFg9Y2KebI7wSzKQ2SDir8l/6q9A
9EuzZdpeDDV1hUUNSEYUHn1b1z/itvt4m4k4mI/pRYiYwKqhFdO6mLv/S9TAcxzM
tt0bOWluh59Z/LkJ0DNd7QQPd2ORzNKs1DsLZS7JY0ndjHd4bdxvmdSQDE4WcIQx
Tc8fIJKuVIXMObT934upWjOcq6HJ0yZZNF6RwJXgPcT4jgV237LFQ5eoBwZxreWx
gVGgz/qlF+bx05A2DgB3zUwev1nxYTLMxaB2/hmHBJk1c9PuPIle4EqH4RNMJ/xw
B7FoU6vfUjF6puL7D7U9egNxQs9DrbQm+mSHe+9fjDCNMotQlkW5KTcPAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHn5ZzwZGJsXDtTAIsr4aelH5cTmMB8GA1UdIwQY
MBaAFNFw1N3iOpIWame7E/YLxwtmfYaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQt
N2E1NzE0ZjhlNmRhLzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQtN2E1NzE0ZjhlNmRh
LzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhun5tFRC
0gdM1/CXB2FGtfthUtDEKjDNyjnXdFMnBh3mxd5SIuprlV+2L1pKoSxXYHADdExo
zOT31wxj6KhErc8HW+1DuObczH88s0GDxc7W2wR/BBq1bsp/bag19yLuSYXuEqwD
RqtpxvUT/6zNL4/O9IC+99BsVb5Hx6qJZaBwl0UPUq4//UX9nkbQQR+YJJu2SDjJ
GwFkj3qcT011xaCB0HjHXadtquK4Gx/W2Gcq1iYkZAfdPuiXlWbAZGLhYIfDEgRN
TijTn3b/dUU4WExQG4MWZ4+QYfrYUnakac1IqZd1vCLhg1EsmYWYT5cm2wjHB7yf
LT/iTJMmChqFcg==
-----END CERTIFICATE-----