Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
File:                     sTI2xNBokx4LRMmLKQqPqlVKA7k.mft (raw, json)
Hash identifier:          E3k5tZIdyQlWLYZ8Qe9n9vWZ4xOjdJ01Xc7AaM8CoYI=
Subject key identifier:   50:0F:D5:DC:39:9C:B5:8C:45:A0:6B:2D:47:5A:CB:BB:DB:1E:BD:A8
Authority key identifier: B1:32:36:C4:D0:68:93:1E:0B:44:C9:8B:29:0A:8F:AA:55:4A:03:B9
Certificate issuer:       /CN=b13236c4d068931e0b44c98b290a8faa554a03b9
Certificate serial:       019D99631212D56E71F888CA26166020E1F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
Manifest number:          0688
Signing time:             Fri 17 Apr 2026 03:01:39 +0000
Manifest this update:     Fri 17 Apr 2026 03:01:39 +0000
Manifest next update:     Sat 18 Apr 2026 03:01:39 +0000
Files and hashes:         1: sTI2xNBokx4LRMmLKQqPqlVKA7k.crl (hash: MSXh08IEacKj3X2ueMoIJkJHkJpP5DJJrEdapWHmjw8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 03:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:63:12:12:d5:6e:71:f8:88:ca:26:16:60:20:e1:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b13236c4d068931e0b44c98b290a8faa554a03b9
        Validity
            Not Before: Apr 17 03:01:39 2026 GMT
            Not After : Apr 18 03:01:39 2026 GMT
        Subject: CN=500fd5dc399cb58c45a06b2d475acbbbdb1ebda8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:08:07:7d:ee:60:08:1d:34:71:dd:43:e9:71:
                    8a:13:e7:45:86:45:b1:68:6f:ab:f1:a4:9c:86:4b:
                    79:69:89:4a:29:8d:dd:b5:5e:88:f2:1f:c8:de:41:
                    16:a9:0a:07:63:7e:d7:0e:5d:ae:66:31:11:9b:a0:
                    0e:e6:c8:48:7e:31:17:75:b6:90:93:ad:c1:c5:45:
                    15:b1:a1:77:ee:f0:b6:9e:12:80:4f:8a:23:16:d8:
                    40:7d:2e:46:b8:59:e2:5f:72:8a:93:4b:3e:6d:34:
                    69:1c:04:76:2e:d3:a0:d6:73:35:6d:5a:ad:39:0f:
                    ed:f3:ce:5e:8c:ed:21:c0:f5:55:96:ff:07:4a:dd:
                    2d:5d:90:d8:f5:4b:f3:96:05:bd:10:51:1e:cc:bb:
                    51:33:61:30:fc:4e:0a:bc:23:76:10:54:3e:88:e2:
                    de:47:63:9e:bf:af:a6:35:e9:18:a6:76:65:01:8c:
                    da:9a:34:0e:81:0e:eb:02:ad:68:2c:35:1c:ef:d1:
                    b7:0a:16:a3:38:22:4a:4f:ae:21:4e:84:21:8f:d1:
                    f9:7c:6b:e1:26:1b:e4:6f:29:2b:e9:89:f6:0c:75:
                    1b:c7:fb:d8:90:02:b6:bf:7b:3e:42:57:39:e2:23:
                    58:27:ea:30:95:e5:87:5e:44:3f:60:58:ca:04:81:
                    2c:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:0F:D5:DC:39:9C:B5:8C:45:A0:6B:2D:47:5A:CB:BB:DB:1E:BD:A8
            X509v3 Authority Key Identifier:
                keyid:B1:32:36:C4:D0:68:93:1E:0B:44:C9:8B:29:0A:8F:AA:55:4A:03:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ca:a3:51:d5:ae:3c:6a:25:d8:5c:b8:cd:8d:1b:13:4e:86:01:
         16:70:66:1d:b8:7c:35:5b:f9:ca:c8:b0:4b:0b:1e:8e:1a:ca:
         73:78:b4:26:55:e6:b8:b7:80:0f:52:f7:14:ab:d1:5d:4e:00:
         16:01:86:ab:ef:81:0f:b8:7a:8f:e8:cd:ee:6b:09:e1:cf:8c:
         42:7a:32:92:65:be:ae:48:64:dc:d0:13:fc:ed:f1:dc:7f:d7:
         c6:7b:d7:b5:fe:08:54:8d:4f:db:93:b3:db:b4:11:c7:39:ad:
         7a:8a:73:df:66:60:65:a4:86:ea:0a:85:3d:e9:d8:e2:78:2c:
         81:46:b3:95:88:a8:99:4e:9d:fe:a0:ef:89:57:58:04:a7:59:
         93:37:4d:03:53:e6:20:1a:cc:0e:a5:9d:47:75:f0:60:79:da:
         eb:1f:41:f4:c4:36:2c:9b:f8:fe:99:77:f9:59:0c:14:7a:04:
         ae:bc:0f:24:5d:2a:02:d2:02:76:ee:10:88:79:fc:f9:ee:3b:
         7f:89:92:d6:ff:37:9f:a0:51:4d:9e:ac:92:ff:af:b4:ff:e5:
         18:00:44:2c:78:7a:f0:2c:1c:f0:e7:57:7e:ef:dd:e5:58:94:
         34:8c:46:83:71:7b:02:7c:fc:42:77:52:7b:8d:75:8e:2d:ce:
         c6:68:e1:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYxIS1W5x+IjKJhZgIOH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzIzNmM0ZDA2ODkzMWUwYjQ0Yzk4YjI5MGE4ZmFhNTU0
YTAzYjkwHhcNMjYwNDE3MDMwMTM5WhcNMjYwNDE4MDMwMTM5WjAzMTEwLwYDVQQD
Eyg1MDBmZDVkYzM5OWNiNThjNDVhMDZiMmQ0NzVhY2JiYmRiMWViZGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAgHfe5gCB00cd1D6XGKE+dFhkWx
aG+r8aSchkt5aYlKKY3dtV6I8h/I3kEWqQoHY37XDl2uZjERm6AO5shIfjEXdbaQ
k63BxUUVsaF37vC2nhKAT4ojFthAfS5GuFniX3KKk0s+bTRpHAR2LtOg1nM1bVqt
OQ/t885ejO0hwPVVlv8HSt0tXZDY9UvzlgW9EFEezLtRM2Ew/E4KvCN2EFQ+iOLe
R2Oev6+mNekYpnZlAYzamjQOgQ7rAq1oLDUc79G3ChajOCJKT64hToQhj9H5fGvh
Jhvkbykr6Yn2DHUbx/vYkAK2v3s+Qlc54iNYJ+owleWHXkQ/YFjKBIEstwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFAP1dw5nLWMRaBrLUday7vbHr2oMB8GA1UdIwQY
MBaAFLEyNsTQaJMeC0TJiykKj6pVSgO5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81NzI5ZmEtNTlkZC00MzQ2LThjMDAt
MmRkMTE5ODRiMzVmLzEvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81NzI5ZmEtNTlkZC00MzQ2LThjMDAtMmRkMTE5ODRiMzVm
LzEvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyqNR1a48
aiXYXLjNjRsTToYBFnBmHbh8NVv5ysiwSwsejhrKc3i0JlXmuLeAD1L3FKvRXU4A
FgGGq++BD7h6j+jN7msJ4c+MQnoykmW+rkhk3NAT/O3x3H/XxnvXtf4IVI1P25Oz
27QRxzmteopz32ZgZaSG6gqFPenY4ngsgUazlYiomU6d/qDviVdYBKdZkzdNA1Pm
IBrMDqWdR3XwYHna6x9B9MQ2LJv4/pl3+VkMFHoErrwPJF0qAtICdu4QiHn8+e47
f4mS1v83n6BRTZ6skv+vtP/lGABELHh68Cwc8OdXfu/d5ViUNIxGg3F7Anz8QndS
e411ji3Oxmjh9g==
-----END CERTIFICATE-----