Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.mft
File:                     FSj8hxfpGa4HJhquKNjIRWTIpxI.mft (raw, json)
Hash identifier:          j5kX6IhvHLtlVh4IjQmAlcsM+ByV3k5XHj0FXla8Ujs=
Subject key identifier:   46:D6:DB:C2:FD:C6:98:C9:5A:25:E1:30:BA:E8:3A:52:ED:02:B9:BE
Authority key identifier: 15:28:FC:87:17:E9:19:AE:07:26:1A:AE:28:D8:C8:45:64:C8:A7:12
Certificate issuer:       /CN=1528fc8717e919ae07261aae28d8c84564c8a712
Certificate serial:       019D999951C19AA42F641A18432670F8B8D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FSj8hxfpGa4HJhquKNjIRWTIpxI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.mft
Manifest number:          1221
Signing time:             Fri 17 Apr 2026 04:00:55 +0000
Manifest this update:     Fri 17 Apr 2026 04:00:55 +0000
Manifest next update:     Sat 18 Apr 2026 04:00:55 +0000
Files and hashes:         1: FSj8hxfpGa4HJhquKNjIRWTIpxI.crl (hash: zijC0D4hJ3g3HvMQ7x8nBn7oYel6A1a0HTHlI/qONSs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FSj8hxfpGa4HJhquKNjIRWTIpxI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:99:51:c1:9a:a4:2f:64:1a:18:43:26:70:f8:b8:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1528fc8717e919ae07261aae28d8c84564c8a712
        Validity
            Not Before: Apr 17 04:00:55 2026 GMT
            Not After : Apr 18 04:00:55 2026 GMT
        Subject: CN=46d6dbc2fdc698c95a25e130bae83a52ed02b9be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:09:94:37:54:4a:e7:a5:c1:57:18:16:6b:7e:
                    d3:4b:33:2d:d3:24:49:f3:1c:c3:56:fd:0f:40:b7:
                    b9:28:a3:04:48:80:5a:cb:33:45:34:81:f9:09:26:
                    09:89:65:03:57:ed:96:f4:11:8f:8c:35:ee:88:4d:
                    ee:a3:cd:0f:30:5c:86:25:cd:c8:4f:a8:a0:dc:a2:
                    55:8e:61:ab:b7:3e:d8:fb:d5:11:f5:94:bb:10:6c:
                    7a:86:a7:fb:7d:d3:df:4c:e5:ee:b3:f1:75:fa:68:
                    6b:07:bd:ed:d3:98:fa:52:07:67:d2:fc:ab:2d:a4:
                    15:58:89:b7:ac:f2:d9:1f:81:1a:b8:40:2a:78:b8:
                    c6:d0:58:a4:d4:55:39:e9:40:52:c4:e6:23:58:17:
                    ef:77:fa:28:e5:58:d9:ff:43:e0:12:5d:0a:fa:3f:
                    03:5b:63:25:4e:a1:5d:12:de:60:ba:62:38:83:44:
                    30:d7:01:40:23:0a:1f:01:cd:69:11:e7:13:ce:d6:
                    74:f1:d0:17:49:ec:60:c0:18:40:df:8e:18:1a:59:
                    3d:01:b0:a1:54:d0:b9:3d:8c:2f:00:23:6c:07:58:
                    49:2e:22:66:81:f6:22:1a:e0:4a:5a:af:ef:67:61:
                    22:9d:63:f6:a4:5e:4c:46:d2:53:2a:7c:69:4d:37:
                    67:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:D6:DB:C2:FD:C6:98:C9:5A:25:E1:30:BA:E8:3A:52:ED:02:B9:BE
            X509v3 Authority Key Identifier:
                keyid:15:28:FC:87:17:E9:19:AE:07:26:1A:AE:28:D8:C8:45:64:C8:A7:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FSj8hxfpGa4HJhquKNjIRWTIpxI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:3a:cc:bb:b6:e7:db:c2:01:1b:e2:64:2d:66:60:b5:59:4e:
         30:f9:54:de:44:31:c3:f5:36:15:83:9b:02:56:d2:08:ce:ba:
         b0:da:4d:26:c1:d6:74:cd:0b:6e:09:89:58:11:59:d4:41:03:
         72:8f:e9:f6:3a:46:0f:58:73:98:b1:9c:08:82:4e:77:6b:bb:
         83:32:7d:a7:c7:9f:04:09:a5:1b:2a:60:3b:d4:d4:07:78:b2:
         4f:0e:84:21:42:95:11:df:3a:b2:44:e1:96:1e:0f:36:a2:06:
         d1:df:90:52:83:ed:54:4e:e2:84:30:53:41:e5:4d:b0:a0:62:
         c4:76:f3:22:d9:fb:8c:41:1e:0f:a2:eb:76:7c:26:43:a2:d6:
         4c:86:ff:48:02:3e:e7:c2:fd:d0:44:00:66:38:52:a2:7b:43:
         4d:ef:cd:18:a9:b0:8b:90:fd:20:52:ee:8a:a2:4c:c9:76:e6:
         9f:e7:4d:6d:ea:d3:11:df:80:5f:d3:31:fe:ee:65:c4:2a:55:
         37:4a:4f:10:81:72:de:03:33:33:f5:50:a9:b6:e2:6d:a0:cf:
         e2:34:39:4f:7b:74:d9:c9:ce:0e:75:7f:83:53:a4:d9:d2:57:
         9e:d3:ce:da:62:92:68:25:dc:26:9d:82:41:91:5a:53:5c:70:
         a5:78:95:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmVHBmqQvZBoYQyZw+LjXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MjhmYzg3MTdlOTE5YWUwNzI2MWFhZTI4ZDhjODQ1NjRj
OGE3MTIwHhcNMjYwNDE3MDQwMDU1WhcNMjYwNDE4MDQwMDU1WjAzMTEwLwYDVQQD
Eyg0NmQ2ZGJjMmZkYzY5OGM5NWEyNWUxMzBiYWU4M2E1MmVkMDJiOWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwmUN1RK56XBVxgWa37TSzMt0yRJ
8xzDVv0PQLe5KKMESIBayzNFNIH5CSYJiWUDV+2W9BGPjDXuiE3uo80PMFyGJc3I
T6ig3KJVjmGrtz7Y+9UR9ZS7EGx6hqf7fdPfTOXus/F1+mhrB73t05j6Ugdn0vyr
LaQVWIm3rPLZH4EauEAqeLjG0Fik1FU56UBSxOYjWBfvd/oo5VjZ/0PgEl0K+j8D
W2MlTqFdEt5gumI4g0Qw1wFAIwofAc1pEecTztZ08dAXSexgwBhA344YGlk9AbCh
VNC5PYwvACNsB1hJLiJmgfYiGuBKWq/vZ2EinWP2pF5MRtJTKnxpTTdnrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEbW28L9xpjJWiXhMLroOlLtArm+MB8GA1UdIwQY
MBaAFBUo/IcX6RmuByYarijYyEVkyKcSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlNqOGh4ZnBHYTRISmhxdUtOaklSV1RJcHhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy82ZGZiYjYtNGFmYS00YmJjLTlkMTkt
NjcxMDcyZjkxYTEzLzEvRlNqOGh4ZnBHYTRISmhxdUtOaklSV1RJcHhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy82ZGZiYjYtNGFmYS00YmJjLTlkMTktNjcxMDcyZjkxYTEz
LzEvRlNqOGh4ZnBHYTRISmhxdUtOaklSV1RJcHhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALDrMu7bn
28IBG+JkLWZgtVlOMPlU3kQxw/U2FYObAlbSCM66sNpNJsHWdM0LbgmJWBFZ1EED
co/p9jpGD1hzmLGcCIJOd2u7gzJ9p8efBAmlGypgO9TUB3iyTw6EIUKVEd86skTh
lh4PNqIG0d+QUoPtVE7ihDBTQeVNsKBixHbzItn7jEEeD6LrdnwmQ6LWTIb/SAI+
58L90EQAZjhSontDTe/NGKmwi5D9IFLuiqJMyXbmn+dNberTEd+AX9Mx/u5lxCpV
N0pPEIFy3gMzM/VQqbbibaDP4jQ5T3t02cnODnV/g1Ok2dJXntPO2mKSaCXcJp2C
QZFaU1xwpXiV6w==
-----END CERTIFICATE-----