Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
File:                     jRHN6i8zL8ztMzil3x-y30Uh-OI.mft (raw, json)
Hash identifier:          2YUCA3NBoNbn0L6enQaFfJdHKPjkV3p7VTWo1mg7QW0=
Subject key identifier:   F4:23:B3:9F:F7:DA:0C:B4:8B:4C:E8:F7:8C:DA:73:EA:E4:F5:75:87
Authority key identifier: 8D:11:CD:EA:2F:33:2F:CC:ED:33:38:A5:DF:1F:B2:DF:45:21:F8:E2
Certificate issuer:       /CN=8d11cdea2f332fcced3338a5df1fb2df4521f8e2
Certificate serial:       019D9CD19A63F5A27BDFC49386FE6788670C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
Manifest number:          13D7
Signing time:             Fri 17 Apr 2026 19:01:15 +0000
Manifest this update:     Fri 17 Apr 2026 19:01:15 +0000
Manifest next update:     Sat 18 Apr 2026 19:01:15 +0000
Files and hashes:         1: jRHN6i8zL8ztMzil3x-y30Uh-OI.crl (hash: AgVRDM/8rfwzGQo5nmAdve4FNbmmC/Fxha9bvqArTNo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 16:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9c:d1:9a:63:f5:a2:7b:df:c4:93:86:fe:67:88:67:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d11cdea2f332fcced3338a5df1fb2df4521f8e2
        Validity
            Not Before: Apr 17 19:01:15 2026 GMT
            Not After : Apr 18 19:01:15 2026 GMT
        Subject: CN=f423b39ff7da0cb48b4ce8f78cda73eae4f57587
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:0a:b0:77:cd:0f:1f:2c:81:8d:e7:89:26:a7:
                    ac:2c:69:df:15:22:46:7d:d2:da:bf:56:bc:08:bf:
                    16:e5:51:3b:b5:1a:50:ce:36:fb:aa:89:0f:db:ff:
                    8e:9b:a2:d0:46:52:ef:58:5c:56:d2:fd:41:9a:01:
                    d0:d8:38:62:bc:7c:49:de:79:5f:71:9a:2b:64:49:
                    b5:f9:ea:09:88:60:52:ec:ca:dd:34:4e:31:f9:03:
                    84:66:61:db:05:3a:29:d5:9b:a0:81:35:fe:24:46:
                    0c:12:80:34:10:dd:97:36:fe:c5:de:7a:9d:6c:6c:
                    1d:70:6e:e7:a9:08:a6:4e:5c:c8:84:4a:fc:f5:80:
                    21:b4:1c:db:c3:2c:21:c1:64:25:e8:45:5f:a1:f5:
                    a9:26:fe:b7:39:20:4b:cf:58:6d:50:dc:29:84:3c:
                    2f:b2:28:c4:2c:21:24:1e:f3:f1:76:f0:a8:55:11:
                    51:d0:ae:6c:be:34:68:ea:8d:98:f9:da:3b:d8:92:
                    2b:ef:09:6f:cf:91:29:48:65:04:ad:5c:74:29:f8:
                    2c:63:6c:aa:64:d1:d7:4f:87:7d:24:a3:c8:cf:5e:
                    41:73:1a:e1:02:d7:53:83:dc:ae:3d:6d:21:0c:6e:
                    d5:9e:40:64:ff:38:34:38:75:f5:67:55:30:06:38:
                    a8:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:23:B3:9F:F7:DA:0C:B4:8B:4C:E8:F7:8C:DA:73:EA:E4:F5:75:87
            X509v3 Authority Key Identifier:
                keyid:8D:11:CD:EA:2F:33:2F:CC:ED:33:38:A5:DF:1F:B2:DF:45:21:F8:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:8e:69:b1:66:fe:33:f7:21:e5:55:7b:c2:61:c0:32:31:e0:
         72:8e:a1:44:c1:d8:dc:73:34:a1:ae:1c:6e:8c:f8:33:a2:cc:
         75:c5:39:2f:9e:99:27:99:56:3d:a0:a2:29:8c:78:bc:56:1e:
         65:3b:d0:cb:9b:ca:d1:62:b9:44:77:0a:7e:ce:71:12:39:4e:
         0a:2d:c1:17:81:32:ba:6b:02:5e:35:cf:bb:27:5c:a2:6d:9f:
         03:60:47:b0:05:2a:8d:fe:53:c2:8a:dd:ba:5e:bd:b6:56:8f:
         47:8e:25:02:96:cb:c6:dd:c5:da:7d:69:2f:6f:83:11:20:61:
         46:6d:79:5b:48:3e:c5:b3:ae:29:f9:c7:80:12:cc:3d:9a:65:
         47:76:e3:e4:4d:04:70:ac:b1:a6:81:5e:4b:1a:5e:ac:d6:9c:
         6e:37:7c:0d:96:34:8c:5b:c0:71:07:1d:ca:85:1d:a1:85:29:
         53:f6:c8:bf:32:67:cc:78:f5:c6:10:aa:96:d5:d8:25:21:24:
         27:5f:7b:39:5b:12:0e:30:20:e3:5e:0a:b7:9b:2c:cc:d4:ea:
         43:09:75:da:71:bd:95:92:9a:1f:b0:48:ef:16:d8:06:1d:af:
         33:e2:7c:6e:a2:5a:76:f8:c5:be:ed:87:09:58:30:45:fe:04:
         a6:61:70:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2c0Zpj9aJ738SThv5niGcMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjZGVhMmYzMzJmY2NlZDMzMzhhNWRmMWZiMmRmNDUy
MWY4ZTIwHhcNMjYwNDE3MTkwMTE1WhcNMjYwNDE4MTkwMTE1WjAzMTEwLwYDVQQD
EyhmNDIzYjM5ZmY3ZGEwY2I0OGI0Y2U4Zjc4Y2RhNzNlYWU0ZjU3NTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugqwd80PHyyBjeeJJqesLGnfFSJG
fdLav1a8CL8W5VE7tRpQzjb7qokP2/+Om6LQRlLvWFxW0v1BmgHQ2DhivHxJ3nlf
cZorZEm1+eoJiGBS7MrdNE4x+QOEZmHbBTop1ZuggTX+JEYMEoA0EN2XNv7F3nqd
bGwdcG7nqQimTlzIhEr89YAhtBzbwywhwWQl6EVfofWpJv63OSBLz1htUNwphDwv
sijELCEkHvPxdvCoVRFR0K5svjRo6o2Y+do72JIr7wlvz5EpSGUErVx0KfgsY2yq
ZNHXT4d9JKPIz15BcxrhAtdTg9yuPW0hDG7VnkBk/zg0OHX1Z1UwBjioZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPQjs5/32gy0i0zo94zac+rk9XWHMB8GA1UdIwQY
MBaAFI0RzeovMy/M7TM4pd8fst9FIfjiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC83ZGFkZDMtM2U1NS00NmJlLTk0ZTEt
YzkwNjU4ZWJkNjk3LzEvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC83ZGFkZDMtM2U1NS00NmJlLTk0ZTEtYzkwNjU4ZWJkNjk3
LzEvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr45psWb+
M/ch5VV7wmHAMjHgco6hRMHY3HM0oa4cboz4M6LMdcU5L56ZJ5lWPaCiKYx4vFYe
ZTvQy5vK0WK5RHcKfs5xEjlOCi3BF4EyumsCXjXPuydcom2fA2BHsAUqjf5Tword
ul69tlaPR44lApbLxt3F2n1pL2+DESBhRm15W0g+xbOuKfnHgBLMPZplR3bj5E0E
cKyxpoFeSxperNacbjd8DZY0jFvAcQcdyoUdoYUpU/bIvzJnzHj1xhCqltXYJSEk
J197OVsSDjAg414Kt5sszNTqQwl12nG9lZKaH7BI7xbYBh2vM+J8bqJadvjFvu2H
CVgwRf4EpmFwng==
-----END CERTIFICATE-----