Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
File:                     PP7M1r9kBrDPRPaCuTzYbjNGUko.mft (raw, json)
Hash identifier:          GUBtR1EC+nIy60kKYN56c1jc2JQQ9FaZkVOJQ+lmOeM=
Subject key identifier:   62:9E:43:7D:7E:B8:27:5A:E0:DB:F2:A3:E0:CB:B0:2D:DA:88:1E:61
Authority key identifier: 3C:FE:CC:D6:BF:64:06:B0:CF:44:F6:82:B9:3C:D8:6E:33:46:52:4A
Certificate issuer:       /CN=3cfeccd6bf6406b0cf44f682b93cd86e3346524a
Certificate serial:       019DA29C459F6A25AF587FB568BF4BCA144A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
Manifest number:          143C
Signing time:             Sat 18 Apr 2026 22:00:43 +0000
Manifest this update:     Sat 18 Apr 2026 22:00:43 +0000
Manifest next update:     Sun 19 Apr 2026 22:00:43 +0000
Files and hashes:         1: PP7M1r9kBrDPRPaCuTzYbjNGUko.crl (hash: QaYT0rmDOKghqo8+uKfEwoHlfoAQvkce+haCRzHW6Do=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 19 Apr 2026 22:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a2:9c:45:9f:6a:25:af:58:7f:b5:68:bf:4b:ca:14:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cfeccd6bf6406b0cf44f682b93cd86e3346524a
        Validity
            Not Before: Apr 18 22:00:43 2026 GMT
            Not After : Apr 19 22:00:43 2026 GMT
        Subject: CN=629e437d7eb8275ae0dbf2a3e0cbb02dda881e61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:ea:f3:32:08:20:fd:7a:6a:3e:50:b5:93:eb:
                    d9:69:34:41:b5:b9:ac:19:cc:29:27:b8:6f:99:d1:
                    cb:f8:93:77:64:d0:76:7f:48:a3:f1:04:72:42:01:
                    07:5b:5c:85:24:43:5b:c0:ea:d3:bc:a7:0d:99:16:
                    fb:c4:93:c5:0e:43:08:cc:25:22:e0:53:7d:ec:c3:
                    86:2b:29:eb:73:11:cb:d2:27:c3:7c:2b:fb:da:33:
                    a4:1e:e3:b3:ac:f1:c7:08:b7:49:e5:ac:4d:1e:83:
                    44:cf:4c:2f:39:ec:e2:45:f2:99:3a:0a:84:3d:c3:
                    c7:ce:ea:35:96:47:48:d3:06:e0:fe:f0:43:60:87:
                    82:ca:14:94:ba:f6:1e:67:23:b3:9b:ca:6b:f9:ed:
                    56:20:e7:9e:24:f3:75:31:df:6b:06:39:8d:ce:c4:
                    7e:8d:07:e5:3d:53:d3:78:6e:c5:83:8f:44:63:0e:
                    9a:0e:3d:5b:6c:e3:07:4e:fc:38:db:6a:97:74:a6:
                    9e:c0:ff:b2:31:9c:cb:24:1e:df:75:df:36:17:93:
                    67:83:63:81:f7:ec:5f:76:aa:2f:8c:9f:27:f4:74:
                    ba:89:c7:7e:dd:06:56:c9:6c:59:61:de:29:ae:72:
                    5b:5a:84:d5:e7:71:90:c3:d6:ac:94:31:06:28:34:
                    da:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:9E:43:7D:7E:B8:27:5A:E0:DB:F2:A3:E0:CB:B0:2D:DA:88:1E:61
            X509v3 Authority Key Identifier:
                keyid:3C:FE:CC:D6:BF:64:06:B0:CF:44:F6:82:B9:3C:D8:6E:33:46:52:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:88:69:d4:17:41:c7:a5:1f:b8:9e:45:4a:54:38:c4:9f:59:
         68:2f:52:ae:e6:56:74:7f:d1:f7:42:e9:b3:f4:42:85:b7:82:
         df:0a:80:ee:ab:39:a8:88:07:1e:d4:2b:c9:d3:ce:f0:8c:3c:
         ca:07:a8:57:f4:ef:e5:2d:e9:91:f5:ae:ae:e9:dc:2b:03:1c:
         45:88:4b:97:99:5c:2a:b3:e8:64:7b:78:84:c1:e4:fc:d7:7b:
         ad:61:d1:56:75:97:f4:9a:00:17:05:76:da:fe:91:68:f1:6e:
         cd:f5:0a:76:34:b7:c0:29:de:ff:2a:bd:e0:ad:59:72:53:45:
         c3:77:60:8e:49:c3:6c:f9:7e:e7:64:7f:5d:63:23:ed:93:0a:
         29:af:e2:0c:73:5e:96:ff:97:c0:e7:02:73:a6:2b:8e:2b:a8:
         51:e5:f7:0e:46:84:c7:72:06:51:d7:63:7c:22:30:45:db:47:
         11:3b:5d:78:95:9e:df:cd:59:09:45:ab:75:47:b2:60:57:3e:
         d1:18:cf:18:31:7f:b6:5f:f4:8e:05:3a:41:56:63:d4:bf:a9:
         9c:8c:90:a0:2e:45:09:58:63:03:00:2d:65:27:79:07:f1:88:
         82:69:e6:8e:3c:33:df:aa:72:61:4c:10:6c:c4:5f:f9:b5:17:
         73:4d:7c:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2inEWfaiWvWH+1aL9LyhRKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZmVjY2Q2YmY2NDA2YjBjZjQ0ZjY4MmI5M2NkODZlMzM0
NjUyNGEwHhcNMjYwNDE4MjIwMDQzWhcNMjYwNDE5MjIwMDQzWjAzMTEwLwYDVQQD
Eyg2MjllNDM3ZDdlYjgyNzVhZTBkYmYyYTNlMGNiYjAyZGRhODgxZTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4OrzMggg/XpqPlC1k+vZaTRBtbms
GcwpJ7hvmdHL+JN3ZNB2f0ij8QRyQgEHW1yFJENbwOrTvKcNmRb7xJPFDkMIzCUi
4FN97MOGKynrcxHL0ifDfCv72jOkHuOzrPHHCLdJ5axNHoNEz0wvOeziRfKZOgqE
PcPHzuo1lkdI0wbg/vBDYIeCyhSUuvYeZyOzm8pr+e1WIOeeJPN1Md9rBjmNzsR+
jQflPVPTeG7Fg49EYw6aDj1bbOMHTvw422qXdKaewP+yMZzLJB7fdd82F5Nng2OB
9+xfdqovjJ8n9HS6icd+3QZWyWxZYd4prnJbWoTV53GQw9aslDEGKDTajQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGKeQ31+uCda4Nvyo+DLsC3aiB5hMB8GA1UdIwQY
MBaAFDz+zNa/ZAawz0T2grk82G4zRlJKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy81MTc3ZmQtODllZC00ZTZmLThjM2Qt
MjNiODYxMWNjZTIzLzEvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy81MTc3ZmQtODllZC00ZTZmLThjM2QtMjNiODYxMWNjZTIz
LzEvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY4hp1BdB
x6UfuJ5FSlQ4xJ9ZaC9SruZWdH/R90Lps/RChbeC3wqA7qs5qIgHHtQrydPO8Iw8
ygeoV/Tv5S3pkfWuruncKwMcRYhLl5lcKrPoZHt4hMHk/Nd7rWHRVnWX9JoAFwV2
2v6RaPFuzfUKdjS3wCne/yq94K1ZclNFw3dgjknDbPl+52R/XWMj7ZMKKa/iDHNe
lv+XwOcCc6YrjiuoUeX3DkaEx3IGUddjfCIwRdtHETtdeJWe381ZCUWrdUeyYFc+
0RjPGDF/tl/0jgU6QVZj1L+pnIyQoC5FCVhjAwAtZSd5B/GIgmnmjjwz36pyYUwQ
bMRf+bUXc018fA==
-----END CERTIFICATE-----