Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/06da0b-45fa-4bc9-9717-4001369ba11f/1/G3NaOdmSptxEu-c6TZm-PIQvqWg.mft
File:                     G3NaOdmSptxEu-c6TZm-PIQvqWg.mft (raw, json)
Hash identifier:          aQj+zkCG8I+kT+9NI8hkpItBwPAFLtfk83dVGhLyw6k=
Subject key identifier:   07:70:47:B7:CF:81:25:0B:38:B5:A7:59:99:0E:8F:64:C7:EB:E8:0E
Authority key identifier: 1B:73:5A:39:D9:92:A6:DC:44:BB:E7:3A:4D:99:BE:3C:84:2F:A9:68
Certificate issuer:       /CN=1b735a39d992a6dc44bbe73a4d99be3c842fa968
Certificate serial:       019D992BABBCA5FF534D6C31066F58896684
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G3NaOdmSptxEu-c6TZm-PIQvqWg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/06da0b-45fa-4bc9-9717-4001369ba11f/1/G3NaOdmSptxEu-c6TZm-PIQvqWg.mft
Manifest number:          0650
Signing time:             Fri 17 Apr 2026 02:01:09 +0000
Manifest this update:     Fri 17 Apr 2026 02:01:09 +0000
Manifest next update:     Sat 18 Apr 2026 02:01:09 +0000
Files and hashes:         1: G3NaOdmSptxEu-c6TZm-PIQvqWg.crl (hash: TpqBQ9I/mFKA5xntWAfiwo17Gbl0Q9JSJ+fYd76mdnY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/06da0b-45fa-4bc9-9717-4001369ba11f/1/G3NaOdmSptxEu-c6TZm-PIQvqWg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/06da0b-45fa-4bc9-9717-4001369ba11f/1/G3NaOdmSptxEu-c6TZm-PIQvqWg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G3NaOdmSptxEu-c6TZm-PIQvqWg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:2b:ab:bc:a5:ff:53:4d:6c:31:06:6f:58:89:66:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b735a39d992a6dc44bbe73a4d99be3c842fa968
        Validity
            Not Before: Apr 17 02:01:09 2026 GMT
            Not After : Apr 18 02:01:09 2026 GMT
        Subject: CN=077047b7cf81250b38b5a759990e8f64c7ebe80e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:a6:28:3a:03:b1:38:43:fd:2d:a7:61:87:69:
                    f7:2b:51:21:5c:c1:59:c3:7a:86:52:cb:90:5b:8b:
                    b6:ab:4a:71:38:73:0c:8a:3b:27:d4:99:8d:15:ea:
                    57:91:e9:b9:f7:85:f3:4b:4b:d3:af:a8:3f:f8:eb:
                    ec:08:63:12:dd:23:53:c8:ee:24:45:c8:f3:ce:16:
                    47:8f:84:b2:ca:28:49:d3:20:af:e4:0e:b0:bf:b4:
                    2c:c1:91:aa:82:c9:31:3c:de:7d:5c:68:db:71:b8:
                    4f:37:19:a8:98:cb:8d:a3:bf:8d:83:fe:49:54:11:
                    56:cd:45:68:e7:e4:78:43:39:e4:9d:e1:6f:b3:06:
                    76:92:c7:b3:fb:a4:dc:03:af:1c:7b:45:60:43:43:
                    47:50:14:f0:79:08:4f:42:13:68:1d:84:e3:ed:68:
                    f2:05:59:b0:15:fc:dc:76:c0:6b:d8:05:39:25:e5:
                    b1:ff:a5:4f:4d:0f:0d:50:5c:e1:44:61:43:f9:01:
                    96:3f:ce:9b:98:b8:ac:bf:0b:90:ea:e4:d4:05:7f:
                    76:8f:13:4b:ec:fc:fa:29:45:39:a4:1e:36:1b:05:
                    35:c2:f4:bc:6c:e0:4f:7e:9f:2b:62:cb:a0:d4:49:
                    96:df:0c:5f:f3:26:78:59:56:1a:87:98:95:11:46:
                    48:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:70:47:B7:CF:81:25:0B:38:B5:A7:59:99:0E:8F:64:C7:EB:E8:0E
            X509v3 Authority Key Identifier:
                keyid:1B:73:5A:39:D9:92:A6:DC:44:BB:E7:3A:4D:99:BE:3C:84:2F:A9:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G3NaOdmSptxEu-c6TZm-PIQvqWg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/06da0b-45fa-4bc9-9717-4001369ba11f/1/G3NaOdmSptxEu-c6TZm-PIQvqWg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/06da0b-45fa-4bc9-9717-4001369ba11f/1/G3NaOdmSptxEu-c6TZm-PIQvqWg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:9a:4c:2d:b2:9d:b9:c3:8c:10:fb:5f:a1:13:87:6b:04:21:
         6d:07:d2:ce:d7:00:57:da:5a:56:e1:bd:b3:f1:8c:20:c7:03:
         ea:5f:7c:00:5e:3d:2b:af:4a:02:20:86:b4:4a:8b:b4:68:7a:
         e8:0f:f3:68:21:10:fd:37:42:41:e7:d3:d6:68:2f:d1:6a:0d:
         26:b9:85:9c:92:b7:50:6d:16:77:7b:62:31:29:8a:1d:df:e4:
         55:d4:d0:f1:81:e2:f7:ba:d0:1d:07:19:63:7a:21:4f:9c:3d:
         7e:04:fa:0a:e9:cf:cb:23:cd:30:c1:36:e1:b3:cd:f0:ba:a8:
         5a:6c:25:d7:01:5a:83:cc:68:24:c7:cd:81:46:50:d9:91:cc:
         21:f5:57:96:4c:61:78:f4:2f:9f:a2:ea:dd:9c:ad:cf:6a:1d:
         55:34:97:a9:fd:cb:0f:d6:4c:63:b8:61:b7:05:57:9a:2a:36:
         a3:51:23:ca:d2:5b:c2:5a:04:0c:f9:5a:d4:47:bc:32:ad:f1:
         47:93:01:4e:8c:43:2f:57:95:1f:46:d2:f7:2f:1e:49:f8:4b:
         17:11:17:15:38:a3:c7:ef:56:1f:c6:14:9a:b0:94:15:0f:a1:
         87:9d:12:b6:c6:1a:f8:73:8f:73:2d:c2:97:b6:14:e5:8d:7e:
         48:f3:33:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZK6u8pf9TTWwxBm9YiWaEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNzM1YTM5ZDk5MmE2ZGM0NGJiZTczYTRkOTliZTNjODQy
ZmE5NjgwHhcNMjYwNDE3MDIwMTA5WhcNMjYwNDE4MDIwMTA5WjAzMTEwLwYDVQQD
EygwNzcwNDdiN2NmODEyNTBiMzhiNWE3NTk5OTBlOGY2NGM3ZWJlODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKYoOgOxOEP9Ladhh2n3K1EhXMFZ
w3qGUsuQW4u2q0pxOHMMijsn1JmNFepXkem594XzS0vTr6g/+OvsCGMS3SNTyO4k
RcjzzhZHj4SyyihJ0yCv5A6wv7QswZGqgskxPN59XGjbcbhPNxmomMuNo7+Ng/5J
VBFWzUVo5+R4QznkneFvswZ2ksez+6TcA68ce0VgQ0NHUBTweQhPQhNoHYTj7Wjy
BVmwFfzcdsBr2AU5JeWx/6VPTQ8NUFzhRGFD+QGWP86bmLisvwuQ6uTUBX92jxNL
7Pz6KUU5pB42GwU1wvS8bOBPfp8rYsug1EmW3wxf8yZ4WVYah5iVEUZIkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAdwR7fPgSULOLWnWZkOj2TH6+gOMB8GA1UdIwQY
MBaAFBtzWjnZkqbcRLvnOk2ZvjyEL6loMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzNOYU9kbVNwdHhFdS1jNlRabS1QSVF2cVdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wNmRhMGItNDVmYS00YmM5LTk3MTct
NDAwMTM2OWJhMTFmLzEvRzNOYU9kbVNwdHhFdS1jNlRabS1QSVF2cVdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8wNmRhMGItNDVmYS00YmM5LTk3MTctNDAwMTM2OWJhMTFm
LzEvRzNOYU9kbVNwdHhFdS1jNlRabS1QSVF2cVdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaJpMLbKd
ucOMEPtfoROHawQhbQfSztcAV9paVuG9s/GMIMcD6l98AF49K69KAiCGtEqLtGh6
6A/zaCEQ/TdCQefT1mgv0WoNJrmFnJK3UG0Wd3tiMSmKHd/kVdTQ8YHi97rQHQcZ
Y3ohT5w9fgT6CunPyyPNMME24bPN8LqoWmwl1wFag8xoJMfNgUZQ2ZHMIfVXlkxh
ePQvn6Lq3Zytz2odVTSXqf3LD9ZMY7hhtwVXmio2o1EjytJbwloEDPla1Ee8Mq3x
R5MBToxDL1eVH0bS9y8eSfhLFxEXFTijx+9WH8YUmrCUFQ+hh50StsYa+HOPcy3C
l7YU5Y1+SPMzGw==
-----END CERTIFICATE-----