Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft
File:                     1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft (raw, json)
Hash identifier:          5Z+4LIpSwE9xnB9LZ9Z7wsyTUgpcG9KkkX4wFjQPK1Q=
Subject key identifier:   F6:3A:3E:AC:9D:A6:3B:A9:FB:8D:E9:EB:1A:11:06:B3:D4:46:6B:BE
Authority key identifier: D6:0C:E3:44:38:60:A7:F7:0D:43:35:07:76:90:9A:48:10:A4:86:21
Certificate issuer:       /CN=d60ce3443860a7f70d43350776909a4810a48621
Certificate serial:       019D9AE308C363628FB403ECADCF2C625A52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft
Manifest number:          0E07
Signing time:             Fri 17 Apr 2026 10:01:03 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:03 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:03 +0000
Files and hashes:         1: 1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl (hash: 81kA0XE2JY+BwReqKUd8es+03OBh9PfQB88RMafXQpc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:08:c3:63:62:8f:b4:03:ec:ad:cf:2c:62:5a:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d60ce3443860a7f70d43350776909a4810a48621
        Validity
            Not Before: Apr 17 10:01:03 2026 GMT
            Not After : Apr 18 10:01:03 2026 GMT
        Subject: CN=f63a3eac9da63ba9fb8de9eb1a1106b3d4466bbe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:2d:cf:7b:02:1d:7e:8c:c6:62:70:cb:c8:bd:
                    1d:cd:95:d3:6e:d7:da:ff:9a:66:8f:9e:7a:4d:8d:
                    da:a7:e2:0e:5b:77:70:05:5a:25:d9:89:fc:89:e8:
                    dd:55:3d:71:40:e4:93:8f:89:d1:db:63:c0:ab:14:
                    5c:c4:ae:44:e1:67:61:9e:20:81:08:7f:4b:ae:e7:
                    a4:f3:5e:12:fb:c7:fd:cf:a4:f1:d0:1c:84:a1:1d:
                    ef:25:9a:b5:dc:44:bf:9a:0f:01:0f:64:52:e0:5f:
                    d7:d3:06:33:24:a1:7f:18:03:69:92:5d:a2:b8:69:
                    da:46:34:3a:d2:91:0f:69:f0:9d:00:69:30:69:4a:
                    15:90:ea:29:40:8e:09:3b:7f:58:45:6b:87:b6:bb:
                    06:25:b5:3d:b2:96:eb:e1:de:5d:bf:ac:f9:73:20:
                    c2:b3:43:c9:7d:f6:0e:23:0e:1f:c7:6b:a1:f3:a0:
                    80:e6:28:c7:56:40:4e:4e:2a:05:88:53:0f:cd:ad:
                    b2:21:d2:cd:cc:fe:71:30:11:f5:f6:72:0d:68:fb:
                    26:14:02:e4:66:52:37:31:fc:73:42:a8:af:c6:6e:
                    0f:b4:89:77:56:83:9f:4d:7e:c8:19:92:45:ac:ac:
                    46:3f:7c:07:80:cc:01:39:05:ff:36:24:65:83:b6:
                    2e:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:3A:3E:AC:9D:A6:3B:A9:FB:8D:E9:EB:1A:11:06:B3:D4:46:6B:BE
            X509v3 Authority Key Identifier:
                keyid:D6:0C:E3:44:38:60:A7:F7:0D:43:35:07:76:90:9A:48:10:A4:86:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:bc:cf:0d:a7:95:31:f9:39:17:12:86:d6:6c:bb:fa:23:3c:
         2f:c1:b8:ba:71:d0:8b:63:e0:d9:85:e3:a7:49:91:c1:20:8b:
         0f:e8:ce:a6:20:28:73:f4:45:2d:b9:94:94:c5:d9:54:cd:80:
         1b:2e:1e:fa:44:30:3a:1c:26:80:e6:81:46:fa:a7:d6:43:a5:
         7e:67:e7:9b:20:29:b8:9e:61:06:e8:df:c9:34:1c:21:8e:4e:
         5c:49:a0:47:b8:24:9e:26:c5:01:d7:99:97:67:80:0d:53:04:
         26:26:d5:d8:35:21:20:f3:f0:88:ec:02:5f:65:48:8f:6d:2a:
         e0:37:2e:aa:18:01:7a:20:11:70:eb:a1:15:b1:d5:8f:18:c6:
         e2:fd:f6:2f:6f:7f:7c:f0:ff:c1:56:b5:e5:cd:91:a1:0c:f6:
         2c:9a:f2:27:a2:9a:9f:26:c5:ae:ee:97:42:5a:b8:46:e7:91:
         cb:9e:1d:2f:ce:92:f1:95:c5:15:22:4f:44:7d:1e:8c:c0:a5:
         b6:61:a3:3e:29:bc:53:4f:7a:c4:db:93:d9:4f:b7:0f:b3:0f:
         44:23:aa:a6:ce:20:5d:f9:4c:b1:17:67:41:bb:21:7d:a2:ad:
         0d:86:12:dc:89:9a:ab:0c:ea:45:e9:89:4c:a0:cf:f5:5e:da:
         0c:fb:18:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4wjDY2KPtAPsrc8sYlpSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MGNlMzQ0Mzg2MGE3ZjcwZDQzMzUwNzc2OTA5YTQ4MTBh
NDg2MjEwHhcNMjYwNDE3MTAwMTAzWhcNMjYwNDE4MTAwMTAzWjAzMTEwLwYDVQQD
EyhmNjNhM2VhYzlkYTYzYmE5ZmI4ZGU5ZWIxYTExMDZiM2Q0NDY2YmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwy3PewIdfozGYnDLyL0dzZXTbtfa
/5pmj556TY3ap+IOW3dwBVol2Yn8iejdVT1xQOSTj4nR22PAqxRcxK5E4WdhniCB
CH9Lruek814S+8f9z6Tx0ByEoR3vJZq13ES/mg8BD2RS4F/X0wYzJKF/GANpkl2i
uGnaRjQ60pEPafCdAGkwaUoVkOopQI4JO39YRWuHtrsGJbU9spbr4d5dv6z5cyDC
s0PJffYOIw4fx2uh86CA5ijHVkBOTioFiFMPza2yIdLNzP5xMBH19nINaPsmFALk
ZlI3MfxzQqivxm4PtIl3VoOfTX7IGZJFrKxGP3wHgMwBOQX/NiRlg7YuTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPY6Pqydpjup+43p6xoRBrPURmu+MB8GA1UdIwQY
MBaAFNYM40Q4YKf3DUM1B3aQmkgQpIYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wODY0YzMtODYwYi00MWMwLTk0MTct
ZGFmZmU1MmI5ZjBkLzEvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8wODY0YzMtODYwYi00MWMwLTk0MTctZGFmZmU1MmI5ZjBk
LzEvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGrzPDaeV
Mfk5FxKG1my7+iM8L8G4unHQi2Pg2YXjp0mRwSCLD+jOpiAoc/RFLbmUlMXZVM2A
Gy4e+kQwOhwmgOaBRvqn1kOlfmfnmyApuJ5hBujfyTQcIY5OXEmgR7gknibFAdeZ
l2eADVMEJibV2DUhIPPwiOwCX2VIj20q4DcuqhgBeiARcOuhFbHVjxjG4v32L29/
fPD/wVa15c2RoQz2LJryJ6KanybFru6XQlq4RueRy54dL86S8ZXFFSJPRH0ejMCl
tmGjPim8U096xNuT2U+3D7MPRCOqps4gXflMsRdnQbshfaKtDYYS3ImaqwzqRemJ
TKDP9V7aDPsY2A==
-----END CERTIFICATE-----