Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft
File:                     ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft (raw, json)
Hash identifier:          E2AJKAG4jjuuLaxB2QnOlU20T+1ikgYOxOnFyxMHfUw=
Subject key identifier:   45:0F:E2:05:65:F1:0E:AA:E2:D5:EB:A6:22:E6:15:BE:AF:94:94:2C
Authority key identifier: 72:4F:14:18:9A:B7:10:56:20:37:5D:AF:9B:AA:81:4D:6D:D9:37:A2
Certificate issuer:       /CN=724f14189ab7105620375daf9baa814d6dd937a2
Certificate serial:       019D9CD1CC1F1F33B5CFCB09CC2115E59458
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ck8UGJq3EFYgN12vm6qBTW3ZN6I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft
Manifest number:          0A31
Signing time:             Fri 17 Apr 2026 19:01:27 +0000
Manifest this update:     Fri 17 Apr 2026 19:01:27 +0000
Manifest next update:     Sat 18 Apr 2026 19:01:27 +0000
Files and hashes:         1: ck8UGJq3EFYgN12vm6qBTW3ZN6I.crl (hash: q9P+9Pn1e7qlTLQFe2M0ofhQmYCnmo59f5gDBepxwo0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ck8UGJq3EFYgN12vm6qBTW3ZN6I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 16:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9c:d1:cc:1f:1f:33:b5:cf:cb:09:cc:21:15:e5:94:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=724f14189ab7105620375daf9baa814d6dd937a2
        Validity
            Not Before: Apr 17 19:01:27 2026 GMT
            Not After : Apr 18 19:01:27 2026 GMT
        Subject: CN=450fe20565f10eaae2d5eba622e615beaf94942c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:4f:90:58:93:ce:47:f6:21:b9:04:d4:aa:25:
                    e3:e8:74:c9:d0:23:bc:4c:9a:8e:90:69:cd:54:d5:
                    c5:6c:d7:f7:31:85:0c:54:4b:3f:26:70:20:0f:22:
                    05:5f:d6:07:d6:b8:5e:7d:bb:3b:f7:7e:c4:64:67:
                    49:db:1f:f4:eb:b0:1f:90:33:fe:9b:aa:42:54:e0:
                    89:95:33:91:88:73:5d:c1:29:ee:35:af:6b:0e:4b:
                    fd:0d:8c:8b:a3:37:de:0e:ed:a8:65:74:f0:67:d5:
                    c3:8c:a2:bb:e8:9e:7e:38:fc:24:62:f9:a4:f7:7a:
                    66:8b:ff:54:b1:5d:58:36:2b:21:16:fd:85:51:90:
                    64:de:0d:b9:3e:bd:b3:91:96:5d:4c:5c:7d:86:da:
                    b3:26:62:21:83:12:0c:68:9f:e0:15:7e:86:0b:5f:
                    ec:30:eb:c7:64:a9:32:bc:82:9f:72:dd:e7:19:fa:
                    b0:3f:0c:0b:68:ce:4c:b9:cf:61:2a:62:69:95:25:
                    c2:7a:9b:a2:b6:ba:27:d1:c0:e6:7e:34:1b:9b:4e:
                    f0:61:2b:f8:ff:a6:ef:9a:ab:46:7d:9a:1d:3d:dd:
                    26:6c:5c:0f:16:62:e0:61:a6:f5:7f:9d:b5:d5:b2:
                    3e:1d:f8:71:c6:fd:b5:66:38:cf:55:54:c3:28:7e:
                    ae:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:0F:E2:05:65:F1:0E:AA:E2:D5:EB:A6:22:E6:15:BE:AF:94:94:2C
            X509v3 Authority Key Identifier:
                keyid:72:4F:14:18:9A:B7:10:56:20:37:5D:AF:9B:AA:81:4D:6D:D9:37:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ck8UGJq3EFYgN12vm6qBTW3ZN6I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cbd72b-f64b-454e-b58c-2715eb710e80/1/ck8UGJq3EFYgN12vm6qBTW3ZN6I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:da:9b:0f:59:62:95:58:70:0c:c7:5d:a0:bd:d0:87:60:27:
         5f:56:d8:a6:fe:35:e8:e2:04:56:4e:b6:a9:c0:17:1a:21:cd:
         6a:5e:21:b1:e2:c7:fa:83:25:7e:81:c9:d2:5f:7b:16:c1:2d:
         9a:c1:e0:89:3f:eb:0d:63:d3:cb:70:42:fe:50:e4:c5:8d:74:
         b5:3c:90:4b:43:12:5b:83:4b:15:83:81:b3:fe:65:54:80:42:
         e8:ec:43:00:4d:ec:c3:13:0f:59:9c:6d:f3:a2:a8:a0:dd:b0:
         97:08:f8:b4:ed:ef:f1:40:c8:d4:26:25:fa:22:34:eb:bb:59:
         73:f8:2e:34:3a:aa:3c:5d:35:d9:24:fd:b6:dc:4a:a2:0b:74:
         47:8f:92:30:4e:f7:20:c4:e0:08:14:8b:86:93:ab:6d:f9:df:
         84:ef:6a:8d:36:e6:77:17:b1:70:e5:b8:aa:ae:1b:b8:7c:50:
         ba:f4:37:42:94:76:42:32:1d:e6:8b:68:80:70:9b:83:02:6d:
         bb:25:b9:b9:99:93:50:63:01:e9:4c:72:7d:05:1e:5a:9e:04:
         9d:b3:08:f5:1b:eb:0e:9f:b4:86:5d:17:ab:66:d3:9f:89:f9:
         79:0c:b8:4e:d0:02:06:2b:0e:b8:02:d5:9a:2d:a9:6c:8d:c8:
         4f:96:b2:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2c0cwfHzO1z8sJzCEV5ZRYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNGYxNDE4OWFiNzEwNTYyMDM3NWRhZjliYWE4MTRkNmRk
OTM3YTIwHhcNMjYwNDE3MTkwMTI3WhcNMjYwNDE4MTkwMTI3WjAzMTEwLwYDVQQD
Eyg0NTBmZTIwNTY1ZjEwZWFhZTJkNWViYTYyMmU2MTViZWFmOTQ5NDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1k+QWJPOR/YhuQTUqiXj6HTJ0CO8
TJqOkGnNVNXFbNf3MYUMVEs/JnAgDyIFX9YH1rhefbs7937EZGdJ2x/067AfkDP+
m6pCVOCJlTORiHNdwSnuNa9rDkv9DYyLozfeDu2oZXTwZ9XDjKK76J5+OPwkYvmk
93pmi/9UsV1YNishFv2FUZBk3g25Pr2zkZZdTFx9htqzJmIhgxIMaJ/gFX6GC1/s
MOvHZKkyvIKfct3nGfqwPwwLaM5Muc9hKmJplSXCepuitron0cDmfjQbm07wYSv4
/6bvmqtGfZodPd0mbFwPFmLgYab1f5211bI+Hfhxxv21ZjjPVVTDKH6uHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEUP4gVl8Q6q4tXrpiLmFb6vlJQsMB8GA1UdIwQY
MBaAFHJPFBiatxBWIDddr5uqgU1t2TeiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2s4VUdKcTNFRllnTjEydm02cUJUVzNaTjZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9jYmQ3MmItZjY0Yi00NTRlLWI1OGMt
MjcxNWViNzEwZTgwLzEvY2s4VUdKcTNFRllnTjEydm02cUJUVzNaTjZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9jYmQ3MmItZjY0Yi00NTRlLWI1OGMtMjcxNWViNzEwZTgw
LzEvY2s4VUdKcTNFRllnTjEydm02cUJUVzNaTjZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADdqbD1li
lVhwDMddoL3Qh2AnX1bYpv416OIEVk62qcAXGiHNal4hseLH+oMlfoHJ0l97FsEt
msHgiT/rDWPTy3BC/lDkxY10tTyQS0MSW4NLFYOBs/5lVIBC6OxDAE3swxMPWZxt
86KooN2wlwj4tO3v8UDI1CYl+iI067tZc/guNDqqPF012ST9ttxKogt0R4+SME73
IMTgCBSLhpOrbfnfhO9qjTbmdxexcOW4qq4buHxQuvQ3QpR2QjId5otogHCbgwJt
uyW5uZmTUGMB6UxyfQUeWp4EnbMI9RvrDp+0hl0Xq2bTn4n5eQy4TtACBisOuALV
mi2pbI3IT5ay4A==
-----END CERTIFICATE-----