Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
File:                     hD524S0l3izPRxnfAlToU5UO7rk.mft (raw, json)
Hash identifier:          KNact4eXxZfAMX7rgkxnUsqZiz4LDbWoHQVAWpdDsFQ=
Subject key identifier:   54:28:FF:95:FF:BB:4D:EA:C1:EC:61:6F:49:D6:71:85:E1:10:D5:DC
Authority key identifier: 84:3E:76:E1:2D:25:DE:2C:CF:47:19:DF:02:54:E8:53:95:0E:EE:B9
Certificate issuer:       /CN=843e76e12d25de2ccf4719df0254e853950eeeb9
Certificate serial:       019D98F43723941D67E9DC19CC7BC1DAF1C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
Manifest number:          0F16
Signing time:             Fri 17 Apr 2026 01:00:34 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:34 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:34 +0000
Files and hashes:         1: hD524S0l3izPRxnfAlToU5UO7rk.crl (hash: fKY8Uluoq+yGDn9kB0iDaRYtF6vDNJ0LwUSDZMeWBYQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:37:23:94:1d:67:e9:dc:19:cc:7b:c1:da:f1:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=843e76e12d25de2ccf4719df0254e853950eeeb9
        Validity
            Not Before: Apr 17 01:00:34 2026 GMT
            Not After : Apr 18 01:00:34 2026 GMT
        Subject: CN=5428ff95ffbb4deac1ec616f49d67185e110d5dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:a2:af:2e:b8:e3:f4:7d:00:12:70:c1:ff:f7:
                    a4:7c:a8:a4:b3:2c:22:4b:1f:15:2e:a1:44:22:9d:
                    ac:ac:e9:c9:88:ec:88:aa:68:d1:ee:83:a1:c8:a6:
                    29:8e:78:d0:34:87:4d:ca:cd:83:ce:95:70:a5:28:
                    98:81:a3:9b:08:ac:ec:45:a7:62:a6:ad:fa:97:44:
                    28:2f:26:16:b7:8a:81:5e:33:78:d3:93:00:57:70:
                    6f:9f:9f:1f:68:b3:67:31:6c:25:31:8d:de:03:24:
                    7d:8c:46:89:6c:0d:2d:08:ad:28:7b:e2:06:f9:40:
                    54:dc:36:12:34:ec:bc:1f:22:ea:85:cf:1c:b0:61:
                    f9:37:04:51:97:37:6a:50:75:1e:1e:ca:c0:f2:bd:
                    f1:1b:4b:5d:ff:76:0d:3b:e5:bb:b1:ca:96:f7:05:
                    44:ab:e0:31:81:c7:da:46:1b:ad:f1:d3:50:4c:94:
                    88:90:3a:51:5f:33:84:18:07:1c:59:b2:fc:37:2a:
                    c6:2a:4c:34:e4:17:81:5b:7d:e1:08:e5:0d:4a:f7:
                    d4:ea:f4:01:ce:07:16:e5:f9:04:88:fd:82:80:63:
                    9a:02:57:8a:a6:a3:1e:fc:92:d7:75:12:cc:6a:e9:
                    97:0e:e5:bc:89:d7:ea:5b:bf:a4:11:ca:82:db:48:
                    8e:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:28:FF:95:FF:BB:4D:EA:C1:EC:61:6F:49:D6:71:85:E1:10:D5:DC
            X509v3 Authority Key Identifier:
                keyid:84:3E:76:E1:2D:25:DE:2C:CF:47:19:DF:02:54:E8:53:95:0E:EE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:32:33:63:31:78:20:2b:3d:2e:13:38:e4:40:aa:b5:61:7f:
         31:87:e8:5d:aa:9b:60:2a:6d:e9:17:74:cc:aa:22:45:d3:08:
         3b:6f:1a:d8:8b:d4:1d:cc:66:99:70:77:9c:3f:16:4f:35:4a:
         6e:f8:66:43:8c:ba:10:f4:ac:cc:e4:ef:36:6d:7b:cb:4b:5c:
         13:56:54:a7:36:a1:d2:16:22:96:e4:a2:ac:b2:1c:31:e9:7f:
         db:6a:26:37:da:1d:b4:2e:ac:55:f8:ae:8e:e0:6e:c8:ca:84:
         84:49:e1:1c:31:92:e1:fe:0d:b7:a1:48:89:07:7e:e3:cd:b4:
         24:b8:4c:82:b3:34:46:d6:3e:89:7d:fa:87:cc:a4:dd:d6:1a:
         a1:66:b1:0e:e5:2b:5b:3f:bc:24:2d:2d:f5:fb:71:55:f5:60:
         df:d0:7c:ab:72:e8:74:22:9d:b0:dc:73:be:35:25:60:33:7b:
         f6:a1:84:47:6c:e2:fd:26:f5:41:9a:52:dc:73:92:cb:26:45:
         c4:cb:89:e9:95:7f:ad:bd:25:76:c0:f8:c6:79:aa:30:a5:56:
         31:74:d7:54:03:86:08:91:55:0f:f7:59:1e:e3:24:15:12:e9:
         c2:4b:60:cd:54:e4:e5:35:92:5d:22:6b:79:fb:1a:1b:d4:50:
         c6:05:a8:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9DcjlB1n6dwZzHvB2vHFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2U3NmUxMmQyNWRlMmNjZjQ3MTlkZjAyNTRlODUzOTUw
ZWVlYjkwHhcNMjYwNDE3MDEwMDM0WhcNMjYwNDE4MDEwMDM0WjAzMTEwLwYDVQQD
Eyg1NDI4ZmY5NWZmYmI0ZGVhYzFlYzYxNmY0OWQ2NzE4NWUxMTBkNWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqKvLrjj9H0AEnDB//ekfKiksywi
Sx8VLqFEIp2srOnJiOyIqmjR7oOhyKYpjnjQNIdNys2DzpVwpSiYgaObCKzsRadi
pq36l0QoLyYWt4qBXjN405MAV3Bvn58faLNnMWwlMY3eAyR9jEaJbA0tCK0oe+IG
+UBU3DYSNOy8HyLqhc8csGH5NwRRlzdqUHUeHsrA8r3xG0td/3YNO+W7scqW9wVE
q+AxgcfaRhut8dNQTJSIkDpRXzOEGAccWbL8NyrGKkw05BeBW33hCOUNSvfU6vQB
zgcW5fkEiP2CgGOaAleKpqMe/JLXdRLMaumXDuW8idfqW7+kEcqC20iOdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFQo/5X/u03qwexhb0nWcYXhENXcMB8GA1UdIwQY
MBaAFIQ+duEtJd4sz0cZ3wJU6FOVDu65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS85MzI1NmItYzkxMy00OTVhLWE3Zjkt
NjdmYzhkMjA2NWIxLzEvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS85MzI1NmItYzkxMy00OTVhLWE3ZjktNjdmYzhkMjA2NWIx
LzEvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAITIzYzF4
ICs9LhM45ECqtWF/MYfoXaqbYCpt6Rd0zKoiRdMIO28a2IvUHcxmmXB3nD8WTzVK
bvhmQ4y6EPSszOTvNm17y0tcE1ZUpzah0hYiluSirLIcMel/22omN9odtC6sVfiu
juBuyMqEhEnhHDGS4f4Nt6FIiQd+4820JLhMgrM0RtY+iX36h8yk3dYaoWaxDuUr
Wz+8JC0t9ftxVfVg39B8q3LodCKdsNxzvjUlYDN79qGER2zi/Sb1QZpS3HOSyyZF
xMuJ6ZV/rb0ldsD4xnmqMKVWMXTXVAOGCJFVD/dZHuMkFRLpwktgzVTk5TWSXSJr
efsaG9RQxgWobQ==
-----END CERTIFICATE-----