Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/0942ec-2e9f-4172-8c53-c4946b8e630d/1/rKcX8QfgYizkyz71KwFU-n-baS0.mft
File:                     rKcX8QfgYizkyz71KwFU-n-baS0.mft (raw, json)
Hash identifier:          ve83x24m3stcbBuBNFH+O4QvrktTOyx3cgeh4qZJJYo=
Subject key identifier:   5E:F5:3B:66:6E:83:24:0C:50:76:43:39:71:03:73:BA:D2:F6:77:3B
Authority key identifier: AC:A7:17:F1:07:E0:62:2C:E4:CB:3E:F5:2B:01:54:FA:7F:9B:69:2D
Certificate issuer:       /CN=aca717f107e0622ce4cb3ef52b0154fa7f9b692d
Certificate serial:       019D9AE277AD53F37C998FCA1DA84929436D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rKcX8QfgYizkyz71KwFU-n-baS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/0942ec-2e9f-4172-8c53-c4946b8e630d/1/rKcX8QfgYizkyz71KwFU-n-baS0.mft
Manifest number:          1440
Signing time:             Fri 17 Apr 2026 10:00:26 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:26 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:26 +0000
Files and hashes:         1: rKcX8QfgYizkyz71KwFU-n-baS0.crl (hash: 1KQi5cCI+gFfQPHppGd2lSwakf0E9y8tadGFWUoccAg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/0942ec-2e9f-4172-8c53-c4946b8e630d/1/rKcX8QfgYizkyz71KwFU-n-baS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/0942ec-2e9f-4172-8c53-c4946b8e630d/1/rKcX8QfgYizkyz71KwFU-n-baS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rKcX8QfgYizkyz71KwFU-n-baS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 10:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:77:ad:53:f3:7c:99:8f:ca:1d:a8:49:29:43:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aca717f107e0622ce4cb3ef52b0154fa7f9b692d
        Validity
            Not Before: Apr 17 10:00:26 2026 GMT
            Not After : Apr 18 10:00:26 2026 GMT
        Subject: CN=5ef53b666e83240c50764339710373bad2f6773b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:49:5c:22:56:b0:bc:ac:b2:13:d9:a9:cc:23:
                    6b:87:d1:00:22:6b:3c:64:dc:7d:66:02:d4:e1:47:
                    5c:9c:23:6d:1f:4c:35:cd:f8:10:f3:81:89:eb:8f:
                    a5:f9:af:29:28:ae:89:39:a9:62:93:2b:2f:92:17:
                    71:fd:a9:7d:f6:14:51:18:03:90:08:af:b0:f8:10:
                    ca:14:8b:5a:73:da:13:a5:c1:5b:ab:29:99:6e:7b:
                    ec:fb:2f:9c:bb:e4:7f:5b:9d:4a:9a:43:04:62:b8:
                    cf:9a:6c:28:32:c7:0f:96:13:b0:fd:87:18:f0:19:
                    70:5a:02:2e:cf:31:4c:23:3f:9f:a4:8f:6a:96:eb:
                    e8:c3:a1:08:58:71:1c:1e:eb:e8:3e:a6:96:a6:ce:
                    13:e1:6d:70:89:20:1c:41:b1:fc:b3:c7:db:33:a7:
                    49:b5:bf:b5:d3:d1:db:52:d6:e1:94:86:fd:d1:45:
                    4f:47:e7:e9:9e:d0:72:b4:e4:20:8d:3f:de:f5:b3:
                    99:9b:92:13:b4:2a:38:4a:3f:88:c9:a4:0f:99:59:
                    ba:f7:f2:fa:c2:96:7c:25:d1:c4:18:97:73:83:23:
                    f4:53:0b:d0:b0:9a:77:be:e7:36:b5:c6:5f:d6:13:
                    88:40:b9:0c:40:c2:90:60:a2:07:57:f2:a4:b2:51:
                    5b:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:F5:3B:66:6E:83:24:0C:50:76:43:39:71:03:73:BA:D2:F6:77:3B
            X509v3 Authority Key Identifier:
                keyid:AC:A7:17:F1:07:E0:62:2C:E4:CB:3E:F5:2B:01:54:FA:7F:9B:69:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKcX8QfgYizkyz71KwFU-n-baS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0942ec-2e9f-4172-8c53-c4946b8e630d/1/rKcX8QfgYizkyz71KwFU-n-baS0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0942ec-2e9f-4172-8c53-c4946b8e630d/1/rKcX8QfgYizkyz71KwFU-n-baS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:46:97:4c:9d:8c:a6:12:f6:32:a7:77:f0:33:a5:80:19:66:
         aa:22:91:a4:bb:e3:15:39:3a:27:80:68:cc:68:28:48:73:31:
         5b:26:51:3e:04:e0:93:96:cf:fa:f4:fc:a1:a7:3e:df:4a:3c:
         f9:a8:dc:d6:59:59:48:c8:11:fc:9b:2e:ea:de:a6:f4:c1:18:
         03:a5:35:b3:dc:0d:c6:b5:5b:e5:cf:12:f3:d3:02:27:9b:b7:
         b2:e4:ab:c5:cf:ef:a8:65:7f:55:71:67:04:d6:d5:16:f0:55:
         ec:0f:0a:5b:e6:67:44:da:75:a9:df:e4:e7:29:3e:a1:79:a4:
         52:1c:c6:73:fc:8d:6c:2f:25:15:3c:30:1a:50:39:14:64:90:
         3e:f3:b0:73:36:56:69:11:d5:10:37:e8:3c:1c:40:ac:a3:8d:
         2a:9c:1c:0d:c3:51:e2:f9:5e:44:ec:07:b2:fc:0e:98:c2:4b:
         87:97:1b:78:0b:bd:14:22:67:69:0e:64:c8:f9:49:24:c7:a1:
         a8:88:2f:c7:03:15:97:24:95:44:9c:fe:4e:ab:96:2e:3c:ae:
         a0:75:4e:76:79:84:0c:d4:7b:2f:9a:13:ad:5a:e9:77:19:8d:
         10:8d:33:dc:0b:6e:95:f7:47:27:23:da:a0:87:f0:35:1f:0e:
         ea:1b:ac:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4netU/N8mY/KHahJKUNtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTcxN2YxMDdlMDYyMmNlNGNiM2VmNTJiMDE1NGZhN2Y5
YjY5MmQwHhcNMjYwNDE3MTAwMDI2WhcNMjYwNDE4MTAwMDI2WjAzMTEwLwYDVQQD
Eyg1ZWY1M2I2NjZlODMyNDBjNTA3NjQzMzk3MTAzNzNiYWQyZjY3NzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUlcIlawvKyyE9mpzCNrh9EAIms8
ZNx9ZgLU4UdcnCNtH0w1zfgQ84GJ64+l+a8pKK6JOalikysvkhdx/al99hRRGAOQ
CK+w+BDKFItac9oTpcFbqymZbnvs+y+cu+R/W51KmkMEYrjPmmwoMscPlhOw/YcY
8BlwWgIuzzFMIz+fpI9qluvow6EIWHEcHuvoPqaWps4T4W1wiSAcQbH8s8fbM6dJ
tb+109HbUtbhlIb90UVPR+fpntBytOQgjT/e9bOZm5ITtCo4Sj+IyaQPmVm69/L6
wpZ8JdHEGJdzgyP0UwvQsJp3vuc2tcZf1hOIQLkMQMKQYKIHV/KkslFbfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF71O2ZugyQMUHZDOXEDc7rS9nc7MB8GA1UdIwQY
MBaAFKynF/EH4GIs5Ms+9SsBVPp/m2ktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktjWDhRZmdZaXpreXo3MUt3RlUtbi1iYVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8wOTQyZWMtMmU5Zi00MTcyLThjNTMt
YzQ5NDZiOGU2MzBkLzEvcktjWDhRZmdZaXpreXo3MUt3RlUtbi1iYVMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8wOTQyZWMtMmU5Zi00MTcyLThjNTMtYzQ5NDZiOGU2MzBk
LzEvcktjWDhRZmdZaXpreXo3MUt3RlUtbi1iYVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIkaXTJ2M
phL2Mqd38DOlgBlmqiKRpLvjFTk6J4BozGgoSHMxWyZRPgTgk5bP+vT8oac+30o8
+ajc1llZSMgR/Jsu6t6m9MEYA6U1s9wNxrVb5c8S89MCJ5u3suSrxc/vqGV/VXFn
BNbVFvBV7A8KW+ZnRNp1qd/k5yk+oXmkUhzGc/yNbC8lFTwwGlA5FGSQPvOwczZW
aRHVEDfoPBxArKONKpwcDcNR4vleROwHsvwOmMJLh5cbeAu9FCJnaQ5kyPlJJMeh
qIgvxwMVlySVRJz+TquWLjyuoHVOdnmEDNR7L5oTrVrpdxmNEI0z3AtulfdHJyPa
oIfwNR8O6husVw==
-----END CERTIFICATE-----