Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.mft
File:                     K5Ro565AOUbluk3mHMHEej2b794.mft (raw, json)
Hash identifier:          BJHJJiz5NtfSGvp13Su6soIYeI/B1rYf/KTeR1eoORc=
Subject key identifier:   37:6A:A6:A8:AD:C6:0F:19:25:27:30:C6:45:31:3A:41:2F:0D:DC:C8
Authority key identifier: 2B:94:68:E7:AE:40:39:46:E5:BA:4D:E6:1C:C1:C4:7A:3D:9B:EF:DE
Certificate issuer:       /CN=2b9468e7ae403946e5ba4de61cc1c47a3d9befde
Certificate serial:       019D98F4D37CA8C43251ABDE6E630BEB0793
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K5Ro565AOUbluk3mHMHEej2b794.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.mft
Manifest number:          0D7A
Signing time:             Fri 17 Apr 2026 01:01:14 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:14 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:14 +0000
Files and hashes:         1: K5Ro565AOUbluk3mHMHEej2b794.crl (hash: aE0TJJmQP1xTazYjjFBip+qCwDUcspXP7Ao2JtWcKvw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K5Ro565AOUbluk3mHMHEej2b794.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:d3:7c:a8:c4:32:51:ab:de:6e:63:0b:eb:07:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b9468e7ae403946e5ba4de61cc1c47a3d9befde
        Validity
            Not Before: Apr 17 01:01:14 2026 GMT
            Not After : Apr 18 01:01:14 2026 GMT
        Subject: CN=376aa6a8adc60f19252730c645313a412f0ddcc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:7e:50:71:da:8c:25:74:5f:f2:58:3d:26:8f:
                    e1:ee:50:b7:b3:96:4e:38:88:6d:67:dc:41:b3:bc:
                    45:ce:55:42:6c:f3:1e:6c:73:94:7f:f6:30:ad:a8:
                    7b:37:28:86:2f:9c:85:42:0d:58:0c:58:12:43:6c:
                    a4:6a:69:5a:8e:73:30:4f:75:24:69:32:cf:05:be:
                    50:cc:08:ed:ec:8d:be:bd:35:dd:08:b0:af:cb:6b:
                    2d:df:72:dd:9c:c4:d9:54:df:f5:ae:30:c7:ef:1c:
                    46:69:b9:2a:d4:c9:7f:fd:bc:ee:94:78:f4:07:e8:
                    5c:48:3b:53:a5:b7:fb:35:a9:02:c4:ae:39:fe:24:
                    02:ee:55:c5:3a:07:d6:4e:cc:75:12:8d:b2:2f:b2:
                    ec:f6:03:0c:7b:25:f3:a8:58:8f:57:62:09:6c:fe:
                    9b:0e:07:fc:56:d6:02:8a:23:cf:00:a1:99:2c:42:
                    7b:5a:9c:50:b8:ea:98:7f:b3:55:78:bf:bd:5f:3d:
                    a2:12:4e:c8:b7:a0:5b:4b:ec:61:d4:73:88:5e:11:
                    07:9e:83:93:5a:27:43:43:a8:1b:b4:6d:c6:b4:bb:
                    41:b1:cf:f7:92:46:19:fb:4e:18:6f:7a:1e:df:70:
                    9e:6a:e4:52:ed:d0:f4:29:25:bf:8c:2c:30:09:1b:
                    76:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:6A:A6:A8:AD:C6:0F:19:25:27:30:C6:45:31:3A:41:2F:0D:DC:C8
            X509v3 Authority Key Identifier:
                keyid:2B:94:68:E7:AE:40:39:46:E5:BA:4D:E6:1C:C1:C4:7A:3D:9B:EF:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Ro565AOUbluk3mHMHEej2b794.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:e3:0a:7b:37:7e:99:41:07:bf:54:e1:13:32:57:89:aa:e9:
         c0:62:26:84:4d:fc:1a:00:40:c2:10:b8:8c:d1:7b:7e:d3:e5:
         24:4c:29:6e:46:c6:4b:bc:7f:d8:e7:2b:1e:0f:07:b3:89:91:
         e9:50:de:2e:d2:75:33:f4:97:d2:f1:49:12:7d:a3:65:bf:b5:
         0e:fd:44:3f:70:ae:e6:1f:20:3c:35:77:c0:89:f8:45:78:b7:
         99:b9:80:47:d4:99:79:2e:02:eb:39:ff:c3:34:c2:be:05:43:
         fa:eb:7c:3e:2f:34:41:1a:a7:e7:eb:95:43:7f:09:5b:91:8f:
         da:ab:a9:90:30:74:42:c9:17:07:04:df:de:1b:49:e7:04:ae:
         ec:ce:48:53:87:70:58:a4:81:7e:30:e4:59:5e:b9:58:97:e9:
         84:dd:22:08:45:a5:a1:87:03:80:51:72:12:9a:44:ff:95:de:
         78:22:31:52:17:16:5a:5c:8b:51:9d:75:2c:2a:33:cc:17:5d:
         4b:e8:04:e6:5d:4f:a8:53:c2:04:55:cb:46:6d:9b:2d:02:cc:
         08:3f:ba:ac:92:77:74:9b:14:48:8e:31:0f:d0:cc:03:9e:a3:
         34:48:56:3d:5b:74:28:3c:f1:08:fd:bd:df:fe:bd:d6:3a:a7:
         9e:96:9b:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9NN8qMQyUavebmML6weTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTQ2OGU3YWU0MDM5NDZlNWJhNGRlNjFjYzFjNDdhM2Q5
YmVmZGUwHhcNMjYwNDE3MDEwMTE0WhcNMjYwNDE4MDEwMTE0WjAzMTEwLwYDVQQD
EygzNzZhYTZhOGFkYzYwZjE5MjUyNzMwYzY0NTMxM2E0MTJmMGRkY2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu35QcdqMJXRf8lg9Jo/h7lC3s5ZO
OIhtZ9xBs7xFzlVCbPMebHOUf/Ywrah7NyiGL5yFQg1YDFgSQ2ykamlajnMwT3Uk
aTLPBb5QzAjt7I2+vTXdCLCvy2st33LdnMTZVN/1rjDH7xxGabkq1Ml//bzulHj0
B+hcSDtTpbf7NakCxK45/iQC7lXFOgfWTsx1Eo2yL7Ls9gMMeyXzqFiPV2IJbP6b
Dgf8VtYCiiPPAKGZLEJ7WpxQuOqYf7NVeL+9Xz2iEk7It6BbS+xh1HOIXhEHnoOT
WidDQ6gbtG3GtLtBsc/3kkYZ+04Yb3oe33CeauRS7dD0KSW/jCwwCRt2FwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDdqpqitxg8ZJScwxkUxOkEvDdzIMB8GA1UdIwQY
MBaAFCuUaOeuQDlG5bpN5hzBxHo9m+/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVSbzU2NUFPVWJsdWszbUhNSEVlajJiNzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi80YjVjMTgtODQ3Mi00MWRiLWI1NTct
MjI2OWMxYWYyYWQzLzEvSzVSbzU2NUFPVWJsdWszbUhNSEVlajJiNzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi80YjVjMTgtODQ3Mi00MWRiLWI1NTctMjI2OWMxYWYyYWQz
LzEvSzVSbzU2NUFPVWJsdWszbUhNSEVlajJiNzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN+MKezd+
mUEHv1ThEzJXiarpwGImhE38GgBAwhC4jNF7ftPlJEwpbkbGS7x/2OcrHg8Hs4mR
6VDeLtJ1M/SX0vFJEn2jZb+1Dv1EP3Cu5h8gPDV3wIn4RXi3mbmAR9SZeS4C6zn/
wzTCvgVD+ut8Pi80QRqn5+uVQ38JW5GP2qupkDB0QskXBwTf3htJ5wSu7M5IU4dw
WKSBfjDkWV65WJfphN0iCEWloYcDgFFyEppE/5XeeCIxUhcWWlyLUZ11LCozzBdd
S+gE5l1PqFPCBFXLRm2bLQLMCD+6rJJ3dJsUSI4xD9DMA56jNEhWPVt0KDzxCP29
3/691jqnnpabTQ==
-----END CERTIFICATE-----