Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
File:                     hFNK68PtnHkETCI8iyXgEdq_L98.mft (raw, json)
Hash identifier:          8p0pDORgIX3OvDJiRxXiFZw3pwepL4xgtqfPgtxjHZQ=
Subject key identifier:   8A:79:AC:13:04:74:8D:FC:CF:C8:39:DA:E5:0E:56:C6:81:23:22:B1
Authority key identifier: 84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF
Certificate issuer:       /CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf
Certificate serial:       019D9998F8AEB554F49947B5D47767EAE7DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
Manifest number:          09A6
Signing time:             Fri 17 Apr 2026 04:00:32 +0000
Manifest this update:     Fri 17 Apr 2026 04:00:32 +0000
Manifest next update:     Sat 18 Apr 2026 04:00:32 +0000
Files and hashes:         1: hFNK68PtnHkETCI8iyXgEdq_L98.crl (hash: BFwhqVtlDer9JspPUyquY169QHDtspw7doUmRWcK3HU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:98:f8:ae:b5:54:f4:99:47:b5:d4:77:67:ea:e7:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84534aebc3ed9c79044c223c8b25e011dabf2fdf
        Validity
            Not Before: Apr 17 04:00:32 2026 GMT
            Not After : Apr 18 04:00:32 2026 GMT
        Subject: CN=8a79ac1304748dfccfc839dae50e56c6812322b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:05:6b:3c:d6:3d:06:c5:79:8d:42:93:15:a7:
                    6c:28:af:60:5d:43:fe:a2:6c:5c:c8:b6:bf:43:3f:
                    bf:28:b2:6d:81:e6:34:85:24:10:ec:08:15:e1:68:
                    3e:76:76:f6:50:e7:c2:0e:4c:78:02:a8:bd:17:72:
                    64:2d:50:64:f4:2a:69:89:a8:7c:c3:22:12:35:bf:
                    37:35:7d:b0:ae:a1:a0:85:19:65:24:45:0c:d6:45:
                    0d:d4:8d:96:84:18:40:22:2e:96:96:cb:2d:48:fa:
                    bf:be:1f:15:a0:b1:36:82:d0:53:d1:2b:7a:32:26:
                    8e:fa:1e:21:57:ee:a5:1e:a1:70:d9:6b:e3:04:40:
                    84:90:95:40:6f:f9:59:27:2e:b3:61:7a:87:ea:b4:
                    b4:d5:5f:40:ca:df:ef:e4:a6:53:df:cd:7c:26:1b:
                    3e:7c:76:84:48:e9:5a:a0:ae:7c:fe:8c:66:1f:0f:
                    78:11:c2:5e:c8:00:bc:2a:18:46:3a:d3:b2:9a:e2:
                    b1:48:e7:7f:92:78:5c:e1:e9:f9:a8:35:02:fd:45:
                    ac:81:07:5c:b7:1b:71:4a:36:74:3b:23:90:9a:44:
                    34:c7:ad:5c:28:72:a7:b5:68:58:d4:da:f4:5e:c1:
                    22:ed:ed:1e:5c:37:cb:b6:13:2b:68:bb:ed:b3:ad:
                    9b:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:79:AC:13:04:74:8D:FC:CF:C8:39:DA:E5:0E:56:C6:81:23:22:B1
            X509v3 Authority Key Identifier:
                keyid:84:53:4A:EB:C3:ED:9C:79:04:4C:22:3C:8B:25:E0:11:DA:BF:2F:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFNK68PtnHkETCI8iyXgEdq_L98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a8e329-3bd7-437f-8107-ebde74933c77/1/hFNK68PtnHkETCI8iyXgEdq_L98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:d2:12:b9:b5:fe:db:2f:58:c5:f2:68:57:46:2c:14:b4:1b:
         30:33:c6:e7:16:3d:33:af:af:41:9c:1a:2d:26:7a:ce:ea:9a:
         3c:14:ee:99:48:e4:fd:10:fb:bb:27:fa:4b:11:a8:05:ca:51:
         ef:e3:bf:91:a1:ca:23:f9:25:f7:ce:53:aa:08:94:c5:22:72:
         92:2c:b8:c6:b3:30:e4:be:49:1f:56:94:13:5e:94:00:4b:91:
         44:9f:94:f6:c5:f3:da:31:ad:b7:6e:8b:99:1a:c3:0c:6f:d8:
         0e:65:94:69:78:6f:8f:65:1f:1f:bb:78:98:49:c8:f2:47:64:
         73:7f:fe:fa:e0:de:8a:70:58:9f:d2:05:5c:a6:e2:26:1f:00:
         f0:cc:1b:2b:e9:4c:b6:62:26:b3:78:82:21:50:06:64:65:8a:
         f7:17:75:f8:41:31:bd:c5:c2:04:2d:0c:ec:d1:a1:1d:8e:19:
         c4:fd:ee:ca:f4:b2:53:a3:3d:e2:93:d1:f5:2c:15:92:07:ce:
         ec:09:46:cc:ce:37:8b:16:09:2d:1c:44:d0:36:16:0b:cd:da:
         db:39:f0:6e:3c:7f:65:32:49:72:c6:b0:f3:07:d4:04:45:90:
         aa:ec:20:78:4f:c9:37:11:84:9d:57:42:11:90:d8:a7:30:82:
         20:d1:d4:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmPiutVT0mUe11Hdn6ufeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NTM0YWViYzNlZDljNzkwNDRjMjIzYzhiMjVlMDExZGFi
ZjJmZGYwHhcNMjYwNDE3MDQwMDMyWhcNMjYwNDE4MDQwMDMyWjAzMTEwLwYDVQQD
Eyg4YTc5YWMxMzA0NzQ4ZGZjY2ZjODM5ZGFlNTBlNTZjNjgxMjMyMmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAVrPNY9BsV5jUKTFadsKK9gXUP+
omxcyLa/Qz+/KLJtgeY0hSQQ7AgV4Wg+dnb2UOfCDkx4Aqi9F3JkLVBk9Cppiah8
wyISNb83NX2wrqGghRllJEUM1kUN1I2WhBhAIi6WlsstSPq/vh8VoLE2gtBT0St6
MiaO+h4hV+6lHqFw2WvjBECEkJVAb/lZJy6zYXqH6rS01V9Ayt/v5KZT3818Jhs+
fHaESOlaoK58/oxmHw94EcJeyAC8KhhGOtOymuKxSOd/knhc4en5qDUC/UWsgQdc
txtxSjZ0OyOQmkQ0x61cKHKntWhY1Nr0XsEi7e0eXDfLthMraLvts62bkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIp5rBMEdI38z8g52uUOVsaBIyKxMB8GA1UdIwQY
MBaAFIRTSuvD7Zx5BEwiPIsl4BHavy/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDct
ZWJkZTc0OTMzYzc3LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hOGUzMjktM2JkNy00MzdmLTgxMDctZWJkZTc0OTMzYzc3
LzEvaEZOSzY4UHRuSGtFVENJOGl5WGdFZHFfTDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM9ISubX+
2y9YxfJoV0YsFLQbMDPG5xY9M6+vQZwaLSZ6zuqaPBTumUjk/RD7uyf6SxGoBcpR
7+O/kaHKI/kl985TqgiUxSJykiy4xrMw5L5JH1aUE16UAEuRRJ+U9sXz2jGtt26L
mRrDDG/YDmWUaXhvj2UfH7t4mEnI8kdkc3/++uDeinBYn9IFXKbiJh8A8MwbK+lM
tmIms3iCIVAGZGWK9xd1+EExvcXCBC0M7NGhHY4ZxP3uyvSyU6M94pPR9SwVkgfO
7AlGzM43ixYJLRxE0DYWC83a2znwbjx/ZTJJcsaw8wfUBEWQquwgeE/JNxGEnVdC
EZDYpzCCINHU6Q==
-----END CERTIFICATE-----