Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
File:                     o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft (raw, json)
Hash identifier:          jbCD5aYWjNO1S4xWu3USO1SKDibfuRZBrJsdspWZEew=
Subject key identifier:   BF:84:5F:10:94:5A:BA:AF:EA:AF:46:EF:0C:E2:2C:B6:12:86:1F:DC
Authority key identifier: A3:A8:CA:F6:21:7C:EB:10:DD:8C:14:6F:96:B9:D7:73:ED:D8:88:64
Certificate issuer:       /CN=a3a8caf6217ceb10dd8c146f96b9d773edd88864
Certificate serial:       019D98F539A563D2AB3285B23DC3D3ADD5F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 01:01:40 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:40 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:40 +0000
Files and hashes:         1: o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl (hash: UIniTtUdncEEhaMkP2p5jqeNbH48QHnVP5LIn6Kh+AA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f5:39:a5:63:d2:ab:32:85:b2:3d:c3:d3:ad:d5:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3a8caf6217ceb10dd8c146f96b9d773edd88864
        Validity
            Not Before: Apr 17 01:01:40 2026 GMT
            Not After : Apr 18 01:01:40 2026 GMT
        Subject: CN=bf845f10945abaafeaaf46ef0ce22cb612861fdc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:46:7d:b7:f0:cc:9e:31:ce:54:a2:51:4b:d8:
                    1b:0a:7f:82:2e:11:e9:c5:a2:77:ba:1c:9c:3f:62:
                    22:42:9f:df:60:4a:42:dc:35:e5:f5:c2:b2:f9:1a:
                    0a:ee:7e:9b:7f:21:60:5f:84:7e:30:16:f0:91:a8:
                    58:fa:d0:dc:42:e3:2e:28:bb:53:3e:70:5b:75:93:
                    fc:b4:b8:69:ed:ce:0f:70:4e:19:d8:99:32:8e:d9:
                    7b:12:39:05:3b:2d:b3:1d:5a:0d:c9:5f:bb:21:04:
                    e5:48:42:4b:5c:31:54:fa:e5:3f:a6:12:fb:49:fe:
                    8d:c0:d6:ec:0d:e1:28:cf:02:bc:fb:94:a5:b4:6e:
                    6a:03:70:ce:dc:29:b4:da:bb:e5:21:15:fc:db:66:
                    bf:1a:c1:cc:0b:a3:0a:91:db:35:2b:f5:33:d5:0c:
                    bc:0d:8a:a5:b5:d2:a2:26:55:57:58:c1:9f:7c:7e:
                    78:82:c7:47:26:df:99:a3:c1:c8:54:9d:30:d7:d9:
                    6a:06:88:60:ef:1c:d6:e6:2b:13:3e:e2:43:dd:79:
                    c0:42:fe:de:c8:b1:e4:57:b6:c2:7c:b6:8b:5b:ca:
                    ea:91:93:37:64:1d:38:85:6a:b9:95:df:94:8f:96:
                    c3:94:46:66:de:83:a1:b4:e8:5a:a2:d3:21:25:92:
                    7e:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:84:5F:10:94:5A:BA:AF:EA:AF:46:EF:0C:E2:2C:B6:12:86:1F:DC
            X509v3 Authority Key Identifier:
                keyid:A3:A8:CA:F6:21:7C:EB:10:DD:8C:14:6F:96:B9:D7:73:ED:D8:88:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:eb:58:fd:80:04:56:40:0d:0c:a5:9b:f5:6e:92:e4:d8:1b:
         89:26:de:3d:0b:4b:5b:02:ea:24:84:39:22:8c:d4:04:6e:40:
         eb:87:51:59:a0:89:bc:72:48:da:b6:b4:05:d7:7e:98:7f:f7:
         20:04:2f:5b:09:07:6c:5a:61:75:e3:3c:93:1a:02:b2:3a:c3:
         3e:0a:b0:43:9d:d3:47:70:35:0f:09:44:03:29:cd:95:81:49:
         1a:c7:0c:e9:41:96:32:5c:12:7c:6c:cc:22:91:28:1a:13:cf:
         09:f1:ae:fd:92:9c:cd:d3:58:8c:03:fe:a0:3d:db:51:ab:04:
         65:54:65:3c:c5:b7:eb:b2:90:4f:4e:09:e7:88:e4:65:d2:96:
         44:94:fa:92:dd:02:7c:aa:c9:3c:de:a7:78:16:9a:93:f7:60:
         28:4a:03:2c:55:77:79:43:6b:88:b0:e3:d1:91:b9:4f:4e:6d:
         85:4f:17:22:85:40:97:19:f8:65:38:67:e3:34:04:93:67:4d:
         a3:5f:e2:9a:90:c8:a2:2b:a3:13:b1:b3:d5:82:c7:8a:39:ac:
         e7:c2:04:97:f8:ed:54:bd:98:8e:9e:7b:27:33:46:3c:91:1f:
         c2:7f:be:6a:3c:38:a4:ec:72:19:52:1f:e4:64:6c:86:d5:2b:
         91:61:69:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9TmlY9KrMoWyPcPTrdXzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYThjYWY2MjE3Y2ViMTBkZDhjMTQ2Zjk2YjlkNzczZWRk
ODg4NjQwHhcNMjYwNDE3MDEwMTQwWhcNMjYwNDE4MDEwMTQwWjAzMTEwLwYDVQQD
EyhiZjg0NWYxMDk0NWFiYWFmZWFhZjQ2ZWYwY2UyMmNiNjEyODYxZmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00Z9t/DMnjHOVKJRS9gbCn+CLhHp
xaJ3uhycP2IiQp/fYEpC3DXl9cKy+RoK7n6bfyFgX4R+MBbwkahY+tDcQuMuKLtT
PnBbdZP8tLhp7c4PcE4Z2Jkyjtl7EjkFOy2zHVoNyV+7IQTlSEJLXDFU+uU/phL7
Sf6NwNbsDeEozwK8+5SltG5qA3DO3Cm02rvlIRX822a/GsHMC6MKkds1K/Uz1Qy8
DYqltdKiJlVXWMGffH54gsdHJt+Zo8HIVJ0w19lqBohg7xzW5isTPuJD3XnAQv7e
yLHkV7bCfLaLW8rqkZM3ZB04hWq5ld+Uj5bDlEZm3oOhtOhaotMhJZJ++QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL+EXxCUWrqv6q9G7wziLLYShh/cMB8GA1UdIwQY
MBaAFKOoyvYhfOsQ3YwUb5a513Pt2IhkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi81ZmQwMjMtOTJlYS00YTYzLWI3ZDAt
ZTVjYmEyMTM3MzA4LzEvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi81ZmQwMjMtOTJlYS00YTYzLWI3ZDAtZTVjYmEyMTM3MzA4
LzEvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFOtY/YAE
VkANDKWb9W6S5NgbiSbePQtLWwLqJIQ5IozUBG5A64dRWaCJvHJI2ra0Bdd+mH/3
IAQvWwkHbFphdeM8kxoCsjrDPgqwQ53TR3A1DwlEAynNlYFJGscM6UGWMlwSfGzM
IpEoGhPPCfGu/ZKczdNYjAP+oD3bUasEZVRlPMW367KQT04J54jkZdKWRJT6kt0C
fKrJPN6neBaak/dgKEoDLFV3eUNriLDj0ZG5T05thU8XIoVAlxn4ZThn4zQEk2dN
o1/impDIoiujE7Gz1YLHijms58IEl/jtVL2Yjp57JzNGPJEfwn++ajw4pOxyGVIf
5GRshtUrkWFplQ==
-----END CERTIFICATE-----