Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft
File:                     _OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft (raw, json)
Hash identifier:          fU7eii8R9s79TZEy6ifmVsBOW+WjxJy2YCoqREICmR8=
Subject key identifier:   9C:60:9F:D7:3F:7C:37:F6:26:C4:FD:8E:4C:E2:2C:87:1E:C0:C7:D0
Authority key identifier: FC:E2:7D:64:A4:CE:95:E0:83:11:AF:AF:F4:3E:66:D0:73:FB:21:D1
Certificate issuer:       /CN=fce27d64a4ce95e08311afaff43e66d073fb21d1
Certificate serial:       019DA48B5FE00C03C7385E5056214E9D31EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft
Manifest number:          1241
Signing time:             Sun 19 Apr 2026 07:01:30 +0000
Manifest this update:     Sun 19 Apr 2026 07:01:30 +0000
Manifest next update:     Mon 20 Apr 2026 07:01:30 +0000
Files and hashes:         1: _OJ9ZKTOleCDEa-v9D5m0HP7IdE.crl (hash: kRBKbnwsQP7E15mlamy1kACojYUyEBI2wf9OPhby3Ak=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:8b:5f:e0:0c:03:c7:38:5e:50:56:21:4e:9d:31:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fce27d64a4ce95e08311afaff43e66d073fb21d1
        Validity
            Not Before: Apr 19 07:01:30 2026 GMT
            Not After : Apr 20 07:01:30 2026 GMT
        Subject: CN=9c609fd73f7c37f626c4fd8e4ce22c871ec0c7d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:23:5e:e2:d9:87:f3:9f:9e:43:db:a5:de:14:
                    bb:5d:3a:73:e5:88:50:62:42:b2:88:5a:bb:0d:db:
                    5f:80:98:44:43:c8:0a:c0:a2:b0:16:58:e9:d7:6f:
                    39:46:cb:35:26:08:0c:fb:e2:bb:c5:48:40:4c:fd:
                    69:c5:a8:d5:67:dc:d0:b8:68:1b:bb:11:07:0a:39:
                    dd:35:76:72:e4:b6:93:f7:8d:1f:5a:f7:95:a0:fc:
                    5e:63:95:77:cf:b4:20:d5:bd:bd:28:16:ac:b4:8e:
                    5c:62:80:22:79:51:0a:f7:65:d0:57:3c:0f:ab:fd:
                    56:cc:2e:7a:64:1a:e7:9e:80:43:37:4d:f6:39:53:
                    49:86:2f:f4:d9:9b:d1:6f:2b:0a:ec:6e:6c:6e:d2:
                    88:ff:aa:39:85:1e:37:30:4f:cb:2f:eb:9a:0b:f7:
                    6d:ad:47:52:a5:b6:58:e5:4d:ff:de:61:67:11:e5:
                    88:09:a3:78:8f:f5:a9:61:b1:37:0e:c7:d5:c9:9b:
                    44:76:04:9d:6f:10:0d:5f:b5:d6:cc:68:a9:39:59:
                    9f:1c:d6:8c:51:97:03:e5:87:1e:a4:90:fa:d5:33:
                    c8:d6:e1:f6:03:72:ad:cc:21:91:47:87:39:fd:8e:
                    ed:f9:47:a5:f4:9b:f8:fd:d5:ff:28:25:91:2b:21:
                    57:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:60:9F:D7:3F:7C:37:F6:26:C4:FD:8E:4C:E2:2C:87:1E:C0:C7:D0
            X509v3 Authority Key Identifier:
                keyid:FC:E2:7D:64:A4:CE:95:E0:83:11:AF:AF:F4:3E:66:D0:73:FB:21:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:0f:85:e6:d1:b0:7d:f3:84:69:28:cb:9b:12:1b:5c:19:ed:
         43:72:eb:23:e6:3d:a5:a3:b7:24:73:19:99:fd:50:57:23:fc:
         94:ed:97:af:ec:dc:d9:dc:4c:bd:cf:c5:33:0e:c7:36:70:4b:
         62:b4:2a:d1:6a:c0:65:44:96:97:b6:af:aa:6a:d6:73:e8:17:
         42:de:39:2a:02:fe:3d:c7:da:eb:c5:8a:16:f2:a8:e3:91:82:
         bc:1f:fe:13:13:8c:6c:0e:7e:f1:dd:ad:c0:44:09:8b:04:d9:
         d2:b8:4d:13:45:92:a8:32:d4:b4:76:46:9e:18:a3:65:77:dd:
         e4:69:82:96:fc:45:8e:0f:73:63:ad:e9:6a:4b:bf:57:61:93:
         f8:54:b9:cc:bb:0b:42:8b:1b:45:b3:a0:eb:e3:f7:12:f9:70:
         5f:eb:e0:6c:ba:44:fd:55:44:a8:14:2d:09:7c:55:7a:20:fa:
         24:10:6e:2d:ff:ee:4b:8f:f7:3c:75:a3:44:82:7c:b2:eb:b8:
         2a:80:c3:f5:7b:8b:b9:8f:39:2e:a1:97:95:5c:4b:08:8d:48:
         6d:f8:9b:02:81:01:95:3a:b0:7d:b8:1e:d7:2f:f2:02:82:38:
         31:fe:22:04:eb:68:90:a3:b2:cc:5d:9a:ac:02:69:03:7d:b0:
         50:d5:1d:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ki1/gDAPHOF5QViFOnTHqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZTI3ZDY0YTRjZTk1ZTA4MzExYWZhZmY0M2U2NmQwNzNm
YjIxZDEwHhcNMjYwNDE5MDcwMTMwWhcNMjYwNDIwMDcwMTMwWjAzMTEwLwYDVQQD
Eyg5YzYwOWZkNzNmN2MzN2Y2MjZjNGZkOGU0Y2UyMmM4NzFlYzBjN2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiNe4tmH85+eQ9ul3hS7XTpz5YhQ
YkKyiFq7DdtfgJhEQ8gKwKKwFljp1285Rss1JggM++K7xUhATP1pxajVZ9zQuGgb
uxEHCjndNXZy5LaT940fWveVoPxeY5V3z7Qg1b29KBastI5cYoAieVEK92XQVzwP
q/1WzC56ZBrnnoBDN032OVNJhi/02ZvRbysK7G5sbtKI/6o5hR43ME/LL+uaC/dt
rUdSpbZY5U3/3mFnEeWICaN4j/WpYbE3DsfVyZtEdgSdbxANX7XWzGipOVmfHNaM
UZcD5YcepJD61TPI1uH2A3KtzCGRR4c5/Y7t+Uel9Jv4/dX/KCWRKyFXVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJxgn9c/fDf2JsT9jkziLIcewMfQMB8GA1UdIwQY
MBaAFPzifWSkzpXggxGvr/Q+ZtBz+yHRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX09KOVpLVE9sZUNERWEtdjlENW0wSFA3SWRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8zN2RjZTYtZmZlNS00NzZiLTgwOGEt
MDAxNGJjODU1YmY0LzEvX09KOVpLVE9sZUNERWEtdjlENW0wSFA3SWRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8zN2RjZTYtZmZlNS00NzZiLTgwOGEtMDAxNGJjODU1YmY0
LzEvX09KOVpLVE9sZUNERWEtdjlENW0wSFA3SWRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhQ+F5tGw
ffOEaSjLmxIbXBntQ3LrI+Y9paO3JHMZmf1QVyP8lO2Xr+zc2dxMvc/FMw7HNnBL
YrQq0WrAZUSWl7avqmrWc+gXQt45KgL+Pcfa68WKFvKo45GCvB/+ExOMbA5+8d2t
wEQJiwTZ0rhNE0WSqDLUtHZGnhijZXfd5GmClvxFjg9zY63paku/V2GT+FS5zLsL
QosbRbOg6+P3EvlwX+vgbLpE/VVEqBQtCXxVeiD6JBBuLf/uS4/3PHWjRIJ8suu4
KoDD9XuLuY85LqGXlVxLCI1IbfibAoEBlTqwfbge1y/yAoI4Mf4iBOtokKOyzF2a
rAJpA32wUNUd2w==
-----END CERTIFICATE-----