Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
File:                     d_bMQsdY59p8S_q8ISEtHSghYDE.mft (raw, json)
Hash identifier:          YPYaerYwqQafllk0hoYjaLXW2JbeC0u0yayn/lLDBIw=
Subject key identifier:   B7:3F:E2:2F:0F:66:EE:6A:46:AB:4A:2F:6C:ED:03:17:F4:CE:C7:E0
Authority key identifier: 77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31
Certificate issuer:       /CN=77f6cc42c758e7da7c4bfabc21212d1d28216031
Certificate serial:       019DA30A804E27C29DECB6DE6F5B3CAE4596
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
Manifest number:          088F
Signing time:             Sun 19 Apr 2026 00:01:07 +0000
Manifest this update:     Sun 19 Apr 2026 00:01:07 +0000
Manifest next update:     Mon 20 Apr 2026 00:01:07 +0000
Files and hashes:         1: d_bMQsdY59p8S_q8ISEtHSghYDE.crl (hash: 8q2fm6swjdiQ+NptPo3y8SpTuJnl5B9zhGt/0yK6wEk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 00:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:0a:80:4e:27:c2:9d:ec:b6:de:6f:5b:3c:ae:45:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f6cc42c758e7da7c4bfabc21212d1d28216031
        Validity
            Not Before: Apr 19 00:01:07 2026 GMT
            Not After : Apr 20 00:01:07 2026 GMT
        Subject: CN=b73fe22f0f66ee6a46ab4a2f6ced0317f4cec7e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:c5:6b:f4:26:c8:ec:1c:11:f7:9c:14:e8:12:
                    7c:63:96:c2:ca:72:02:08:1a:88:a3:b0:d3:e2:1f:
                    1f:99:3e:3e:38:0a:44:0f:ca:56:e2:16:72:f7:71:
                    1e:16:8a:f8:ec:cc:52:6a:88:8c:21:e3:4e:a8:39:
                    a5:b0:ae:9d:a6:eb:08:3f:2c:5f:c0:eb:67:dd:14:
                    12:a5:41:4f:45:e6:92:5e:95:6a:6e:67:5b:76:2a:
                    64:c8:6b:dd:1f:b3:0f:38:b3:f3:01:e0:0b:f3:19:
                    1c:66:4c:a6:44:7f:a0:bc:0f:ca:e3:6d:cc:b5:67:
                    d1:ba:ab:16:59:94:b7:36:32:84:23:15:55:6c:6e:
                    ca:14:4b:f5:27:c9:d4:28:45:91:ae:8e:03:b2:63:
                    49:40:07:4b:f0:47:92:d4:c4:6a:e0:18:dc:21:6f:
                    61:10:40:f0:91:e5:ae:f7:87:da:3b:c0:3c:44:98:
                    1d:7b:fe:60:06:a3:c3:2a:62:ed:f7:de:a1:25:68:
                    a6:de:d6:e2:04:4f:5b:9c:95:0f:45:ac:23:95:8c:
                    ed:d5:8c:0f:c7:d7:af:df:09:7f:d7:e3:8c:d2:ae:
                    1a:60:b1:6b:88:75:71:64:9b:61:50:19:59:5f:f0:
                    26:6e:ca:8c:cd:2e:12:44:0e:b3:0f:dc:af:88:82:
                    d1:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:3F:E2:2F:0F:66:EE:6A:46:AB:4A:2F:6C:ED:03:17:F4:CE:C7:E0
            X509v3 Authority Key Identifier:
                keyid:77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:46:e9:9c:ca:a8:cb:bb:c8:f6:b6:fd:f4:eb:4d:0d:d9:7e:
         d4:ea:a1:45:5b:b1:98:93:d3:60:8b:75:60:d8:0b:d5:01:68:
         0d:51:61:fb:95:14:25:b5:5b:31:12:fc:04:96:51:34:46:03:
         83:43:d6:d2:fc:e7:b2:38:ac:92:d1:8e:8e:80:19:02:d6:42:
         2a:cd:1c:9e:97:e1:29:e3:45:80:61:30:57:7f:5b:24:db:4f:
         0a:a0:e2:60:80:e5:83:84:e0:cb:71:76:1f:fc:20:6d:05:32:
         e0:fe:2c:57:c8:c6:d1:63:b1:00:40:b0:c9:4f:5a:71:e5:06:
         d8:32:81:08:40:9a:cf:b2:d3:19:60:1b:58:81:70:9d:0a:e7:
         55:96:0a:7e:c4:c9:0d:94:0d:d9:1b:ed:f9:18:66:f5:09:f0:
         d0:37:47:61:f7:c6:d2:0a:94:26:2b:43:9a:e6:be:e8:bb:88:
         fb:4a:1a:c8:87:9c:75:92:18:0e:50:9d:9a:d7:47:f1:d4:6d:
         d4:d1:8d:f2:26:9a:24:56:90:70:36:91:80:27:09:b3:f4:56:
         a5:22:20:67:54:ba:48:d4:a8:d6:f9:32:72:7f:19:17:1e:73:
         f8:20:74:fd:1c:3c:87:4c:36:6e:62:27:00:bd:8b:df:49:b9:
         42:e2:89:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jCoBOJ8Kd7Lbeb1s8rkWWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjZjYzQyYzc1OGU3ZGE3YzRiZmFiYzIxMjEyZDFkMjgy
MTYwMzEwHhcNMjYwNDE5MDAwMTA3WhcNMjYwNDIwMDAwMTA3WjAzMTEwLwYDVQQD
EyhiNzNmZTIyZjBmNjZlZTZhNDZhYjRhMmY2Y2VkMDMxN2Y0Y2VjN2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMVr9CbI7BwR95wU6BJ8Y5bCynIC
CBqIo7DT4h8fmT4+OApED8pW4hZy93EeFor47MxSaoiMIeNOqDmlsK6dpusIPyxf
wOtn3RQSpUFPReaSXpVqbmdbdipkyGvdH7MPOLPzAeAL8xkcZkymRH+gvA/K423M
tWfRuqsWWZS3NjKEIxVVbG7KFEv1J8nUKEWRro4DsmNJQAdL8EeS1MRq4BjcIW9h
EEDwkeWu94faO8A8RJgde/5gBqPDKmLt996hJWim3tbiBE9bnJUPRawjlYzt1YwP
x9ev3wl/1+OM0q4aYLFriHVxZJthUBlZX/AmbsqMzS4SRA6zD9yviILRBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLc/4i8PZu5qRqtKL2ztAxf0zsfgMB8GA1UdIwQY
MBaAFHf2zELHWOfafEv6vCEhLR0oIWAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQt
NGJlY2IzMzY5ZGVjLzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQtNGJlY2IzMzY5ZGVj
LzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvEbpnMqo
y7vI9rb99OtNDdl+1OqhRVuxmJPTYIt1YNgL1QFoDVFh+5UUJbVbMRL8BJZRNEYD
g0PW0vznsjisktGOjoAZAtZCKs0cnpfhKeNFgGEwV39bJNtPCqDiYIDlg4Tgy3F2
H/wgbQUy4P4sV8jG0WOxAECwyU9aceUG2DKBCECaz7LTGWAbWIFwnQrnVZYKfsTJ
DZQN2Rvt+Rhm9Qnw0DdHYffG0gqUJitDmua+6LuI+0oayIecdZIYDlCdmtdH8dRt
1NGN8iaaJFaQcDaRgCcJs/RWpSIgZ1S6SNSo1vkycn8ZFx5z+CB0/Rw8h0w2bmIn
AL2L30m5QuKJ5Q==
-----END CERTIFICATE-----