Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/6da562-a836-48cc-aa57-8c4bb4485f34/1/9jOGnDZCtefqAii_DgspXO_MTd8.mft
File:                     9jOGnDZCtefqAii_DgspXO_MTd8.mft (raw, json)
Hash identifier:          PxDyuGqAKXiXEmk6HvHEkfOy9NJ+bw2rbeBf0Plg8mY=
Subject key identifier:   59:45:AB:1D:F2:9D:28:61:C7:30:6E:F8:4F:DB:16:99:46:73:A2:EE
Authority key identifier: F6:33:86:9C:36:42:B5:E7:EA:02:28:BF:0E:0B:29:5C:EF:CC:4D:DF
Certificate issuer:       /CN=f633869c3642b5e7ea0228bf0e0b295cefcc4ddf
Certificate serial:       019D9B873E9A2E4A648FC032F6DEE506D837
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9jOGnDZCtefqAii_DgspXO_MTd8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/6da562-a836-48cc-aa57-8c4bb4485f34/1/9jOGnDZCtefqAii_DgspXO_MTd8.mft
Manifest number:          1338
Signing time:             Fri 17 Apr 2026 13:00:25 +0000
Manifest this update:     Fri 17 Apr 2026 13:00:25 +0000
Manifest next update:     Sat 18 Apr 2026 13:00:25 +0000
Files and hashes:         1: 9jOGnDZCtefqAii_DgspXO_MTd8.crl (hash: myPbjyrAKQz1J5AvsxKdbip2FjnRfS/9R87qvaDrcJc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/6da562-a836-48cc-aa57-8c4bb4485f34/1/9jOGnDZCtefqAii_DgspXO_MTd8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/6da562-a836-48cc-aa57-8c4bb4485f34/1/9jOGnDZCtefqAii_DgspXO_MTd8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9jOGnDZCtefqAii_DgspXO_MTd8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:87:3e:9a:2e:4a:64:8f:c0:32:f6:de:e5:06:d8:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f633869c3642b5e7ea0228bf0e0b295cefcc4ddf
        Validity
            Not Before: Apr 17 13:00:25 2026 GMT
            Not After : Apr 18 13:00:25 2026 GMT
        Subject: CN=5945ab1df29d2861c7306ef84fdb16994673a2ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:85:10:5c:e3:43:19:ed:36:9b:d5:a8:fa:95:
                    1b:1f:98:a3:4f:48:10:15:dc:ed:fc:9a:be:88:45:
                    f0:eb:c5:41:58:cc:bf:c3:8a:90:f6:8e:d5:1e:1e:
                    cb:e9:e9:5a:78:24:04:8f:a6:cd:af:c7:b1:9e:3d:
                    4c:9f:2b:bc:d0:a1:73:fe:71:0a:3c:d3:35:5b:7d:
                    b1:d1:5c:60:17:76:44:98:64:86:66:30:6a:97:68:
                    a7:ae:4f:a4:b5:bd:35:f8:b4:17:4d:6c:25:b0:c2:
                    d4:e4:7d:7d:39:89:ae:f5:a2:39:8c:e0:b2:d3:50:
                    a5:67:96:44:43:91:8a:6f:69:9c:0a:f0:7f:de:04:
                    15:82:48:56:86:e5:22:37:c2:0a:50:31:85:8c:a8:
                    92:28:98:2e:38:8e:c7:f8:e7:fd:b9:d7:2e:d0:87:
                    c0:f4:c0:20:5e:94:dc:b7:91:dc:44:ec:ea:f9:74:
                    b6:4c:6f:c1:4b:7b:6d:81:5e:52:1b:52:b0:2c:33:
                    ee:49:66:7b:eb:f8:34:60:13:99:73:7f:24:3c:a5:
                    8e:ed:bb:e1:f7:36:12:9e:05:47:9d:24:ee:52:4c:
                    8a:7d:19:6e:c5:5e:13:50:f2:c7:d1:ca:d1:7d:e4:
                    53:75:68:35:d4:6e:b9:1d:ea:6c:d5:cd:49:97:05:
                    f7:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:45:AB:1D:F2:9D:28:61:C7:30:6E:F8:4F:DB:16:99:46:73:A2:EE
            X509v3 Authority Key Identifier:
                keyid:F6:33:86:9C:36:42:B5:E7:EA:02:28:BF:0E:0B:29:5C:EF:CC:4D:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9jOGnDZCtefqAii_DgspXO_MTd8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/6da562-a836-48cc-aa57-8c4bb4485f34/1/9jOGnDZCtefqAii_DgspXO_MTd8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/6da562-a836-48cc-aa57-8c4bb4485f34/1/9jOGnDZCtefqAii_DgspXO_MTd8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:16:a5:78:1a:e0:66:80:4b:14:9f:af:21:ec:f8:d0:19:47:
         a5:16:34:e0:73:f2:4e:ab:f8:36:58:c8:5c:29:5d:de:74:d3:
         e4:7f:f7:ef:ac:10:2c:bf:bc:53:de:2c:4a:27:ad:d5:15:12:
         d7:05:e8:1b:1d:e7:c4:d5:5a:96:24:99:00:90:21:d5:29:e1:
         a5:ff:18:bc:56:96:0a:db:12:1a:1a:89:ab:2a:e1:07:ac:af:
         57:f1:db:02:f0:70:2f:2b:f7:bd:c6:29:65:2e:23:12:41:e7:
         f5:ab:da:96:fe:14:36:30:fc:87:d1:4c:b0:2f:c8:d0:37:ae:
         a6:5f:30:69:99:d1:3e:ba:18:e9:71:66:9d:d0:6e:7e:15:ae:
         3f:e9:a1:b7:12:d5:51:3d:22:7b:ce:60:a6:1c:3d:ef:dc:18:
         de:44:fd:54:bc:c5:c9:00:97:ec:08:62:ae:b1:5b:0b:55:dc:
         50:aa:ec:26:97:82:c3:8c:93:1d:ab:42:36:27:97:15:4c:77:
         fa:7b:74:c1:67:0a:a4:93:6f:2e:df:54:27:0b:e2:0c:8e:d7:
         61:d4:02:0e:1c:7f:1a:ec:92:72:5e:8d:4c:8e:d5:3a:63:7e:
         92:20:d7:69:c4:9c:b6:a7:62:1e:b0:3f:c9:e2:38:14:ac:b3:
         0f:24:7e:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bhz6aLkpkj8Ay9t7lBtg3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MzM4NjljMzY0MmI1ZTdlYTAyMjhiZjBlMGIyOTVjZWZj
YzRkZGYwHhcNMjYwNDE3MTMwMDI1WhcNMjYwNDE4MTMwMDI1WjAzMTEwLwYDVQQD
Eyg1OTQ1YWIxZGYyOWQyODYxYzczMDZlZjg0ZmRiMTY5OTQ2NzNhMmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyoUQXONDGe02m9Wo+pUbH5ijT0gQ
Fdzt/Jq+iEXw68VBWMy/w4qQ9o7VHh7L6elaeCQEj6bNr8exnj1Mnyu80KFz/nEK
PNM1W32x0VxgF3ZEmGSGZjBql2inrk+ktb01+LQXTWwlsMLU5H19OYmu9aI5jOCy
01ClZ5ZEQ5GKb2mcCvB/3gQVgkhWhuUiN8IKUDGFjKiSKJguOI7H+Of9udcu0IfA
9MAgXpTct5HcROzq+XS2TG/BS3ttgV5SG1KwLDPuSWZ76/g0YBOZc38kPKWO7bvh
9zYSngVHnSTuUkyKfRluxV4TUPLH0crRfeRTdWg11G65Heps1c1JlwX33wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFlFqx3ynShhxzBu+E/bFplGc6LuMB8GA1UdIwQY
MBaAFPYzhpw2QrXn6gIovw4LKVzvzE3fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWpPR25EWkN0ZWZxQWlpX0Rnc3BYT19NVGQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82ZGE1NjItYTgzNi00OGNjLWFhNTct
OGM0YmI0NDg1ZjM0LzEvOWpPR25EWkN0ZWZxQWlpX0Rnc3BYT19NVGQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC82ZGE1NjItYTgzNi00OGNjLWFhNTctOGM0YmI0NDg1ZjM0
LzEvOWpPR25EWkN0ZWZxQWlpX0Rnc3BYT19NVGQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmhaleBrg
ZoBLFJ+vIez40BlHpRY04HPyTqv4NljIXCld3nTT5H/376wQLL+8U94sSiet1RUS
1wXoGx3nxNValiSZAJAh1Snhpf8YvFaWCtsSGhqJqyrhB6yvV/HbAvBwLyv3vcYp
ZS4jEkHn9avalv4UNjD8h9FMsC/I0Deupl8waZnRProY6XFmndBufhWuP+mhtxLV
UT0ie85gphw979wY3kT9VLzFyQCX7AhirrFbC1XcUKrsJpeCw4yTHatCNieXFUx3
+nt0wWcKpJNvLt9UJwviDI7XYdQCDhx/GuyScl6NTI7VOmN+kiDXacSctqdiHrA/
yeI4FKyzDyR+Rw==
-----END CERTIFICATE-----