Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
File:                     MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft (raw, json)
Hash identifier:          xuBw2c1k92x9NrCq1V3GmNiLhJcxqa2Jla/qp5SFoHA=
Subject key identifier:   66:7C:06:5F:24:BC:64:A9:70:B5:D7:66:F3:90:5A:53:BB:3A:56:C0
Authority key identifier: 30:AA:B0:2B:65:4E:91:5C:AD:CA:33:92:92:E2:8C:15:C4:7D:F8:58
Certificate issuer:       /CN=30aab02b654e915cadca339292e28c15c47df858
Certificate serial:       019D9B5133862DE50B7C4D9A09D5BC36B240
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
Manifest number:          0724
Signing time:             Fri 17 Apr 2026 12:01:23 +0000
Manifest this update:     Fri 17 Apr 2026 12:01:23 +0000
Manifest next update:     Sat 18 Apr 2026 12:01:23 +0000
Files and hashes:         1: MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl (hash: 5w2XW6LRc6gy8AEAFLwOY49CMl3Zz61pJdp8elo3t10=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:51:33:86:2d:e5:0b:7c:4d:9a:09:d5:bc:36:b2:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30aab02b654e915cadca339292e28c15c47df858
        Validity
            Not Before: Apr 17 12:01:23 2026 GMT
            Not After : Apr 18 12:01:23 2026 GMT
        Subject: CN=667c065f24bc64a970b5d766f3905a53bb3a56c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:08:fa:db:7f:d4:88:19:f6:05:f0:66:ba:24:
                    0d:56:97:47:43:38:a4:b1:4c:62:9e:d0:71:95:14:
                    b5:b5:57:2f:51:15:4c:71:da:47:62:ad:ae:7f:75:
                    da:c1:20:17:a2:df:71:3c:ce:3d:5b:7f:d8:74:4b:
                    34:bc:26:1c:b0:e4:0a:d4:81:3b:e0:40:7d:81:18:
                    61:f9:03:ac:70:86:38:dd:ae:c2:b8:ee:ee:6d:1d:
                    22:68:55:b0:84:2a:db:ae:ef:59:c9:a6:3f:b1:d0:
                    31:79:1a:3c:d6:b0:10:88:65:d0:e0:aa:3e:0b:b4:
                    d7:61:f3:5e:f5:38:48:73:98:b6:bc:9c:f7:32:24:
                    94:3a:6b:c3:d8:1b:30:9a:09:9b:7e:90:86:ee:8b:
                    0e:1d:d4:49:de:fc:3b:be:c0:93:d7:6d:09:66:4e:
                    98:be:04:23:42:e1:2c:55:b8:54:a7:19:49:53:3c:
                    39:8b:6e:b7:70:0c:2a:56:a5:01:07:c3:b4:0a:29:
                    e2:79:2a:9b:89:43:16:59:0e:4a:de:75:03:40:37:
                    ef:fd:2f:f6:4f:1c:e4:0b:00:69:99:43:45:60:c0:
                    33:80:d7:84:bc:31:bb:2f:1a:44:f6:7b:f5:28:91:
                    ce:c4:78:54:67:da:98:bb:06:97:c5:04:a0:37:34:
                    f8:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:7C:06:5F:24:BC:64:A9:70:B5:D7:66:F3:90:5A:53:BB:3A:56:C0
            X509v3 Authority Key Identifier:
                keyid:30:AA:B0:2B:65:4E:91:5C:AD:CA:33:92:92:E2:8C:15:C4:7D:F8:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:ef:0d:15:e8:72:38:4a:1f:d4:94:bb:0c:5d:05:c0:be:3e:
         b4:bb:f1:c7:00:60:9f:52:5f:ed:4b:03:e9:44:18:a8:45:72:
         d2:b5:14:3d:70:88:8f:67:e9:fc:b3:3d:ac:a3:68:a8:11:18:
         6b:05:82:f8:44:cb:43:ac:d7:28:23:14:c8:68:96:96:9c:41:
         4f:8d:90:22:9e:df:fd:98:f3:c8:08:56:bb:75:46:fd:9d:2c:
         a3:bf:a1:d6:1a:7e:5c:d2:3b:74:fb:ef:87:1e:9b:82:4a:ab:
         24:f1:54:33:44:e5:31:9d:c1:81:70:15:8b:27:07:48:a8:2e:
         af:ab:b3:51:8b:7a:27:03:72:e2:4b:5d:be:cf:d0:56:b4:e5:
         ed:88:5b:cd:df:d3:50:89:3f:48:5e:be:5d:51:7c:20:94:ff:
         33:17:0f:f7:29:78:56:66:a1:05:c6:77:dd:c8:e0:62:33:be:
         53:c1:f7:b1:93:76:6f:7b:62:77:40:79:cc:f8:21:b5:ec:80:
         6b:08:62:d9:0d:96:09:12:de:b8:d6:8f:b7:17:58:93:24:ac:
         63:c4:9d:83:ff:4a:74:3b:6d:81:b6:e4:0a:0f:f9:0b:50:c8:
         26:fc:21:6f:ef:83:ab:ac:40:0d:b5:89:ea:c1:9c:fd:76:41:
         4d:88:8b:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUTOGLeULfE2aCdW8NrJAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYWFiMDJiNjU0ZTkxNWNhZGNhMzM5MjkyZTI4YzE1YzQ3
ZGY4NTgwHhcNMjYwNDE3MTIwMTIzWhcNMjYwNDE4MTIwMTIzWjAzMTEwLwYDVQQD
Eyg2NjdjMDY1ZjI0YmM2NGE5NzBiNWQ3NjZmMzkwNWE1M2JiM2E1NmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAj623/UiBn2BfBmuiQNVpdHQzik
sUxintBxlRS1tVcvURVMcdpHYq2uf3XawSAXot9xPM49W3/YdEs0vCYcsOQK1IE7
4EB9gRhh+QOscIY43a7CuO7ubR0iaFWwhCrbru9ZyaY/sdAxeRo81rAQiGXQ4Ko+
C7TXYfNe9ThIc5i2vJz3MiSUOmvD2BswmgmbfpCG7osOHdRJ3vw7vsCT120JZk6Y
vgQjQuEsVbhUpxlJUzw5i263cAwqVqUBB8O0CinieSqbiUMWWQ5K3nUDQDfv/S/2
TxzkCwBpmUNFYMAzgNeEvDG7LxpE9nv1KJHOxHhUZ9qYuwaXxQSgNzT4PQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGZ8Bl8kvGSpcLXXZvOQWlO7OlbAMB8GA1UdIwQY
MBaAFDCqsCtlTpFcrcozkpLijBXEffhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS85YWZmNTQtNTk3MS00MDJmLWFiNjkt
YTQxOTY3MGQxN2UxLzEvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS85YWZmNTQtNTk3MS00MDJmLWFiNjktYTQxOTY3MGQxN2Ux
LzEvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApe8NFehy
OEof1JS7DF0FwL4+tLvxxwBgn1Jf7UsD6UQYqEVy0rUUPXCIj2fp/LM9rKNoqBEY
awWC+ETLQ6zXKCMUyGiWlpxBT42QIp7f/ZjzyAhWu3VG/Z0so7+h1hp+XNI7dPvv
hx6bgkqrJPFUM0TlMZ3BgXAViycHSKgur6uzUYt6JwNy4ktdvs/QVrTl7Yhbzd/T
UIk/SF6+XVF8IJT/MxcP9yl4VmahBcZ33cjgYjO+U8H3sZN2b3tid0B5zPghteyA
awhi2Q2WCRLeuNaPtxdYkySsY8Sdg/9KdDttgbbkCg/5C1DIJvwhb++Dq6xADbWJ
6sGc/XZBTYiL7A==
-----END CERTIFICATE-----