Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
File:                     6kHoOY_3zvtSIWNusighJuv-O3g.mft (raw, json)
Hash identifier:          VIo4wPSWmGLC8rpv1VZdXr/SjXKkheuefqgPO2xkXJg=
Subject key identifier:   32:79:64:16:BE:F5:5B:9E:68:4F:50:1C:77:18:61:B2:2A:FB:D9:75
Authority key identifier: EA:41:E8:39:8F:F7:CE:FB:52:21:63:6E:B2:28:21:26:EB:FE:3B:78
Certificate issuer:       /CN=ea41e8398ff7cefb5221636eb2282126ebfe3b78
Certificate serial:       019D9AE2CB8E77854E8DED662D2287467D49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
Manifest number:          0511
Signing time:             Fri 17 Apr 2026 10:00:47 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:47 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:47 +0000
Files and hashes:         1: 6kHoOY_3zvtSIWNusighJuv-O3g.crl (hash: +RwhFbAYQO48hdfDYdgkEc5TBLzHQwN9FSN2IQOZSsg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 10:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:cb:8e:77:85:4e:8d:ed:66:2d:22:87:46:7d:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ea41e8398ff7cefb5221636eb2282126ebfe3b78
        Validity
            Not Before: Apr 17 10:00:47 2026 GMT
            Not After : Apr 18 10:00:47 2026 GMT
        Subject: CN=32796416bef55b9e684f501c771861b22afbd975
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:bd:99:2a:d0:cf:6d:fc:5a:bb:8e:9f:f3:3b:
                    d0:1b:23:f9:9a:44:b9:4e:1a:bd:02:0f:72:3e:07:
                    cd:0c:d0:bf:db:09:f4:1d:9b:8f:cd:9e:bb:a4:a1:
                    e3:9d:ed:9f:94:20:0e:0a:13:65:ac:6b:a5:c9:e0:
                    6b:de:8e:04:61:fa:d8:5f:b7:d5:3f:00:ac:48:4f:
                    9d:91:0c:fb:87:9b:72:8c:fd:42:d6:1c:a2:80:23:
                    0c:ff:66:4b:14:cb:05:d8:3f:de:7a:ca:d8:6f:99:
                    a4:a5:93:12:77:a2:b8:99:c8:1d:88:7f:e1:b2:c4:
                    e9:d3:26:48:15:f9:7b:43:cb:7e:1a:8a:5c:e8:ab:
                    68:96:c4:11:b8:ed:f4:83:6e:9a:82:e4:ae:62:e1:
                    d8:46:1e:8a:4e:cc:8a:a9:60:d0:a4:79:34:5a:9a:
                    21:35:ec:94:99:47:c8:5b:e2:a5:4e:a6:17:fb:c0:
                    51:1c:75:43:d8:4a:bd:0c:c5:ac:15:14:1b:1a:5e:
                    f5:1a:8e:40:5e:15:be:c2:a9:ea:91:e0:46:fb:f4:
                    e7:3d:2a:af:c1:7b:0f:f9:78:a3:39:86:60:66:26:
                    37:45:22:f7:60:51:32:c0:15:64:e2:58:2e:36:d0:
                    cd:b1:cf:77:93:f4:d1:9c:b7:0a:ed:27:09:eb:a1:
                    22:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:79:64:16:BE:F5:5B:9E:68:4F:50:1C:77:18:61:B2:2A:FB:D9:75
            X509v3 Authority Key Identifier:
                keyid:EA:41:E8:39:8F:F7:CE:FB:52:21:63:6E:B2:28:21:26:EB:FE:3B:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:d1:a1:52:4b:e3:38:87:37:1b:87:70:a0:92:be:38:ed:fe:
         00:71:67:ca:9d:a0:74:8e:20:b9:df:78:83:50:45:00:a7:a6:
         39:8f:be:a7:31:57:2a:11:ab:42:59:5a:b1:25:8a:ab:17:44:
         52:cd:9a:ee:aa:ec:f7:6a:d4:42:31:1e:b5:40:73:62:66:b7:
         c9:1b:f0:b1:4b:a4:34:2f:42:34:c5:5e:86:7a:e2:ad:6e:de:
         ea:58:11:99:68:4b:87:14:f4:1b:35:5a:13:cf:22:2b:96:4b:
         3c:ad:9f:db:ba:e6:bc:14:f4:b1:ee:b0:5c:a0:4e:ab:67:ec:
         be:f6:e6:71:7b:89:f2:ee:47:3f:f3:96:70:8e:80:0b:fb:1d:
         a5:ab:50:b8:57:a0:ed:ae:16:51:f5:f7:3b:ed:0d:c1:7b:cc:
         55:66:84:f7:57:ce:01:17:49:c2:cb:54:4a:e8:76:e1:19:78:
         de:e8:4e:1e:5f:33:52:49:aa:4e:04:8f:32:ba:b0:9e:e1:11:
         d7:2c:a4:6c:87:93:2e:12:24:2b:4d:d8:60:ca:51:12:35:26:
         a0:12:e7:e3:12:2a:f5:a2:4b:3d:66:40:1c:62:73:ac:74:4f:
         9e:52:3c:92:54:3c:bf:23:0d:7e:b1:8b:16:42:76:ed:d2:8f:
         4a:8b:98:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4suOd4VOje1mLSKHRn1JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhNDFlODM5OGZmN2NlZmI1MjIxNjM2ZWIyMjgyMTI2ZWJm
ZTNiNzgwHhcNMjYwNDE3MTAwMDQ3WhcNMjYwNDE4MTAwMDQ3WjAzMTEwLwYDVQQD
EygzMjc5NjQxNmJlZjU1YjllNjg0ZjUwMWM3NzE4NjFiMjJhZmJkOTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7b2ZKtDPbfxau46f8zvQGyP5mkS5
Thq9Ag9yPgfNDNC/2wn0HZuPzZ67pKHjne2flCAOChNlrGulyeBr3o4EYfrYX7fV
PwCsSE+dkQz7h5tyjP1C1hyigCMM/2ZLFMsF2D/eesrYb5mkpZMSd6K4mcgdiH/h
ssTp0yZIFfl7Q8t+Gopc6KtolsQRuO30g26aguSuYuHYRh6KTsyKqWDQpHk0Wpoh
NeyUmUfIW+KlTqYX+8BRHHVD2Eq9DMWsFRQbGl71Go5AXhW+wqnqkeBG+/TnPSqv
wXsP+XijOYZgZiY3RSL3YFEywBVk4lguNtDNsc93k/TRnLcK7ScJ66EiOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDJ5ZBa+9VueaE9QHHcYYbIq+9l1MB8GA1UdIwQY
MBaAFOpB6DmP9877UiFjbrIoISbr/jt4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy81M2NiZTgtZjVhNy00MDdkLTg0Y2Ut
NjI4YjQzOTRiODIyLzEvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy81M2NiZTgtZjVhNy00MDdkLTg0Y2UtNjI4YjQzOTRiODIy
LzEvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATdGhUkvj
OIc3G4dwoJK+OO3+AHFnyp2gdI4gud94g1BFAKemOY++pzFXKhGrQllasSWKqxdE
Us2a7qrs92rUQjEetUBzYma3yRvwsUukNC9CNMVehnrirW7e6lgRmWhLhxT0GzVa
E88iK5ZLPK2f27rmvBT0se6wXKBOq2fsvvbmcXuJ8u5HP/OWcI6AC/sdpatQuFeg
7a4WUfX3O+0NwXvMVWaE91fOARdJwstUSuh24Rl43uhOHl8zUkmqTgSPMrqwnuER
1yykbIeTLhIkK03YYMpREjUmoBLn4xIq9aJLPWZAHGJzrHRPnlI8klQ8vyMNfrGL
FkJ27dKPSouYiA==
-----END CERTIFICATE-----