Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft
File:                     HYFeKwc-sEV2vLJN3k341Ot8nwg.mft (raw, json)
Hash identifier:          thLQe+pvX7n+UUcfBZXzUmOLMdBJ2S+Ol2TaSto03x0=
Subject key identifier:   F5:D0:12:35:C6:D3:64:8B:D8:EE:99:2B:4D:AE:E2:4B:E2:D6:39:82
Authority key identifier: 1D:81:5E:2B:07:3E:B0:45:76:BC:B2:4D:DE:4D:F8:D4:EB:7C:9F:08
Certificate issuer:       /CN=1d815e2b073eb04576bcb24dde4df8d4eb7c9f08
Certificate serial:       019D9B50F3CA5A1249111CB0440306136713
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HYFeKwc-sEV2vLJN3k341Ot8nwg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft
Manifest number:          0DA9
Signing time:             Fri 17 Apr 2026 12:01:06 +0000
Manifest this update:     Fri 17 Apr 2026 12:01:06 +0000
Manifest next update:     Sat 18 Apr 2026 12:01:06 +0000
Files and hashes:         1: HYFeKwc-sEV2vLJN3k341Ot8nwg.crl (hash: zEYmylC964C5cnd8zwOs3aHv5mYgIuX6klD97403n9A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HYFeKwc-sEV2vLJN3k341Ot8nwg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:50:f3:ca:5a:12:49:11:1c:b0:44:03:06:13:67:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d815e2b073eb04576bcb24dde4df8d4eb7c9f08
        Validity
            Not Before: Apr 17 12:01:06 2026 GMT
            Not After : Apr 18 12:01:06 2026 GMT
        Subject: CN=f5d01235c6d3648bd8ee992b4daee24be2d63982
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:a7:3c:fa:2b:49:5f:17:b0:4f:ee:b9:d7:09:
                    dc:ce:75:1d:83:e9:d8:da:e6:7a:f8:84:2f:53:63:
                    7b:4f:a1:17:df:ca:72:44:66:e2:d6:80:8b:e4:0f:
                    63:6c:9d:b8:41:11:48:6f:f8:92:14:7a:37:d9:5a:
                    43:de:a1:cc:a1:52:b1:14:18:7c:96:3b:98:6b:fe:
                    4c:d2:ed:99:a8:5a:25:10:8b:59:d8:2b:02:22:09:
                    10:81:84:cd:f8:4f:84:c3:29:66:15:9d:95:00:68:
                    fb:aa:9d:30:db:a4:9b:07:e9:27:60:4e:d6:04:5d:
                    4d:84:94:53:22:74:71:cb:2d:58:b3:e8:db:69:82:
                    bd:91:95:6e:b9:9a:06:c4:5c:a6:f7:aa:f3:77:f8:
                    85:cf:8b:7a:41:d5:ff:95:3b:e2:b5:c5:82:bf:3f:
                    e3:73:e3:46:5e:7f:0f:25:1b:65:ae:04:36:08:ab:
                    21:38:e6:0a:f1:45:6e:75:db:3e:b5:7d:2d:28:98:
                    8d:95:3c:71:27:b6:c9:2d:0d:f9:9b:71:2c:35:29:
                    d0:f1:1e:34:f0:90:6c:91:8f:57:db:09:06:b0:2d:
                    bb:25:69:0a:d4:96:0c:4b:34:bd:33:79:21:e5:4f:
                    91:a8:9b:51:5d:37:ba:8f:f6:f8:a2:3d:2e:a7:98:
                    c0:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:D0:12:35:C6:D3:64:8B:D8:EE:99:2B:4D:AE:E2:4B:E2:D6:39:82
            X509v3 Authority Key Identifier:
                keyid:1D:81:5E:2B:07:3E:B0:45:76:BC:B2:4D:DE:4D:F8:D4:EB:7C:9F:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYFeKwc-sEV2vLJN3k341Ot8nwg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6a5d42-717b-4fbb-a4d0-add2ba82c276/1/HYFeKwc-sEV2vLJN3k341Ot8nwg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:ac:9e:15:0c:4f:44:3d:d9:3a:3e:4b:54:52:d9:6e:02:bc:
         a6:45:c5:b1:28:2f:6e:4f:ed:1d:d1:4c:d8:66:cf:f0:e0:25:
         5f:81:69:45:e2:76:05:e3:2d:7b:4e:7b:f2:09:dd:95:ca:f4:
         9f:fe:30:34:eb:02:a5:f3:47:de:ba:d9:3d:d6:39:4e:a8:cf:
         31:ad:e3:13:b5:aa:c7:8f:ba:68:57:b2:dc:b3:a0:9a:1e:82:
         19:27:ca:f4:c5:31:3c:ec:68:78:77:70:2a:a8:be:65:97:fd:
         b6:69:1b:95:03:fd:29:66:60:b8:3f:ea:21:8d:f6:27:4f:58:
         1e:0e:91:47:e4:b0:b7:26:58:62:bb:c1:00:a5:19:b2:17:eb:
         26:af:b3:07:2b:94:a7:d5:a4:2d:75:be:7b:ce:8d:0a:7f:2e:
         94:27:3a:c6:35:1b:da:b8:ae:7a:fe:2a:b6:0d:19:ef:48:ab:
         14:a3:61:62:3e:eb:ce:f4:e4:e6:45:60:1d:79:99:34:7e:a4:
         09:7a:ed:b0:95:2b:35:d3:d9:5f:46:18:f7:19:40:7f:97:a9:
         bf:96:ff:bb:10:4e:bd:1a:81:d2:69:d4:10:8f:22:d6:7f:78:
         34:3e:2c:ca:e1:43:74:e1:cb:11:72:c2:63:e5:14:fa:f7:5b:
         f7:34:ca:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUPPKWhJJERywRAMGE2cTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODE1ZTJiMDczZWIwNDU3NmJjYjI0ZGRlNGRmOGQ0ZWI3
YzlmMDgwHhcNMjYwNDE3MTIwMTA2WhcNMjYwNDE4MTIwMTA2WjAzMTEwLwYDVQQD
EyhmNWQwMTIzNWM2ZDM2NDhiZDhlZTk5MmI0ZGFlZTI0YmUyZDYzOTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKc8+itJXxewT+651wncznUdg+nY
2uZ6+IQvU2N7T6EX38pyRGbi1oCL5A9jbJ24QRFIb/iSFHo32VpD3qHMoVKxFBh8
ljuYa/5M0u2ZqFolEItZ2CsCIgkQgYTN+E+EwylmFZ2VAGj7qp0w26SbB+knYE7W
BF1NhJRTInRxyy1Ys+jbaYK9kZVuuZoGxFym96rzd/iFz4t6QdX/lTvitcWCvz/j
c+NGXn8PJRtlrgQ2CKshOOYK8UVudds+tX0tKJiNlTxxJ7bJLQ35m3EsNSnQ8R40
8JBskY9X2wkGsC27JWkK1JYMSzS9M3kh5U+RqJtRXTe6j/b4oj0up5jA5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPXQEjXG02SL2O6ZK02u4kvi1jmCMB8GA1UdIwQY
MBaAFB2BXisHPrBFdryyTd5N+NTrfJ8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlGZUt3Yy1zRVYydkxKTjNrMzQxT3Q4bndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YTVkNDItNzE3Yi00ZmJiLWE0ZDAt
YWRkMmJhODJjMjc2LzEvSFlGZUt3Yy1zRVYydkxKTjNrMzQxT3Q4bndnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82YTVkNDItNzE3Yi00ZmJiLWE0ZDAtYWRkMmJhODJjMjc2
LzEvSFlGZUt3Yy1zRVYydkxKTjNrMzQxT3Q4bndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdKyeFQxP
RD3ZOj5LVFLZbgK8pkXFsSgvbk/tHdFM2GbP8OAlX4FpReJ2BeMte0578gndlcr0
n/4wNOsCpfNH3rrZPdY5TqjPMa3jE7Wqx4+6aFey3LOgmh6CGSfK9MUxPOxoeHdw
Kqi+ZZf9tmkblQP9KWZguD/qIY32J09YHg6RR+SwtyZYYrvBAKUZshfrJq+zByuU
p9WkLXW+e86NCn8ulCc6xjUb2riuev4qtg0Z70irFKNhYj7rzvTk5kVgHXmZNH6k
CXrtsJUrNdPZX0YY9xlAf5epv5b/uxBOvRqB0mnUEI8i1n94ND4syuFDdOHLEXLC
Y+UU+vdb9zTKyA==
-----END CERTIFICATE-----