Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/863c04-b07e-4c3a-9f45-fe2474d2f07c/1/mgGl7N4ueVkyWREG0II9DRVPcAI.mft
File:                     mgGl7N4ueVkyWREG0II9DRVPcAI.mft (raw, json)
Hash identifier:          MhhzP355f9SkCABvQIbsptMSR30EvnwBwMF+IAFfvNs=
Subject key identifier:   FE:8D:B0:CB:80:9E:C5:3F:F6:1A:E8:96:42:F8:AB:63:9A:39:9B:FA
Authority key identifier: 9A:01:A5:EC:DE:2E:79:59:32:59:11:06:D0:82:3D:0D:15:4F:70:02
Certificate issuer:       /CN=9a01a5ecde2e795932591106d0823d0d154f7002
Certificate serial:       019DA29D2697123273B944DBD410B9CA81BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mgGl7N4ueVkyWREG0II9DRVPcAI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/863c04-b07e-4c3a-9f45-fe2474d2f07c/1/mgGl7N4ueVkyWREG0II9DRVPcAI.mft
Manifest number:          09F2
Signing time:             Sat 18 Apr 2026 22:01:41 +0000
Manifest this update:     Sat 18 Apr 2026 22:01:41 +0000
Manifest next update:     Sun 19 Apr 2026 22:01:41 +0000
Files and hashes:         1: mgGl7N4ueVkyWREG0II9DRVPcAI.crl (hash: Z5acxfRQfdZ4xVvac/KpcKYKv+1vutbDGRJEWLhrOUE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/863c04-b07e-4c3a-9f45-fe2474d2f07c/1/mgGl7N4ueVkyWREG0II9DRVPcAI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/863c04-b07e-4c3a-9f45-fe2474d2f07c/1/mgGl7N4ueVkyWREG0II9DRVPcAI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mgGl7N4ueVkyWREG0II9DRVPcAI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 19 Apr 2026 22:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a2:9d:26:97:12:32:73:b9:44:db:d4:10:b9:ca:81:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a01a5ecde2e795932591106d0823d0d154f7002
        Validity
            Not Before: Apr 18 22:01:41 2026 GMT
            Not After : Apr 19 22:01:41 2026 GMT
        Subject: CN=fe8db0cb809ec53ff61ae89642f8ab639a399bfa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:df:4f:62:4b:e4:1f:17:e8:1e:d0:ff:94:db:
                    43:21:6b:65:ba:cc:df:e3:8a:ae:70:3f:a6:9b:ab:
                    ef:dd:e0:43:f8:01:0c:4d:a2:8e:2b:4f:48:0a:9a:
                    58:89:d1:2e:6b:28:3b:9e:1d:92:bc:9f:3a:a4:f1:
                    43:c7:c5:90:df:33:79:9f:e7:33:94:de:9e:09:28:
                    23:35:14:6c:97:25:12:28:d9:8d:47:0e:6f:40:49:
                    75:39:dc:cb:8c:f6:f8:40:ed:76:94:ff:82:cf:03:
                    36:79:f5:50:21:1a:39:11:cf:e7:10:d9:b3:df:36:
                    12:85:78:76:e9:09:a9:37:f2:4e:dc:44:d1:ef:ef:
                    65:3b:ed:62:0a:c1:49:c8:c6:e1:97:52:4e:27:83:
                    d0:9b:55:26:4e:13:0c:08:8a:99:24:92:21:27:f2:
                    92:8e:cf:28:20:0d:72:95:45:69:19:11:f9:7d:48:
                    ff:d3:7d:b7:6c:d9:44:de:d6:23:e1:6c:03:25:c6:
                    f1:35:e7:4c:ae:ad:4a:14:e0:11:14:ee:d6:6b:10:
                    b9:eb:90:6f:89:88:5f:c7:de:a6:57:84:30:3c:90:
                    73:f5:f2:5b:a2:77:8b:3c:0a:73:37:07:7f:46:77:
                    41:47:b3:62:b2:9c:df:38:14:ec:f9:7b:59:40:1e:
                    b7:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:8D:B0:CB:80:9E:C5:3F:F6:1A:E8:96:42:F8:AB:63:9A:39:9B:FA
            X509v3 Authority Key Identifier:
                keyid:9A:01:A5:EC:DE:2E:79:59:32:59:11:06:D0:82:3D:0D:15:4F:70:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mgGl7N4ueVkyWREG0II9DRVPcAI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/863c04-b07e-4c3a-9f45-fe2474d2f07c/1/mgGl7N4ueVkyWREG0II9DRVPcAI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/863c04-b07e-4c3a-9f45-fe2474d2f07c/1/mgGl7N4ueVkyWREG0II9DRVPcAI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:02:34:42:68:d6:98:42:d2:cd:85:c4:4a:21:8f:42:c3:d7:
         7e:3c:42:8f:cc:9a:93:30:d5:69:f6:5f:08:e1:a0:3d:ee:36:
         db:e5:e5:6c:60:b3:00:19:18:4a:86:61:c8:3f:bc:1a:53:0e:
         7e:18:d5:86:4c:43:e9:0a:e7:db:c8:07:47:64:7d:10:f1:f2:
         48:0b:c6:a5:ee:28:bc:05:59:a1:93:d2:4e:5f:a9:de:f2:66:
         7d:49:e8:4a:2d:94:12:48:00:16:c7:ea:f4:8d:71:86:36:9a:
         20:fc:e2:b1:f0:2c:1e:9f:d8:d5:48:d8:5e:ea:9d:a8:eb:69:
         db:49:a1:09:48:43:04:13:6d:2a:38:f9:3b:af:98:96:29:b1:
         35:8d:52:88:99:ee:9d:09:2e:ee:75:5b:d9:30:3d:41:1a:6f:
         42:6c:c8:4c:6e:b1:ee:12:b8:5f:7e:9d:3e:cd:1e:b7:ed:20:
         83:21:cf:97:01:ec:7a:f1:a1:42:a4:0e:8e:bb:33:ab:ef:12:
         2a:4d:5e:11:b1:e1:ad:1f:42:a7:b6:1d:ff:36:50:7d:d0:35:
         6e:0f:b7:c3:e8:93:e7:3b:a6:18:41:ba:37:c0:9f:88:db:2d:
         d4:04:54:e4:7e:7e:fe:0c:35:cf:33:7b:6c:26:cc:c9:43:4c:
         44:02:f8:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2inSaXEjJzuUTb1BC5yoG/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMDFhNWVjZGUyZTc5NTkzMjU5MTEwNmQwODIzZDBkMTU0
ZjcwMDIwHhcNMjYwNDE4MjIwMTQxWhcNMjYwNDE5MjIwMTQxWjAzMTEwLwYDVQQD
EyhmZThkYjBjYjgwOWVjNTNmZjYxYWU4OTY0MmY4YWI2MzlhMzk5YmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3d9PYkvkHxfoHtD/lNtDIWtluszf
44qucD+mm6vv3eBD+AEMTaKOK09ICppYidEuayg7nh2SvJ86pPFDx8WQ3zN5n+cz
lN6eCSgjNRRslyUSKNmNRw5vQEl1OdzLjPb4QO12lP+CzwM2efVQIRo5Ec/nENmz
3zYShXh26QmpN/JO3ETR7+9lO+1iCsFJyMbhl1JOJ4PQm1UmThMMCIqZJJIhJ/KS
js8oIA1ylUVpGRH5fUj/0323bNlE3tYj4WwDJcbxNedMrq1KFOARFO7WaxC565Bv
iYhfx96mV4QwPJBz9fJboneLPApzNwd/RndBR7NispzfOBTs+XtZQB63oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP6NsMuAnsU/9hrolkL4q2OaOZv6MB8GA1UdIwQY
MBaAFJoBpezeLnlZMlkRBtCCPQ0VT3ACMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWdHbDdONHVlVmt5V1JFRzBJSTlEUlZQY0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy84NjNjMDQtYjA3ZS00YzNhLTlmNDUt
ZmUyNDc0ZDJmMDdjLzEvbWdHbDdONHVlVmt5V1JFRzBJSTlEUlZQY0FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy84NjNjMDQtYjA3ZS00YzNhLTlmNDUtZmUyNDc0ZDJmMDdj
LzEvbWdHbDdONHVlVmt5V1JFRzBJSTlEUlZQY0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiAI0QmjW
mELSzYXESiGPQsPXfjxCj8yakzDVafZfCOGgPe422+XlbGCzABkYSoZhyD+8GlMO
fhjVhkxD6Qrn28gHR2R9EPHySAvGpe4ovAVZoZPSTl+p3vJmfUnoSi2UEkgAFsfq
9I1xhjaaIPzisfAsHp/Y1UjYXuqdqOtp20mhCUhDBBNtKjj5O6+YlimxNY1SiJnu
nQku7nVb2TA9QRpvQmzITG6x7hK4X36dPs0et+0ggyHPlwHsevGhQqQOjrszq+8S
Kk1eEbHhrR9Cp7Yd/zZQfdA1bg+3w+iT5zumGEG6N8CfiNst1ARU5H5+/gw1zzN7
bCbMyUNMRAL4oA==
-----END CERTIFICATE-----