Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
File:                     SQtgyL0tnQHwq1ocTApT4dczn2U.mft (raw, json)
Hash identifier:          kbnzZCs5xUttiWN2Umw+Zb7Hs/uoOukC7A/4gaXQmlg=
Subject key identifier:   96:2C:E6:96:D1:2A:B3:7D:1C:FC:56:20:F6:CA:76:10:C5:24:1B:4D
Authority key identifier: 49:0B:60:C8:BD:2D:9D:01:F0:AB:5A:1C:4C:0A:53:E1:D7:33:9F:65
Certificate issuer:       /CN=490b60c8bd2d9d01f0ab5a1c4c0a53e1d7339f65
Certificate serial:       019D98F415E760B72C3333077308A10C34A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SQtgyL0tnQHwq1ocTApT4dczn2U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
Manifest number:          14A8
Signing time:             Fri 17 Apr 2026 01:00:26 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:26 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:26 +0000
Files and hashes:         1: SQtgyL0tnQHwq1ocTApT4dczn2U.crl (hash: SONckaeJrOBmd6zkyEqmzwaBfvlydM6vHDb0B1RuE9g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SQtgyL0tnQHwq1ocTApT4dczn2U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:15:e7:60:b7:2c:33:33:07:73:08:a1:0c:34:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=490b60c8bd2d9d01f0ab5a1c4c0a53e1d7339f65
        Validity
            Not Before: Apr 17 01:00:26 2026 GMT
            Not After : Apr 18 01:00:26 2026 GMT
        Subject: CN=962ce696d12ab37d1cfc5620f6ca7610c5241b4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:11:d8:d7:be:1d:68:ce:41:27:d8:e4:6e:14:
                    0d:5f:94:34:6e:2b:49:2b:cf:ae:30:10:3d:70:70:
                    2f:22:5e:f9:e9:49:b9:63:2e:eb:33:01:0b:64:3f:
                    3c:80:87:7b:a9:64:1c:6c:71:cf:be:d5:10:c6:fc:
                    67:cc:e3:7a:a9:78:5f:1b:25:1d:6b:fc:6f:37:9f:
                    cd:11:05:2d:92:4a:ce:60:79:46:07:b6:77:34:d1:
                    a8:a2:07:f6:f7:11:b6:8a:0f:6d:da:fd:b5:66:e7:
                    15:fd:66:01:79:f3:19:48:95:ee:71:8e:af:3d:35:
                    42:ef:d7:95:a8:13:ed:bc:96:e9:9c:f5:b9:b2:e0:
                    39:f3:71:7e:14:19:ab:b3:91:49:ef:c5:d2:3c:1a:
                    35:89:9c:5a:7e:82:18:2e:15:7c:dc:4c:52:1c:3f:
                    08:f9:89:31:a3:ee:09:7e:59:5f:98:00:33:2c:f4:
                    44:b5:c1:8b:3f:60:dc:8a:2f:ea:9f:0e:03:b6:00:
                    ff:12:07:07:0a:78:6a:f2:53:fd:6d:26:60:3e:92:
                    a8:fe:51:2b:1f:23:f8:45:48:a3:e3:cd:f3:6a:b9:
                    da:9d:a2:9a:13:29:d9:66:10:3b:09:c8:f8:7b:34:
                    18:c7:10:0a:c7:fe:7f:35:f9:e4:40:ca:ca:c6:64:
                    0e:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:2C:E6:96:D1:2A:B3:7D:1C:FC:56:20:F6:CA:76:10:C5:24:1B:4D
            X509v3 Authority Key Identifier:
                keyid:49:0B:60:C8:BD:2D:9D:01:F0:AB:5A:1C:4C:0A:53:E1:D7:33:9F:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SQtgyL0tnQHwq1ocTApT4dczn2U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:c3:f3:fd:93:43:01:3e:b9:bd:88:55:be:e5:59:8b:6d:58:
         74:67:30:26:be:77:d6:e0:7f:ee:bc:6e:d6:4b:26:7c:59:08:
         0d:69:c5:98:a9:e8:db:84:b0:5c:39:fc:dc:1e:6e:a5:60:09:
         75:fa:e3:f0:13:3c:28:26:9b:90:ee:ab:c8:ea:31:a9:89:97:
         56:30:71:d1:3b:46:44:f6:7c:c3:34:ef:2a:90:e7:ff:a6:96:
         f0:f9:28:fb:8f:81:b4:33:9b:4a:f0:c7:09:04:1a:c4:3a:8f:
         01:bb:c5:fe:a3:43:9a:98:47:d1:33:18:0e:93:25:11:ce:21:
         31:6d:7e:74:21:d6:8f:dc:bd:c3:4d:50:5a:c2:b4:27:31:8d:
         63:73:84:54:d0:1c:e2:a8:d0:41:1b:24:76:31:94:91:90:f9:
         8a:d4:95:3e:e2:12:20:30:2c:2e:1d:01:d4:14:0d:3b:d7:dd:
         6c:84:aa:48:66:8a:0a:30:64:33:19:ea:e8:ab:c0:d8:d4:9e:
         c5:45:88:bf:18:0a:3d:63:5b:ee:fd:77:7d:a7:92:ab:bb:cc:
         75:58:64:13:05:0d:2b:45:2c:0e:f3:56:97:1b:ea:55:bf:76:
         8a:c7:a1:52:1e:ab:2a:cb:00:a3:9f:8c:34:6e:5d:b7:58:7f:
         e1:ae:01:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9BXnYLcsMzMHcwihDDSjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MGI2MGM4YmQyZDlkMDFmMGFiNWExYzRjMGE1M2UxZDcz
MzlmNjUwHhcNMjYwNDE3MDEwMDI2WhcNMjYwNDE4MDEwMDI2WjAzMTEwLwYDVQQD
Eyg5NjJjZTY5NmQxMmFiMzdkMWNmYzU2MjBmNmNhNzYxMGM1MjQxYjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hHY174daM5BJ9jkbhQNX5Q0bitJ
K8+uMBA9cHAvIl756Um5Yy7rMwELZD88gId7qWQcbHHPvtUQxvxnzON6qXhfGyUd
a/xvN5/NEQUtkkrOYHlGB7Z3NNGoogf29xG2ig9t2v21ZucV/WYBefMZSJXucY6v
PTVC79eVqBPtvJbpnPW5suA583F+FBmrs5FJ78XSPBo1iZxafoIYLhV83ExSHD8I
+Ykxo+4JfllfmAAzLPREtcGLP2Dcii/qnw4DtgD/EgcHCnhq8lP9bSZgPpKo/lEr
HyP4RUij483zarnanaKaEynZZhA7Ccj4ezQYxxAKx/5/NfnkQMrKxmQO8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJYs5pbRKrN9HPxWIPbKdhDFJBtNMB8GA1UdIwQY
MBaAFEkLYMi9LZ0B8KtaHEwKU+HXM59lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1F0Z3lMMHRuUUh3cTFvY1RBcFQ0ZGN6bjJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy85MjZiNTctY2MxMi00OGZjLWI5OTYt
OTJhNGJlODVjMTFkLzEvU1F0Z3lMMHRuUUh3cTFvY1RBcFQ0ZGN6bjJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy85MjZiNTctY2MxMi00OGZjLWI5OTYtOTJhNGJlODVjMTFk
LzEvU1F0Z3lMMHRuUUh3cTFvY1RBcFQ0ZGN6bjJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgMPz/ZND
AT65vYhVvuVZi21YdGcwJr531uB/7rxu1ksmfFkIDWnFmKno24SwXDn83B5upWAJ
dfrj8BM8KCabkO6ryOoxqYmXVjBx0TtGRPZ8wzTvKpDn/6aW8Pko+4+BtDObSvDH
CQQaxDqPAbvF/qNDmphH0TMYDpMlEc4hMW1+dCHWj9y9w01QWsK0JzGNY3OEVNAc
4qjQQRskdjGUkZD5itSVPuISIDAsLh0B1BQNO9fdbISqSGaKCjBkMxnq6KvA2NSe
xUWIvxgKPWNb7v13faeSq7vMdVhkEwUNK0UsDvNWlxvqVb92isehUh6rKssAo5+M
NG5dt1h/4a4B/w==
-----END CERTIFICATE-----