Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft
File:                     hTq7t9e8xKXFbpEu76wbC7BFUCE.mft (raw, json)
Hash identifier:          KOSn/5j3k1oFxkkA7PJUE3I5hHY6T82/tkrqKhw8rqM=
Subject key identifier:   44:2A:31:95:C9:9A:F7:85:45:EB:9D:CA:13:73:AC:70:2F:FE:FB:F6
Authority key identifier: 85:3A:BB:B7:D7:BC:C4:A5:C5:6E:91:2E:EF:AC:1B:0B:B0:45:50:21
Certificate issuer:       /CN=853abbb7d7bcc4a5c56e912eefac1b0bb0455021
Certificate serial:       019D9A070817A56BB893C1CE5C4AE0CDBB90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTq7t9e8xKXFbpEu76wbC7BFUCE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft
Manifest number:          080D
Signing time:             Fri 17 Apr 2026 06:00:45 +0000
Manifest this update:     Fri 17 Apr 2026 06:00:45 +0000
Manifest next update:     Sat 18 Apr 2026 06:00:45 +0000
Files and hashes:         1: hTq7t9e8xKXFbpEu76wbC7BFUCE.crl (hash: nCfQIP6LFr/9pfkitxQZ/CtPOxtj9+YxqPl7nfbBEFY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hTq7t9e8xKXFbpEu76wbC7BFUCE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 06:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:07:08:17:a5:6b:b8:93:c1:ce:5c:4a:e0:cd:bb:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=853abbb7d7bcc4a5c56e912eefac1b0bb0455021
        Validity
            Not Before: Apr 17 06:00:45 2026 GMT
            Not After : Apr 18 06:00:45 2026 GMT
        Subject: CN=442a3195c99af78545eb9dca1373ac702ffefbf6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:2b:54:4a:6a:52:f9:9a:a3:e0:a0:96:47:08:
                    8d:ef:94:6d:b3:f1:de:67:42:63:db:52:bc:ce:07:
                    ed:64:ac:26:83:86:9a:ff:ad:bf:ee:1f:b6:83:24:
                    27:34:8d:91:5c:65:09:d3:f0:cf:00:5c:0c:ee:53:
                    64:a1:70:b4:66:ed:19:4a:ee:49:f6:75:73:91:0d:
                    55:08:2c:97:7c:88:8d:55:9b:87:6f:08:63:c8:55:
                    70:24:51:00:82:63:0b:d6:5f:fc:fe:79:35:8b:19:
                    11:c1:4c:cd:ae:99:a7:7b:86:af:09:1c:ad:a5:14:
                    42:39:cf:0b:2c:72:be:83:4d:85:c0:e4:56:8b:97:
                    0e:dc:08:98:74:22:aa:f0:b7:da:a1:f5:d2:64:ba:
                    dc:18:2d:a9:26:26:a7:d3:a5:ac:df:2c:91:33:89:
                    c4:5c:f2:65:19:15:a6:4a:67:a2:f0:fe:8b:b7:89:
                    09:c6:fa:e4:42:01:d5:7f:25:06:67:36:2d:af:65:
                    28:9b:26:55:2f:cf:44:59:39:c6:57:7f:cd:cc:7b:
                    fd:25:ed:c3:24:f7:67:af:3e:76:5b:1a:15:4c:af:
                    99:86:f1:8d:18:b3:93:dd:0c:b8:48:31:3f:7f:3d:
                    c8:89:b2:b2:eb:d1:b2:7c:af:10:50:bc:d7:22:c6:
                    f6:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:2A:31:95:C9:9A:F7:85:45:EB:9D:CA:13:73:AC:70:2F:FE:FB:F6
            X509v3 Authority Key Identifier:
                keyid:85:3A:BB:B7:D7:BC:C4:A5:C5:6E:91:2E:EF:AC:1B:0B:B0:45:50:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTq7t9e8xKXFbpEu76wbC7BFUCE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4238ae-a72f-471c-a9a9-5823f870141b/1/hTq7t9e8xKXFbpEu76wbC7BFUCE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:9e:10:e2:30:55:79:e8:fd:6a:85:7d:74:b2:93:a6:f9:ad:
         70:91:63:70:1e:52:01:65:ca:a4:49:c6:94:a6:64:f1:82:ed:
         b4:b0:c2:9c:4f:3e:b7:77:e3:89:f2:5a:c0:b7:0c:53:c9:ae:
         72:32:c9:1c:86:ba:00:f9:69:31:90:ba:ac:ea:3c:91:29:58:
         98:dd:cb:3f:23:d8:a8:dd:6f:9b:99:ce:30:dd:be:10:81:ff:
         0a:25:2b:99:f3:2f:73:3d:fe:7a:f0:63:a3:78:8f:b3:2b:92:
         87:f0:83:bf:55:97:ca:40:19:bf:31:26:ae:a1:63:9d:8b:34:
         24:19:95:3b:8b:c5:02:3d:5d:f4:5e:1b:ac:7b:bb:ec:66:de:
         16:69:f5:de:2d:6c:04:72:6c:97:26:55:6b:43:86:36:69:0c:
         d6:e1:2b:da:57:90:c3:f0:22:7b:f9:5b:67:62:5d:bc:54:cc:
         34:94:b3:f9:84:77:4e:6c:d2:09:75:df:09:37:95:0e:5e:a6:
         f3:42:cb:01:88:a7:4c:b3:5c:0b:f6:13:75:81:c4:fd:d6:83:
         59:39:1c:7d:5c:dc:2c:e5:c4:4f:ef:99:e9:ec:c8:48:33:bc:
         ed:8a:d7:08:da:28:ad:be:ba:e6:4c:8a:79:95:a7:cc:a8:a8:
         d9:30:74:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aBwgXpWu4k8HOXErgzbuQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1M2FiYmI3ZDdiY2M0YTVjNTZlOTEyZWVmYWMxYjBiYjA0
NTUwMjEwHhcNMjYwNDE3MDYwMDQ1WhcNMjYwNDE4MDYwMDQ1WjAzMTEwLwYDVQQD
Eyg0NDJhMzE5NWM5OWFmNzg1NDVlYjlkY2ExMzczYWM3MDJmZmVmYmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCtUSmpS+Zqj4KCWRwiN75Rts/He
Z0Jj21K8zgftZKwmg4aa/62/7h+2gyQnNI2RXGUJ0/DPAFwM7lNkoXC0Zu0ZSu5J
9nVzkQ1VCCyXfIiNVZuHbwhjyFVwJFEAgmML1l/8/nk1ixkRwUzNrpmne4avCRyt
pRRCOc8LLHK+g02FwORWi5cO3AiYdCKq8LfaofXSZLrcGC2pJian06Ws3yyRM4nE
XPJlGRWmSmei8P6Lt4kJxvrkQgHVfyUGZzYtr2UomyZVL89EWTnGV3/NzHv9Je3D
JPdnrz52WxoVTK+ZhvGNGLOT3Qy4SDE/fz3IibKy69GyfK8QULzXIsb28wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEQqMZXJmveFReudyhNzrHAv/vv2MB8GA1UdIwQY
MBaAFIU6u7fXvMSlxW6RLu+sGwuwRVAhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRxN3Q5ZTh4S1hGYnBFdTc2d2JDN0JGVUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80MjM4YWUtYTcyZi00NzFjLWE5YTkt
NTgyM2Y4NzAxNDFiLzEvaFRxN3Q5ZTh4S1hGYnBFdTc2d2JDN0JGVUNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80MjM4YWUtYTcyZi00NzFjLWE5YTktNTgyM2Y4NzAxNDFi
LzEvaFRxN3Q5ZTh4S1hGYnBFdTc2d2JDN0JGVUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAep4Q4jBV
eej9aoV9dLKTpvmtcJFjcB5SAWXKpEnGlKZk8YLttLDCnE8+t3fjifJawLcMU8mu
cjLJHIa6APlpMZC6rOo8kSlYmN3LPyPYqN1vm5nOMN2+EIH/CiUrmfMvcz3+evBj
o3iPsyuSh/CDv1WXykAZvzEmrqFjnYs0JBmVO4vFAj1d9F4brHu77GbeFmn13i1s
BHJslyZVa0OGNmkM1uEr2leQw/Aie/lbZ2JdvFTMNJSz+YR3TmzSCXXfCTeVDl6m
80LLAYinTLNcC/YTdYHE/daDWTkcfVzcLOXET++Z6ezISDO87YrXCNoorb665kyK
eZWnzKio2TB0jw==
-----END CERTIFICATE-----