Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft
File:                     CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft (raw, json)
Hash identifier:          wY4My2Nu0tnnu/eAGg69N5TNy14b2wg+q3/xXJd8w7I=
Subject key identifier:   8C:28:47:11:C2:85:E3:E6:8D:FD:65:A7:61:85:66:CB:AC:04:75:C7
Authority key identifier: 08:A8:B8:FE:0C:88:5A:45:F2:48:55:23:34:2E:9B:A8:DC:89:E6:8F
Certificate issuer:       /CN=08a8b8fe0c885a45f2485523342e9ba8dc89e68f
Certificate serial:       019D9CD1E20F2B57A3F976C644B50C4C6D1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CKi4_gyIWkXySFUjNC6bqNyJ5o8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft
Manifest number:          06D2
Signing time:             Fri 17 Apr 2026 19:01:33 +0000
Manifest this update:     Fri 17 Apr 2026 19:01:33 +0000
Manifest next update:     Sat 18 Apr 2026 19:01:33 +0000
Files and hashes:         1: CKi4_gyIWkXySFUjNC6bqNyJ5o8.crl (hash: 5eeROyE+CDoTT6xFZUD5qIDOLtU19ypNsRDFlolG+gA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CKi4_gyIWkXySFUjNC6bqNyJ5o8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 16:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9c:d1:e2:0f:2b:57:a3:f9:76:c6:44:b5:0c:4c:6d:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08a8b8fe0c885a45f2485523342e9ba8dc89e68f
        Validity
            Not Before: Apr 17 19:01:33 2026 GMT
            Not After : Apr 18 19:01:33 2026 GMT
        Subject: CN=8c284711c285e3e68dfd65a7618566cbac0475c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:15:91:37:7d:1e:b3:a6:81:81:c2:16:f6:14:
                    0c:ec:6e:60:2a:b4:af:ff:d8:bf:a5:05:22:0c:26:
                    6a:37:fc:9e:3d:2e:81:ac:9e:29:d8:2d:6b:36:c5:
                    49:a3:6e:a5:b3:bc:cf:cc:3e:94:fb:33:94:f3:da:
                    8f:84:58:b4:07:b2:3f:75:e6:10:cb:19:53:ba:af:
                    75:00:a2:8d:30:5d:26:ad:fb:ea:fc:bc:a8:79:2f:
                    52:0f:ec:c7:20:1c:32:44:fd:90:90:98:30:82:ad:
                    80:0a:6e:ea:d3:77:02:d3:84:bc:22:7d:d9:bf:9a:
                    b0:97:9b:8c:e5:f0:6b:40:ea:40:77:25:85:52:e5:
                    eb:c4:ee:d7:40:ee:01:bc:2d:35:8b:e5:5a:72:bc:
                    9e:fb:a6:16:82:14:3e:b0:44:11:25:49:94:04:04:
                    c7:25:03:e7:82:81:54:40:08:d8:d6:b4:6e:13:a6:
                    1d:c0:d7:69:38:4c:ce:58:a6:cb:76:a1:9a:24:6b:
                    19:01:1a:b3:48:04:55:19:a7:50:07:23:0c:18:84:
                    b7:db:9b:b7:38:bd:4c:73:24:cf:69:da:e8:1a:6d:
                    9e:c4:36:57:fe:b8:d8:5b:22:6d:69:b2:65:fc:97:
                    65:22:4b:fb:ca:6b:cf:f1:48:3b:fa:a3:71:06:10:
                    32:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:28:47:11:C2:85:E3:E6:8D:FD:65:A7:61:85:66:CB:AC:04:75:C7
            X509v3 Authority Key Identifier:
                keyid:08:A8:B8:FE:0C:88:5A:45:F2:48:55:23:34:2E:9B:A8:DC:89:E6:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKi4_gyIWkXySFUjNC6bqNyJ5o8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/f8e599-b57a-44a2-9c35-9ee53442c3e9/1/CKi4_gyIWkXySFUjNC6bqNyJ5o8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:cf:03:7c:ec:2b:ea:94:e0:72:fb:f8:52:f2:df:3a:46:fc:
         b0:48:66:2b:20:66:1b:73:dd:be:87:5c:c2:28:0c:a0:b3:6c:
         13:1c:c7:07:de:17:eb:b6:09:0f:80:f8:d6:c4:12:da:79:52:
         08:f3:ad:79:e4:56:96:51:55:a1:74:b3:b9:1a:9d:3d:0e:7b:
         0b:ae:43:3d:00:42:5a:90:5c:77:58:ee:c7:9c:dc:3e:d5:18:
         19:39:97:31:37:03:b3:fb:f7:9c:d2:a9:3d:14:fd:1f:c6:99:
         ad:41:26:89:5e:04:3d:ff:7a:2f:ef:e7:5f:c6:63:0b:24:44:
         6e:8b:a8:d3:0e:b5:fb:c9:3e:37:f8:4f:df:76:a1:65:ae:97:
         e5:a2:31:d4:a8:21:ba:66:b3:5b:9e:d6:4f:4e:82:74:c2:26:
         fb:b1:57:0c:31:ef:dd:66:c9:f9:98:8f:37:93:44:dc:07:19:
         87:b7:8f:0d:55:22:8b:df:3a:91:12:95:c3:5c:46:84:95:34:
         88:d9:2f:16:e5:e9:62:6e:da:e9:f3:17:70:88:2f:5b:da:c6:
         bf:d8:c9:f4:4f:44:20:21:c6:5b:b8:2a:1b:38:bb:4d:46:15:
         d0:2b:31:32:d6:da:83:3d:c4:3b:3f:00:b3:d7:71:d0:0c:71:
         5d:d0:5d:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2c0eIPK1ej+XbGRLUMTG0fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YThiOGZlMGM4ODVhNDVmMjQ4NTUyMzM0MmU5YmE4ZGM4
OWU2OGYwHhcNMjYwNDE3MTkwMTMzWhcNMjYwNDE4MTkwMTMzWjAzMTEwLwYDVQQD
Eyg4YzI4NDcxMWMyODVlM2U2OGRmZDY1YTc2MTg1NjZjYmFjMDQ3NWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBWRN30es6aBgcIW9hQM7G5gKrSv
/9i/pQUiDCZqN/yePS6BrJ4p2C1rNsVJo26ls7zPzD6U+zOU89qPhFi0B7I/deYQ
yxlTuq91AKKNMF0mrfvq/LyoeS9SD+zHIBwyRP2QkJgwgq2ACm7q03cC04S8In3Z
v5qwl5uM5fBrQOpAdyWFUuXrxO7XQO4BvC01i+Vacrye+6YWghQ+sEQRJUmUBATH
JQPngoFUQAjY1rRuE6YdwNdpOEzOWKbLdqGaJGsZARqzSARVGadQByMMGIS325u3
OL1McyTPadroGm2exDZX/rjYWyJtabJl/JdlIkv7ymvP8Ug7+qNxBhAyDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIwoRxHChePmjf1lp2GFZsusBHXHMB8GA1UdIwQY
MBaAFAiouP4MiFpF8khVIzQum6jcieaPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tpNF9neUlXa1h5U0ZVak5DNmJxTnlKNW84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9mOGU1OTktYjU3YS00NGEyLTljMzUt
OWVlNTM0NDJjM2U5LzEvQ0tpNF9neUlXa1h5U0ZVak5DNmJxTnlKNW84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9mOGU1OTktYjU3YS00NGEyLTljMzUtOWVlNTM0NDJjM2U5
LzEvQ0tpNF9neUlXa1h5U0ZVak5DNmJxTnlKNW84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu88DfOwr
6pTgcvv4UvLfOkb8sEhmKyBmG3PdvodcwigMoLNsExzHB94X67YJD4D41sQS2nlS
CPOteeRWllFVoXSzuRqdPQ57C65DPQBCWpBcd1jux5zcPtUYGTmXMTcDs/v3nNKp
PRT9H8aZrUEmiV4EPf96L+/nX8ZjCyREbouo0w61+8k+N/hP33ahZa6X5aIx1Kgh
umazW57WT06CdMIm+7FXDDHv3WbJ+ZiPN5NE3AcZh7ePDVUii986kRKVw1xGhJU0
iNkvFuXpYm7a6fMXcIgvW9rGv9jJ9E9EICHGW7gqGzi7TUYV0CsxMtbagz3EOz8A
s9dx0AxxXdBd3A==
-----END CERTIFICATE-----