Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
File:                     a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft (raw, json)
Hash identifier:          v6yzoOmyTOPkLRtGzPza7JxqF7j6FK8ODFFQ4PwJfOw=
Subject key identifier:   19:F9:FC:2E:12:87:A7:6E:BB:10:81:47:BB:D5:14:CA:0B:32:15:B5
Authority key identifier: 6B:6A:35:CC:30:EC:31:16:42:0C:0F:F0:4C:59:E4:79:3E:91:93:FB
Certificate issuer:       /CN=6b6a35cc30ec3116420c0ff04c59e4793e9193fb
Certificate serial:       019D9AE2D2807834DB906E0708AD640A2330
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
Manifest number:          04C7
Signing time:             Fri 17 Apr 2026 10:00:49 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:49 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:49 +0000
Files and hashes:         1: a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl (hash: dMqfKVQ10rcriXO0Rzm43tnxAhj0wyAVFwIhkiIEfys=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:d2:80:78:34:db:90:6e:07:08:ad:64:0a:23:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b6a35cc30ec3116420c0ff04c59e4793e9193fb
        Validity
            Not Before: Apr 17 10:00:49 2026 GMT
            Not After : Apr 18 10:00:49 2026 GMT
        Subject: CN=19f9fc2e1287a76ebb108147bbd514ca0b3215b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:cf:29:89:b2:3b:ea:16:cd:22:c7:b8:bf:6e:
                    81:6d:bf:7f:bc:f7:b4:5b:06:3d:0f:04:4d:b3:57:
                    9d:a7:a5:9f:3a:6f:7c:49:6f:b0:cb:4c:81:11:e9:
                    48:ef:54:7b:6c:ec:fb:74:8d:07:82:b3:45:5a:28:
                    a9:53:0c:7f:fb:d0:24:b8:85:c7:ed:ac:a3:9f:90:
                    f9:8a:6e:05:12:40:1a:fa:4c:70:83:66:c7:35:f9:
                    98:ca:53:a6:e4:87:90:7a:93:b0:05:d2:ee:e9:d0:
                    92:7d:29:ca:1c:dc:d4:8b:39:a0:f8:1f:df:c6:19:
                    0f:d6:13:71:e3:2b:4b:c0:2a:f3:6b:a1:2d:3d:99:
                    05:6d:c4:19:26:a7:a3:55:b0:f4:06:d4:5c:87:de:
                    27:d4:d6:22:9b:c1:ae:ad:34:e0:50:d5:e8:93:bf:
                    25:c8:52:f4:51:92:14:7c:e1:75:24:99:35:4c:10:
                    b9:89:53:44:57:9b:56:ab:83:0a:df:1b:23:0d:c0:
                    75:48:c7:c6:5d:b2:ff:90:90:d0:e2:a3:ad:30:1c:
                    dc:51:89:1c:27:e7:a6:1d:b5:67:c9:20:49:af:d3:
                    79:d8:05:7b:43:02:e2:51:49:3e:97:8d:24:1b:3c:
                    20:08:95:c5:1b:76:b4:12:ee:63:d1:bd:27:19:a4:
                    e9:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:F9:FC:2E:12:87:A7:6E:BB:10:81:47:BB:D5:14:CA:0B:32:15:B5
            X509v3 Authority Key Identifier:
                keyid:6B:6A:35:CC:30:EC:31:16:42:0C:0F:F0:4C:59:E4:79:3E:91:93:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:d9:7a:c5:bd:f1:dd:5d:de:07:69:8b:06:af:e5:86:99:c2:
         c9:06:b4:ca:b9:71:0a:40:ba:6a:e1:ee:1f:ff:1f:f7:43:c1:
         83:a2:2a:36:f0:bc:bd:4a:d8:4f:4f:7e:8f:11:7b:cf:9e:c6:
         de:8e:84:59:b9:24:1b:ec:9b:68:54:6f:fd:15:68:6f:a6:fd:
         b8:40:e2:60:50:20:1a:fe:b7:b7:55:4e:51:8f:1e:41:f4:4b:
         5b:cd:da:24:8a:89:2c:5a:23:f8:61:0d:f7:42:32:9f:1f:19:
         4b:3e:bc:d9:26:4d:c7:ee:62:94:f3:da:06:fd:21:a1:ef:4b:
         73:1a:38:af:5f:b4:d6:c1:04:b7:9f:42:bd:14:f3:3a:52:d6:
         3f:3a:ad:ed:64:05:ec:d9:e9:a6:11:46:df:86:98:54:b3:b3:
         22:60:d9:6c:c3:6f:73:f4:d5:a3:f9:01:5d:ec:d4:b1:fd:0e:
         ab:27:e2:7b:4c:91:e2:62:69:e2:9f:28:b3:05:da:a6:c7:3e:
         33:a8:d1:a2:8e:93:95:7f:85:f2:93:87:f3:f1:5e:68:68:b2:
         23:ff:54:67:65:27:bb:f3:e5:0a:87:15:a3:50:c7:6c:70:ad:
         06:1b:0c:34:c8:f1:47:84:1a:b7:57:65:35:50:95:d5:82:a7:
         13:b3:99:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4tKAeDTbkG4HCK1kCiMwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNmEzNWNjMzBlYzMxMTY0MjBjMGZmMDRjNTllNDc5M2U5
MTkzZmIwHhcNMjYwNDE3MTAwMDQ5WhcNMjYwNDE4MTAwMDQ5WjAzMTEwLwYDVQQD
EygxOWY5ZmMyZTEyODdhNzZlYmIxMDgxNDdiYmQ1MTRjYTBiMzIxNWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyc8pibI76hbNIse4v26Bbb9/vPe0
WwY9DwRNs1edp6WfOm98SW+wy0yBEelI71R7bOz7dI0HgrNFWiipUwx/+9AkuIXH
7ayjn5D5im4FEkAa+kxwg2bHNfmYylOm5IeQepOwBdLu6dCSfSnKHNzUizmg+B/f
xhkP1hNx4ytLwCrza6EtPZkFbcQZJqejVbD0BtRch94n1NYim8GurTTgUNXok78l
yFL0UZIUfOF1JJk1TBC5iVNEV5tWq4MK3xsjDcB1SMfGXbL/kJDQ4qOtMBzcUYkc
J+emHbVnySBJr9N52AV7QwLiUUk+l40kGzwgCJXFG3a0Eu5j0b0nGaTp7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBn5/C4Sh6duuxCBR7vVFMoLMhW1MB8GA1UdIwQY
MBaAFGtqNcww7DEWQgwP8ExZ5Hk+kZP7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84OTIyNmQtMWZlZS00NTcxLTgxMDYt
NTFmYjgyZWZmM2Q2LzEvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84OTIyNmQtMWZlZS00NTcxLTgxMDYtNTFmYjgyZWZmM2Q2
LzEvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp9l6xb3x
3V3eB2mLBq/lhpnCyQa0yrlxCkC6auHuH/8f90PBg6IqNvC8vUrYT09+jxF7z57G
3o6EWbkkG+ybaFRv/RVob6b9uEDiYFAgGv63t1VOUY8eQfRLW83aJIqJLFoj+GEN
90Iynx8ZSz682SZNx+5ilPPaBv0hoe9Lcxo4r1+01sEEt59CvRTzOlLWPzqt7WQF
7NnpphFG34aYVLOzImDZbMNvc/TVo/kBXezUsf0Oqyfie0yR4mJp4p8oswXapsc+
M6jRoo6TlX+F8pOH8/FeaGiyI/9UZ2Unu/PlCocVo1DHbHCtBhsMNMjxR4Qat1dl
NVCV1YKnE7OZeg==
-----END CERTIFICATE-----