Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/56e9d5-ff45-4464-b2bb-610b9e72a6be/1/PRKXkoZrFiE7VsW_pr66x8YYsVA.mft
File:                     PRKXkoZrFiE7VsW_pr66x8YYsVA.mft (raw, json)
Hash identifier:          HET3xoUUwA2JujPDMKrmdZ/ooYQ3u01foPmAPiCho8Q=
Subject key identifier:   4C:0B:B4:D8:C7:1E:D7:AC:C4:FE:58:80:2D:56:4D:44:4B:23:20:2E
Authority key identifier: 3D:12:97:92:86:6B:16:21:3B:56:C5:BF:A6:BE:BA:C7:C6:18:B1:50
Certificate issuer:       /CN=3d129792866b16213b56c5bfa6bebac7c618b150
Certificate serial:       019D98F42032EE4DD16A09D57864C1DA05B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PRKXkoZrFiE7VsW_pr66x8YYsVA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/56e9d5-ff45-4464-b2bb-610b9e72a6be/1/PRKXkoZrFiE7VsW_pr66x8YYsVA.mft
Manifest number:          144F
Signing time:             Fri 17 Apr 2026 01:00:28 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:28 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:28 +0000
Files and hashes:         1: PRKXkoZrFiE7VsW_pr66x8YYsVA.crl (hash: cD28F5U2WC3AGTAV/nWxDkoRKFly4t80megTLOAgihM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/56e9d5-ff45-4464-b2bb-610b9e72a6be/1/PRKXkoZrFiE7VsW_pr66x8YYsVA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/56e9d5-ff45-4464-b2bb-610b9e72a6be/1/PRKXkoZrFiE7VsW_pr66x8YYsVA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PRKXkoZrFiE7VsW_pr66x8YYsVA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:20:32:ee:4d:d1:6a:09:d5:78:64:c1:da:05:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d129792866b16213b56c5bfa6bebac7c618b150
        Validity
            Not Before: Apr 17 01:00:28 2026 GMT
            Not After : Apr 18 01:00:28 2026 GMT
        Subject: CN=4c0bb4d8c71ed7acc4fe58802d564d444b23202e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:6e:77:9b:72:08:b0:e0:f5:7f:d3:de:38:62:
                    59:50:7b:2e:28:2b:24:4b:12:72:d0:f0:8c:19:d8:
                    62:c7:8b:16:b6:1b:28:e5:01:6c:25:d7:9f:59:90:
                    26:45:12:a5:9c:76:2e:e9:81:b1:56:1a:c9:a2:55:
                    b2:a1:b5:f5:94:8e:4e:2e:29:1a:e5:2c:4f:7f:c9:
                    77:ec:ff:6a:ac:43:d7:e4:05:b7:ce:70:90:4d:85:
                    37:9c:9f:d7:f2:c0:c1:62:62:dd:e4:4e:ff:7e:08:
                    aa:b2:be:e5:4b:7a:6a:be:39:34:58:2f:2e:51:9b:
                    5b:0a:39:72:65:e1:da:73:a0:f1:58:dd:04:e7:db:
                    27:cd:b7:3f:31:f6:e2:f8:60:d2:12:a2:72:25:1c:
                    70:2b:6f:17:50:59:5d:8c:84:db:bf:b5:7c:a0:70:
                    99:57:ae:fd:2f:59:b6:86:6c:8b:09:78:4a:b7:23:
                    ed:95:c3:3e:1b:d3:5b:d5:38:e9:e4:f1:c7:d4:fb:
                    66:6d:5b:cd:1b:c0:fd:0b:41:27:14:ec:b6:88:d7:
                    8f:07:cf:05:44:32:20:9e:01:f5:12:05:fe:b9:6b:
                    a4:da:1d:17:ac:c8:d1:54:d0:db:ac:f1:79:29:ce:
                    53:3f:53:27:55:67:85:f8:ab:7e:7b:6d:d2:f0:0b:
                    03:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:0B:B4:D8:C7:1E:D7:AC:C4:FE:58:80:2D:56:4D:44:4B:23:20:2E
            X509v3 Authority Key Identifier:
                keyid:3D:12:97:92:86:6B:16:21:3B:56:C5:BF:A6:BE:BA:C7:C6:18:B1:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRKXkoZrFiE7VsW_pr66x8YYsVA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/56e9d5-ff45-4464-b2bb-610b9e72a6be/1/PRKXkoZrFiE7VsW_pr66x8YYsVA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/56e9d5-ff45-4464-b2bb-610b9e72a6be/1/PRKXkoZrFiE7VsW_pr66x8YYsVA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:b4:8e:b1:64:53:3c:a6:7c:d2:a3:b5:c3:ff:8b:92:f4:71:
         7f:ed:6d:bf:0e:e4:75:2b:23:30:2d:de:f4:36:28:63:fe:a4:
         6f:d7:47:8e:cb:17:b8:68:96:07:ce:ad:d0:1d:ec:ff:34:a5:
         53:31:b8:f6:69:73:1b:13:f6:4a:28:18:02:05:6f:1c:66:43:
         c9:c7:30:3d:2d:27:e6:09:46:30:c6:0e:84:b1:94:16:26:3e:
         8d:e2:ee:08:a0:a2:5c:79:d7:77:b5:da:d5:63:a9:18:b1:5f:
         1f:3c:cb:41:ca:0b:0a:0f:c9:96:0b:87:b3:02:2e:9f:04:9a:
         7e:86:61:33:46:dd:94:56:1b:5f:19:af:04:48:d7:14:46:70:
         bd:83:dd:3a:5a:49:3b:95:da:57:29:b6:f0:34:30:43:37:de:
         61:8f:cd:09:0f:29:4d:5e:0e:2a:a8:e4:91:e7:9a:b4:52:db:
         b0:d0:4d:fe:1a:76:19:4f:95:37:2d:1f:9f:ae:47:6d:d2:0d:
         64:c7:ad:41:78:a5:90:10:dd:e6:cc:e4:7c:ed:68:b4:9c:83:
         76:73:39:0f:e1:ec:b1:22:39:f6:fa:39:e0:91:41:91:73:66:
         c7:85:63:4f:4a:fb:ff:ea:22:9f:59:24:ba:35:5c:02:4e:01:
         20:8d:f7:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9CAy7k3RagnVeGTB2gW3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMTI5NzkyODY2YjE2MjEzYjU2YzViZmE2YmViYWM3YzYx
OGIxNTAwHhcNMjYwNDE3MDEwMDI4WhcNMjYwNDE4MDEwMDI4WjAzMTEwLwYDVQQD
Eyg0YzBiYjRkOGM3MWVkN2FjYzRmZTU4ODAyZDU2NGQ0NDRiMjMyMDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn253m3IIsOD1f9PeOGJZUHsuKCsk
SxJy0PCMGdhix4sWthso5QFsJdefWZAmRRKlnHYu6YGxVhrJolWyobX1lI5OLika
5SxPf8l37P9qrEPX5AW3znCQTYU3nJ/X8sDBYmLd5E7/fgiqsr7lS3pqvjk0WC8u
UZtbCjlyZeHac6DxWN0E59snzbc/Mfbi+GDSEqJyJRxwK28XUFldjITbv7V8oHCZ
V679L1m2hmyLCXhKtyPtlcM+G9Nb1Tjp5PHH1PtmbVvNG8D9C0EnFOy2iNePB88F
RDIgngH1EgX+uWuk2h0XrMjRVNDbrPF5Kc5TP1MnVWeF+Kt+e23S8AsDIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEwLtNjHHtesxP5YgC1WTURLIyAuMB8GA1UdIwQY
MBaAFD0Sl5KGaxYhO1bFv6a+usfGGLFQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJLWGtvWnJGaUU3VnNXX3ByNjZ4OFlZc1ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC81NmU5ZDUtZmY0NS00NDY0LWIyYmIt
NjEwYjllNzJhNmJlLzEvUFJLWGtvWnJGaUU3VnNXX3ByNjZ4OFlZc1ZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC81NmU5ZDUtZmY0NS00NDY0LWIyYmItNjEwYjllNzJhNmJl
LzEvUFJLWGtvWnJGaUU3VnNXX3ByNjZ4OFlZc1ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk7SOsWRT
PKZ80qO1w/+LkvRxf+1tvw7kdSsjMC3e9DYoY/6kb9dHjssXuGiWB86t0B3s/zSl
UzG49mlzGxP2SigYAgVvHGZDyccwPS0n5glGMMYOhLGUFiY+jeLuCKCiXHnXd7Xa
1WOpGLFfHzzLQcoLCg/JlguHswIunwSafoZhM0bdlFYbXxmvBEjXFEZwvYPdOlpJ
O5XaVym28DQwQzfeYY/NCQ8pTV4OKqjkkeeatFLbsNBN/hp2GU+VNy0fn65HbdIN
ZMetQXilkBDd5szkfO1otJyDdnM5D+HssSI59vo54JFBkXNmx4VjT0r7/+oin1kk
ujVcAk4BII33cA==
-----END CERTIFICATE-----