Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/cb88ae-f020-44d9-b462-da6199b82f11/1/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.mft
File:                     v7yKhmj1D9r0lPUoosqv0Ct8Ma0.mft (raw, json)
Hash identifier:          A//M0jcjtbGYLERJXGPJpcnCQ0bQlsfGJXQTqlEb8dA=
Subject key identifier:   42:6D:95:6B:1D:3F:81:7E:38:7F:CC:2F:85:B2:B2:83:22:0E:68:BB
Authority key identifier: BF:BC:8A:86:68:F5:0F:DA:F4:94:F5:28:A2:CA:AF:D0:2B:7C:31:AD
Certificate issuer:       /CN=bfbc8a8668f50fdaf494f528a2caafd02b7c31ad
Certificate serial:       019D9DAD765152085A027C42D023048E2396
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/cb88ae-f020-44d9-b462-da6199b82f11/1/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.mft
Manifest number:          058C
Signing time:             Fri 17 Apr 2026 23:01:24 +0000
Manifest this update:     Fri 17 Apr 2026 23:01:24 +0000
Manifest next update:     Sat 18 Apr 2026 23:01:24 +0000
Files and hashes:         1: v7yKhmj1D9r0lPUoosqv0Ct8Ma0.crl (hash: urW68u2DJacXma+bAn2b9yP6LZpG5Y5Xm11+UVMQFqw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/cb88ae-f020-44d9-b462-da6199b82f11/1/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/cb88ae-f020-44d9-b462-da6199b82f11/1/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 16:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9d:ad:76:51:52:08:5a:02:7c:42:d0:23:04:8e:23:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbc8a8668f50fdaf494f528a2caafd02b7c31ad
        Validity
            Not Before: Apr 17 23:01:24 2026 GMT
            Not After : Apr 18 23:01:24 2026 GMT
        Subject: CN=426d956b1d3f817e387fcc2f85b2b283220e68bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:5a:56:96:a8:79:d5:d7:a5:72:90:67:4d:62:
                    fc:ab:08:0b:70:51:64:bb:a6:81:11:22:b4:8c:ec:
                    2e:24:d5:4b:dd:3b:d3:99:8e:4f:01:74:b7:e9:1d:
                    c7:9d:8d:47:72:b2:08:d7:7c:2b:ee:41:f0:a1:4c:
                    34:ec:2e:b3:eb:5b:3b:09:f8:f0:81:e4:f7:38:d3:
                    66:82:3f:77:9e:1f:96:0e:e4:d2:c8:5f:c3:9c:82:
                    c0:dd:f7:b6:05:67:e6:a1:b2:d5:a4:99:0c:f7:4d:
                    a4:d6:d6:64:78:84:b0:5d:5e:bb:d6:fb:8a:14:1a:
                    e2:1d:ef:97:f0:a6:8a:0c:79:50:49:73:1e:2d:f8:
                    c2:8c:61:62:f3:00:3a:c0:6a:ec:1f:c2:11:3f:20:
                    d8:1b:e4:43:99:54:99:25:04:49:e5:4c:78:c2:bf:
                    27:14:7f:fd:48:2e:cd:37:c1:a5:ed:ed:8a:76:20:
                    87:20:a6:c2:25:41:a8:8b:94:7a:8c:ae:7e:c9:12:
                    47:56:9d:48:8c:f8:af:53:14:21:76:87:d8:a7:e5:
                    bc:68:b1:16:4d:ef:4a:2a:c4:86:5d:01:af:0f:78:
                    d5:2c:7d:92:78:1a:a0:7e:98:b1:2a:db:3a:0e:73:
                    2e:b6:86:9f:0a:b7:2c:07:28:7a:d0:fa:bd:d4:8b:
                    c1:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:6D:95:6B:1D:3F:81:7E:38:7F:CC:2F:85:B2:B2:83:22:0E:68:BB
            X509v3 Authority Key Identifier:
                keyid:BF:BC:8A:86:68:F5:0F:DA:F4:94:F5:28:A2:CA:AF:D0:2B:7C:31:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/cb88ae-f020-44d9-b462-da6199b82f11/1/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/cb88ae-f020-44d9-b462-da6199b82f11/1/v7yKhmj1D9r0lPUoosqv0Ct8Ma0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:d4:7d:ee:56:0f:16:99:59:96:b2:56:61:93:29:df:59:3d:
         a9:b7:c6:71:9f:87:70:2b:ee:4c:c4:d3:7e:5a:c2:0b:61:ce:
         ca:5d:9d:81:d4:f7:eb:65:1f:01:7f:e7:b8:39:9f:f0:4c:10:
         50:46:82:c6:03:80:23:2b:83:1e:14:3f:e0:05:5c:8c:98:0b:
         3b:47:b1:1d:fa:de:8f:e2:b7:d9:33:9e:1e:09:aa:a8:42:d5:
         22:e1:71:f3:49:64:ab:a1:23:ff:11:5a:9c:dc:4c:f6:e3:77:
         06:64:4f:8a:36:99:61:d9:93:b0:ec:5e:f7:7e:d2:d9:15:0e:
         81:22:a9:65:d6:54:05:4b:74:31:3f:55:93:27:ee:8f:65:ec:
         89:6c:09:23:92:80:45:a0:63:b0:5f:e9:8c:31:ad:73:12:9e:
         9d:d5:34:bc:e2:e1:c7:55:71:59:f5:01:ae:51:5a:bb:42:28:
         49:35:5d:5b:9e:c9:f2:c1:9d:5d:08:d5:96:c0:4a:e7:c9:db:
         5c:8f:4f:54:61:b7:32:15:cc:18:5f:63:2c:74:dc:db:fe:8b:
         a5:74:16:a9:17:6b:bd:26:2d:f3:88:fb:14:1c:5d:c4:5e:3a:
         e2:7d:f0:db:50:c8:dc:23:20:6f:ae:4b:dd:ec:29:8d:80:97:
         5d:28:d2:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2drXZRUghaAnxC0CMEjiOWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYmM4YTg2NjhmNTBmZGFmNDk0ZjUyOGEyY2FhZmQwMmI3
YzMxYWQwHhcNMjYwNDE3MjMwMTI0WhcNMjYwNDE4MjMwMTI0WjAzMTEwLwYDVQQD
Eyg0MjZkOTU2YjFkM2Y4MTdlMzg3ZmNjMmY4NWIyYjI4MzIyMGU2OGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4VpWlqh51delcpBnTWL8qwgLcFFk
u6aBESK0jOwuJNVL3TvTmY5PAXS36R3HnY1HcrII13wr7kHwoUw07C6z61s7Cfjw
geT3ONNmgj93nh+WDuTSyF/DnILA3fe2BWfmobLVpJkM902k1tZkeISwXV671vuK
FBriHe+X8KaKDHlQSXMeLfjCjGFi8wA6wGrsH8IRPyDYG+RDmVSZJQRJ5Ux4wr8n
FH/9SC7NN8Gl7e2KdiCHIKbCJUGoi5R6jK5+yRJHVp1IjPivUxQhdofYp+W8aLEW
Te9KKsSGXQGvD3jVLH2SeBqgfpixKts6DnMutoafCrcsByh60Pq91IvBUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEJtlWsdP4F+OH/ML4WysoMiDmi7MB8GA1UdIwQY
MBaAFL+8ioZo9Q/a9JT1KKLKr9ArfDGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjd5S2htajFEOXIwbFBVb29zcXYwQ3Q4TWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9jYjg4YWUtZjAyMC00NGQ5LWI0NjIt
ZGE2MTk5YjgyZjExLzEvdjd5S2htajFEOXIwbFBVb29zcXYwQ3Q4TWEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9jYjg4YWUtZjAyMC00NGQ5LWI0NjItZGE2MTk5YjgyZjEx
LzEvdjd5S2htajFEOXIwbFBVb29zcXYwQ3Q4TWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJdR97lYP
FplZlrJWYZMp31k9qbfGcZ+HcCvuTMTTflrCC2HOyl2dgdT362UfAX/nuDmf8EwQ
UEaCxgOAIyuDHhQ/4AVcjJgLO0exHfrej+K32TOeHgmqqELVIuFx80lkq6Ej/xFa
nNxM9uN3BmRPijaZYdmTsOxe937S2RUOgSKpZdZUBUt0MT9Vkyfuj2XsiWwJI5KA
RaBjsF/pjDGtcxKendU0vOLhx1VxWfUBrlFau0IoSTVdW57J8sGdXQjVlsBK58nb
XI9PVGG3MhXMGF9jLHTc2/6LpXQWqRdrvSYt84j7FBxdxF464n3w21DI3CMgb65L
3ewpjYCXXSjSCg==
-----END CERTIFICATE-----