Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.mft
File:                     r4yBlkcmb7yxOeZyqPuaV89Ysog.mft (raw, json)
Hash identifier:          hSRwDURTlipdUcHZyDfLH4on/vqH7kHyL6uAZWczESM=
Subject key identifier:   16:75:45:56:FC:60:1A:03:84:64:C1:F6:DB:62:19:2E:6B:CE:22:B7
Authority key identifier: AF:8C:81:96:47:26:6F:BC:B1:39:E6:72:A8:FB:9A:57:CF:58:B2:88
Certificate issuer:       /CN=af8c819647266fbcb139e672a8fb9a57cf58b288
Certificate serial:       019D9B50B88D09B70E58EB8868A570A38000
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r4yBlkcmb7yxOeZyqPuaV89Ysog.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.mft
Manifest number:          06D4
Signing time:             Fri 17 Apr 2026 12:00:51 +0000
Manifest this update:     Fri 17 Apr 2026 12:00:51 +0000
Manifest next update:     Sat 18 Apr 2026 12:00:51 +0000
Files and hashes:         1: r4yBlkcmb7yxOeZyqPuaV89Ysog.crl (hash: wGzjSevmQDYVfS42aflCrR2TM6FEB9c1rREZLuHsPD8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r4yBlkcmb7yxOeZyqPuaV89Ysog.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 12:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:50:b8:8d:09:b7:0e:58:eb:88:68:a5:70:a3:80:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af8c819647266fbcb139e672a8fb9a57cf58b288
        Validity
            Not Before: Apr 17 12:00:51 2026 GMT
            Not After : Apr 18 12:00:51 2026 GMT
        Subject: CN=16754556fc601a038464c1f6db62192e6bce22b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:87:0a:9a:8d:97:b9:78:c4:89:11:67:c6:06:
                    16:61:97:73:84:0c:64:87:6c:c2:86:0c:8e:16:f0:
                    f4:03:e3:50:5f:c5:71:75:65:38:e5:a0:e2:1b:52:
                    96:68:5a:72:3f:2b:b6:da:43:6e:7b:b6:9f:5e:80:
                    df:56:4e:ea:a6:e2:64:b2:7e:78:b4:f8:81:a5:33:
                    0e:e9:f0:43:0c:85:20:72:cf:6c:c3:06:48:48:88:
                    02:a9:1c:72:8b:69:4b:91:8a:56:aa:93:5c:04:5b:
                    e0:e7:b2:be:73:d6:ba:72:ba:f1:b7:f9:62:73:02:
                    1d:fa:6a:1e:16:f7:cc:0e:dc:13:99:df:75:b1:31:
                    97:88:dd:d9:15:a9:28:7d:57:b9:af:be:53:d9:0f:
                    39:ba:07:da:99:da:6d:8b:73:3a:12:fe:81:b6:1c:
                    ae:0c:b0:9c:16:b9:c6:ad:d1:74:a6:ad:08:82:24:
                    42:5e:03:08:02:ea:a3:50:bd:d7:c0:42:46:e1:77:
                    e3:41:06:47:7b:0f:92:05:e3:41:0e:45:49:0d:b2:
                    45:0e:e9:78:01:be:0c:8b:c9:97:48:16:b2:b4:67:
                    58:5f:0d:04:aa:bd:d0:b3:fd:e7:c3:ef:b0:fc:88:
                    2a:17:80:3d:4d:0e:7d:c3:be:14:05:69:a9:a4:a6:
                    a2:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:75:45:56:FC:60:1A:03:84:64:C1:F6:DB:62:19:2E:6B:CE:22:B7
            X509v3 Authority Key Identifier:
                keyid:AF:8C:81:96:47:26:6F:BC:B1:39:E6:72:A8:FB:9A:57:CF:58:B2:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4yBlkcmb7yxOeZyqPuaV89Ysog.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:15:b3:9a:55:f5:4e:b6:d7:df:59:b4:61:b6:3f:35:1d:54:
         78:8f:f6:e2:85:60:01:aa:6a:95:4e:95:7c:86:f5:cf:e0:2e:
         34:4d:0d:71:b3:77:aa:0c:16:74:bd:be:a5:80:df:68:7e:ed:
         fe:3b:cf:b4:00:7d:39:d5:ee:bd:b5:bf:9c:29:fc:64:35:95:
         1d:32:ca:79:de:98:a7:15:7c:fe:4b:0c:27:40:c1:84:4c:0e:
         e3:f8:c6:c7:80:6b:86:44:d8:2b:ab:6d:38:8a:a7:77:44:bc:
         a4:2d:ec:b9:c9:ef:ce:6c:b6:7d:81:d7:c7:0d:a5:1a:86:dc:
         26:e6:a1:9e:5e:3a:a0:19:49:29:88:3f:d3:46:c3:d5:df:ff:
         89:92:a6:af:4e:76:f2:b2:9b:d3:a5:9c:40:f4:54:d1:75:fd:
         b4:a5:04:44:4f:2e:0e:c6:80:16:3f:3a:8d:81:78:de:86:18:
         22:bd:1e:f8:a2:72:b7:11:ca:51:8e:73:35:07:49:d3:bb:8a:
         cf:48:fc:f8:97:5d:06:cc:c9:16:d5:5c:51:2c:50:07:ad:22:
         49:09:c9:34:35:cd:f9:0f:85:22:0f:ff:d1:61:a8:ef:76:62:
         ca:c9:42:ae:36:ad:41:ce:b7:e4:44:7b:a4:a2:45:f2:32:3b:
         30:ac:7e:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bULiNCbcOWOuIaKVwo4AAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOGM4MTk2NDcyNjZmYmNiMTM5ZTY3MmE4ZmI5YTU3Y2Y1
OGIyODgwHhcNMjYwNDE3MTIwMDUxWhcNMjYwNDE4MTIwMDUxWjAzMTEwLwYDVQQD
EygxNjc1NDU1NmZjNjAxYTAzODQ2NGMxZjZkYjYyMTkyZTZiY2UyMmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ocKmo2XuXjEiRFnxgYWYZdzhAxk
h2zChgyOFvD0A+NQX8VxdWU45aDiG1KWaFpyPyu22kNue7afXoDfVk7qpuJksn54
tPiBpTMO6fBDDIUgcs9swwZISIgCqRxyi2lLkYpWqpNcBFvg57K+c9a6crrxt/li
cwId+moeFvfMDtwTmd91sTGXiN3ZFakofVe5r75T2Q85ugfamdpti3M6Ev6Bthyu
DLCcFrnGrdF0pq0IgiRCXgMIAuqjUL3XwEJG4XfjQQZHew+SBeNBDkVJDbJFDul4
Ab4Mi8mXSBaytGdYXw0Eqr3Qs/3nw++w/IgqF4A9TQ59w74UBWmppKaiZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBZ1RVb8YBoDhGTB9ttiGS5rziK3MB8GA1UdIwQY
MBaAFK+MgZZHJm+8sTnmcqj7mlfPWLKIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjR5QmxrY21iN3l4T2VaeXFQdWFWODlZc29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC82YmU3YWYtOTdiOC00Nzc3LWJiZGQt
MzAxMTdjMjBiZjQyLzEvcjR5QmxrY21iN3l4T2VaeXFQdWFWODlZc29nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC82YmU3YWYtOTdiOC00Nzc3LWJiZGQtMzAxMTdjMjBiZjQy
LzEvcjR5QmxrY21iN3l4T2VaeXFQdWFWODlZc29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXBWzmlX1
TrbX31m0YbY/NR1UeI/24oVgAapqlU6VfIb1z+AuNE0NcbN3qgwWdL2+pYDfaH7t
/jvPtAB9OdXuvbW/nCn8ZDWVHTLKed6YpxV8/ksMJ0DBhEwO4/jGx4BrhkTYK6tt
OIqnd0S8pC3sucnvzmy2fYHXxw2lGobcJuahnl46oBlJKYg/00bD1d//iZKmr052
8rKb06WcQPRU0XX9tKUERE8uDsaAFj86jYF43oYYIr0e+KJytxHKUY5zNQdJ07uK
z0j8+JddBszJFtVcUSxQB60iSQnJNDXN+Q+FIg//0WGo73ZiyslCrjatQc635ER7
pKJF8jI7MKx+fQ==
-----END CERTIFICATE-----