Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
File:                     maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft (raw, json)
Hash identifier:          NWqJUjryry0Jm7xFe491sLlq6jukwWr1VLFEz0eSoj0=
Subject key identifier:   71:18:A1:DA:16:D6:57:43:5F:7B:FB:9E:E0:1B:1D:82:96:66:E8:41
Authority key identifier: 99:A5:E4:C1:CD:E8:BC:B3:B8:42:07:70:D5:9A:83:A7:91:7C:8C:C8
Certificate issuer:       /CN=99a5e4c1cde8bcb3b8420770d59a83a7917c8cc8
Certificate serial:       019D99CFD79D630CC090317358561587459E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
Manifest number:          147F
Signing time:             Fri 17 Apr 2026 05:00:28 +0000
Manifest this update:     Fri 17 Apr 2026 05:00:28 +0000
Manifest next update:     Sat 18 Apr 2026 05:00:28 +0000
Files and hashes:         1: maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl (hash: KyY4+kdgRL+wWsJyUjZ6xeAOk39ABYYoYvqUTJlOiQ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 05:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:cf:d7:9d:63:0c:c0:90:31:73:58:56:15:87:45:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99a5e4c1cde8bcb3b8420770d59a83a7917c8cc8
        Validity
            Not Before: Apr 17 05:00:28 2026 GMT
            Not After : Apr 18 05:00:28 2026 GMT
        Subject: CN=7118a1da16d657435f7bfb9ee01b1d829666e841
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:c8:65:a2:ea:54:b4:cf:56:74:fb:46:fb:2c:
                    cb:62:dd:c2:3b:03:a3:5b:eb:d3:e7:f9:d9:6b:42:
                    d3:7c:af:d3:44:76:5a:be:bb:5e:0c:ba:46:28:19:
                    ad:6d:fb:ce:be:7e:a6:13:ca:0f:0b:34:98:e8:a1:
                    55:5b:30:87:04:5b:6b:7d:eb:84:81:ca:49:a7:53:
                    b0:43:a4:42:4b:f2:cc:a8:37:5b:23:db:00:f0:7f:
                    d3:8a:f4:c1:c6:6e:b4:3d:51:e8:d7:df:6e:e9:e3:
                    94:db:17:3c:be:97:f1:77:99:3f:1e:eb:35:43:fd:
                    2e:8f:cf:f9:4f:d5:82:32:fe:d1:c0:6a:1d:47:c8:
                    71:78:da:d5:a9:67:f0:59:cc:4e:63:9f:39:d9:dd:
                    af:5a:ad:bf:0f:af:fc:ad:0d:c7:15:bb:d3:fe:33:
                    f5:7c:e9:2c:7e:9b:f5:e7:69:4e:ee:39:2c:49:22:
                    6c:18:9c:62:a1:22:e2:d4:c6:a4:71:3b:2c:5d:ae:
                    8e:84:f4:80:61:3b:ab:0c:c9:43:cd:71:a4:18:f2:
                    b5:c7:c5:33:a8:c2:79:3f:f3:16:ac:69:4d:84:78:
                    6a:a9:61:2d:4d:c3:4d:da:6b:d0:f4:62:ac:00:0e:
                    bb:b9:f5:a6:93:4b:a4:84:8f:b1:9a:ac:c0:5c:c9:
                    40:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:18:A1:DA:16:D6:57:43:5F:7B:FB:9E:E0:1B:1D:82:96:66:E8:41
            X509v3 Authority Key Identifier:
                keyid:99:A5:E4:C1:CD:E8:BC:B3:B8:42:07:70:D5:9A:83:A7:91:7C:8C:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:15:0e:66:8a:ad:7d:31:3d:46:67:01:28:03:b7:f6:af:ba:
         bc:ff:33:2f:13:a2:59:a2:af:27:8d:5b:e1:c3:47:55:9a:c4:
         df:9e:f7:75:71:76:ec:74:d4:75:3f:56:d0:24:29:b9:8b:cd:
         a0:e2:7b:ab:bd:96:dd:64:45:55:a9:c1:eb:36:bf:a5:d9:16:
         df:95:57:ea:88:a2:21:1a:37:8d:cf:8b:c2:18:df:0b:1e:71:
         99:8f:09:38:39:1e:02:fe:9b:67:e7:b4:4c:b8:91:c6:88:23:
         b5:9a:35:82:e1:a1:0a:f6:92:12:9a:79:5e:b4:09:61:c3:56:
         6b:8c:18:dc:65:6f:92:91:ac:87:9c:23:d6:0b:7e:66:37:25:
         43:ac:1a:7a:c0:24:ba:84:41:4f:f6:db:46:0b:df:95:68:41:
         d6:28:6f:f5:e8:fe:58:19:aa:56:8c:ed:a0:2c:b0:b7:01:0b:
         f7:30:de:66:cd:67:62:52:4a:be:8c:08:44:06:ad:4f:cc:d2:
         bf:f1:aa:c6:c0:76:f9:6b:ee:35:eb:c9:43:72:aa:e8:73:48:
         9d:64:0e:58:ad:cb:70:27:32:80:96:28:6f:3e:b9:a4:a1:6f:
         32:9d:8b:74:8e:70:72:ce:fd:87:05:9d:dd:fd:45:60:fd:51:
         5e:33:fa:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Zz9edYwzAkDFzWFYVh0WeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YTVlNGMxY2RlOGJjYjNiODQyMDc3MGQ1OWE4M2E3OTE3
YzhjYzgwHhcNMjYwNDE3MDUwMDI4WhcNMjYwNDE4MDUwMDI4WjAzMTEwLwYDVQQD
Eyg3MTE4YTFkYTE2ZDY1NzQzNWY3YmZiOWVlMDFiMWQ4Mjk2NjZlODQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7MhloupUtM9WdPtG+yzLYt3COwOj
W+vT5/nZa0LTfK/TRHZavrteDLpGKBmtbfvOvn6mE8oPCzSY6KFVWzCHBFtrfeuE
gcpJp1OwQ6RCS/LMqDdbI9sA8H/TivTBxm60PVHo199u6eOU2xc8vpfxd5k/Hus1
Q/0uj8/5T9WCMv7RwGodR8hxeNrVqWfwWcxOY5852d2vWq2/D6/8rQ3HFbvT/jP1
fOksfpv152lO7jksSSJsGJxioSLi1MakcTssXa6OhPSAYTurDMlDzXGkGPK1x8Uz
qMJ5P/MWrGlNhHhqqWEtTcNN2mvQ9GKsAA67ufWmk0ukhI+xmqzAXMlAuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHEYodoW1ldDX3v7nuAbHYKWZuhBMB8GA1UdIwQY
MBaAFJml5MHN6LyzuEIHcNWag6eRfIzIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS81NWI4NDgtMGZjMy00M2MzLThhY2Ut
MGRjM2MyMWJkNjI4LzEvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS81NWI4NDgtMGZjMy00M2MzLThhY2UtMGRjM2MyMWJkNjI4
LzEvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALBUOZoqt
fTE9RmcBKAO39q+6vP8zLxOiWaKvJ41b4cNHVZrE3573dXF27HTUdT9W0CQpuYvN
oOJ7q72W3WRFVanB6za/pdkW35VX6oiiIRo3jc+LwhjfCx5xmY8JODkeAv6bZ+e0
TLiRxogjtZo1guGhCvaSEpp5XrQJYcNWa4wY3GVvkpGsh5wj1gt+ZjclQ6waesAk
uoRBT/bbRgvflWhB1ihv9ej+WBmqVoztoCywtwEL9zDeZs1nYlJKvowIRAatT8zS
v/GqxsB2+WvuNevJQ3Kq6HNInWQOWK3LcCcygJYobz65pKFvMp2LdI5wcs79hwWd
3f1FYP1RXjP6vw==
-----END CERTIFICATE-----