Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
File:                     PRf0av89iyHwD-6PY16uNKf0pNc.mft (raw, json)
Hash identifier:          thMxnLykXHUdxBwP1sa4IhJzniFilIOkfSZghr4qcdE=
Subject key identifier:   58:99:06:F3:B8:37:D5:62:06:36:58:FC:A4:9D:69:24:3E:A2:70:44
Authority key identifier: 3D:17:F4:6A:FF:3D:8B:21:F0:0F:EE:8F:63:5E:AE:34:A7:F4:A4:D7
Certificate issuer:       /CN=3d17f46aff3d8b21f00fee8f635eae34a7f4a4d7
Certificate serial:       019D98F48CEF1AF515A18371A78BC7D601CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
Manifest number:          0DAF
Signing time:             Fri 17 Apr 2026 01:00:56 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:56 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:56 +0000
Files and hashes:         1: PRf0av89iyHwD-6PY16uNKf0pNc.crl (hash: MxFccrVieHSt4C9C+lmpreCGE9iFq38Exm8gqcFKVX4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:8c:ef:1a:f5:15:a1:83:71:a7:8b:c7:d6:01:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d17f46aff3d8b21f00fee8f635eae34a7f4a4d7
        Validity
            Not Before: Apr 17 01:00:56 2026 GMT
            Not After : Apr 18 01:00:56 2026 GMT
        Subject: CN=589906f3b837d562063658fca49d69243ea27044
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:e4:97:98:22:bc:71:c7:76:29:10:f1:a1:ef:
                    93:20:57:e2:03:99:36:76:1a:54:09:d7:39:cd:76:
                    8d:a4:1d:74:f1:2e:1e:ae:2a:77:f3:66:82:5a:4f:
                    04:6c:9f:00:49:2c:24:00:81:9f:35:eb:aa:63:d2:
                    58:7d:9d:a5:a4:bf:eb:99:89:d0:73:05:58:1d:52:
                    b6:72:b6:42:0b:a4:12:f0:12:1f:77:d0:64:27:e8:
                    8b:9a:a9:76:29:e3:f8:c1:d6:12:2a:ee:92:60:2f:
                    d3:7e:80:51:52:85:f7:35:59:39:6e:9e:09:10:6e:
                    16:af:f3:14:1c:45:25:15:98:56:f2:b0:1d:79:c3:
                    be:7c:4f:35:dd:80:a9:e5:95:09:dc:27:00:23:47:
                    0b:c5:4c:59:70:91:06:27:46:fe:09:e5:a3:21:57:
                    ce:c4:f3:29:bf:ab:c7:0c:10:19:b9:52:19:74:a6:
                    43:25:e9:7a:c0:1c:5c:21:a0:c2:05:cd:d5:41:8c:
                    83:8e:6e:29:50:90:d1:47:66:a9:b7:36:81:31:f1:
                    97:b0:39:fe:3e:9a:b2:7c:ba:bd:27:82:d9:aa:21:
                    cf:b5:cc:37:cd:4e:94:b0:f9:bc:46:b4:6c:08:ca:
                    ed:f8:fc:18:1b:08:ab:96:37:b3:90:6c:9d:23:4e:
                    3d:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:99:06:F3:B8:37:D5:62:06:36:58:FC:A4:9D:69:24:3E:A2:70:44
            X509v3 Authority Key Identifier:
                keyid:3D:17:F4:6A:FF:3D:8B:21:F0:0F:EE:8F:63:5E:AE:34:A7:F4:A4:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:b6:9e:15:f1:98:96:a7:e0:29:31:73:ed:aa:d8:52:c9:f9:
         47:d0:67:d8:ac:45:fc:3c:c3:69:e1:78:8b:c4:19:81:b9:4d:
         1a:de:af:00:c8:82:da:5c:c6:af:21:79:c3:92:76:37:82:92:
         c2:65:03:8e:52:58:19:3d:16:e1:59:d6:e9:db:6c:b7:5f:35:
         96:39:46:0b:d2:bd:29:20:7e:63:41:9c:8d:78:7c:aa:77:f4:
         c7:b3:6f:d5:58:15:8c:9a:bf:30:48:d1:aa:82:20:db:77:9b:
         51:77:0a:a1:59:40:ab:88:26:a9:a0:00:bd:8c:26:11:6d:39:
         72:ee:a3:6a:09:8f:3e:4c:3a:da:87:ed:99:73:a4:d2:a7:39:
         2d:ec:e4:2c:e1:6f:42:a1:f8:ba:70:71:84:48:e0:01:02:e8:
         47:bb:fa:82:cf:e6:cc:5e:a2:60:c9:cc:17:e9:0e:ad:62:bd:
         bc:6e:d3:3b:a5:aa:e0:e2:43:2f:56:03:c1:66:8e:b5:a5:87:
         3d:fc:ff:22:7f:3f:32:62:7e:71:64:85:11:2d:c3:9b:3e:c2:
         d5:a6:0d:f4:0f:a0:21:d7:c1:74:95:28:51:23:75:2f:bd:42:
         06:15:ca:11:80:83:7b:1c:b8:fa:80:ed:6f:c0:5e:0f:5e:09:
         be:44:c1:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9IzvGvUVoYNxp4vH1gHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMTdmNDZhZmYzZDhiMjFmMDBmZWU4ZjYzNWVhZTM0YTdm
NGE0ZDcwHhcNMjYwNDE3MDEwMDU2WhcNMjYwNDE4MDEwMDU2WjAzMTEwLwYDVQQD
Eyg1ODk5MDZmM2I4MzdkNTYyMDYzNjU4ZmNhNDlkNjkyNDNlYTI3MDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+SXmCK8ccd2KRDxoe+TIFfiA5k2
dhpUCdc5zXaNpB108S4erip382aCWk8EbJ8ASSwkAIGfNeuqY9JYfZ2lpL/rmYnQ
cwVYHVK2crZCC6QS8BIfd9BkJ+iLmql2KeP4wdYSKu6SYC/TfoBRUoX3NVk5bp4J
EG4Wr/MUHEUlFZhW8rAdecO+fE813YCp5ZUJ3CcAI0cLxUxZcJEGJ0b+CeWjIVfO
xPMpv6vHDBAZuVIZdKZDJel6wBxcIaDCBc3VQYyDjm4pUJDRR2aptzaBMfGXsDn+
PpqyfLq9J4LZqiHPtcw3zU6UsPm8RrRsCMrt+PwYGwirljezkGydI0491wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFiZBvO4N9ViBjZY/KSdaSQ+onBEMB8GA1UdIwQY
MBaAFD0X9Gr/PYsh8A/uj2NerjSn9KTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iMjgxYzctY2Q5YS00Mzc1LWI4NGEt
ODUxZWQ1MjlmMjIyLzEvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iMjgxYzctY2Q5YS00Mzc1LWI4NGEtODUxZWQ1MjlmMjIy
LzEvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj7aeFfGY
lqfgKTFz7arYUsn5R9Bn2KxF/DzDaeF4i8QZgblNGt6vAMiC2lzGryF5w5J2N4KS
wmUDjlJYGT0W4VnW6dtst181ljlGC9K9KSB+Y0GcjXh8qnf0x7Nv1VgVjJq/MEjR
qoIg23ebUXcKoVlAq4gmqaAAvYwmEW05cu6jagmPPkw62oftmXOk0qc5LezkLOFv
QqH4unBxhEjgAQLoR7v6gs/mzF6iYMnMF+kOrWK9vG7TO6Wq4OJDL1YDwWaOtaWH
Pfz/In8/MmJ+cWSFES3Dmz7C1aYN9A+gIdfBdJUoUSN1L71CBhXKEYCDexy4+oDt
b8BeD14JvkTBkA==
-----END CERTIFICATE-----