Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
File:                     f1HfHfTohn5B5ef5Lef50foMFU0.mft (raw, json)
Hash identifier:          S8tlxlSy88BlB/zJZzmTJ9Mg+L8fR7HMBzhgbBUpwno=
Subject key identifier:   65:CC:4B:13:C3:37:1C:84:37:CD:A9:9D:B2:DC:DF:A3:2C:4B:31:DA
Authority key identifier: 7F:51:DF:1D:F4:E8:86:7E:41:E5:E7:F9:2D:E7:F9:D1:FA:0C:15:4D
Certificate issuer:       /CN=7f51df1df4e8867e41e5e7f92de7f9d1fa0c154d
Certificate serial:       019D99622C1634CF893B38FB03506FD12174
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
Manifest number:          0DA6
Signing time:             Fri 17 Apr 2026 03:00:40 +0000
Manifest this update:     Fri 17 Apr 2026 03:00:40 +0000
Manifest next update:     Sat 18 Apr 2026 03:00:40 +0000
Files and hashes:         1: f1HfHfTohn5B5ef5Lef50foMFU0.crl (hash: HEKH1scDBOzujRf4FnaNqdsRR/zwj8JwcXi/jOB9w5Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:2c:16:34:cf:89:3b:38:fb:03:50:6f:d1:21:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7f51df1df4e8867e41e5e7f92de7f9d1fa0c154d
        Validity
            Not Before: Apr 17 03:00:40 2026 GMT
            Not After : Apr 18 03:00:40 2026 GMT
        Subject: CN=65cc4b13c3371c8437cda99db2dcdfa32c4b31da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:78:5b:fc:f5:fb:1c:5a:bb:a9:b2:2e:ce:bb:
                    f0:ed:89:59:4b:a9:6a:e1:1b:74:23:d4:b7:17:55:
                    54:51:16:1f:27:dc:91:c2:c2:ae:dd:52:9c:ea:16:
                    ba:87:53:fd:43:c7:3a:d5:2c:13:09:b9:70:83:fa:
                    81:07:9b:2d:92:04:17:9f:f5:5a:10:b6:54:73:a6:
                    b5:41:79:95:fa:5d:6c:a1:9c:c4:62:f4:c8:59:c6:
                    e6:7c:b5:b3:15:30:3e:43:00:9d:9b:ff:9f:31:e6:
                    b6:da:e7:c0:64:9c:30:12:7e:8a:e2:74:6f:fd:72:
                    b9:85:21:be:54:c7:85:33:ef:60:5d:94:e6:7f:e0:
                    8d:09:03:13:7b:8b:02:03:52:4a:ad:15:66:3b:2e:
                    f2:d2:c3:e1:97:74:7d:f2:91:4e:9b:7a:c0:71:0d:
                    cb:97:b6:58:40:aa:41:a4:84:9c:d0:1e:27:f4:ee:
                    38:a7:b0:9f:4e:1b:8c:05:e0:ea:75:2a:b4:3f:48:
                    67:5c:fe:1b:3e:70:f0:c8:ed:b2:99:04:f4:d6:43:
                    83:a4:f8:ef:c1:56:81:6b:8a:1e:02:98:39:6c:eb:
                    ab:9b:6f:ae:cb:60:85:13:41:d2:ac:ea:e6:5b:7f:
                    fd:2f:5c:15:33:b3:b7:61:e2:38:88:96:9a:be:c5:
                    70:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:CC:4B:13:C3:37:1C:84:37:CD:A9:9D:B2:DC:DF:A3:2C:4B:31:DA
            X509v3 Authority Key Identifier:
                keyid:7F:51:DF:1D:F4:E8:86:7E:41:E5:E7:F9:2D:E7:F9:D1:FA:0C:15:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:c3:69:db:20:73:7e:b5:35:67:7a:12:35:09:b7:1e:ca:d6:
         0a:79:4d:87:c3:73:59:4a:04:cc:d9:f9:7c:eb:51:eb:00:b6:
         a5:e6:21:41:65:a8:b6:fd:07:67:42:ad:32:ba:de:72:46:09:
         76:33:c3:4c:a0:ab:e4:bc:f6:29:0f:c6:3f:91:03:9f:5a:ed:
         13:e2:40:fa:a6:b9:cd:2a:9a:da:96:b2:2a:de:9f:f0:57:a7:
         cc:75:1b:59:e3:a5:c0:0a:84:54:5b:ac:98:16:8c:ef:f5:6a:
         d7:71:b4:21:28:bb:b8:37:03:82:34:93:eb:04:a7:b9:2c:54:
         76:6a:d1:bd:80:1b:d0:49:19:02:13:55:e6:98:78:6a:d8:18:
         fe:d2:c5:7f:e1:e7:84:e4:29:84:98:7e:5b:9d:25:12:25:86:
         25:c1:72:2a:f8:84:b3:79:c3:9a:b1:5f:6e:76:05:35:e3:d6:
         54:3f:85:1d:12:82:67:c7:ff:db:47:35:8d:b7:e3:e0:aa:a3:
         1b:e8:af:42:c1:8f:a6:da:ca:7c:87:8e:09:a3:df:52:f0:13:
         c5:a0:23:3f:bb:93:c3:79:77:8c:c7:d0:25:78:20:ff:58:3c:
         a1:7a:ee:96:b6:67:90:bb:01:7f:2e:d2:5d:0d:bb:de:4d:b4:
         5f:79:ed:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYiwWNM+JOzj7A1Bv0SF0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTFkZjFkZjRlODg2N2U0MWU1ZTdmOTJkZTdmOWQxZmEw
YzE1NGQwHhcNMjYwNDE3MDMwMDQwWhcNMjYwNDE4MDMwMDQwWjAzMTEwLwYDVQQD
Eyg2NWNjNGIxM2MzMzcxYzg0MzdjZGE5OWRiMmRjZGZhMzJjNGIzMWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3hb/PX7HFq7qbIuzrvw7YlZS6lq
4Rt0I9S3F1VUURYfJ9yRwsKu3VKc6ha6h1P9Q8c61SwTCblwg/qBB5stkgQXn/Va
ELZUc6a1QXmV+l1soZzEYvTIWcbmfLWzFTA+QwCdm/+fMea22ufAZJwwEn6K4nRv
/XK5hSG+VMeFM+9gXZTmf+CNCQMTe4sCA1JKrRVmOy7y0sPhl3R98pFOm3rAcQ3L
l7ZYQKpBpISc0B4n9O44p7CfThuMBeDqdSq0P0hnXP4bPnDwyO2ymQT01kODpPjv
wVaBa4oeApg5bOurm2+uy2CFE0HSrOrmW3/9L1wVM7O3YeI4iJaavsVwKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGXMSxPDNxyEN82pnbLc36MsSzHaMB8GA1UdIwQY
MBaAFH9R3x306IZ+QeXn+S3n+dH6DBVNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS81ZTczMWYtNTI4Yi00ZTAyLWFkNjgt
NmQ5MDM1YWYxNTM1LzEvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS81ZTczMWYtNTI4Yi00ZTAyLWFkNjgtNmQ5MDM1YWYxNTM1
LzEvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMcNp2yBz
frU1Z3oSNQm3HsrWCnlNh8NzWUoEzNn5fOtR6wC2peYhQWWotv0HZ0KtMrreckYJ
djPDTKCr5Lz2KQ/GP5EDn1rtE+JA+qa5zSqa2payKt6f8FenzHUbWeOlwAqEVFus
mBaM7/Vq13G0ISi7uDcDgjST6wSnuSxUdmrRvYAb0EkZAhNV5ph4atgY/tLFf+Hn
hOQphJh+W50lEiWGJcFyKviEs3nDmrFfbnYFNePWVD+FHRKCZ8f/20c1jbfj4Kqj
G+ivQsGPptrKfIeOCaPfUvATxaAjP7uTw3l3jMfQJXgg/1g8oXrulrZnkLsBfy7S
XQ273k20X3ntgw==
-----END CERTIFICATE-----