Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft
File:                     9kixVYLTS9UXCp3RO4EyW6uuXjo.mft (raw, json)
Hash identifier:          iPgfrOS70fY9s9Il0ZrHG8C6cI9z2UzBfzgIkITIASs=
Subject key identifier:   C7:1B:CD:A9:6D:77:20:86:DA:C0:7F:A4:E7:51:EC:EB:6B:65:EF:A8
Authority key identifier: F6:48:B1:55:82:D3:4B:D5:17:0A:9D:D1:3B:81:32:5B:AB:AE:5E:3A
Certificate issuer:       /CN=f648b15582d34bd5170a9dd13b81325babae5e3a
Certificate serial:       019E30E0CA1D2B9E7D8DC5A8E66A59C2E352
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9kixVYLTS9UXCp3RO4EyW6uuXjo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft
Manifest number:          1910
Signing time:             Sat 16 May 2026 13:01:38 +0000
Manifest this update:     Sat 16 May 2026 13:01:38 +0000
Manifest next update:     Sun 17 May 2026 13:01:38 +0000
Files and hashes:         1: 9kixVYLTS9UXCp3RO4EyW6uuXjo.crl (hash: zfZ3C0YXDBPxjB65R2v/vLt8STJUKVb7b+oZs/FayX4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9kixVYLTS9UXCp3RO4EyW6uuXjo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 12:40:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:e0:ca:1d:2b:9e:7d:8d:c5:a8:e6:6a:59:c2:e3:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f648b15582d34bd5170a9dd13b81325babae5e3a
        Validity
            Not Before: May 16 13:01:38 2026 GMT
            Not After : May 17 13:01:38 2026 GMT
        Subject: CN=c71bcda96d772086dac07fa4e751eceb6b65efa8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:e4:05:ec:ac:54:21:a9:c9:b8:00:0b:54:f1:
                    42:3c:03:24:4e:6b:d2:46:4d:d4:9b:9a:60:d8:15:
                    70:4f:ec:85:1f:ce:8c:4b:fd:27:85:cb:25:58:4a:
                    eb:4e:d8:5f:7a:ff:12:33:55:a0:04:32:a4:44:3e:
                    68:d6:5c:76:d4:13:90:30:3a:ae:bf:bb:be:7a:bf:
                    7a:f4:45:1e:86:9a:aa:83:1b:e4:ea:ee:b4:0d:28:
                    55:20:b8:0b:22:4b:2d:a0:3b:47:74:c4:4f:e9:0c:
                    eb:37:3e:bd:80:be:25:cc:37:06:5a:f0:86:96:72:
                    c8:df:91:df:ad:e4:1e:55:ea:24:ad:f5:c0:09:30:
                    e8:eb:f6:49:1b:c8:ec:ad:01:41:f5:40:bf:24:78:
                    8c:0c:b1:70:51:07:12:b3:bb:f6:75:e8:80:2e:3e:
                    da:e7:77:a8:6a:aa:f5:e6:58:dc:68:f1:af:69:5b:
                    a7:a4:b3:93:e1:f9:50:89:d1:7e:9d:6e:2a:da:af:
                    80:45:af:97:88:3a:5e:7c:b9:db:bb:05:90:be:7d:
                    d3:f3:c2:cb:6c:4f:9c:15:f7:22:ec:44:4e:fe:90:
                    d3:13:cc:3e:3e:79:3a:2e:68:44:e1:53:91:b5:f4:
                    f5:c7:35:cb:97:90:3e:da:4b:34:ca:d2:d4:be:1a:
                    86:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:1B:CD:A9:6D:77:20:86:DA:C0:7F:A4:E7:51:EC:EB:6B:65:EF:A8
            X509v3 Authority Key Identifier:
                keyid:F6:48:B1:55:82:D3:4B:D5:17:0A:9D:D1:3B:81:32:5B:AB:AE:5E:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9kixVYLTS9UXCp3RO4EyW6uuXjo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:52:b8:46:af:1f:d5:dc:20:54:b6:6b:d1:ee:02:b1:ea:2b:
         ac:0a:bc:38:e9:27:d6:7f:4c:fe:25:38:eb:15:6b:ae:80:60:
         a6:a2:fa:dd:0a:be:ba:34:d7:de:1d:78:74:3b:e6:b8:78:6f:
         9c:f4:4f:04:d1:4b:02:fb:34:a3:3c:43:cc:33:bb:d7:25:6a:
         b4:19:3a:cd:f0:b4:ea:f6:5e:c5:5c:60:a1:96:9f:e8:68:e5:
         1f:77:61:ba:fc:40:e4:93:4a:47:c0:f6:5e:55:92:37:6f:13:
         8a:d7:a4:54:b2:2d:1f:46:0f:f0:13:e4:70:86:91:59:70:b5:
         26:39:42:f9:d7:61:c2:c6:27:f8:9f:42:ba:89:40:7a:07:82:
         0d:e7:d7:07:9e:e8:2a:a2:9c:ec:b3:30:91:30:30:c0:5a:77:
         0d:2b:63:6d:01:7c:42:f4:5b:90:33:38:18:ad:90:19:13:4c:
         94:98:95:d5:39:18:58:15:5d:7b:a0:11:76:a6:8e:8b:7c:91:
         1c:aa:8c:31:02:52:d5:2b:48:88:f3:7e:e2:41:31:12:18:8e:
         72:ea:2f:5a:ca:04:e0:43:91:2f:25:ca:96:e4:b6:4e:9d:69:
         fe:e3:fa:31:32:ab:cb:04:6d:7d:3b:58:9d:0e:85:ed:f8:58:
         35:7c:04:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4w4ModK559jcWo5mpZwuNSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NDhiMTU1ODJkMzRiZDUxNzBhOWRkMTNiODEzMjViYWJh
ZTVlM2EwHhcNMjYwNTE2MTMwMTM4WhcNMjYwNTE3MTMwMTM4WjAzMTEwLwYDVQQD
EyhjNzFiY2RhOTZkNzcyMDg2ZGFjMDdmYTRlNzUxZWNlYjZiNjVlZmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteQF7KxUIanJuAALVPFCPAMkTmvS
Rk3Um5pg2BVwT+yFH86MS/0nhcslWErrTthfev8SM1WgBDKkRD5o1lx21BOQMDqu
v7u+er969EUehpqqgxvk6u60DShVILgLIkstoDtHdMRP6QzrNz69gL4lzDcGWvCG
lnLI35HfreQeVeokrfXACTDo6/ZJG8jsrQFB9UC/JHiMDLFwUQcSs7v2deiALj7a
53eoaqr15ljcaPGvaVunpLOT4flQidF+nW4q2q+ARa+XiDpefLnbuwWQvn3T88LL
bE+cFfci7ERO/pDTE8w+Pnk6LmhE4VORtfT1xzXLl5A+2ks0ytLUvhqGmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMcbzaltdyCG2sB/pOdR7OtrZe+oMB8GA1UdIwQY
MBaAFPZIsVWC00vVFwqd0TuBMlurrl46MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWtpeFZZTFRTOVVYQ3AzUk80RXlXNnV1WGpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9kOGY2NzItNTM5Zi00MDFkLTlkYzct
NjI3OTliOTAyMzFiLzEvOWtpeFZZTFRTOVVYQ3AzUk80RXlXNnV1WGpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9kOGY2NzItNTM5Zi00MDFkLTlkYzctNjI3OTliOTAyMzFi
LzEvOWtpeFZZTFRTOVVYQ3AzUk80RXlXNnV1WGpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR1K4Rq8f
1dwgVLZr0e4CseorrAq8OOkn1n9M/iU46xVrroBgpqL63Qq+ujTX3h14dDvmuHhv
nPRPBNFLAvs0ozxDzDO71yVqtBk6zfC06vZexVxgoZaf6GjlH3dhuvxA5JNKR8D2
XlWSN28TitekVLItH0YP8BPkcIaRWXC1JjlC+ddhwsYn+J9CuolAegeCDefXB57o
KqKc7LMwkTAwwFp3DStjbQF8QvRbkDM4GK2QGRNMlJiV1TkYWBVde6ARdqaOi3yR
HKqMMQJS1StIiPN+4kExEhiOcuovWsoE4EORLyXKluS2Tp1p/uP6MTKrywRtfTtY
nQ6F7fhYNXwEsg==
-----END CERTIFICATE-----