Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft
File:                     xlkRwmkydt2NDOt_hKoqtJ79EIk.mft (raw, json)
Hash identifier:          TxKCLC4M+9OGWYalcHbzuAx3qjFRwBED2XLmOgD5nsg=
Subject key identifier:   F4:8D:CE:04:E6:42:8C:43:5D:3C:70:F3:42:04:D1:92:D6:2E:38:63
Authority key identifier: C6:59:11:C2:69:32:76:DD:8D:0C:EB:7F:84:AA:2A:B4:9E:FD:10:89
Certificate issuer:       /CN=c65911c2693276dd8d0ceb7f84aa2ab49efd1089
Certificate serial:       019DCFE35AE28E58BCA4C192CBA7830A6467
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xlkRwmkydt2NDOt_hKoqtJ79EIk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft
Manifest number:          06DA
Signing time:             Mon 27 Apr 2026 17:01:16 +0000
Manifest this update:     Mon 27 Apr 2026 17:01:16 +0000
Manifest next update:     Tue 28 Apr 2026 17:01:16 +0000
Files and hashes:         1: xlkRwmkydt2NDOt_hKoqtJ79EIk.crl (hash: wQ8spNS14XkBp2CD/OIASpW/eeg689TaYuRiu2vRi4k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xlkRwmkydt2NDOt_hKoqtJ79EIk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 28 Apr 2026 14:27:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:cf:e3:5a:e2:8e:58:bc:a4:c1:92:cb:a7:83:0a:64:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c65911c2693276dd8d0ceb7f84aa2ab49efd1089
        Validity
            Not Before: Apr 27 17:01:16 2026 GMT
            Not After : Apr 28 17:01:16 2026 GMT
        Subject: CN=f48dce04e6428c435d3c70f34204d192d62e3863
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:ed:61:53:1c:13:2e:44:47:3d:56:c6:85:6c:
                    e0:b2:9e:7c:5f:d8:17:1d:69:02:6d:ee:48:84:f4:
                    38:d8:5f:b8:59:e7:a0:ff:71:a2:13:21:70:5e:63:
                    dd:f5:92:36:21:46:30:ef:18:6c:70:d5:55:d0:9d:
                    0f:60:99:a5:b5:ff:37:dc:76:cd:16:47:8c:69:48:
                    88:ee:bd:66:37:c1:66:8e:85:ad:2b:b1:60:ce:6c:
                    1b:4d:41:9c:05:65:92:8b:30:c5:f8:f6:ab:ed:70:
                    ae:87:20:75:cb:a9:c6:c8:c9:3c:49:4c:ca:7b:4c:
                    30:38:5d:d0:7b:63:97:d0:07:2f:18:3c:dc:40:74:
                    fe:33:51:31:fc:81:9b:54:de:92:23:10:e0:14:d8:
                    a4:b0:19:96:38:15:4b:7b:42:9d:c2:76:9e:e0:af:
                    e3:7b:ee:58:76:53:e2:c4:1e:f9:ed:8e:5f:f4:f1:
                    24:a8:aa:2a:f8:de:b6:9a:75:66:f8:78:15:d5:75:
                    d2:32:d1:db:a1:97:43:20:cc:3d:99:63:2a:72:57:
                    7b:46:b1:07:d0:bb:3b:3f:21:b4:c2:b9:80:68:30:
                    ac:08:78:fc:8a:cd:66:24:0f:e0:c8:11:85:b1:25:
                    25:92:9c:68:d1:a3:31:b8:38:23:66:62:1d:6e:4b:
                    7a:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:8D:CE:04:E6:42:8C:43:5D:3C:70:F3:42:04:D1:92:D6:2E:38:63
            X509v3 Authority Key Identifier:
                keyid:C6:59:11:C2:69:32:76:DD:8D:0C:EB:7F:84:AA:2A:B4:9E:FD:10:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xlkRwmkydt2NDOt_hKoqtJ79EIk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:9a:ce:85:0b:4b:d1:24:39:0d:8e:1d:cc:df:5d:df:16:1e:
         ae:cc:c1:61:90:5c:6b:f1:af:12:12:92:29:28:27:c3:7a:f0:
         2e:35:9d:50:34:9e:7c:de:3e:11:8d:b9:10:96:f2:1b:82:82:
         cd:4d:1b:9c:49:dc:cf:8e:e6:f3:38:17:e3:c3:94:d3:2b:da:
         13:50:8e:b0:97:5b:d7:8e:84:7c:96:b9:97:1d:16:4e:cf:e8:
         20:18:82:09:52:49:41:46:ac:1a:6e:9b:2e:9a:62:56:b2:61:
         30:77:92:70:fb:cd:19:d5:11:db:07:ab:c5:a6:53:62:b2:20:
         f6:c3:fa:47:5e:92:36:64:c9:b2:96:8e:a7:c7:ca:a0:30:84:
         72:31:01:b4:e8:dd:3f:94:af:3f:e7:d5:4e:93:d6:00:d2:ab:
         7e:c7:a5:78:c1:c0:2e:64:d8:5c:14:d6:c2:2d:60:f0:62:33:
         22:70:20:82:d2:6d:1e:01:4b:f9:77:e8:13:9a:36:20:ca:f7:
         6c:2b:70:36:33:66:2d:8a:85:f8:23:1a:47:69:91:15:85:ad:
         c2:3b:70:6c:7d:e4:31:da:8b:72:cf:a8:ae:d5:88:ba:ec:ab:
         a6:63:2e:12:3c:e1:42:6f:d4:0b:e9:c4:dc:45:4d:f6:98:d3:
         a6:2a:02:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3P41rijli8pMGSy6eDCmRnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NTkxMWMyNjkzMjc2ZGQ4ZDBjZWI3Zjg0YWEyYWI0OWVm
ZDEwODkwHhcNMjYwNDI3MTcwMTE2WhcNMjYwNDI4MTcwMTE2WjAzMTEwLwYDVQQD
EyhmNDhkY2UwNGU2NDI4YzQzNWQzYzcwZjM0MjA0ZDE5MmQ2MmUzODYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1u1hUxwTLkRHPVbGhWzgsp58X9gX
HWkCbe5IhPQ42F+4Weeg/3GiEyFwXmPd9ZI2IUYw7xhscNVV0J0PYJmltf833HbN
FkeMaUiI7r1mN8FmjoWtK7FgzmwbTUGcBWWSizDF+Par7XCuhyB1y6nGyMk8SUzK
e0wwOF3Qe2OX0AcvGDzcQHT+M1Ex/IGbVN6SIxDgFNiksBmWOBVLe0Kdwnae4K/j
e+5YdlPixB757Y5f9PEkqKoq+N62mnVm+HgV1XXSMtHboZdDIMw9mWMqcld7RrEH
0Ls7PyG0wrmAaDCsCHj8is1mJA/gyBGFsSUlkpxo0aMxuDgjZmIdbkt6bwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPSNzgTmQoxDXTxw80IE0ZLWLjhjMB8GA1UdIwQY
MBaAFMZZEcJpMnbdjQzrf4SqKrSe/RCJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGxrUndta3lkdDJORE90X2hLb3F0Sjc5RUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9lMjgyNzktOWRlOS00OGFiLWI4NmYt
YTZlODA5NDlhMDI5LzEveGxrUndta3lkdDJORE90X2hLb3F0Sjc5RUlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9lMjgyNzktOWRlOS00OGFiLWI4NmYtYTZlODA5NDlhMDI5
LzEveGxrUndta3lkdDJORE90X2hLb3F0Sjc5RUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcprOhQtL
0SQ5DY4dzN9d3xYerszBYZBca/GvEhKSKSgnw3rwLjWdUDSefN4+EY25EJbyG4KC
zU0bnEncz47m8zgX48OU0yvaE1COsJdb146EfJa5lx0WTs/oIBiCCVJJQUasGm6b
LppiVrJhMHeScPvNGdUR2werxaZTYrIg9sP6R16SNmTJspaOp8fKoDCEcjEBtOjd
P5SvP+fVTpPWANKrfseleMHALmTYXBTWwi1g8GIzInAggtJtHgFL+XfoE5o2IMr3
bCtwNjNmLYqF+CMaR2mRFYWtwjtwbH3kMdqLcs+ortWIuuyrpmMuEjzhQm/UC+nE
3EVN9pjTpioCEw==
-----END CERTIFICATE-----