Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
File:                     Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft (raw, json)
Hash identifier:          qroANWEyjWUwdWb4vVZvOlW1KtcSoEXanC2VQtX3yLY=
Subject key identifier:   91:38:ED:7A:C9:BC:E2:93:56:34:35:E4:37:96:8F:6B:2D:E4:C4:0D
Authority key identifier: 46:8E:CB:A1:0E:75:99:A0:30:AA:61:30:88:68:8A:6C:26:D6:2D:75
Certificate issuer:       /CN=468ecba10e7599a030aa613088688a6c26d62d75
Certificate serial:       019D284E662C135C63240959F8753DFBCC2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
Manifest number:          1517
Signing time:             Thu 26 Mar 2026 04:01:59 +0000
Manifest this update:     Thu 26 Mar 2026 04:01:59 +0000
Manifest next update:     Fri 27 Mar 2026 04:01:59 +0000
Files and hashes:         1: Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl (hash: 5tHy2lLaHKdZsSgFkco8el7lu0r3s5VS6iInS95k4+Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4e:66:2c:13:5c:63:24:09:59:f8:75:3d:fb:cc:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=468ecba10e7599a030aa613088688a6c26d62d75
        Validity
            Not Before: Mar 26 04:01:59 2026 GMT
            Not After : Mar 27 04:01:59 2026 GMT
        Subject: CN=9138ed7ac9bce293563435e437968f6b2de4c40d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:30:86:ce:1c:91:cc:bc:19:98:cf:c1:6b:7e:
                    ad:d9:4c:84:c7:06:d4:4b:71:df:93:c8:bf:5c:a5:
                    1e:11:ac:6e:2d:4a:4c:ea:c4:49:01:05:18:b1:cc:
                    7f:e8:69:a8:fa:fa:3c:18:1c:69:7f:6c:60:30:5b:
                    15:f7:1f:74:05:67:11:25:c6:af:3d:e5:6b:fd:3d:
                    a1:63:dc:96:f5:8b:42:05:41:83:a2:11:3a:ed:01:
                    51:0b:56:b9:04:e1:30:e5:80:01:53:28:0f:2e:58:
                    60:04:a8:9a:01:18:1a:a1:24:f1:49:0d:ca:ad:fc:
                    01:d6:33:2c:90:8e:7f:22:ee:a2:91:1b:57:2d:18:
                    6b:4b:29:74:84:91:0d:55:9d:52:a9:b7:f0:73:b8:
                    a7:7f:0e:2f:b7:22:b4:b1:c6:0e:57:0c:69:14:7a:
                    cc:46:09:b4:02:15:37:46:92:66:52:05:95:f5:0a:
                    91:58:52:e2:c1:65:0f:9f:2e:15:15:ac:16:a4:52:
                    8a:7a:70:82:45:29:04:11:8a:e0:6b:7f:0e:88:57:
                    fd:07:ac:ea:27:2a:8a:b4:67:dc:a1:3f:82:7b:0d:
                    21:60:64:e1:58:7a:c2:38:8e:dc:0b:f4:2d:c6:ea:
                    f5:01:c9:2d:f2:0f:7f:9d:69:2e:dd:67:c7:e2:6f:
                    fe:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:38:ED:7A:C9:BC:E2:93:56:34:35:E4:37:96:8F:6B:2D:E4:C4:0D
            X509v3 Authority Key Identifier:
                keyid:46:8E:CB:A1:0E:75:99:A0:30:AA:61:30:88:68:8A:6C:26:D6:2D:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:8e:5e:95:93:d7:8d:ad:8b:54:1c:86:df:12:73:00:31:78:
         62:d6:b6:56:4f:a5:5e:5c:6d:37:0b:16:31:d2:6e:24:e0:53:
         b5:00:ca:7d:7d:73:81:f9:2b:85:28:31:42:cb:57:6b:9f:6e:
         3f:67:85:fa:cd:4e:05:12:23:de:63:bc:f4:ac:f7:24:a8:44:
         70:8a:1d:1d:a7:4f:c6:32:6d:5a:a8:20:a0:92:f5:f3:02:79:
         58:27:2a:e2:4d:00:51:16:41:c8:30:a7:53:73:12:c6:7a:ea:
         c8:73:65:a9:ea:87:1f:b7:c5:db:bb:ab:8e:93:87:83:e2:96:
         5d:78:b3:8d:58:71:eb:44:c9:8a:86:fd:98:cf:fd:d1:41:af:
         76:21:48:95:72:47:f8:4c:77:e3:6d:13:a4:59:46:35:3a:02:
         2a:02:e0:3a:dd:23:81:94:e0:af:00:c1:40:62:ca:da:cf:76:
         d4:40:76:bd:1c:c6:0e:d2:71:1c:02:b1:4f:d8:f0:2e:b7:82:
         1c:26:aa:2d:66:17:28:f7:b0:c7:c6:b3:2a:b2:83:b2:88:e2:
         69:47:e7:80:fd:6a:5c:39:a7:2e:7e:89:d9:38:07:57:4f:16:
         90:ee:9b:b2:48:3d:9c:c6:ed:2f:a7:5e:a2:22:82:f7:56:a8:
         66:2a:50:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTmYsE1xjJAlZ+HU9+8wuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OGVjYmExMGU3NTk5YTAzMGFhNjEzMDg4Njg4YTZjMjZk
NjJkNzUwHhcNMjYwMzI2MDQwMTU5WhcNMjYwMzI3MDQwMTU5WjAzMTEwLwYDVQQD
Eyg5MTM4ZWQ3YWM5YmNlMjkzNTYzNDM1ZTQzNzk2OGY2YjJkZTRjNDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDCGzhyRzLwZmM/Ba36t2UyExwbU
S3Hfk8i/XKUeEaxuLUpM6sRJAQUYscx/6Gmo+vo8GBxpf2xgMFsV9x90BWcRJcav
PeVr/T2hY9yW9YtCBUGDohE67QFRC1a5BOEw5YABUygPLlhgBKiaARgaoSTxSQ3K
rfwB1jMskI5/Iu6ikRtXLRhrSyl0hJENVZ1Sqbfwc7infw4vtyK0scYOVwxpFHrM
Rgm0AhU3RpJmUgWV9QqRWFLiwWUPny4VFawWpFKKenCCRSkEEYrga38OiFf9B6zq
JyqKtGfcoT+Cew0hYGThWHrCOI7cC/Qtxur1Ackt8g9/nWku3WfH4m/+UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJE47XrJvOKTVjQ15DeWj2st5MQNMB8GA1UdIwQY
MBaAFEaOy6EOdZmgMKphMIhoimwm1i11MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mMWVhNTAtNGUwNS00YWJkLTg5Mjct
ZGY3ZTBiZDZmODE2LzEvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mMWVhNTAtNGUwNS00YWJkLTg5MjctZGY3ZTBiZDZmODE2
LzEvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgo5elZPX
ja2LVByG3xJzADF4Yta2Vk+lXlxtNwsWMdJuJOBTtQDKfX1zgfkrhSgxQstXa59u
P2eF+s1OBRIj3mO89Kz3JKhEcIodHadPxjJtWqggoJL18wJ5WCcq4k0AURZByDCn
U3MSxnrqyHNlqeqHH7fF27urjpOHg+KWXXizjVhx60TJiob9mM/90UGvdiFIlXJH
+Ex3420TpFlGNToCKgLgOt0jgZTgrwDBQGLK2s921EB2vRzGDtJxHAKxT9jwLreC
HCaqLWYXKPewx8azKrKDsojiaUfngP1qXDmnLn6J2TgHV08WkO6bskg9nMbtL6de
oiKC91aoZipQyQ==
-----END CERTIFICATE-----