Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
File:                     HR3nlQkjqWQxniwzg0m9Emh75K4.mft (raw, json)
Hash identifier:          8/Uq2C9yqtO/raV+beXn5jO3eocMI01Hbofzcq8Xk/c=
Subject key identifier:   83:94:86:D3:F6:22:AA:92:6F:C1:CE:7E:E8:01:9C:40:18:D4:D5:C9
Authority key identifier: 1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE
Certificate issuer:       /CN=1d1de7950923a964319e2c338349bd12687be4ae
Certificate serial:       019D9AE340A9E3A43432D6B945DA551D5A71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
Manifest number:          0D38
Signing time:             Fri 17 Apr 2026 10:01:17 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:17 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:17 +0000
Files and hashes:         1: HR3nlQkjqWQxniwzg0m9Emh75K4.crl (hash: G9i8LOy9lzpF8b9Y5v8BBGPCPiR7RqWnYBVmNm8PeOk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 10:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:40:a9:e3:a4:34:32:d6:b9:45:da:55:1d:5a:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d1de7950923a964319e2c338349bd12687be4ae
        Validity
            Not Before: Apr 17 10:01:17 2026 GMT
            Not After : Apr 18 10:01:17 2026 GMT
        Subject: CN=839486d3f622aa926fc1ce7ee8019c4018d4d5c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:e2:88:6c:d1:59:64:8f:4c:c9:12:ab:fe:35:
                    ed:3f:c1:56:68:24:d2:a6:a1:a3:e9:72:07:8f:d4:
                    39:c9:5d:06:af:4f:4f:fe:d6:06:31:c4:ee:c7:91:
                    70:02:60:12:52:e6:9b:8b:eb:f6:fe:b8:0f:a4:12:
                    75:8c:36:0f:e9:2c:66:fa:5c:42:aa:a6:3b:bd:f7:
                    12:2e:fb:06:ad:2f:00:a7:e2:52:46:2b:a2:80:4f:
                    0a:8c:14:a3:13:61:1d:f4:da:ae:db:17:2a:8c:e7:
                    d7:cd:f2:d6:f5:52:ee:c0:c5:35:21:c5:ba:a8:47:
                    9d:50:09:2a:d9:f1:4b:9c:bb:78:84:07:90:43:c3:
                    d0:ed:96:90:3b:50:48:b6:fc:9b:91:7d:b7:93:51:
                    cb:81:14:ea:78:72:f1:69:64:ec:5c:ce:66:13:0e:
                    0f:51:d5:51:82:e1:88:df:4f:a0:3a:f5:8e:cd:46:
                    b8:c0:3b:98:21:35:23:3e:3e:89:90:1f:f9:5e:47:
                    70:a2:1b:cd:3e:f8:16:00:ab:39:9b:87:78:5c:6c:
                    77:d5:32:2a:b6:fd:80:c8:96:02:82:0e:62:d8:39:
                    21:63:93:55:7e:87:78:f3:66:32:7a:bd:a7:67:af:
                    2d:59:64:4c:85:14:d0:9a:09:37:99:a8:d2:ee:ee:
                    b1:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:94:86:D3:F6:22:AA:92:6F:C1:CE:7E:E8:01:9C:40:18:D4:D5:C9
            X509v3 Authority Key Identifier:
                keyid:1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:c9:ed:31:9a:22:6b:5f:61:7a:e9:57:ef:9f:6a:f6:22:f6:
         76:40:a3:f8:89:7a:09:7c:90:a0:43:2e:15:4b:d3:8d:11:a5:
         3f:16:b4:9d:01:62:14:0a:2e:9d:46:e6:6c:e3:8a:b1:3a:db:
         82:5f:73:99:4b:45:17:fb:a2:3d:36:3c:1c:fc:10:7e:0c:d6:
         d1:83:b4:4a:85:51:3e:f9:a6:2a:71:26:13:18:c5:3e:28:a2:
         0e:76:c4:37:f0:92:0e:3d:b1:1f:c8:d2:b8:2a:96:e7:a6:8a:
         e5:d3:b8:d3:72:aa:e9:30:f6:34:24:bb:35:93:70:37:cc:ed:
         1c:c4:96:40:69:c2:67:a9:22:61:07:56:21:f0:c3:ac:40:91:
         fe:4a:f5:62:46:6b:f2:1f:40:01:26:13:8a:bc:14:0e:0a:19:
         1b:94:ea:33:db:0f:7c:79:3e:a3:85:1d:bd:64:3f:93:10:66:
         f8:82:30:e1:ab:19:98:dc:b9:d6:74:d6:85:eb:2c:4b:e9:d2:
         ba:f0:39:7e:a4:26:90:b7:d3:12:e7:43:0d:2e:bc:1d:a4:e7:
         65:6c:63:d3:04:6d:92:ab:c1:bf:d6:f3:0d:97:cc:bf:d7:3d:
         de:99:b2:cb:84:b3:88:b5:17:0b:35:ec:5e:c0:44:f7:bc:cb:
         43:cd:84:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a40Cp46Q0Mta5RdpVHVpxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMWRlNzk1MDkyM2E5NjQzMTllMmMzMzgzNDliZDEyNjg3
YmU0YWUwHhcNMjYwNDE3MTAwMTE3WhcNMjYwNDE4MTAwMTE3WjAzMTEwLwYDVQQD
Eyg4Mzk0ODZkM2Y2MjJhYTkyNmZjMWNlN2VlODAxOWM0MDE4ZDRkNWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeKIbNFZZI9MyRKr/jXtP8FWaCTS
pqGj6XIHj9Q5yV0Gr09P/tYGMcTux5FwAmASUuabi+v2/rgPpBJ1jDYP6Sxm+lxC
qqY7vfcSLvsGrS8Ap+JSRiuigE8KjBSjE2Ed9Nqu2xcqjOfXzfLW9VLuwMU1IcW6
qEedUAkq2fFLnLt4hAeQQ8PQ7ZaQO1BItvybkX23k1HLgRTqeHLxaWTsXM5mEw4P
UdVRguGI30+gOvWOzUa4wDuYITUjPj6JkB/5XkdwohvNPvgWAKs5m4d4XGx31TIq
tv2AyJYCgg5i2DkhY5NVfod482Yyer2nZ68tWWRMhRTQmgk3majS7u6xEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIOUhtP2IqqSb8HOfugBnEAY1NXJMB8GA1UdIwQY
MBaAFB0d55UJI6lkMZ4sM4NJvRJoe+SuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3Mzct
ZDhkMDBlMTZjNTkwLzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3MzctZDhkMDBlMTZjNTkw
LzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGsntMZoi
a19heulX759q9iL2dkCj+Il6CXyQoEMuFUvTjRGlPxa0nQFiFAounUbmbOOKsTrb
gl9zmUtFF/uiPTY8HPwQfgzW0YO0SoVRPvmmKnEmExjFPiiiDnbEN/CSDj2xH8jS
uCqW56aK5dO403Kq6TD2NCS7NZNwN8ztHMSWQGnCZ6kiYQdWIfDDrECR/kr1YkZr
8h9AASYTirwUDgoZG5TqM9sPfHk+o4UdvWQ/kxBm+IIw4asZmNy51nTWhessS+nS
uvA5fqQmkLfTEudDDS68HaTnZWxj0wRtkqvBv9bzDZfMv9c93pmyy4SziLUXCzXs
XsBE97zLQ82EVg==
-----END CERTIFICATE-----