Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/d3885c-6b74-43c4-8fdd-789d07c19808/1/RUH1XBZZBCT7NMZeDi6sIogkcNs.mft
File:                     RUH1XBZZBCT7NMZeDi6sIogkcNs.mft (raw, json)
Hash identifier:          r8PYSlZfA0xVFjOn8eWLkXITCeVouKgluo0o4XiZDTc=
Subject key identifier:   B9:71:8D:4D:AF:D3:88:49:53:E3:43:A8:0A:8B:BB:CE:49:56:99:D0
Authority key identifier: 45:41:F5:5C:16:59:04:24:FB:34:C6:5E:0E:2E:AC:22:88:24:70:DB
Certificate issuer:       /CN=4541f55c16590424fb34c65e0e2eac22882470db
Certificate serial:       019D9AE31A51DB7B5E6F3C4F3A66784DDD82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RUH1XBZZBCT7NMZeDi6sIogkcNs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/d3885c-6b74-43c4-8fdd-789d07c19808/1/RUH1XBZZBCT7NMZeDi6sIogkcNs.mft
Manifest number:          0902
Signing time:             Fri 17 Apr 2026 10:01:07 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:07 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:07 +0000
Files and hashes:         1: RUH1XBZZBCT7NMZeDi6sIogkcNs.crl (hash: zdt4e7brvKEOJnlnAJBuuMltK+jdjCuHcHjHMmRwi08=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/d3885c-6b74-43c4-8fdd-789d07c19808/1/RUH1XBZZBCT7NMZeDi6sIogkcNs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/d3885c-6b74-43c4-8fdd-789d07c19808/1/RUH1XBZZBCT7NMZeDi6sIogkcNs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RUH1XBZZBCT7NMZeDi6sIogkcNs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:1a:51:db:7b:5e:6f:3c:4f:3a:66:78:4d:dd:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4541f55c16590424fb34c65e0e2eac22882470db
        Validity
            Not Before: Apr 17 10:01:07 2026 GMT
            Not After : Apr 18 10:01:07 2026 GMT
        Subject: CN=b9718d4dafd3884953e343a80a8bbbce495699d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:0f:aa:15:61:97:19:86:b3:14:3b:a2:a4:80:
                    55:12:44:18:5e:b2:87:3d:06:d9:b5:31:d8:87:06:
                    e0:7c:a9:ca:92:bd:94:be:f6:00:35:f8:56:b0:92:
                    55:36:3d:03:72:7e:c0:03:2c:c8:0c:69:a6:71:6e:
                    34:e5:51:81:54:20:b1:25:70:1e:c0:8a:72:dd:cf:
                    0f:35:27:ca:0a:c1:af:8d:a2:6a:ef:05:b3:0c:63:
                    ce:af:53:6f:44:76:a7:63:be:0f:c8:f4:22:44:a2:
                    b8:41:d4:89:24:71:80:bb:6d:ff:48:ef:6b:cb:df:
                    bc:a9:12:a3:6d:cc:cc:63:a6:6e:e5:a6:43:a7:3a:
                    3d:a7:c4:e2:f3:65:2c:57:99:c9:9b:de:8a:a0:fc:
                    fe:ac:7c:ce:7f:53:12:1e:1e:66:d5:34:ed:16:1b:
                    80:de:92:95:f5:f3:20:26:f3:26:c9:bf:81:7f:3b:
                    0b:c4:01:62:73:09:9e:1c:2c:f3:0e:59:83:0c:a6:
                    aa:5e:45:f8:81:c2:59:de:46:aa:0a:db:1d:dd:a5:
                    a3:5d:90:34:60:0c:fa:17:ec:98:12:1e:0d:03:f2:
                    7f:c9:8d:29:f0:71:63:9e:ec:ac:99:db:c6:88:68:
                    06:1c:c8:05:b0:65:81:83:b2:25:99:14:ed:5c:80:
                    d2:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:71:8D:4D:AF:D3:88:49:53:E3:43:A8:0A:8B:BB:CE:49:56:99:D0
            X509v3 Authority Key Identifier:
                keyid:45:41:F5:5C:16:59:04:24:FB:34:C6:5E:0E:2E:AC:22:88:24:70:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RUH1XBZZBCT7NMZeDi6sIogkcNs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d3885c-6b74-43c4-8fdd-789d07c19808/1/RUH1XBZZBCT7NMZeDi6sIogkcNs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d3885c-6b74-43c4-8fdd-789d07c19808/1/RUH1XBZZBCT7NMZeDi6sIogkcNs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:57:a6:a8:c9:ec:9b:4e:3a:20:e6:12:9c:e0:1c:6d:b3:8c:
         57:7c:95:27:c1:a4:2f:c7:5b:fc:85:5e:a7:89:9e:96:50:6a:
         ba:2d:32:09:0d:29:fc:fb:8e:c7:58:7a:a4:7f:74:89:0d:b4:
         8b:06:15:e3:a0:ec:0c:68:5e:cb:8c:f5:6b:d4:79:06:a1:ba:
         57:47:78:08:5a:65:12:49:dd:19:bf:d3:7e:26:63:94:4c:55:
         76:40:55:78:6b:87:22:03:66:5c:4d:e9:e4:2a:ad:0c:03:79:
         4c:60:3e:bb:d3:14:00:3f:5f:ef:44:1c:f1:ad:12:26:cc:15:
         f0:fa:12:20:e9:fd:df:8a:27:e5:b1:57:42:9e:62:2e:be:80:
         cd:21:40:63:e2:33:9f:58:9b:8c:07:39:68:56:16:de:8b:82:
         8a:5a:8e:7d:ec:f3:b4:d5:d7:67:1b:ed:f4:a2:73:65:47:52:
         7b:c4:e1:a2:f6:85:c9:9e:4a:75:c5:ba:4a:c0:0e:1b:d0:33:
         c6:a0:95:85:84:b4:57:f4:28:52:0b:c0:1c:2e:2f:d4:4a:1a:
         76:e9:7b:e5:cd:4d:e9:fd:a2:9e:a0:36:30:c0:98:6a:bb:2d:
         98:98:98:78:10:70:bf:30:b3:5b:ef:21:e6:d6:ad:ef:c8:86:
         22:cf:25:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4xpR23tebzxPOmZ4Td2CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NDFmNTVjMTY1OTA0MjRmYjM0YzY1ZTBlMmVhYzIyODgy
NDcwZGIwHhcNMjYwNDE3MTAwMTA3WhcNMjYwNDE4MTAwMTA3WjAzMTEwLwYDVQQD
EyhiOTcxOGQ0ZGFmZDM4ODQ5NTNlMzQzYTgwYThiYmJjZTQ5NTY5OWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkg+qFWGXGYazFDuipIBVEkQYXrKH
PQbZtTHYhwbgfKnKkr2UvvYANfhWsJJVNj0Dcn7AAyzIDGmmcW405VGBVCCxJXAe
wIpy3c8PNSfKCsGvjaJq7wWzDGPOr1NvRHanY74PyPQiRKK4QdSJJHGAu23/SO9r
y9+8qRKjbczMY6Zu5aZDpzo9p8Ti82UsV5nJm96KoPz+rHzOf1MSHh5m1TTtFhuA
3pKV9fMgJvMmyb+BfzsLxAFicwmeHCzzDlmDDKaqXkX4gcJZ3kaqCtsd3aWjXZA0
YAz6F+yYEh4NA/J/yY0p8HFjnuysmdvGiGgGHMgFsGWBg7IlmRTtXIDSDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLlxjU2v04hJU+NDqAqLu85JVpnQMB8GA1UdIwQY
MBaAFEVB9VwWWQQk+zTGXg4urCKIJHDbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlVIMVhCWlpCQ1Q3Tk1aZURpNnNJb2drY05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9kMzg4NWMtNmI3NC00M2M0LThmZGQt
Nzg5ZDA3YzE5ODA4LzEvUlVIMVhCWlpCQ1Q3Tk1aZURpNnNJb2drY05zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9kMzg4NWMtNmI3NC00M2M0LThmZGQtNzg5ZDA3YzE5ODA4
LzEvUlVIMVhCWlpCQ1Q3Tk1aZURpNnNJb2drY05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR1emqMns
m046IOYSnOAcbbOMV3yVJ8GkL8db/IVep4mellBqui0yCQ0p/PuOx1h6pH90iQ20
iwYV46DsDGhey4z1a9R5BqG6V0d4CFplEkndGb/TfiZjlExVdkBVeGuHIgNmXE3p
5CqtDAN5TGA+u9MUAD9f70Qc8a0SJswV8PoSIOn934on5bFXQp5iLr6AzSFAY+Iz
n1ibjAc5aFYW3ouCilqOfezztNXXZxvt9KJzZUdSe8ThovaFyZ5KdcW6SsAOG9Az
xqCVhYS0V/QoUgvAHC4v1Eoadul75c1N6f2inqA2MMCYarstmJiYeBBwvzCzW+8h
5tat78iGIs8lgw==
-----END CERTIFICATE-----