Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
File:                     z4duDnrrYE0WMdSaAl4XitJ0qBI.mft (raw, json)
Hash identifier:          wLx2l6ualyERarppRrg736pILqcnna745VAbofaHHBw=
Subject key identifier:   34:00:12:4E:1F:FA:20:5C:41:DD:DF:D1:4A:E0:8A:AD:81:13:56:73
Authority key identifier: CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12
Certificate issuer:       /CN=cf876e0e7aeb604d1631d49a025e178ad274a812
Certificate serial:       019D99D034F7A3D5515FDF2720B9EEAD0FC9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 05:00:52 +0000
Manifest this update:     Fri 17 Apr 2026 05:00:52 +0000
Manifest next update:     Sat 18 Apr 2026 05:00:52 +0000
Files and hashes:         1: z4duDnrrYE0WMdSaAl4XitJ0qBI.crl (hash: xkOGvWKoUeSa5Bxg7XZK2dOr0aShP2zaaCzyjNFDF9A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 05:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:d0:34:f7:a3:d5:51:5f:df:27:20:b9:ee:ad:0f:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf876e0e7aeb604d1631d49a025e178ad274a812
        Validity
            Not Before: Apr 17 05:00:52 2026 GMT
            Not After : Apr 18 05:00:52 2026 GMT
        Subject: CN=3400124e1ffa205c41dddfd14ae08aad81135673
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:91:b1:ff:9e:c2:30:ef:88:86:92:7f:bb:30:
                    83:7d:e3:e6:83:16:b7:62:1c:47:79:a9:fd:d0:6e:
                    a3:0a:df:83:7b:8a:48:d0:e9:c8:7e:eb:6f:98:3d:
                    20:dc:1e:61:0e:ff:c8:ac:2f:4e:59:ed:72:2a:6a:
                    7e:86:43:fc:2f:23:9c:98:c6:da:4a:36:de:77:0d:
                    45:ec:0e:88:9c:1e:b5:48:78:76:e7:87:1f:f7:22:
                    7a:34:7c:3e:c5:0b:30:d2:c0:67:c1:62:81:05:f7:
                    47:39:f2:f4:18:a7:e3:5b:55:5c:3b:df:1a:cc:9e:
                    00:f0:0d:f4:84:c5:57:ed:55:5a:0c:70:14:51:38:
                    ff:bb:98:6f:77:be:ea:47:b9:4b:ad:22:f7:27:8a:
                    93:32:97:63:8a:64:4a:5d:a1:d2:18:36:87:b6:ac:
                    b3:5d:64:fa:6e:35:77:1d:c2:c4:88:5e:c1:b4:02:
                    b2:54:ed:25:f1:c2:68:a3:b7:30:fa:c9:77:33:d3:
                    91:49:36:97:a2:73:28:5e:6c:63:31:bc:8a:4a:96:
                    42:99:5a:00:86:98:82:06:ca:3f:6e:ee:7d:d2:df:
                    04:8d:7e:ab:4a:4a:44:2e:67:13:a6:aa:ca:7d:66:
                    03:1e:1f:53:2b:05:e0:95:b9:70:c9:97:52:bd:c3:
                    6e:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:00:12:4E:1F:FA:20:5C:41:DD:DF:D1:4A:E0:8A:AD:81:13:56:73
            X509v3 Authority Key Identifier:
                keyid:CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:c6:27:b9:bd:23:bf:6d:bf:c5:e7:b6:7d:1c:91:55:3d:95:
         7e:81:d1:36:19:c1:67:9f:bf:59:86:a5:5a:e7:4d:b0:99:fd:
         6f:27:db:0b:f4:9b:12:c2:45:86:70:17:c9:9d:87:e4:c8:0f:
         bd:63:66:1a:45:e9:0d:8f:96:a1:3d:05:9f:c9:f1:cb:79:f5:
         71:f5:17:97:d1:fa:7c:c3:2a:2f:12:a2:d5:22:ed:bc:96:61:
         1e:0b:03:6c:87:2c:24:10:71:bf:ce:85:73:34:39:ce:99:73:
         55:32:5d:c5:b7:c5:91:2b:b8:44:3a:3f:6a:f8:46:14:8d:4a:
         4f:a6:59:24:1f:ff:02:3d:f4:3f:f6:a2:4d:b6:91:d9:b2:d2:
         51:9a:f4:72:b5:1c:72:e6:d7:a0:51:b2:84:a6:e1:73:5f:d6:
         fc:d3:1d:bd:2b:c7:61:03:9b:e3:0e:fc:6a:b8:c2:93:9b:9e:
         d8:c8:55:4f:b2:36:bf:c1:94:d1:b4:c9:15:3e:81:61:17:d0:
         62:cd:9f:bd:a0:50:88:e7:f1:98:d4:fa:3a:b1:f0:71:6a:57:
         9e:05:3e:1a:4c:ce:5c:ed:90:b6:60:f0:db:d8:3c:4b:39:0a:
         36:5d:d9:be:cc:10:5c:e2:be:c0:ea:10:8a:56:8e:10:20:6e:
         3b:0d:6d:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Z0DT3o9VRX98nILnurQ/JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmODc2ZTBlN2FlYjYwNGQxNjMxZDQ5YTAyNWUxNzhhZDI3
NGE4MTIwHhcNMjYwNDE3MDUwMDUyWhcNMjYwNDE4MDUwMDUyWjAzMTEwLwYDVQQD
EygzNDAwMTI0ZTFmZmEyMDVjNDFkZGRmZDE0YWUwOGFhZDgxMTM1NjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5Gx/57CMO+IhpJ/uzCDfePmgxa3
YhxHean90G6jCt+De4pI0OnIfutvmD0g3B5hDv/IrC9OWe1yKmp+hkP8LyOcmMba
Sjbedw1F7A6InB61SHh254cf9yJ6NHw+xQsw0sBnwWKBBfdHOfL0GKfjW1VcO98a
zJ4A8A30hMVX7VVaDHAUUTj/u5hvd77qR7lLrSL3J4qTMpdjimRKXaHSGDaHtqyz
XWT6bjV3HcLEiF7BtAKyVO0l8cJoo7cw+sl3M9ORSTaXonMoXmxjMbyKSpZCmVoA
hpiCBso/bu590t8EjX6rSkpELmcTpqrKfWYDHh9TKwXglblwyZdSvcNuBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDQAEk4f+iBcQd3f0Urgiq2BE1ZzMB8GA1UdIwQY
MBaAFM+Hbg5662BNFjHUmgJeF4rSdKgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEt
Mjk3NTVhN2M5NGZkLzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEtMjk3NTVhN2M5NGZk
LzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl8Ynub0j
v22/xee2fRyRVT2VfoHRNhnBZ5+/WYalWudNsJn9byfbC/SbEsJFhnAXyZ2H5MgP
vWNmGkXpDY+WoT0Fn8nxy3n1cfUXl9H6fMMqLxKi1SLtvJZhHgsDbIcsJBBxv86F
czQ5zplzVTJdxbfFkSu4RDo/avhGFI1KT6ZZJB//Aj30P/aiTbaR2bLSUZr0crUc
cubXoFGyhKbhc1/W/NMdvSvHYQOb4w78arjCk5ue2MhVT7I2v8GU0bTJFT6BYRfQ
Ys2fvaBQiOfxmNT6OrHwcWpXngU+GkzOXO2QtmDw29g8SzkKNl3ZvswQXOK+wOoQ
ilaOECBuOw1tNQ==
-----END CERTIFICATE-----