Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
File:                     s_sdIFBvVM-5oflFH6EKiP87L2Q.mft (raw, json)
Hash identifier:          oAoothvygwXKERsTsuFzGE5eWQR+FlTxEDQnUrVFbrc=
Subject key identifier:   4A:06:4D:2E:18:31:10:27:A0:EB:BD:3D:53:C4:B0:5D:E5:10:D3:B7
Authority key identifier: B3:FB:1D:20:50:6F:54:CF:B9:A1:F9:45:1F:A1:0A:88:FF:3B:2F:64
Certificate issuer:       /CN=b3fb1d20506f54cfb9a1f9451fa10a88ff3b2f64
Certificate serial:       019DA30A1A2EBD83066DE1CF25F8D3B68107
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
Manifest number:          0F6B
Signing time:             Sun 19 Apr 2026 00:00:41 +0000
Manifest this update:     Sun 19 Apr 2026 00:00:41 +0000
Manifest next update:     Mon 20 Apr 2026 00:00:41 +0000
Files and hashes:         1: s_sdIFBvVM-5oflFH6EKiP87L2Q.crl (hash: 5L6IhRm6ntN+Y+FPFSbBqJlKtlBoXhSrqLEMJrzdjuA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 00:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:0a:1a:2e:bd:83:06:6d:e1:cf:25:f8:d3:b6:81:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3fb1d20506f54cfb9a1f9451fa10a88ff3b2f64
        Validity
            Not Before: Apr 19 00:00:41 2026 GMT
            Not After : Apr 20 00:00:41 2026 GMT
        Subject: CN=4a064d2e18311027a0ebbd3d53c4b05de510d3b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:c2:8c:eb:14:da:9f:cf:79:be:e2:53:43:48:
                    1a:3f:20:33:f8:b6:b7:1a:93:28:87:e6:c0:11:d3:
                    9d:ff:41:9a:f3:c6:92:27:a1:e9:b1:9e:4a:08:84:
                    59:e5:7b:bb:99:44:fc:f0:ca:8e:08:5a:76:a6:3a:
                    cc:55:79:4f:a3:49:73:85:b5:27:87:f0:15:3c:ce:
                    96:de:35:f6:80:78:53:00:8d:05:0c:48:40:d6:0c:
                    6d:34:cb:3f:ee:84:66:6e:c7:c3:f7:d4:7f:32:aa:
                    6a:5d:99:71:e7:05:41:bf:51:5c:20:c4:ee:5a:a1:
                    53:3c:3c:b2:b1:38:f0:53:94:3f:88:6b:b0:39:e3:
                    05:cf:91:eb:c4:ba:ed:d7:40:9f:81:b5:35:56:a3:
                    4c:e3:f5:17:80:33:1b:ae:04:b1:a6:ef:4d:7d:2e:
                    24:3a:40:9a:aa:63:53:28:02:62:0b:5d:3e:5e:ca:
                    18:2a:11:c4:1b:89:8c:66:ab:c4:96:0e:b6:15:73:
                    99:39:ac:94:12:a8:92:f6:7f:17:d4:c5:80:56:8d:
                    54:1b:a1:f1:ac:6a:69:41:0b:62:cc:c1:60:a3:80:
                    ee:6b:03:08:cf:1f:92:53:ff:8c:33:1d:47:85:72:
                    19:1b:0f:d6:c7:41:c2:99:cb:3a:94:ac:df:be:bf:
                    2c:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:06:4D:2E:18:31:10:27:A0:EB:BD:3D:53:C4:B0:5D:E5:10:D3:B7
            X509v3 Authority Key Identifier:
                keyid:B3:FB:1D:20:50:6F:54:CF:B9:A1:F9:45:1F:A1:0A:88:FF:3B:2F:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:25:99:13:8b:ce:88:52:01:4d:c3:8c:3d:7c:6a:1c:49:1a:
         9d:07:1f:b7:ef:10:c3:c9:5a:01:fc:7e:1f:2f:42:4e:10:17:
         80:10:bf:f3:f5:f1:86:95:5b:ed:97:d0:a3:33:0e:29:4a:c6:
         6d:75:1d:b9:60:c0:46:86:80:7e:13:a5:e5:c3:6c:22:73:ed:
         bd:05:45:53:d3:59:ae:4c:a5:4c:f3:84:40:c8:f4:b1:72:ee:
         37:71:b4:0c:af:62:db:39:39:7d:90:47:bf:4c:d1:e4:83:56:
         6e:54:23:0b:47:14:94:3e:4d:a2:77:59:ae:b1:1a:02:f4:fd:
         ba:3c:61:5c:28:72:83:c7:63:2a:2b:21:18:3e:ad:77:03:7f:
         d0:f8:e6:b5:0c:dd:85:15:dd:2b:5e:29:64:6c:de:70:fc:23:
         b3:8c:9e:f8:af:56:82:9a:c0:ec:2a:85:ca:36:37:b2:00:9a:
         b2:8e:cb:53:ef:e5:b9:19:db:4e:c4:7e:67:11:ac:02:56:72:
         f4:3d:2a:52:c4:d8:7c:63:c0:7f:17:54:b2:f1:e6:3a:4d:1d:
         b0:57:59:89:4f:30:c5:ff:1e:75:3b:15:7f:34:f2:56:5e:4c:
         e8:ae:90:49:b2:48:32:45:9b:59:f3:c8:1c:33:47:97:18:68:
         47:9b:3a:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jChouvYMGbeHPJfjTtoEHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZmIxZDIwNTA2ZjU0Y2ZiOWExZjk0NTFmYTEwYTg4ZmYz
YjJmNjQwHhcNMjYwNDE5MDAwMDQxWhcNMjYwNDIwMDAwMDQxWjAzMTEwLwYDVQQD
Eyg0YTA2NGQyZTE4MzExMDI3YTBlYmJkM2Q1M2M0YjA1ZGU1MTBkM2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsKM6xTan895vuJTQ0gaPyAz+La3
GpMoh+bAEdOd/0Ga88aSJ6HpsZ5KCIRZ5Xu7mUT88MqOCFp2pjrMVXlPo0lzhbUn
h/AVPM6W3jX2gHhTAI0FDEhA1gxtNMs/7oRmbsfD99R/MqpqXZlx5wVBv1FcIMTu
WqFTPDyysTjwU5Q/iGuwOeMFz5HrxLrt10CfgbU1VqNM4/UXgDMbrgSxpu9NfS4k
OkCaqmNTKAJiC10+XsoYKhHEG4mMZqvElg62FXOZOayUEqiS9n8X1MWAVo1UG6Hx
rGppQQtizMFgo4DuawMIzx+SU/+MMx1HhXIZGw/Wx0HCmcs6lKzfvr8s9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEoGTS4YMRAnoOu9PVPEsF3lENO3MB8GA1UdIwQY
MBaAFLP7HSBQb1TPuaH5RR+hCoj/Oy9kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNDJkZjUtNGY5Mi00NDdkLWJkMjUt
ODZkNmUyZjQ2NjQyLzEvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNDJkZjUtNGY5Mi00NDdkLWJkMjUtODZkNmUyZjQ2NjQy
LzEvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANyWZE4vO
iFIBTcOMPXxqHEkanQcft+8Qw8laAfx+Hy9CThAXgBC/8/XxhpVb7ZfQozMOKUrG
bXUduWDARoaAfhOl5cNsInPtvQVFU9NZrkylTPOEQMj0sXLuN3G0DK9i2zk5fZBH
v0zR5INWblQjC0cUlD5NondZrrEaAvT9ujxhXChyg8djKishGD6tdwN/0PjmtQzd
hRXdK14pZGzecPwjs4ye+K9WgprA7CqFyjY3sgCaso7LU+/luRnbTsR+ZxGsAlZy
9D0qUsTYfGPAfxdUsvHmOk0dsFdZiU8wxf8edTsVfzTyVl5M6K6QSbJIMkWbWfPI
HDNHlxhoR5s6HQ==
-----END CERTIFICATE-----