Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
File:                     4HDNq3OhLa82gGsOFgLI2vuQk7s.mft (raw, json)
Hash identifier:          y/GEkG4UaTMJ0s+M05VmOBRLFFxc7ZEJSNdZbHND5Y8=
Subject key identifier:   D2:FC:CA:59:E5:73:59:49:41:05:9B:7D:D5:03:2D:0A:B4:5C:4F:E5
Authority key identifier: E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB
Certificate issuer:       /CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
Certificate serial:       019DA29C9103F5BBBD34CB48A2E741B5921F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
Manifest number:          0E10
Signing time:             Sat 18 Apr 2026 22:01:02 +0000
Manifest this update:     Sat 18 Apr 2026 22:01:02 +0000
Manifest next update:     Sun 19 Apr 2026 22:01:02 +0000
Files and hashes:         1: 4HDNq3OhLa82gGsOFgLI2vuQk7s.crl (hash: Y8B2uVyDWs+sDWucoBBV3kGnqTlweUs2uWeG4QsSgdU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 19 Apr 2026 22:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a2:9c:91:03:f5:bb:bd:34:cb:48:a2:e7:41:b5:92:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
        Validity
            Not Before: Apr 18 22:01:02 2026 GMT
            Not After : Apr 19 22:01:02 2026 GMT
        Subject: CN=d2fcca59e573594941059b7dd5032d0ab45c4fe5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:bb:73:fa:ff:67:7b:54:9d:9b:4e:7c:99:c5:
                    f5:57:dc:eb:09:32:9c:a1:1e:45:a6:8e:c6:77:82:
                    f6:8e:bf:3e:8b:fe:9e:c6:fb:fe:65:0b:64:4b:50:
                    21:2b:cb:cc:b6:b8:20:ab:0c:eb:52:58:1a:64:3d:
                    34:37:cf:f5:74:95:68:f1:90:29:aa:38:7a:4c:11:
                    e4:25:d0:34:e1:6d:eb:50:f8:0c:71:62:96:cc:24:
                    1b:44:fe:15:3c:f7:81:ec:6a:22:96:02:f9:47:14:
                    38:4f:0b:ea:c1:5b:ec:95:e8:1a:d2:4f:7b:c2:e0:
                    52:88:d6:59:6a:08:01:df:9e:b5:47:32:39:c4:97:
                    37:2d:69:df:d5:58:72:a8:c6:bd:0f:19:33:5c:5b:
                    e5:ea:a6:11:7b:e4:26:ce:82:03:7a:61:d4:ba:3e:
                    79:e2:dd:ae:f5:15:db:d5:52:2c:98:da:e6:30:c2:
                    24:06:f4:5d:07:88:16:9a:de:93:56:e2:79:ed:46:
                    91:1f:d8:86:b9:ee:5b:85:a7:ba:97:f0:e6:50:97:
                    dd:93:1e:bc:ca:12:5d:3f:29:12:d1:2a:0d:35:00:
                    5f:1c:39:75:e4:71:33:4e:83:dd:2c:2a:ad:54:f1:
                    f7:5d:30:22:c3:2b:75:3e:5e:c5:e8:d4:77:de:ee:
                    ce:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:FC:CA:59:E5:73:59:49:41:05:9B:7D:D5:03:2D:0A:B4:5C:4F:E5
            X509v3 Authority Key Identifier:
                keyid:E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:f0:86:f0:1d:63:12:d2:0f:a2:a6:33:78:25:79:d7:61:e7:
         5a:8a:ea:42:e1:55:67:fb:f5:c8:f7:82:a9:b5:8d:14:51:4f:
         bf:2f:b9:48:e0:3b:b0:27:50:f3:79:59:a3:c0:08:af:ae:32:
         b9:f4:f6:29:3f:30:3f:06:32:95:80:1c:17:41:87:91:07:15:
         13:39:5b:81:61:23:f5:6c:ab:83:dc:a3:8d:26:ac:b2:74:b9:
         06:01:83:53:2f:99:ac:d0:97:d2:a3:0c:37:6f:b7:0e:73:c7:
         ec:11:e0:22:79:c6:15:d5:a6:ba:83:3a:24:7a:12:de:84:de:
         6c:98:51:3c:e0:44:6a:6a:e5:b3:b7:04:7c:b3:45:a4:a0:f4:
         d9:6e:f5:88:41:52:f8:95:86:8b:ba:03:9a:ee:94:50:80:ab:
         f3:4d:5c:d7:b3:bc:b6:f8:19:65:e9:32:88:43:04:92:68:6d:
         0e:ff:5b:79:9a:e6:38:49:69:fe:97:ac:7d:3c:48:fa:72:e1:
         b2:08:6d:5d:e5:12:e3:9e:28:c3:d1:2f:57:0d:06:ff:b4:77:
         07:9f:74:cf:57:54:e5:47:c4:30:d8:e5:db:09:39:df:7a:e2:
         40:78:cb:e5:67:4c:63:71:2b:25:1a:78:e5:f6:41:6d:5f:e1:
         0a:1d:03:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2inJED9bu9NMtIoudBtZIfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNzBjZGFiNzNhMTJkYWYzNjgwNmIwZTE2MDJjOGRhZmI5
MDkzYmIwHhcNMjYwNDE4MjIwMTAyWhcNMjYwNDE5MjIwMTAyWjAzMTEwLwYDVQQD
EyhkMmZjY2E1OWU1NzM1OTQ5NDEwNTliN2RkNTAzMmQwYWI0NWM0ZmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2btz+v9ne1Sdm058mcX1V9zrCTKc
oR5Fpo7Gd4L2jr8+i/6exvv+ZQtkS1AhK8vMtrggqwzrUlgaZD00N8/1dJVo8ZAp
qjh6TBHkJdA04W3rUPgMcWKWzCQbRP4VPPeB7GoilgL5RxQ4TwvqwVvslega0k97
wuBSiNZZaggB3561RzI5xJc3LWnf1VhyqMa9DxkzXFvl6qYRe+QmzoIDemHUuj55
4t2u9RXb1VIsmNrmMMIkBvRdB4gWmt6TVuJ57UaRH9iGue5bhae6l/DmUJfdkx68
yhJdPykS0SoNNQBfHDl15HEzToPdLCqtVPH3XTAiwyt1Pl7F6NR33u7OdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNL8ylnlc1lJQQWbfdUDLQq0XE/lMB8GA1UdIwQY
MBaAFOBwzatzoS2vNoBrDhYCyNr7kJO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGIt
OTE2ODgyNmNkMzU1LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGItOTE2ODgyNmNkMzU1
LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk/CG8B1j
EtIPoqYzeCV512HnWorqQuFVZ/v1yPeCqbWNFFFPvy+5SOA7sCdQ83lZo8AIr64y
ufT2KT8wPwYylYAcF0GHkQcVEzlbgWEj9Wyrg9yjjSassnS5BgGDUy+ZrNCX0qMM
N2+3DnPH7BHgInnGFdWmuoM6JHoS3oTebJhRPOBEamrls7cEfLNFpKD02W71iEFS
+JWGi7oDmu6UUICr801c17O8tvgZZekyiEMEkmhtDv9beZrmOElp/pesfTxI+nLh
sghtXeUS454ow9EvVw0G/7R3B590z1dU5UfEMNjl2wk533riQHjL5WdMY3ErJRp4
5fZBbV/hCh0DSQ==
-----END CERTIFICATE-----