Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/c2cc5f-25a6-42bb-a970-ef9644312ddb/1/mD8bE53ySgXC5SVgUrAhJRfkc1E.mft
File:                     mD8bE53ySgXC5SVgUrAhJRfkc1E.mft (raw, json)
Hash identifier:          QXjkBFjWI0vITlF9q56xgOMPSYKOwWn97eYIftYe9FE=
Subject key identifier:   4B:E7:0A:89:38:E7:3D:9B:9B:8F:9F:A0:2F:BD:39:AD:35:B4:F2:B9
Authority key identifier: 98:3F:1B:13:9D:F2:4A:05:C2:E5:25:60:52:B0:21:25:17:E4:73:51
Certificate issuer:       /CN=983f1b139df24a05c2e5256052b0212517e47351
Certificate serial:       019D984FDD232113086B07785D786A76FB9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mD8bE53ySgXC5SVgUrAhJRfkc1E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/c2cc5f-25a6-42bb-a970-ef9644312ddb/1/mD8bE53ySgXC5SVgUrAhJRfkc1E.mft
Manifest number:          04C2
Signing time:             Thu 16 Apr 2026 22:01:03 +0000
Manifest this update:     Thu 16 Apr 2026 22:01:03 +0000
Manifest next update:     Fri 17 Apr 2026 22:01:03 +0000
Files and hashes:         1: mD8bE53ySgXC5SVgUrAhJRfkc1E.crl (hash: NcQ7Ust268lJvpRiLHAiAKDq7rIo4JtTbJkFYqoxD78=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/c2cc5f-25a6-42bb-a970-ef9644312ddb/1/mD8bE53ySgXC5SVgUrAhJRfkc1E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/c2cc5f-25a6-42bb-a970-ef9644312ddb/1/mD8bE53ySgXC5SVgUrAhJRfkc1E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mD8bE53ySgXC5SVgUrAhJRfkc1E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:4f:dd:23:21:13:08:6b:07:78:5d:78:6a:76:fb:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=983f1b139df24a05c2e5256052b0212517e47351
        Validity
            Not Before: Apr 16 22:01:03 2026 GMT
            Not After : Apr 17 22:01:03 2026 GMT
        Subject: CN=4be70a8938e73d9b9b8f9fa02fbd39ad35b4f2b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:f1:2c:bc:70:c1:4b:76:06:88:1f:94:a6:fa:
                    c2:3d:90:65:d3:70:bd:37:14:12:a2:a0:a3:6c:86:
                    52:44:05:ca:08:50:16:d6:83:a9:7e:dd:a5:ac:31:
                    3f:e6:79:66:44:1d:70:dd:f0:b1:e2:c4:ae:91:f1:
                    c7:60:66:89:c0:f2:ad:51:7a:75:b0:60:08:d3:dc:
                    16:f3:24:10:95:97:0a:f4:64:76:f8:f0:40:9c:19:
                    37:a9:97:c0:62:a1:95:62:50:98:bc:df:a7:6b:08:
                    fd:96:6f:ba:f8:2a:e4:18:ad:51:10:01:7a:d2:7a:
                    ce:89:76:6c:64:f1:81:8d:a9:73:68:12:34:d4:dd:
                    d7:6c:8f:cd:7d:3e:ad:98:25:80:78:c9:ad:89:43:
                    6c:02:e0:62:ca:19:3d:b9:12:e6:c3:8c:b8:c3:4c:
                    ac:af:4d:ac:38:3f:f3:a2:86:b2:a4:64:fc:f1:f1:
                    9b:35:b3:2f:9d:8d:9c:97:d1:d3:b7:2b:45:87:24:
                    93:d4:cc:7b:e9:77:7e:fe:a4:4b:d3:6f:1e:89:8d:
                    d9:c2:e8:ff:7e:e0:8f:23:63:5b:97:eb:db:95:cf:
                    fe:c2:56:e0:fd:a4:1c:fe:f1:45:e3:fb:be:c9:91:
                    09:4b:1d:03:49:0e:ef:df:8f:f9:7b:62:4c:b4:ff:
                    7e:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:E7:0A:89:38:E7:3D:9B:9B:8F:9F:A0:2F:BD:39:AD:35:B4:F2:B9
            X509v3 Authority Key Identifier:
                keyid:98:3F:1B:13:9D:F2:4A:05:C2:E5:25:60:52:B0:21:25:17:E4:73:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mD8bE53ySgXC5SVgUrAhJRfkc1E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/c2cc5f-25a6-42bb-a970-ef9644312ddb/1/mD8bE53ySgXC5SVgUrAhJRfkc1E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/c2cc5f-25a6-42bb-a970-ef9644312ddb/1/mD8bE53ySgXC5SVgUrAhJRfkc1E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:f0:8c:ee:00:d4:09:58:e6:96:6e:2e:28:a3:8f:e0:84:6e:
         00:a9:22:a7:9f:03:da:46:e0:90:38:39:5d:ac:f8:6c:d0:1b:
         e1:39:6c:00:f4:f2:3f:a4:dd:57:42:62:72:4b:11:a5:7a:e0:
         9c:e4:94:41:69:98:f6:1b:83:67:ee:0c:4f:2b:05:90:61:5a:
         36:3c:94:d6:a9:f9:1b:c9:a6:95:97:7d:09:11:79:bd:27:29:
         69:7c:12:5a:e2:c2:cb:d1:71:49:f1:28:34:71:e9:a1:8a:6c:
         f8:a9:18:9c:a5:50:09:da:64:71:52:f0:dc:4c:3e:46:35:cb:
         77:30:c8:42:32:a5:8c:8a:0b:3d:ff:bb:5d:14:e7:57:b9:34:
         65:0f:f0:9a:4d:8d:39:aa:3f:be:11:53:99:ac:24:4c:60:ec:
         71:8b:45:f5:ad:7c:81:fe:76:77:68:3a:5e:d9:7b:7d:5d:b2:
         52:ec:97:94:9d:0b:e4:13:da:4a:81:b6:75:18:6d:5b:ef:32:
         f0:20:bb:34:73:1e:33:da:86:b1:81:a4:a4:53:64:dd:db:b8:
         f1:0b:f1:1d:fa:e7:0a:f8:6c:53:6e:87:f8:d1:54:8d:6e:c6:
         6c:57:81:b6:98:2d:20:4d:98:13:43:e0:4b:3e:b9:03:d6:a3:
         09:0a:88:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YT90jIRMIawd4XXhqdvuaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4M2YxYjEzOWRmMjRhMDVjMmU1MjU2MDUyYjAyMTI1MTdl
NDczNTEwHhcNMjYwNDE2MjIwMTAzWhcNMjYwNDE3MjIwMTAzWjAzMTEwLwYDVQQD
Eyg0YmU3MGE4OTM4ZTczZDliOWI4ZjlmYTAyZmJkMzlhZDM1YjRmMmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/EsvHDBS3YGiB+UpvrCPZBl03C9
NxQSoqCjbIZSRAXKCFAW1oOpft2lrDE/5nlmRB1w3fCx4sSukfHHYGaJwPKtUXp1
sGAI09wW8yQQlZcK9GR2+PBAnBk3qZfAYqGVYlCYvN+nawj9lm+6+CrkGK1REAF6
0nrOiXZsZPGBjalzaBI01N3XbI/NfT6tmCWAeMmtiUNsAuBiyhk9uRLmw4y4w0ys
r02sOD/zooaypGT88fGbNbMvnY2cl9HTtytFhyST1Mx76Xd+/qRL028eiY3Zwuj/
fuCPI2Nbl+vblc/+wlbg/aQc/vFF4/u+yZEJSx0DSQ7v34/5e2JMtP9+/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEvnCok45z2bm4+foC+9Oa01tPK5MB8GA1UdIwQY
MBaAFJg/GxOd8koFwuUlYFKwISUX5HNRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUQ4YkU1M3lTZ1hDNVNWZ1VyQWhKUmZrYzFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9jMmNjNWYtMjVhNi00MmJiLWE5NzAt
ZWY5NjQ0MzEyZGRiLzEvbUQ4YkU1M3lTZ1hDNVNWZ1VyQWhKUmZrYzFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9jMmNjNWYtMjVhNi00MmJiLWE5NzAtZWY5NjQ0MzEyZGRi
LzEvbUQ4YkU1M3lTZ1hDNVNWZ1VyQWhKUmZrYzFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtvCM7gDU
CVjmlm4uKKOP4IRuAKkip58D2kbgkDg5Xaz4bNAb4TlsAPTyP6TdV0JicksRpXrg
nOSUQWmY9huDZ+4MTysFkGFaNjyU1qn5G8mmlZd9CRF5vScpaXwSWuLCy9FxSfEo
NHHpoYps+KkYnKVQCdpkcVLw3Ew+RjXLdzDIQjKljIoLPf+7XRTnV7k0ZQ/wmk2N
Oao/vhFTmawkTGDscYtF9a18gf52d2g6Xtl7fV2yUuyXlJ0L5BPaSoG2dRhtW+8y
8CC7NHMeM9qGsYGkpFNk3du48QvxHfrnCvhsU26H+NFUjW7GbFeBtpgtIE2YE0Pg
Sz65A9ajCQqI7Q==
-----END CERTIFICATE-----