Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
File:                     r39NEPAZQ0EHs7XcU6yakZjFxH0.mft (raw, json)
Hash identifier:          ZavLGbdlaq54JTVzT12N59M3dhgR3qtcibdfzWv+YpU=
Subject key identifier:   C8:99:AE:C4:FA:E6:33:B6:F8:0E:AF:6F:64:79:99:D1:9D:E8:51:45
Authority key identifier: AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D
Certificate issuer:       /CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
Certificate serial:       019D9B87EF9C55FDAFB875215CB688E11CC3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
Manifest number:          10B1
Signing time:             Fri 17 Apr 2026 13:01:10 +0000
Manifest this update:     Fri 17 Apr 2026 13:01:10 +0000
Manifest next update:     Sat 18 Apr 2026 13:01:10 +0000
Files and hashes:         1: r39NEPAZQ0EHs7XcU6yakZjFxH0.crl (hash: ocsEMZRW8dJ/bJQ6PjispcnWKSFF3xqtt23ErdFrK9s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 13:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:87:ef:9c:55:fd:af:b8:75:21:5c:b6:88:e1:1c:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
        Validity
            Not Before: Apr 17 13:01:10 2026 GMT
            Not After : Apr 18 13:01:10 2026 GMT
        Subject: CN=c899aec4fae633b6f80eaf6f647999d19de85145
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:1a:52:1b:e5:44:b5:4b:50:07:1b:6f:a3:f8:
                    a7:39:fa:fa:4c:32:6e:5a:34:4a:d9:f4:b4:35:cd:
                    e1:0c:71:1d:10:eb:1f:03:a5:42:b1:f8:b4:56:9f:
                    f0:d9:c1:52:79:49:58:15:83:c9:d1:a2:e6:14:d6:
                    e4:cc:ce:4e:a8:98:6a:7f:23:cc:e6:74:90:3f:8c:
                    8b:6e:b8:00:0f:94:b3:d0:9a:c7:70:2a:b9:f1:d1:
                    68:5c:d5:1c:54:8a:e2:b3:3d:15:33:51:49:e5:ad:
                    7f:b9:8b:47:ab:9e:e8:8d:ad:12:d8:14:dd:a2:75:
                    46:51:13:b3:57:ae:63:6d:ab:26:ce:1d:66:10:be:
                    89:4e:83:e6:b4:e7:aa:00:1e:6b:c7:2a:6b:eb:61:
                    44:a9:68:1e:dc:a1:d0:de:1f:a5:f6:a3:ab:3e:24:
                    36:3f:e0:f7:71:4c:29:79:f3:16:fa:61:6a:54:2d:
                    22:2c:90:bc:36:c3:90:5f:11:ba:ee:2f:f6:2d:75:
                    82:41:85:f3:89:a1:4e:1f:d3:2b:2e:f0:24:a2:f0:
                    e3:4d:47:9a:af:aa:84:7a:c6:c5:07:78:be:72:4d:
                    fd:05:3b:62:06:f3:0d:0c:39:5c:94:6e:86:d9:05:
                    57:91:ae:77:44:d8:30:58:2f:50:28:8e:e0:aa:0d:
                    98:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:99:AE:C4:FA:E6:33:B6:F8:0E:AF:6F:64:79:99:D1:9D:E8:51:45
            X509v3 Authority Key Identifier:
                keyid:AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:43:f7:f9:bc:45:1b:44:77:c5:01:d5:5b:2b:e7:5b:a9:6a:
         36:11:ea:02:f7:49:5a:79:c6:a0:2d:58:21:5f:d4:ae:c0:af:
         9c:38:d9:57:73:d2:2a:2a:73:ca:4e:fd:2c:c9:db:74:61:18:
         7f:b5:da:b7:ce:d9:7f:57:67:d0:6a:0e:67:ed:78:7f:51:76:
         40:ef:38:6a:10:06:25:b6:1a:e4:9c:90:a8:7c:53:6a:29:f3:
         7c:82:85:a3:7a:51:83:6d:5c:ae:bd:a4:5e:90:38:a5:25:e8:
         1d:ee:88:36:be:23:f4:0a:09:d2:4b:d0:34:b3:42:5e:e9:34:
         a9:73:7f:8e:ca:cc:06:0a:05:20:86:0b:c3:27:59:bd:ff:1d:
         a3:da:89:3e:58:37:e2:12:f8:9d:25:2e:52:46:61:0d:33:f3:
         28:9a:4a:1b:a6:33:4c:ca:57:bc:09:3e:07:3a:15:37:1c:48:
         e7:71:21:4c:cb:d5:3a:e2:84:ba:42:a3:ab:a3:0b:64:6d:b3:
         40:06:ef:bd:0d:72:75:6e:d9:3d:31:01:93:15:4c:89:6b:44:
         c5:6b:dd:80:f1:cb:b9:3b:ba:88:c1:41:e1:43:a9:d6:98:24:
         67:ea:2c:01:d9:b2:3d:40:bb:a2:44:89:ad:fa:37:0b:2c:a2:
         8b:51:1d:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bh++cVf2vuHUhXLaI4RzDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmN2Y0ZDEwZjAxOTQzNDEwN2IzYjVkYzUzYWM5YTkxOThj
NWM0N2QwHhcNMjYwNDE3MTMwMTEwWhcNMjYwNDE4MTMwMTEwWjAzMTEwLwYDVQQD
EyhjODk5YWVjNGZhZTYzM2I2ZjgwZWFmNmY2NDc5OTlkMTlkZTg1MTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthpSG+VEtUtQBxtvo/inOfr6TDJu
WjRK2fS0Nc3hDHEdEOsfA6VCsfi0Vp/w2cFSeUlYFYPJ0aLmFNbkzM5OqJhqfyPM
5nSQP4yLbrgAD5Sz0JrHcCq58dFoXNUcVIrisz0VM1FJ5a1/uYtHq57oja0S2BTd
onVGUROzV65jbasmzh1mEL6JToPmtOeqAB5rxypr62FEqWge3KHQ3h+l9qOrPiQ2
P+D3cUwpefMW+mFqVC0iLJC8NsOQXxG67i/2LXWCQYXziaFOH9MrLvAkovDjTUea
r6qEesbFB3i+ck39BTtiBvMNDDlclG6G2QVXka53RNgwWC9QKI7gqg2YWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMiZrsT65jO2+A6vb2R5mdGd6FFFMB8GA1UdIwQY
MBaAFK9/TRDwGUNBB7O13FOsmpGYxcR9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMt
NjE4ZDk1ZmUzOTAxLzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMtNjE4ZDk1ZmUzOTAx
LzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABEP3+bxF
G0R3xQHVWyvnW6lqNhHqAvdJWnnGoC1YIV/UrsCvnDjZV3PSKipzyk79LMnbdGEY
f7Xat87Zf1dn0GoOZ+14f1F2QO84ahAGJbYa5JyQqHxTainzfIKFo3pRg21crr2k
XpA4pSXoHe6INr4j9AoJ0kvQNLNCXuk0qXN/jsrMBgoFIIYLwydZvf8do9qJPlg3
4hL4nSUuUkZhDTPzKJpKG6YzTMpXvAk+BzoVNxxI53EhTMvVOuKEukKjq6MLZG2z
QAbvvQ1ydW7ZPTEBkxVMiWtExWvdgPHLuTu6iMFB4UOp1pgkZ+osAdmyPUC7okSJ
rfo3Cyyii1Edxw==
-----END CERTIFICATE-----