Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft
File:                     0ur89N6SC5zmRdbmlt8IqosFUZs.mft (raw, json)
Hash identifier:          n/187lZg/FA2eP9OtxzMaQWWulJYb7XZ6K45WCAEB8s=
Subject key identifier:   E4:A3:4C:64:30:06:DB:54:ED:30:15:E4:49:95:20:1B:4B:44:FB:FE
Authority key identifier: D2:EA:FC:F4:DE:92:0B:9C:E6:45:D6:E6:96:DF:08:AA:8B:05:51:9B
Certificate issuer:       /CN=d2eafcf4de920b9ce645d6e696df08aa8b05519b
Certificate serial:       019D97E1CA8AD7C5C660285676E1CE239477
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0ur89N6SC5zmRdbmlt8IqosFUZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft
Manifest number:          15C2
Signing time:             Thu 16 Apr 2026 20:00:50 +0000
Manifest this update:     Thu 16 Apr 2026 20:00:50 +0000
Manifest next update:     Fri 17 Apr 2026 20:00:50 +0000
Files and hashes:         1: 0ur89N6SC5zmRdbmlt8IqosFUZs.crl (hash: vFjIP4XzSI6lh6mOX8JXiVeEIyjXEE/FBvFF0Ee5MaE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0ur89N6SC5zmRdbmlt8IqosFUZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 20:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:97:e1:ca:8a:d7:c5:c6:60:28:56:76:e1:ce:23:94:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2eafcf4de920b9ce645d6e696df08aa8b05519b
        Validity
            Not Before: Apr 16 20:00:50 2026 GMT
            Not After : Apr 17 20:00:50 2026 GMT
        Subject: CN=e4a34c643006db54ed3015e44995201b4b44fbfe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:a9:2f:5c:05:96:cc:2c:c9:2a:e6:3d:5a:b9:
                    81:ca:5e:9c:8e:04:3a:fa:50:a5:40:e1:23:42:86:
                    2e:50:dc:e7:f0:b7:8a:d6:59:94:76:2a:1b:db:e0:
                    92:75:89:39:f6:ae:25:c8:09:41:a9:5f:3e:df:b9:
                    da:79:8e:86:19:5f:bd:56:19:20:3d:9d:02:f9:3f:
                    db:b9:65:85:1c:a7:36:2b:c6:f3:58:d2:78:c6:37:
                    3f:49:12:11:00:b3:c3:0c:31:04:1f:2c:67:56:33:
                    a1:95:66:d1:8b:6f:4d:ab:2c:65:3f:06:02:a5:ee:
                    30:65:36:a0:2b:38:c9:bd:64:b8:d6:05:69:4c:5f:
                    7c:36:1d:a4:d6:34:c0:57:59:0b:23:50:70:ec:ce:
                    f1:7c:1a:81:3e:3c:03:eb:b8:9b:ee:b9:eb:bc:33:
                    ff:7e:da:7d:61:83:a5:68:19:fa:21:d9:a3:7d:17:
                    c4:25:f1:65:bc:09:e3:ff:54:cd:25:e1:97:93:80:
                    34:aa:fe:a4:fe:39:ce:9d:71:7a:aa:4c:2b:2e:c1:
                    8b:ef:cd:1d:d9:75:4c:71:86:27:38:86:8d:7f:e1:
                    57:2e:a9:43:4a:98:fd:83:71:7d:3c:f6:ea:59:1f:
                    a5:bf:53:0f:2f:3a:64:c0:ff:19:16:98:be:ee:13:
                    d9:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:A3:4C:64:30:06:DB:54:ED:30:15:E4:49:95:20:1B:4B:44:FB:FE
            X509v3 Authority Key Identifier:
                keyid:D2:EA:FC:F4:DE:92:0B:9C:E6:45:D6:E6:96:DF:08:AA:8B:05:51:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ur89N6SC5zmRdbmlt8IqosFUZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:3a:0e:83:76:8a:1d:a3:a3:c0:84:0d:de:6a:39:fe:0a:a9:
         31:4d:5c:ef:ab:ee:2a:2f:3a:68:91:47:8a:f7:70:f3:23:0f:
         98:70:9e:60:2f:60:18:b1:0b:87:b8:7a:71:0d:13:fd:e6:e2:
         b4:53:24:31:3a:0d:f0:a5:a2:a4:16:e4:35:be:30:ca:95:df:
         ca:97:67:37:b8:b7:07:bb:eb:e9:77:16:ba:fc:43:1a:de:2c:
         de:fb:31:a8:19:27:df:ca:1e:a7:04:d2:09:f9:29:09:e2:c1:
         62:06:f2:82:a3:f8:34:fa:7e:f2:e3:99:95:64:4f:08:77:bc:
         1a:87:36:15:b9:d3:5d:63:c8:db:f6:00:e7:ce:e5:ac:76:c4:
         f1:99:bf:b3:37:e1:0d:a8:a8:2a:37:fa:26:f9:b8:b3:9e:3f:
         5b:f9:15:43:ee:72:52:d1:35:d9:1a:09:e1:ab:d9:cd:50:57:
         c7:73:ec:2d:8a:6c:f8:d4:ad:74:b6:f4:ee:69:95:15:34:d4:
         be:81:1e:81:fa:3e:ec:a2:04:db:c5:14:7d:01:77:a7:37:0d:
         0e:fe:b7:3f:ab:2a:8d:eb:11:46:62:e5:f5:4c:61:72:99:67:
         7f:fa:4d:1d:3b:b6:f4:b9:b0:24:e5:6f:1d:1e:ad:de:32:33:
         fc:98:cc:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2X4cqK18XGYChWduHOI5R3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZWFmY2Y0ZGU5MjBiOWNlNjQ1ZDZlNjk2ZGYwOGFhOGIw
NTUxOWIwHhcNMjYwNDE2MjAwMDUwWhcNMjYwNDE3MjAwMDUwWjAzMTEwLwYDVQQD
EyhlNGEzNGM2NDMwMDZkYjU0ZWQzMDE1ZTQ0OTk1MjAxYjRiNDRmYmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnakvXAWWzCzJKuY9WrmByl6cjgQ6
+lClQOEjQoYuUNzn8LeK1lmUdiob2+CSdYk59q4lyAlBqV8+37naeY6GGV+9Vhkg
PZ0C+T/buWWFHKc2K8bzWNJ4xjc/SRIRALPDDDEEHyxnVjOhlWbRi29NqyxlPwYC
pe4wZTagKzjJvWS41gVpTF98Nh2k1jTAV1kLI1Bw7M7xfBqBPjwD67ib7rnrvDP/
ftp9YYOlaBn6IdmjfRfEJfFlvAnj/1TNJeGXk4A0qv6k/jnOnXF6qkwrLsGL780d
2XVMcYYnOIaNf+FXLqlDSpj9g3F9PPbqWR+lv1MPLzpkwP8ZFpi+7hPZuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOSjTGQwBttU7TAV5EmVIBtLRPv+MB8GA1UdIwQY
MBaAFNLq/PTekguc5kXW5pbfCKqLBVGbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHVyODlONlNDNXptUmRibWx0OElxb3NGVVpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi84Mjc4NWYtZjBjNS00MzEzLTkxYTEt
NmRmZDhiYmFkZmU5LzEvMHVyODlONlNDNXptUmRibWx0OElxb3NGVVpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi84Mjc4NWYtZjBjNS00MzEzLTkxYTEtNmRmZDhiYmFkZmU5
LzEvMHVyODlONlNDNXptUmRibWx0OElxb3NGVVpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKjoOg3aK
HaOjwIQN3mo5/gqpMU1c76vuKi86aJFHivdw8yMPmHCeYC9gGLELh7h6cQ0T/ebi
tFMkMToN8KWipBbkNb4wypXfypdnN7i3B7vr6XcWuvxDGt4s3vsxqBkn38oepwTS
CfkpCeLBYgbygqP4NPp+8uOZlWRPCHe8Goc2FbnTXWPI2/YA587lrHbE8Zm/szfh
DaioKjf6Jvm4s54/W/kVQ+5yUtE12RoJ4avZzVBXx3PsLYps+NStdLb07mmVFTTU
voEegfo+7KIE28UUfQF3pzcNDv63P6sqjesRRmLl9Uxhcplnf/pNHTu29LmwJOVv
HR6t3jIz/JjMyw==
-----END CERTIFICATE-----