Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/549774-0b7e-4b88-8981-1f0aac1495ac/1/xGtE1wczJKsoQWNn3gQPDkYzSNE.mft
File:                     xGtE1wczJKsoQWNn3gQPDkYzSNE.mft (raw, json)
Hash identifier:          mI9aBXb2o42lqkRsZja5s/h5+hTy5ECoQgDWWm9OS7Y=
Subject key identifier:   40:AC:57:15:49:D7:54:34:6B:A4:AA:E0:5F:1C:BC:2A:76:A1:82:AA
Authority key identifier: C4:6B:44:D7:07:33:24:AB:28:41:63:67:DE:04:0F:0E:46:33:48:D1
Certificate issuer:       /CN=c46b44d7073324ab28416367de040f0e463348d1
Certificate serial:       019D9B50F6603AC5EEDF3D9328B5A5CBD70C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xGtE1wczJKsoQWNn3gQPDkYzSNE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/549774-0b7e-4b88-8981-1f0aac1495ac/1/xGtE1wczJKsoQWNn3gQPDkYzSNE.mft
Manifest number:          10EC
Signing time:             Fri 17 Apr 2026 12:01:07 +0000
Manifest this update:     Fri 17 Apr 2026 12:01:07 +0000
Manifest next update:     Sat 18 Apr 2026 12:01:07 +0000
Files and hashes:         1: xGtE1wczJKsoQWNn3gQPDkYzSNE.crl (hash: pgeKPTWv4IfDW93NjVJWAjJqj3nzlR1GDtxXKpx4QaI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/549774-0b7e-4b88-8981-1f0aac1495ac/1/xGtE1wczJKsoQWNn3gQPDkYzSNE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/549774-0b7e-4b88-8981-1f0aac1495ac/1/xGtE1wczJKsoQWNn3gQPDkYzSNE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xGtE1wczJKsoQWNn3gQPDkYzSNE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 12:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:50:f6:60:3a:c5:ee:df:3d:93:28:b5:a5:cb:d7:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c46b44d7073324ab28416367de040f0e463348d1
        Validity
            Not Before: Apr 17 12:01:07 2026 GMT
            Not After : Apr 18 12:01:07 2026 GMT
        Subject: CN=40ac571549d754346ba4aae05f1cbc2a76a182aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:e1:dd:fd:6e:36:61:fd:01:c9:71:13:81:51:
                    1a:f8:64:c4:b9:89:3f:6f:19:fa:75:bb:ad:37:db:
                    2f:54:61:0b:10:fc:b1:21:75:8b:a4:25:ab:9b:6e:
                    ba:38:55:e5:85:04:b4:f6:ac:98:4b:d2:37:89:47:
                    8a:b5:c2:92:6c:e0:f9:9a:7a:81:bf:75:49:ac:b0:
                    8f:33:18:4f:b5:8f:09:66:99:2b:e5:9e:d1:29:90:
                    b7:7e:c6:97:de:f3:8b:1a:5b:15:ae:24:e1:ae:2b:
                    7b:8a:c6:33:d7:1d:c4:1f:e8:64:cc:5f:63:88:b9:
                    e8:46:58:ab:b2:fa:06:f5:51:58:a8:ac:ec:e7:4f:
                    2c:cd:da:62:6d:b0:3c:d8:e3:47:82:ea:76:e1:13:
                    a3:a4:a0:22:a4:06:c6:4b:63:51:c2:9b:42:c3:8c:
                    9a:72:8e:0f:31:c1:ed:f9:6e:80:68:5a:b3:fd:39:
                    47:ec:1e:2c:2a:88:e6:5c:3b:1f:52:c0:c8:a0:14:
                    8d:8b:08:01:11:f1:d5:aa:b9:88:36:6b:4a:33:64:
                    a5:06:04:7d:90:74:b0:f1:9a:83:f2:dc:55:04:00:
                    64:86:e8:cc:3f:49:ce:48:f6:11:8a:43:37:4b:d5:
                    be:3b:1d:7a:0f:83:0b:19:e7:1a:ce:2f:ca:9b:14:
                    f2:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:AC:57:15:49:D7:54:34:6B:A4:AA:E0:5F:1C:BC:2A:76:A1:82:AA
            X509v3 Authority Key Identifier:
                keyid:C4:6B:44:D7:07:33:24:AB:28:41:63:67:DE:04:0F:0E:46:33:48:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGtE1wczJKsoQWNn3gQPDkYzSNE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/549774-0b7e-4b88-8981-1f0aac1495ac/1/xGtE1wczJKsoQWNn3gQPDkYzSNE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/549774-0b7e-4b88-8981-1f0aac1495ac/1/xGtE1wczJKsoQWNn3gQPDkYzSNE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:9d:9b:6d:7f:2e:0d:fa:96:df:43:d5:ce:b7:37:e9:3b:9e:
         76:e1:3e:80:24:7f:9a:db:3a:10:0d:b7:cf:b3:97:d2:b8:32:
         e6:d0:1b:fd:98:92:32:a8:65:bc:3f:dc:61:09:b0:6c:ac:4c:
         a0:65:c9:a4:c0:34:40:e5:63:4f:9d:03:c4:ba:ef:31:99:5f:
         f2:0a:b5:3e:9b:30:c1:f9:f6:1a:61:50:e6:3a:99:12:45:06:
         6a:d9:78:0a:5c:c1:2b:0e:2c:b9:90:cf:87:ce:1c:a3:b9:15:
         b2:aa:34:e8:3f:f4:88:35:76:19:9c:d5:25:1c:50:34:01:13:
         9b:0e:cc:55:68:ac:b4:cd:b8:27:15:f0:fc:2a:b4:ec:9c:09:
         e0:90:33:aa:45:b9:5d:9a:75:02:c2:f3:7c:c5:bb:78:e4:b8:
         97:46:73:54:26:d6:10:3f:a9:e4:65:54:27:c0:3d:8a:57:73:
         6e:9e:b3:fa:8e:7d:92:bb:75:72:67:91:e6:47:56:7f:69:39:
         49:8a:e0:16:a8:5c:a4:85:1b:e1:f0:a3:40:13:55:a7:df:0f:
         2b:82:b7:99:a2:38:8a:14:47:94:1e:4a:97:85:8a:09:71:ba:
         fe:01:83:cf:6c:a6:80:30:2a:23:f4:e1:fa:c2:03:58:22:8b:
         fa:ca:b1:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUPZgOsXu3z2TKLWly9cMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NmI0NGQ3MDczMzI0YWIyODQxNjM2N2RlMDQwZjBlNDYz
MzQ4ZDEwHhcNMjYwNDE3MTIwMTA3WhcNMjYwNDE4MTIwMTA3WjAzMTEwLwYDVQQD
Eyg0MGFjNTcxNTQ5ZDc1NDM0NmJhNGFhZTA1ZjFjYmMyYTc2YTE4MmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOHd/W42Yf0ByXETgVEa+GTEuYk/
bxn6dbutN9svVGELEPyxIXWLpCWrm266OFXlhQS09qyYS9I3iUeKtcKSbOD5mnqB
v3VJrLCPMxhPtY8JZpkr5Z7RKZC3fsaX3vOLGlsVriThrit7isYz1x3EH+hkzF9j
iLnoRlirsvoG9VFYqKzs508szdpibbA82ONHgup24ROjpKAipAbGS2NRwptCw4ya
co4PMcHt+W6AaFqz/TlH7B4sKojmXDsfUsDIoBSNiwgBEfHVqrmINmtKM2SlBgR9
kHSw8ZqD8txVBABkhujMP0nOSPYRikM3S9W+Ox16D4MLGecazi/KmxTyOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFECsVxVJ11Q0a6Sq4F8cvCp2oYKqMB8GA1UdIwQY
MBaAFMRrRNcHMySrKEFjZ94EDw5GM0jRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEd0RTF3Y3pKS3NvUVdObjNnUVBEa1l6U05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC81NDk3NzQtMGI3ZS00Yjg4LTg5ODEt
MWYwYWFjMTQ5NWFjLzEveEd0RTF3Y3pKS3NvUVdObjNnUVBEa1l6U05FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC81NDk3NzQtMGI3ZS00Yjg4LTg5ODEtMWYwYWFjMTQ5NWFj
LzEveEd0RTF3Y3pKS3NvUVdObjNnUVBEa1l6U05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa52bbX8u
DfqW30PVzrc36TueduE+gCR/mts6EA23z7OX0rgy5tAb/ZiSMqhlvD/cYQmwbKxM
oGXJpMA0QOVjT50DxLrvMZlf8gq1Ppswwfn2GmFQ5jqZEkUGatl4ClzBKw4suZDP
h84co7kVsqo06D/0iDV2GZzVJRxQNAETmw7MVWistM24JxXw/Cq07JwJ4JAzqkW5
XZp1AsLzfMW7eOS4l0ZzVCbWED+p5GVUJ8A9ildzbp6z+o59krt1cmeR5kdWf2k5
SYrgFqhcpIUb4fCjQBNVp98PK4K3maI4ihRHlB5Kl4WKCXG6/gGDz2ymgDAqI/Th
+sIDWCKL+sqx3w==
-----END CERTIFICATE-----