Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
File:                     RNvjYmp2sEoSCIlwSViGPUJjLw8.mft (raw, json)
Hash identifier:          ko5CZGU6EOZET/UPaHi9OmTrt3345ud/y363RoZa3JU=
Subject key identifier:   8D:98:10:B2:80:4D:2B:C4:91:E7:0E:D6:CD:B8:2D:48:F0:4A:F1:F3
Authority key identifier: 44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F
Certificate issuer:       /CN=44dbe3626a76b04a120889704958863d42632f0f
Certificate serial:       019D973CB20438F1574244B9B6D8AA663252
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
Manifest number:          06CF
Signing time:             Thu 16 Apr 2026 17:00:30 +0000
Manifest this update:     Thu 16 Apr 2026 17:00:30 +0000
Manifest next update:     Fri 17 Apr 2026 17:00:30 +0000
Files and hashes:         1: RNvjYmp2sEoSCIlwSViGPUJjLw8.crl (hash: sEMRSp0GevZLUBW+yeQYX61Wxcx31zTX+tj0m4sQx/I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 17:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:97:3c:b2:04:38:f1:57:42:44:b9:b6:d8:aa:66:32:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44dbe3626a76b04a120889704958863d42632f0f
        Validity
            Not Before: Apr 16 17:00:30 2026 GMT
            Not After : Apr 17 17:00:30 2026 GMT
        Subject: CN=8d9810b2804d2bc491e70ed6cdb82d48f04af1f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:af:2b:32:08:36:f1:5b:61:08:22:ae:bb:11:
                    06:be:9e:5a:fc:62:cd:93:95:6a:56:6a:6e:be:c8:
                    4b:58:b1:55:18:f3:e3:2b:5a:73:15:79:61:75:de:
                    65:13:d6:df:ab:fe:b8:a6:ab:7d:a1:cf:da:11:0d:
                    4b:7f:3b:51:da:8a:21:91:c4:23:89:26:49:c5:32:
                    05:a8:0c:7f:7f:7e:8d:a8:00:22:51:0d:e8:57:1d:
                    fb:11:fa:0c:26:29:a7:4c:63:57:a0:d8:fd:5b:46:
                    b4:0a:0a:5e:4e:37:59:82:a1:5c:b6:1b:d6:01:e9:
                    b6:8d:d6:dc:ef:09:13:11:b9:4f:f6:a8:72:71:9b:
                    30:06:40:27:ac:93:09:cf:e9:de:a2:ea:a4:78:98:
                    65:1c:a3:7f:af:4e:28:57:ed:0f:20:7e:6f:ea:0b:
                    71:7c:5f:2d:bd:16:cb:26:aa:ff:77:f2:62:09:39:
                    8b:cb:ca:f6:3c:ac:d6:93:46:0f:5e:2e:9b:dc:bf:
                    67:be:c9:97:d0:02:bf:a6:a1:7a:5e:7d:3e:c1:f0:
                    63:c3:b1:3e:c8:55:38:48:d9:0f:65:aa:fd:c1:45:
                    5a:36:2c:1f:cb:6d:17:03:e6:54:6a:ba:1d:0a:3d:
                    e8:46:d8:59:29:13:e4:30:bf:6e:e5:a2:81:e0:81:
                    bf:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:98:10:B2:80:4D:2B:C4:91:E7:0E:D6:CD:B8:2D:48:F0:4A:F1:F3
            X509v3 Authority Key Identifier:
                keyid:44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:b2:05:90:b5:af:1b:27:70:d8:c5:fe:73:c5:7c:f6:03:ab:
         1d:fc:d3:be:2e:55:68:f6:b4:08:ea:bb:4f:2c:4e:9e:5a:41:
         51:53:3b:7e:59:40:33:8d:28:97:e6:a4:d6:31:84:1c:30:ff:
         54:36:ba:fd:3e:4f:f8:ee:9a:c5:e3:e7:ef:49:df:7c:b7:43:
         44:c7:49:af:b4:06:f2:b6:83:71:05:af:0f:cb:ba:db:94:cb:
         30:d5:5a:2b:f9:7c:38:73:3a:a1:9e:c5:db:12:e2:9f:8e:64:
         42:52:7a:dd:fb:a0:65:b9:0f:85:cb:5c:03:cc:98:4e:ed:fe:
         7f:29:37:30:64:77:16:ee:9f:89:91:43:8a:56:bd:01:d9:8e:
         e5:61:74:32:e2:66:0b:24:1e:df:55:71:99:88:5e:48:8a:fd:
         96:ee:93:ab:9b:56:4e:df:9c:3b:0b:c5:5e:60:ed:23:1e:44:
         37:41:9f:66:30:8b:a5:59:a1:88:1d:bf:3f:f0:a4:61:e9:bc:
         34:9f:f9:f9:7b:54:0d:fb:8f:b2:37:21:27:1e:9b:53:f2:68:
         2b:de:fe:a4:07:e9:b9:2d:74:d1:63:bc:1e:e1:11:ad:ad:6a:
         39:45:f9:03:91:7a:ed:1b:70:8a:c9:ed:a4:55:24:7f:71:b7:
         7d:cf:31:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2XPLIEOPFXQkS5ttiqZjJSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZGJlMzYyNmE3NmIwNGExMjA4ODk3MDQ5NTg4NjNkNDI2
MzJmMGYwHhcNMjYwNDE2MTcwMDMwWhcNMjYwNDE3MTcwMDMwWjAzMTEwLwYDVQQD
Eyg4ZDk4MTBiMjgwNGQyYmM0OTFlNzBlZDZjZGI4MmQ0OGYwNGFmMWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA168rMgg28VthCCKuuxEGvp5a/GLN
k5VqVmpuvshLWLFVGPPjK1pzFXlhdd5lE9bfq/64pqt9oc/aEQ1LfztR2oohkcQj
iSZJxTIFqAx/f36NqAAiUQ3oVx37EfoMJimnTGNXoNj9W0a0CgpeTjdZgqFcthvW
Aem2jdbc7wkTEblP9qhycZswBkAnrJMJz+neouqkeJhlHKN/r04oV+0PIH5v6gtx
fF8tvRbLJqr/d/JiCTmLy8r2PKzWk0YPXi6b3L9nvsmX0AK/pqF6Xn0+wfBjw7E+
yFU4SNkPZar9wUVaNiwfy20XA+ZUarodCj3oRthZKRPkML9u5aKB4IG/swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI2YELKATSvEkecO1s24LUjwSvHzMB8GA1UdIwQY
MBaAFETb42JqdrBKEgiJcElYhj1CYy8PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDkt
ZGU4MWY5YWQ3NzljLzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDktZGU4MWY5YWQ3Nzlj
LzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARLIFkLWv
Gydw2MX+c8V89gOrHfzTvi5VaPa0COq7TyxOnlpBUVM7fllAM40ol+ak1jGEHDD/
VDa6/T5P+O6axePn70nffLdDRMdJr7QG8raDcQWvD8u625TLMNVaK/l8OHM6oZ7F
2xLin45kQlJ63fugZbkPhctcA8yYTu3+fyk3MGR3Fu6fiZFDila9AdmO5WF0MuJm
CyQe31VxmYheSIr9lu6Tq5tWTt+cOwvFXmDtIx5EN0GfZjCLpVmhiB2/P/CkYem8
NJ/5+XtUDfuPsjchJx6bU/JoK97+pAfpuS100WO8HuERra1qOUX5A5F67Rtwisnt
pFUkf3G3fc8xlg==
-----END CERTIFICATE-----