Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
File:                     4BpLB7xMpvoFciL96uhg9kRAR-A.mft (raw, json)
Hash identifier:          suOPdBdVumPm3SKbDHqRZZSmoUAZ7CUt7EkRLcCeMS0=
Subject key identifier:   B8:3D:86:78:6B:C0:85:80:E9:2E:C9:89:C2:76:ED:0D:9D:F0:99:14
Authority key identifier: E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0
Certificate issuer:       /CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
Certificate serial:       019D9C63A3DD3E3FA0FE9608B186DB37F461
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
Manifest number:          0694
Signing time:             Fri 17 Apr 2026 17:01:08 +0000
Manifest this update:     Fri 17 Apr 2026 17:01:08 +0000
Manifest next update:     Sat 18 Apr 2026 17:01:08 +0000
Files and hashes:         1: 4BpLB7xMpvoFciL96uhg9kRAR-A.crl (hash: yqLk3wZ/N08subKV8kBAR1Q++XRuAlzZLjm9wrggzNw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 16:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9c:63:a3:dd:3e:3f:a0:fe:96:08:b1:86:db:37:f4:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
        Validity
            Not Before: Apr 17 17:01:08 2026 GMT
            Not After : Apr 18 17:01:08 2026 GMT
        Subject: CN=b83d86786bc08580e92ec989c276ed0d9df09914
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:06:14:ed:4f:f3:5d:aa:ae:32:27:e4:b0:e8:
                    91:23:bb:8a:54:43:ab:0f:c0:88:97:c2:17:9b:d8:
                    7d:62:88:bc:44:0d:2b:88:3d:dd:ca:d1:af:d2:88:
                    9d:6a:29:80:ee:6d:6e:6a:24:29:6d:f8:55:c9:2f:
                    99:29:5c:68:74:b8:17:30:e6:f5:38:0e:e4:be:0a:
                    56:a7:67:89:86:95:ba:6a:a1:a0:a6:b5:ae:c6:99:
                    0c:76:19:83:61:b4:cd:4e:ac:88:32:81:dc:91:b2:
                    19:5f:3d:0f:cc:1b:6c:8f:29:60:39:6d:8e:0a:10:
                    70:e2:1e:79:5c:f8:5b:05:b1:48:56:db:89:4f:a4:
                    10:19:82:da:4d:63:a7:79:d0:a8:aa:b3:30:a8:ce:
                    fb:77:95:fe:a0:d0:8a:69:a1:27:58:18:76:5f:37:
                    fd:63:c5:30:04:d0:47:b4:d5:c6:59:5d:ea:7d:94:
                    a1:51:93:f2:55:e0:95:06:3d:93:78:7b:9b:74:c2:
                    64:5e:40:dd:cc:55:d3:18:b8:c3:68:08:8c:f6:af:
                    e9:2b:a6:a1:20:ca:e8:0b:e4:cd:03:30:32:ca:09:
                    5b:75:38:08:1b:b5:94:b6:54:35:b5:30:7c:5d:9a:
                    3d:7c:49:36:fb:b4:6a:c3:09:9b:2c:46:d6:49:da:
                    79:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:3D:86:78:6B:C0:85:80:E9:2E:C9:89:C2:76:ED:0D:9D:F0:99:14
            X509v3 Authority Key Identifier:
                keyid:E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:c2:03:84:00:80:13:e6:f1:e4:36:7d:4a:03:67:db:4c:b2:
         84:3d:31:43:84:e7:7b:1a:6c:f4:3b:6b:e2:eb:99:64:78:9c:
         4f:d6:1d:5f:c3:2a:ed:fe:c0:17:2f:84:01:60:3a:d6:75:76:
         05:e4:f1:aa:b1:ec:2c:e3:e1:be:3b:0d:0f:6a:e0:95:8a:53:
         50:37:4d:39:3d:7d:da:d6:07:8c:be:6b:da:14:63:f7:15:16:
         fd:f4:b4:eb:c2:d9:00:01:6d:7f:69:f7:0b:f9:54:92:54:f0:
         9b:1d:aa:df:af:dc:dc:ce:05:57:5f:c6:98:1e:07:90:dc:64:
         9c:d4:0a:c1:bb:b9:90:75:fd:b8:a4:15:09:e6:cd:0c:6a:89:
         cd:b4:87:b3:fa:03:e1:91:95:53:f4:4a:f6:58:78:2e:9e:81:
         8b:ea:22:c2:d7:dc:33:a5:2c:31:43:86:5b:d6:04:e3:54:7e:
         bf:ad:64:59:cf:bd:55:81:2c:af:16:36:2d:54:1c:97:c8:90:
         5a:a7:23:eb:6d:28:25:47:10:eb:b8:5d:fd:05:e5:5e:ed:8f:
         97:2f:91:46:55:67:f3:7a:5f:a7:91:4e:52:d2:d8:0a:a3:9e:
         94:32:1c:5f:46:35:da:85:5f:3a:70:65:58:df:55:77:7d:f2:
         79:4f:a8:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2cY6PdPj+g/pYIsYbbN/RhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMWE0YjA3YmM0Y2E2ZmEwNTcyMjJmZGVhZTg2MGY2NDQ0
MDQ3ZTAwHhcNMjYwNDE3MTcwMTA4WhcNMjYwNDE4MTcwMTA4WjAzMTEwLwYDVQQD
EyhiODNkODY3ODZiYzA4NTgwZTkyZWM5ODljMjc2ZWQwZDlkZjA5OTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wYU7U/zXaquMifksOiRI7uKVEOr
D8CIl8IXm9h9Yoi8RA0riD3dytGv0oidaimA7m1uaiQpbfhVyS+ZKVxodLgXMOb1
OA7kvgpWp2eJhpW6aqGgprWuxpkMdhmDYbTNTqyIMoHckbIZXz0PzBtsjylgOW2O
ChBw4h55XPhbBbFIVtuJT6QQGYLaTWOnedCoqrMwqM77d5X+oNCKaaEnWBh2Xzf9
Y8UwBNBHtNXGWV3qfZShUZPyVeCVBj2TeHubdMJkXkDdzFXTGLjDaAiM9q/pK6ah
IMroC+TNAzAyyglbdTgIG7WUtlQ1tTB8XZo9fEk2+7RqwwmbLEbWSdp5IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLg9hnhrwIWA6S7JicJ27Q2d8JkUMB8GA1UdIwQY
MBaAFOAaSwe8TKb6BXIi/eroYPZEQEfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUt
N2EzYzUzMmQzYTU1LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUtN2EzYzUzMmQzYTU1
LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV8IDhACA
E+bx5DZ9SgNn20yyhD0xQ4Tnexps9Dtr4uuZZHicT9YdX8Mq7f7AFy+EAWA61nV2
BeTxqrHsLOPhvjsND2rglYpTUDdNOT192tYHjL5r2hRj9xUW/fS068LZAAFtf2n3
C/lUklTwmx2q36/c3M4FV1/GmB4HkNxknNQKwbu5kHX9uKQVCebNDGqJzbSHs/oD
4ZGVU/RK9lh4Lp6Bi+oiwtfcM6UsMUOGW9YE41R+v61kWc+9VYEsrxY2LVQcl8iQ
Wqcj620oJUcQ67hd/QXlXu2Ply+RRlVn83pfp5FOUtLYCqOelDIcX0Y12oVfOnBl
WN9Vd33yeU+oMw==
-----END CERTIFICATE-----