Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/1baae1-623c-453b-867c-93742c48e0fe/1/F80TGMkZxu8W0kynhGKgt94UugU.mft
File:                     F80TGMkZxu8W0kynhGKgt94UugU.mft (raw, json)
Hash identifier:          XSIvXofDAEi0ngYvOarL8B5pf0zN8Vw5x1crVnKbBrU=
Subject key identifier:   29:E1:E4:C0:B9:2F:B8:93:2B:99:FC:C4:83:C7:B7:E4:C7:D3:D0:F2
Authority key identifier: 17:CD:13:18:C9:19:C6:EF:16:D2:4C:A7:84:62:A0:B7:DE:14:BA:05
Certificate issuer:       /CN=17cd1318c919c6ef16d24ca78462a0b7de14ba05
Certificate serial:       019D9C2C8B0626030AF839179277912AE9E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F80TGMkZxu8W0kynhGKgt94UugU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/1baae1-623c-453b-867c-93742c48e0fe/1/F80TGMkZxu8W0kynhGKgt94UugU.mft
Manifest number:          024D
Signing time:             Fri 17 Apr 2026 16:00:57 +0000
Manifest this update:     Fri 17 Apr 2026 16:00:57 +0000
Manifest next update:     Sat 18 Apr 2026 16:00:57 +0000
Files and hashes:         1: F80TGMkZxu8W0kynhGKgt94UugU.crl (hash: KufrrCl/dIw1qhQhHKAxGpZ4xGpiyPDMQlCignOoAZ0=)
                          2: pf5Zf2vmMKwv3V7bxVEW72mA5Ro.roa (hash: 25kq67NwiLZpvtq/lLKi0cW1juljgXPpgbg4/hkoeJk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/1baae1-623c-453b-867c-93742c48e0fe/1/F80TGMkZxu8W0kynhGKgt94UugU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/1baae1-623c-453b-867c-93742c48e0fe/1/F80TGMkZxu8W0kynhGKgt94UugU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/F80TGMkZxu8W0kynhGKgt94UugU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 16:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9c:2c:8b:06:26:03:0a:f8:39:17:92:77:91:2a:e9:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17cd1318c919c6ef16d24ca78462a0b7de14ba05
        Validity
            Not Before: Apr 17 16:00:57 2026 GMT
            Not After : Apr 18 16:00:57 2026 GMT
        Subject: CN=29e1e4c0b92fb8932b99fcc483c7b7e4c7d3d0f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:bf:5e:9c:8d:0c:5a:c8:8a:15:66:66:6c:b0:
                    45:ac:7f:f0:da:71:1b:c4:89:50:dd:1c:be:68:78:
                    6b:1f:05:01:44:66:7b:d6:3a:6d:e9:6a:a9:38:53:
                    b7:39:5d:77:77:54:ff:6f:7c:24:29:c5:8f:c1:e0:
                    6d:82:7e:33:46:5f:22:9c:92:16:09:77:8a:d0:b5:
                    01:7d:a1:6d:fe:a3:b6:32:05:50:59:bd:99:b9:7c:
                    1e:7d:61:d6:b9:5c:a7:e7:20:fe:c9:5b:49:5e:3c:
                    bd:b9:0f:f9:3d:d1:23:c0:af:6a:99:9f:16:dc:a8:
                    34:47:c5:d2:b5:21:a9:23:a7:93:f7:fc:73:ca:3a:
                    9e:aa:35:68:c9:74:31:1f:67:79:29:a7:ad:2e:16:
                    ec:89:ba:4b:9b:09:e9:df:f3:db:03:4c:ca:39:44:
                    76:49:a3:ba:50:f2:77:10:c1:8b:f0:cc:c7:c7:33:
                    a7:fd:1e:1b:9c:10:35:8e:8f:a5:4d:f3:0f:95:98:
                    db:ac:c8:c9:48:76:d6:b8:37:e2:14:7e:9b:20:54:
                    3f:05:00:e1:a2:0a:11:c6:7c:09:33:01:88:03:a1:
                    c0:c9:56:ba:1a:56:e2:9d:b3:c8:eb:f5:e1:ea:a5:
                    9c:35:c9:f4:6e:ea:4b:92:d7:7f:07:ba:51:c7:4e:
                    16:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:E1:E4:C0:B9:2F:B8:93:2B:99:FC:C4:83:C7:B7:E4:C7:D3:D0:F2
            X509v3 Authority Key Identifier:
                keyid:17:CD:13:18:C9:19:C6:EF:16:D2:4C:A7:84:62:A0:B7:DE:14:BA:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F80TGMkZxu8W0kynhGKgt94UugU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/1baae1-623c-453b-867c-93742c48e0fe/1/F80TGMkZxu8W0kynhGKgt94UugU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/1baae1-623c-453b-867c-93742c48e0fe/1/F80TGMkZxu8W0kynhGKgt94UugU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:f4:f0:59:13:ba:71:cb:f7:e5:67:8f:67:5a:25:95:42:bd:
         00:e0:f3:59:18:a5:3e:d1:20:87:bd:5c:a3:63:63:ef:57:96:
         00:dc:55:95:6e:5b:b8:cf:09:f2:7d:4c:09:eb:db:9e:25:92:
         24:ae:3c:ee:26:25:59:93:32:04:73:ee:21:b8:ba:20:8f:ed:
         86:aa:49:60:1f:c3:1f:4c:b1:e6:8f:3a:3d:e4:8f:bf:15:48:
         6e:0a:e7:81:3f:e3:37:ab:9b:22:c8:57:56:47:11:8e:e9:2b:
         46:12:e8:fd:34:0c:47:9c:b0:ef:1a:da:f2:0b:11:29:57:e5:
         9e:38:98:5f:31:cb:1e:87:de:38:41:f0:e6:a6:d1:8c:30:b6:
         9d:1d:00:2e:28:75:15:cc:fb:2d:80:c3:b2:4f:01:17:19:f8:
         e3:96:54:13:3d:e6:41:95:b6:67:5b:72:fd:26:b4:0f:8a:53:
         b9:48:fc:cf:ae:1f:c8:81:93:41:33:72:a9:9c:dc:d7:a3:91:
         1a:3e:af:2e:b6:14:6b:f6:94:31:34:e0:6f:35:f6:10:c2:34:
         65:06:be:fe:b8:3a:7d:dc:4b:4d:6f:11:aa:42:9e:ec:70:b6:
         40:73:ef:77:e3:bc:37:c0:2d:29:c2:16:5d:5b:9e:4f:2f:3a:
         e6:b7:eb:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2cLIsGJgMK+DkXkneRKunmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3Y2QxMzE4YzkxOWM2ZWYxNmQyNGNhNzg0NjJhMGI3ZGUx
NGJhMDUwHhcNMjYwNDE3MTYwMDU3WhcNMjYwNDE4MTYwMDU3WjAzMTEwLwYDVQQD
EygyOWUxZTRjMGI5MmZiODkzMmI5OWZjYzQ4M2M3YjdlNGM3ZDNkMGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr79enI0MWsiKFWZmbLBFrH/w2nEb
xIlQ3Ry+aHhrHwUBRGZ71jpt6WqpOFO3OV13d1T/b3wkKcWPweBtgn4zRl8inJIW
CXeK0LUBfaFt/qO2MgVQWb2ZuXwefWHWuVyn5yD+yVtJXjy9uQ/5PdEjwK9qmZ8W
3Kg0R8XStSGpI6eT9/xzyjqeqjVoyXQxH2d5KaetLhbsibpLmwnp3/PbA0zKOUR2
SaO6UPJ3EMGL8MzHxzOn/R4bnBA1jo+lTfMPlZjbrMjJSHbWuDfiFH6bIFQ/BQDh
ogoRxnwJMwGIA6HAyVa6GlbinbPI6/Xh6qWcNcn0bupLktd/B7pRx04WVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCnh5MC5L7iTK5n8xIPHt+TH09DyMB8GA1UdIwQY
MBaAFBfNExjJGcbvFtJMp4RioLfeFLoFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjgwVEdNa1p4dThXMGt5bmhHS2d0OTRVdWdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8xYmFhZTEtNjIzYy00NTNiLTg2N2Mt
OTM3NDJjNDhlMGZlLzEvRjgwVEdNa1p4dThXMGt5bmhHS2d0OTRVdWdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8xYmFhZTEtNjIzYy00NTNiLTg2N2MtOTM3NDJjNDhlMGZl
LzEvRjgwVEdNa1p4dThXMGt5bmhHS2d0OTRVdWdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFvTwWRO6
ccv35WePZ1ollUK9AODzWRilPtEgh71co2Nj71eWANxVlW5buM8J8n1MCevbniWS
JK487iYlWZMyBHPuIbi6II/thqpJYB/DH0yx5o86PeSPvxVIbgrngT/jN6ubIshX
VkcRjukrRhLo/TQMR5yw7xra8gsRKVflnjiYXzHLHofeOEHw5qbRjDC2nR0ALih1
Fcz7LYDDsk8BFxn445ZUEz3mQZW2Z1ty/Sa0D4pTuUj8z64fyIGTQTNyqZzc16OR
Gj6vLrYUa/aUMTTgbzX2EMI0ZQa+/rg6fdxLTW8RqkKe7HC2QHPvd+O8N8AtKcIW
XVueTy865rfrHA==
-----END CERTIFICATE-----
Generated at Sat Apr 18 01:37:17 2026 by rpki-client