Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft
File:                     tU0YlEyigIUFOR3pf6nWsrxhiZo.mft (raw, json)
Hash identifier:          IbmAxGSRQF658H+R6v7x6WvT+tIx0OQVlHmNbixJB84=
Subject key identifier:   B8:B9:F9:82:D0:DB:5F:EB:4D:5E:58:59:8E:BF:88:13:BC:9C:34:16
Authority key identifier: B5:4D:18:94:4C:A2:80:85:05:39:1D:E9:7F:A9:D6:B2:BC:61:89:9A
Certificate issuer:       /CN=b54d18944ca2808505391de97fa9d6b2bc61899a
Certificate serial:       019D9AE3A4966233E5DF8586B4F7C4F8F230
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tU0YlEyigIUFOR3pf6nWsrxhiZo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft
Manifest number:          135F
Signing time:             Fri 17 Apr 2026 10:01:43 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:43 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:43 +0000
Files and hashes:         1: tU0YlEyigIUFOR3pf6nWsrxhiZo.crl (hash: xMAW+GdOx4Z4r6IoFdZD6ts1vTlvSSe+6YiFkTwkYLA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tU0YlEyigIUFOR3pf6nWsrxhiZo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:a4:96:62:33:e5:df:85:86:b4:f7:c4:f8:f2:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b54d18944ca2808505391de97fa9d6b2bc61899a
        Validity
            Not Before: Apr 17 10:01:43 2026 GMT
            Not After : Apr 18 10:01:43 2026 GMT
        Subject: CN=b8b9f982d0db5feb4d5e58598ebf8813bc9c3416
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:bf:ba:28:fa:cc:f2:32:10:19:b4:ad:36:c3:
                    b8:03:6f:6e:39:86:70:31:fb:a0:32:91:d0:19:e1:
                    5b:14:18:b2:72:b2:15:77:10:92:1c:28:40:9b:94:
                    c6:ac:e0:c0:c1:27:fe:f4:e0:bd:72:0c:c8:37:af:
                    1f:92:97:15:bd:f9:1f:70:90:e4:ee:1c:f0:6d:f5:
                    4a:9b:11:c7:8f:c3:19:b2:b0:32:a2:b1:0e:38:ed:
                    77:7e:67:83:34:33:97:fb:39:de:e3:2a:58:55:5e:
                    fd:14:4e:db:68:50:e7:d9:a1:fa:02:7c:20:4f:8c:
                    72:ff:c0:46:77:6c:14:f3:4c:e2:02:20:08:c4:6e:
                    d0:31:3b:fa:70:00:46:fd:d6:83:55:3a:97:c1:6a:
                    b3:8f:2d:47:fb:a2:3b:14:31:85:2d:f8:95:f4:a2:
                    d8:6b:91:26:48:23:04:ec:35:56:03:5a:1e:83:c8:
                    c3:c8:1d:5e:79:29:fe:f8:8b:89:02:11:61:19:4a:
                    67:76:14:25:9b:b7:5f:9c:50:97:89:db:91:7b:7b:
                    b3:cb:fa:8e:f2:6f:bc:0a:9a:94:61:c7:94:2b:73:
                    0e:77:e6:e8:c1:68:d9:79:76:e1:e3:ff:7d:05:4c:
                    5a:21:9e:4e:8a:83:f3:52:1b:28:12:1a:30:da:8e:
                    a2:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:B9:F9:82:D0:DB:5F:EB:4D:5E:58:59:8E:BF:88:13:BC:9C:34:16
            X509v3 Authority Key Identifier:
                keyid:B5:4D:18:94:4C:A2:80:85:05:39:1D:E9:7F:A9:D6:B2:BC:61:89:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tU0YlEyigIUFOR3pf6nWsrxhiZo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:48:1b:1c:56:b7:a0:db:50:29:84:94:3a:19:b5:82:40:a2:
         f7:24:d0:44:c3:2c:00:48:6c:02:45:22:df:ff:87:a6:c5:6c:
         67:b6:df:a4:e3:4c:39:e0:81:3b:7b:c6:6e:77:ec:cd:a7:ba:
         a4:28:57:98:8a:15:b9:c5:ea:cf:80:bd:11:06:a5:30:17:e0:
         8e:f8:f2:8c:fc:02:90:5e:43:e3:28:dd:52:b6:55:bd:aa:f5:
         ca:29:7d:1a:c9:a3:3f:7b:b6:65:fc:7a:7f:49:75:36:71:e6:
         fc:46:64:62:9b:61:2a:dd:dd:9d:71:fc:12:f6:a3:36:af:ce:
         9a:e8:a3:3a:81:57:6e:68:23:53:dc:3e:93:28:08:ec:c2:3f:
         8f:6b:04:db:ca:18:54:1d:46:12:d6:7c:1c:70:59:78:5c:06:
         79:b2:a9:be:a5:57:cc:f0:b8:a5:7d:2f:7e:c9:93:f6:1a:9c:
         21:87:90:ae:75:8b:73:99:5c:9e:86:ce:27:f8:fc:bb:b6:da:
         9c:af:f8:82:84:ae:52:e0:65:f4:ab:5f:00:c1:23:48:00:ac:
         3f:b2:80:43:6b:82:ee:0d:f6:7b:cc:a7:35:0a:55:54:09:d8:
         55:f8:25:24:79:67:e0:73:3b:93:64:d2:b4:20:f9:b3:3d:dc:
         8e:a9:9a:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a46SWYjPl34WGtPfE+PIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NGQxODk0NGNhMjgwODUwNTM5MWRlOTdmYTlkNmIyYmM2
MTg5OWEwHhcNMjYwNDE3MTAwMTQzWhcNMjYwNDE4MTAwMTQzWjAzMTEwLwYDVQQD
EyhiOGI5Zjk4MmQwZGI1ZmViNGQ1ZTU4NTk4ZWJmODgxM2JjOWMzNDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlb+6KPrM8jIQGbStNsO4A29uOYZw
MfugMpHQGeFbFBiycrIVdxCSHChAm5TGrODAwSf+9OC9cgzIN68fkpcVvfkfcJDk
7hzwbfVKmxHHj8MZsrAyorEOOO13fmeDNDOX+zne4ypYVV79FE7baFDn2aH6Anwg
T4xy/8BGd2wU80ziAiAIxG7QMTv6cABG/daDVTqXwWqzjy1H+6I7FDGFLfiV9KLY
a5EmSCME7DVWA1oeg8jDyB1eeSn++IuJAhFhGUpndhQlm7dfnFCXiduRe3uzy/qO
8m+8CpqUYceUK3MOd+bowWjZeXbh4/99BUxaIZ5OioPzUhsoEhow2o6ipQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLi5+YLQ21/rTV5YWY6/iBO8nDQWMB8GA1UdIwQY
MBaAFLVNGJRMooCFBTkd6X+p1rK8YYmaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFUwWWxFeWlnSVVGT1IzcGY2bldzcnhoaVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xYzI5ODQtZmQ4My00MWJhLWIxZGMt
ZjY4M2I5NjgxZDYxLzEvdFUwWWxFeWlnSVVGT1IzcGY2bldzcnhoaVpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xYzI5ODQtZmQ4My00MWJhLWIxZGMtZjY4M2I5NjgxZDYx
LzEvdFUwWWxFeWlnSVVGT1IzcGY2bldzcnhoaVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABkgbHFa3
oNtQKYSUOhm1gkCi9yTQRMMsAEhsAkUi3/+HpsVsZ7bfpONMOeCBO3vGbnfszae6
pChXmIoVucXqz4C9EQalMBfgjvjyjPwCkF5D4yjdUrZVvar1yil9GsmjP3u2Zfx6
f0l1NnHm/EZkYpthKt3dnXH8EvajNq/OmuijOoFXbmgjU9w+kygI7MI/j2sE28oY
VB1GEtZ8HHBZeFwGebKpvqVXzPC4pX0vfsmT9hqcIYeQrnWLc5lcnobOJ/j8u7ba
nK/4goSuUuBl9KtfAMEjSACsP7KAQ2uC7g32e8ynNQpVVAnYVfglJHln4HM7k2TS
tCD5sz3cjqma7Q==
-----END CERTIFICATE-----