Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
File:                     0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft (raw, json)
Hash identifier:          ajfoA0vFOXv+ft2SfgCweIcH9UbUiLcOGT+lM4dCr0U=
Subject key identifier:   F4:31:78:0B:71:24:96:86:9D:BD:B9:14:60:44:2F:73:F4:E9:57:A2
Authority key identifier: D0:0B:D4:D5:68:2C:E6:08:E2:7C:BE:22:1A:26:77:EC:B5:07:49:7D
Certificate issuer:       /CN=d00bd4d5682ce608e27cbe221a2677ecb507497d
Certificate serial:       019D99999C8AE50E261EB2B3AA81096EFC89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
Manifest number:          17FD
Signing time:             Fri 17 Apr 2026 04:01:14 +0000
Manifest this update:     Fri 17 Apr 2026 04:01:14 +0000
Manifest next update:     Sat 18 Apr 2026 04:01:14 +0000
Files and hashes:         1: 0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl (hash: GVNXDY6RONjC3ur9W0yEDQEzemEJi4TepkOpn8pjT9g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 04:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:99:9c:8a:e5:0e:26:1e:b2:b3:aa:81:09:6e:fc:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d00bd4d5682ce608e27cbe221a2677ecb507497d
        Validity
            Not Before: Apr 17 04:01:14 2026 GMT
            Not After : Apr 18 04:01:14 2026 GMT
        Subject: CN=f431780b712496869dbdb91460442f73f4e957a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:9a:b3:91:fc:b8:6d:5e:54:2f:e9:a3:28:3d:
                    80:aa:2e:f9:c0:53:16:3e:e8:56:d8:55:56:c1:5d:
                    1b:04:3f:06:00:39:86:97:7d:83:32:d7:f4:18:dc:
                    de:79:6d:23:f8:66:5b:d9:0b:c6:33:62:1a:c0:89:
                    54:df:93:f6:1d:a6:ec:2a:fa:1d:20:85:1e:a6:29:
                    31:d8:d4:40:7c:54:6c:d4:1c:42:7e:cc:c9:86:3c:
                    9b:b8:08:45:43:60:3c:e5:9b:a8:ce:4a:ac:66:b4:
                    26:25:91:70:37:3e:17:6f:6a:c2:6a:03:1a:f1:b9:
                    03:26:e0:de:59:88:b0:be:09:69:b1:ac:83:e8:c1:
                    cf:8f:00:e1:13:a3:dc:c4:55:b6:ad:40:e4:67:70:
                    19:dd:79:67:cd:29:90:4f:e3:3a:71:69:0b:a9:3d:
                    8e:ee:a3:6a:fa:96:75:7f:ff:77:b7:fd:31:4a:d6:
                    65:3d:2e:33:0f:41:ff:94:5e:77:e1:c7:13:8f:e3:
                    b7:59:a3:64:5e:ed:07:85:80:6b:21:aa:f5:93:95:
                    4f:f4:d9:bc:6f:5f:f8:c9:0d:27:6e:7e:45:24:57:
                    26:81:ab:5c:63:0f:89:4e:4d:fc:2c:3c:8a:43:88:
                    93:0c:93:fa:1b:8f:7b:4c:25:ea:29:0a:3e:79:4e:
                    de:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:31:78:0B:71:24:96:86:9D:BD:B9:14:60:44:2F:73:F4:E9:57:A2
            X509v3 Authority Key Identifier:
                keyid:D0:0B:D4:D5:68:2C:E6:08:E2:7C:BE:22:1A:26:77:EC:B5:07:49:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:38:00:06:1c:27:fd:46:18:2d:e2:6a:f6:af:ea:da:e5:6b:
         27:d9:07:7b:29:b7:cf:c2:87:5b:43:94:9c:92:90:ab:f9:a6:
         c7:1f:c3:41:6b:ab:0b:27:ba:ff:71:3b:16:8c:e4:93:0b:05:
         aa:16:d6:f9:8d:29:a4:af:f8:9c:4b:de:3c:17:51:e3:62:b7:
         b7:20:10:45:fb:0c:10:ae:9d:d7:f7:46:f4:c9:48:30:48:7d:
         27:4e:9b:c4:db:0d:df:83:23:de:c7:80:d6:c1:93:44:bb:68:
         f5:78:d2:7e:00:41:2a:1b:b6:30:18:67:97:06:27:85:bf:d0:
         23:72:e9:83:d9:9c:7f:96:49:f7:83:26:39:e1:ca:f0:52:91:
         1b:89:9b:fb:b0:e0:fa:6b:68:3b:56:b4:56:68:9d:80:77:f4:
         c4:bd:18:6b:70:c2:f2:d0:1e:04:51:e5:2f:90:70:0c:b5:57:
         3b:cc:2e:7b:53:d0:07:ae:c2:11:f4:46:ea:5d:8a:eb:c4:6f:
         91:82:8e:60:e3:70:fb:01:f7:b3:2f:80:ac:87:fa:d1:78:b0:
         dc:c5:57:9d:c2:20:ae:07:de:fe:3b:e8:00:be:4d:a0:56:32:
         85:74:f0:b0:27:8d:31:40:7b:67:e1:fc:3c:51:71:8f:56:5e:
         52:8c:aa:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmZyK5Q4mHrKzqoEJbvyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGJkNGQ1NjgyY2U2MDhlMjdjYmUyMjFhMjY3N2VjYjUw
NzQ5N2QwHhcNMjYwNDE3MDQwMTE0WhcNMjYwNDE4MDQwMTE0WjAzMTEwLwYDVQQD
EyhmNDMxNzgwYjcxMjQ5Njg2OWRiZGI5MTQ2MDQ0MmY3M2Y0ZTk1N2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZqzkfy4bV5UL+mjKD2Aqi75wFMW
PuhW2FVWwV0bBD8GADmGl32DMtf0GNzeeW0j+GZb2QvGM2IawIlU35P2HabsKvod
IIUepikx2NRAfFRs1BxCfszJhjybuAhFQ2A85ZuozkqsZrQmJZFwNz4Xb2rCagMa
8bkDJuDeWYiwvglpsayD6MHPjwDhE6PcxFW2rUDkZ3AZ3XlnzSmQT+M6cWkLqT2O
7qNq+pZ1f/93t/0xStZlPS4zD0H/lF534ccTj+O3WaNkXu0HhYBrIar1k5VP9Nm8
b1/4yQ0nbn5FJFcmgatcYw+JTk38LDyKQ4iTDJP6G497TCXqKQo+eU7ehQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPQxeAtxJJaGnb25FGBEL3P06VeiMB8GA1UdIwQY
MBaAFNAL1NVoLOYI4ny+Ihomd+y1B0l9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8yOTk1MjItOTMyYy00ODdhLWFmM2Qt
ZWI5MzAwNjcyYWU0LzEvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8yOTk1MjItOTMyYy00ODdhLWFmM2QtZWI5MzAwNjcyYWU0
LzEvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfzgABhwn
/UYYLeJq9q/q2uVrJ9kHeym3z8KHW0OUnJKQq/mmxx/DQWurCye6/3E7FozkkwsF
qhbW+Y0ppK/4nEvePBdR42K3tyAQRfsMEK6d1/dG9MlIMEh9J06bxNsN34Mj3seA
1sGTRLto9XjSfgBBKhu2MBhnlwYnhb/QI3Lpg9mcf5ZJ94MmOeHK8FKRG4mb+7Dg
+mtoO1a0VmidgHf0xL0Ya3DC8tAeBFHlL5BwDLVXO8wue1PQB67CEfRG6l2K68Rv
kYKOYONw+wH3sy+ArIf60Xiw3MVXncIgrgfe/jvoAL5NoFYyhXTwsCeNMUB7Z+H8
PFFxj1ZeUoyqig==
-----END CERTIFICATE-----