Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft
File:                     1MiI65YKABkAwnleiq-iaPYC2EI.mft (raw, json)
Hash identifier:          sTcqv1Z5ItLIJQu+0G3ltkg+8P2/U+YUvCWuECsbo+0=
Subject key identifier:   AB:46:37:9D:82:50:54:5B:EE:19:BF:CF:A2:8C:0A:B1:76:AD:F6:C1
Authority key identifier: D4:C8:88:EB:96:0A:00:19:00:C2:79:5E:8A:AF:A2:68:F6:02:D8:42
Certificate issuer:       /CN=d4c888eb960a001900c2795e8aafa268f602d842
Certificate serial:       019D9AE32B0D7D8D18B9532184810D94A8E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1MiI65YKABkAwnleiq-iaPYC2EI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft
Manifest number:          0DCE
Signing time:             Fri 17 Apr 2026 10:01:12 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:12 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:12 +0000
Files and hashes:         1: 1MiI65YKABkAwnleiq-iaPYC2EI.crl (hash: yTQkLoyIEB941y5zA2kjc+WtDk9sZp4Em9lF3opEvmo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1MiI65YKABkAwnleiq-iaPYC2EI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:2b:0d:7d:8d:18:b9:53:21:84:81:0d:94:a8:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4c888eb960a001900c2795e8aafa268f602d842
        Validity
            Not Before: Apr 17 10:01:12 2026 GMT
            Not After : Apr 18 10:01:12 2026 GMT
        Subject: CN=ab46379d8250545bee19bfcfa28c0ab176adf6c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:d8:fe:d1:f0:07:2c:3e:2b:35:5f:2d:28:1e:
                    f2:47:de:0b:66:a3:7f:fd:43:fb:d6:14:f7:6e:69:
                    e4:01:bf:92:4d:7a:cf:55:6f:24:af:e1:23:1f:86:
                    c8:b7:4d:2c:d4:1b:be:18:08:fb:bc:04:bb:8f:fd:
                    e4:3c:16:74:5d:26:af:58:ca:9f:c9:84:b0:cf:59:
                    c4:f4:6d:a5:a5:df:ec:5a:ff:9f:b6:81:fa:55:ea:
                    27:d8:cf:c0:6a:fa:a0:d1:cc:14:a2:0e:84:c4:2a:
                    76:3a:9f:41:89:df:84:28:97:bc:e2:f7:91:83:4e:
                    2e:48:6f:e3:43:b2:31:94:09:53:0e:8a:27:2a:05:
                    7d:e2:58:5e:c7:cb:fb:b9:4a:40:5b:f5:94:ae:e0:
                    0c:6f:9d:81:b1:eb:1a:cf:73:2a:1a:b4:df:8f:ec:
                    a3:e2:33:c6:70:78:e9:30:fc:db:2c:07:a6:08:b7:
                    7d:13:e0:40:88:38:43:46:2a:ec:fe:a7:c4:fe:82:
                    5a:c8:13:68:0b:f2:92:74:c2:44:9c:d7:63:b6:42:
                    65:61:cd:8e:f0:40:60:d5:12:c8:26:e7:83:8c:60:
                    ef:12:12:24:81:12:8b:25:7c:30:ff:95:95:65:85:
                    a8:4a:5f:9e:c0:c3:3f:29:79:8b:31:e1:d0:b7:08:
                    5e:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:46:37:9D:82:50:54:5B:EE:19:BF:CF:A2:8C:0A:B1:76:AD:F6:C1
            X509v3 Authority Key Identifier:
                keyid:D4:C8:88:EB:96:0A:00:19:00:C2:79:5E:8A:AF:A2:68:F6:02:D8:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MiI65YKABkAwnleiq-iaPYC2EI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:4b:11:b5:fe:f8:18:aa:0c:69:4f:fe:ae:a7:80:0d:9e:80:
         7f:52:33:75:07:c0:7e:73:37:a4:d8:20:13:67:53:ff:69:9b:
         86:b7:40:05:10:98:86:b8:ba:f3:f4:61:9d:cd:61:c7:08:b8:
         38:fe:04:df:b4:09:37:52:12:f4:7e:ff:fb:96:e5:82:96:53:
         82:2c:78:fa:ff:e2:ab:ef:75:37:ca:67:56:07:6d:fc:f5:99:
         16:56:a4:f7:32:ee:bb:bf:6e:33:29:80:a8:67:d3:01:67:e1:
         99:8e:92:79:9a:69:56:1e:43:82:0b:ad:ad:d4:0c:fe:4b:5d:
         a1:fc:ee:62:98:f5:5c:e3:1f:f8:9b:a7:a8:53:fc:05:1c:6c:
         23:08:03:d4:22:6c:9b:86:2c:05:80:2c:01:bc:f9:0b:4a:ef:
         aa:1c:2e:7b:66:e4:bf:12:4a:d6:37:9c:3c:13:da:2a:85:eb:
         ee:2a:4b:93:7a:d8:2f:00:4f:87:3e:1a:a7:28:ec:86:86:94:
         3c:6a:f8:ac:54:08:c9:83:05:88:24:90:91:84:54:4f:7a:5c:
         2e:0e:62:72:48:73:69:6e:17:89:78:3a:3c:12:4b:c7:bb:39:
         d6:8c:0f:57:2c:8d:3d:c3:12:31:f7:00:fe:81:e6:30:66:7d:
         c0:fa:8d:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4ysNfY0YuVMhhIENlKjoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Yzg4OGViOTYwYTAwMTkwMGMyNzk1ZThhYWZhMjY4ZjYw
MmQ4NDIwHhcNMjYwNDE3MTAwMTEyWhcNMjYwNDE4MTAwMTEyWjAzMTEwLwYDVQQD
EyhhYjQ2Mzc5ZDgyNTA1NDViZWUxOWJmY2ZhMjhjMGFiMTc2YWRmNmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9j+0fAHLD4rNV8tKB7yR94LZqN/
/UP71hT3bmnkAb+STXrPVW8kr+EjH4bIt00s1Bu+GAj7vAS7j/3kPBZ0XSavWMqf
yYSwz1nE9G2lpd/sWv+ftoH6Veon2M/Aavqg0cwUog6ExCp2Op9Bid+EKJe84veR
g04uSG/jQ7IxlAlTDoonKgV94lhex8v7uUpAW/WUruAMb52Bsesaz3MqGrTfj+yj
4jPGcHjpMPzbLAemCLd9E+BAiDhDRirs/qfE/oJayBNoC/KSdMJEnNdjtkJlYc2O
8EBg1RLIJueDjGDvEhIkgRKLJXww/5WVZYWoSl+ewMM/KXmLMeHQtwheIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKtGN52CUFRb7hm/z6KMCrF2rfbBMB8GA1UdIwQY
MBaAFNTIiOuWCgAZAMJ5Xoqvomj2AthCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU1pSTY1WUtBQmtBd25sZWlxLWlhUFlDMkVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yZDczNGYtYWE4Yy00NzM1LWFjNzEt
MTVkNzY5MWY0YTJhLzEvMU1pSTY1WUtBQmtBd25sZWlxLWlhUFlDMkVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yZDczNGYtYWE4Yy00NzM1LWFjNzEtMTVkNzY5MWY0YTJh
LzEvMU1pSTY1WUtBQmtBd25sZWlxLWlhUFlDMkVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoksRtf74
GKoMaU/+rqeADZ6Af1IzdQfAfnM3pNggE2dT/2mbhrdABRCYhri68/Rhnc1hxwi4
OP4E37QJN1IS9H7/+5blgpZTgix4+v/iq+91N8pnVgdt/PWZFlak9zLuu79uMymA
qGfTAWfhmY6SeZppVh5DggutrdQM/ktdofzuYpj1XOMf+JunqFP8BRxsIwgD1CJs
m4YsBYAsAbz5C0rvqhwue2bkvxJK1jecPBPaKoXr7ipLk3rYLwBPhz4apyjshoaU
PGr4rFQIyYMFiCSQkYRUT3pcLg5ickhzaW4XiXg6PBJLx7s51owPVyyNPcMSMfcA
/oHmMGZ9wPqNmA==
-----END CERTIFICATE-----