Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/49c630-80d8-4955-ba6e-ee6dbfa98d2e/1/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.mft
File:                     H4zVvaNGEK2v7R_tQ6IjRfB2fn8.mft (raw, json)
Hash identifier:          lY6qy1whYS8NmylAzBE0rf3tJ/GIdCUccEkkP0JzACw=
Subject key identifier:   3D:92:C2:A4:69:2E:97:2D:01:87:F8:95:72:D8:C4:BF:2F:56:C5:F4
Authority key identifier: 1F:8C:D5:BD:A3:46:10:AD:AF:ED:1F:ED:43:A2:23:45:F0:76:7E:7F
Certificate issuer:       /CN=1f8cd5bda34610adafed1fed43a22345f0767e7f
Certificate serial:       019D99626AE8D919D3CE862CDD9BA1CA5FF6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/49c630-80d8-4955-ba6e-ee6dbfa98d2e/1/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.mft
Manifest number:          1790
Signing time:             Fri 17 Apr 2026 03:00:56 +0000
Manifest this update:     Fri 17 Apr 2026 03:00:56 +0000
Manifest next update:     Sat 18 Apr 2026 03:00:56 +0000
Files and hashes:         1: H4zVvaNGEK2v7R_tQ6IjRfB2fn8.crl (hash: tOXDq26LDBSnnW6LWxJIZpYjwk8cchrbWV2jnxfuT9A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/49c630-80d8-4955-ba6e-ee6dbfa98d2e/1/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/49c630-80d8-4955-ba6e-ee6dbfa98d2e/1/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 03:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:6a:e8:d9:19:d3:ce:86:2c:dd:9b:a1:ca:5f:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f8cd5bda34610adafed1fed43a22345f0767e7f
        Validity
            Not Before: Apr 17 03:00:56 2026 GMT
            Not After : Apr 18 03:00:56 2026 GMT
        Subject: CN=3d92c2a4692e972d0187f89572d8c4bf2f56c5f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:4b:28:5c:71:df:95:09:dc:95:dd:c9:3b:c7:
                    00:cc:81:95:bc:cd:a0:44:92:94:53:00:7f:1b:6a:
                    62:9b:a3:26:ca:0a:e5:ef:cb:b0:9e:b1:23:db:85:
                    f8:68:df:fc:a5:c3:a1:0e:3c:e1:ef:6b:7f:6c:a9:
                    9e:4e:b3:b1:1f:cf:ad:15:d9:cd:04:03:d8:cb:9f:
                    8b:5f:8f:fa:de:b3:14:f0:f5:ec:e8:aa:cf:b8:f7:
                    69:fa:f1:20:1f:c5:21:07:6b:ff:b4:a4:2e:5b:e9:
                    fb:72:5b:70:19:d5:52:d8:d8:b8:21:9a:a0:23:b1:
                    e7:8c:a5:41:8b:8c:ae:e4:e9:44:24:bd:44:eb:3f:
                    3d:34:7d:b8:1a:b3:da:81:58:79:64:ed:84:54:66:
                    76:d6:0c:98:24:58:04:2e:ce:c2:c8:f7:f3:83:a3:
                    a2:c8:b7:df:ef:70:a4:57:2a:82:bb:f9:d4:82:e1:
                    13:bc:b5:f6:b0:6b:81:4f:2c:e5:1f:76:7f:36:37:
                    cd:e8:f2:ce:27:8d:71:8a:db:34:a0:b3:00:7a:ac:
                    53:c2:98:65:5c:a1:74:af:03:ff:c5:64:32:98:21:
                    a6:a4:5e:df:0e:4f:81:b2:1e:27:7a:17:30:b2:e7:
                    98:f7:49:5c:cd:22:0d:b0:38:32:1f:7a:60:5a:bd:
                    e5:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:92:C2:A4:69:2E:97:2D:01:87:F8:95:72:D8:C4:BF:2F:56:C5:F4
            X509v3 Authority Key Identifier:
                keyid:1F:8C:D5:BD:A3:46:10:AD:AF:ED:1F:ED:43:A2:23:45:F0:76:7E:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/49c630-80d8-4955-ba6e-ee6dbfa98d2e/1/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/49c630-80d8-4955-ba6e-ee6dbfa98d2e/1/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:11:d1:a2:76:93:83:73:dc:6a:02:cf:dc:b6:5f:3e:05:b8:
         95:22:01:97:d8:2f:4f:6b:7e:bc:59:5a:3d:bf:bb:bf:bb:6e:
         f5:1a:4b:bf:88:f0:50:0d:73:69:80:20:f7:48:72:b5:73:63:
         cb:3f:41:1c:c2:41:6b:b6:f4:d2:3c:02:ce:f1:ca:fd:d9:3a:
         11:7d:53:7c:6e:21:40:f6:da:43:1b:b3:67:7f:f9:9f:e0:b2:
         73:4c:ca:c4:2e:1b:ca:b9:3f:47:f2:28:b5:c2:fe:3d:64:92:
         43:b3:4d:35:12:bf:a8:47:a2:6d:37:8e:ab:2a:98:33:56:34:
         19:3b:a2:b7:98:e2:21:87:0d:9e:58:fe:d0:0a:ad:d3:07:cd:
         ba:35:54:cf:c0:e7:92:a6:52:0d:0d:cd:38:45:89:70:83:68:
         a8:4e:58:0e:42:da:e8:e7:4a:f9:f3:d1:df:f2:d6:b8:19:a8:
         00:aa:5d:bd:0b:21:91:5d:87:92:9c:f4:90:f0:8e:57:c4:4f:
         e9:83:f6:fc:c7:0f:02:30:30:eb:5b:bc:85:ee:b1:06:f7:0e:
         0f:9f:76:a8:22:92:a9:2c:99:10:a5:42:4c:08:14:79:06:36:
         65:af:e8:58:73:6f:9b:3d:81:af:33:94:3c:fb:dd:e5:11:52:
         e7:d9:86:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYmro2RnTzoYs3Zuhyl/2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmOGNkNWJkYTM0NjEwYWRhZmVkMWZlZDQzYTIyMzQ1ZjA3
NjdlN2YwHhcNMjYwNDE3MDMwMDU2WhcNMjYwNDE4MDMwMDU2WjAzMTEwLwYDVQQD
EygzZDkyYzJhNDY5MmU5NzJkMDE4N2Y4OTU3MmQ4YzRiZjJmNTZjNWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEsoXHHflQncld3JO8cAzIGVvM2g
RJKUUwB/G2pim6Mmygrl78uwnrEj24X4aN/8pcOhDjzh72t/bKmeTrOxH8+tFdnN
BAPYy5+LX4/63rMU8PXs6KrPuPdp+vEgH8UhB2v/tKQuW+n7cltwGdVS2Ni4IZqg
I7HnjKVBi4yu5OlEJL1E6z89NH24GrPagVh5ZO2EVGZ21gyYJFgELs7CyPfzg6Oi
yLff73CkVyqCu/nUguETvLX2sGuBTyzlH3Z/NjfN6PLOJ41xits0oLMAeqxTwphl
XKF0rwP/xWQymCGmpF7fDk+Bsh4nehcwsueY90lczSINsDgyH3pgWr3lywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2SwqRpLpctAYf4lXLYxL8vVsX0MB8GA1UdIwQY
MBaAFB+M1b2jRhCtr+0f7UOiI0Xwdn5/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDR6VnZhTkdFSzJ2N1JfdFE2SWpSZkIyZm44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My80OWM2MzAtODBkOC00OTU1LWJhNmUt
ZWU2ZGJmYTk4ZDJlLzEvSDR6VnZhTkdFSzJ2N1JfdFE2SWpSZkIyZm44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My80OWM2MzAtODBkOC00OTU1LWJhNmUtZWU2ZGJmYTk4ZDJl
LzEvSDR6VnZhTkdFSzJ2N1JfdFE2SWpSZkIyZm44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkhHRonaT
g3PcagLP3LZfPgW4lSIBl9gvT2t+vFlaPb+7v7tu9RpLv4jwUA1zaYAg90hytXNj
yz9BHMJBa7b00jwCzvHK/dk6EX1TfG4hQPbaQxuzZ3/5n+Cyc0zKxC4byrk/R/Io
tcL+PWSSQ7NNNRK/qEeibTeOqyqYM1Y0GTuit5jiIYcNnlj+0Aqt0wfNujVUz8Dn
kqZSDQ3NOEWJcINoqE5YDkLa6OdK+fPR3/LWuBmoAKpdvQshkV2Hkpz0kPCOV8RP
6YP2/McPAjAw61u8he6xBvcOD592qCKSqSyZEKVCTAgUeQY2Za/oWHNvmz2BrzOU
PPvd5RFS59mG/w==
-----END CERTIFICATE-----