Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
File:                     4tNxxKeqqFX4zDsa6oAilCCoDyA.mft (raw, json)
Hash identifier:          3HSNrKKL2JCGQDNUSX9ufbWnOD0opKQsTODpFqL6pSY=
Subject key identifier:   74:DA:BA:50:EA:B7:1C:BF:09:40:90:6D:48:33:50:DF:A5:F9:50:54
Authority key identifier: E2:D3:71:C4:A7:AA:A8:55:F8:CC:3B:1A:EA:80:22:94:20:A8:0F:20
Certificate issuer:       /CN=e2d371c4a7aaa855f8cc3b1aea80229420a80f20
Certificate serial:       019D9B50F8D22F830B9E5B6ABB0A8A4285BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
Manifest number:          18C4
Signing time:             Fri 17 Apr 2026 12:01:08 +0000
Manifest this update:     Fri 17 Apr 2026 12:01:08 +0000
Manifest next update:     Sat 18 Apr 2026 12:01:08 +0000
Files and hashes:         1: 4tNxxKeqqFX4zDsa6oAilCCoDyA.crl (hash: UF2Rifpi+Dyu9c79smM7QaqK4m0TzATCV0URVcmV+hM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 12:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:50:f8:d2:2f:83:0b:9e:5b:6a:bb:0a:8a:42:85:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2d371c4a7aaa855f8cc3b1aea80229420a80f20
        Validity
            Not Before: Apr 17 12:01:08 2026 GMT
            Not After : Apr 18 12:01:08 2026 GMT
        Subject: CN=74daba50eab71cbf0940906d483350dfa5f95054
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:12:d0:f7:a3:dd:af:c1:ef:bc:bb:de:32:a7:
                    d5:64:d7:24:07:53:8d:6f:ad:d6:8e:d6:23:47:87:
                    23:53:50:e3:40:e5:55:ec:60:30:46:71:cf:57:b8:
                    7d:6a:7c:9a:5a:de:8b:2f:e7:15:bd:09:a6:1b:7e:
                    66:83:27:e2:91:dc:19:d1:5d:22:d8:c1:f4:13:ce:
                    62:6f:e8:99:1d:e5:d5:1f:44:70:7e:5e:57:f9:63:
                    bb:71:51:1c:dc:96:d0:b2:ef:32:73:72:66:24:fd:
                    73:47:61:19:6a:6c:44:48:c3:5d:52:f0:91:ab:33:
                    dc:26:51:4f:be:0e:1b:fc:b7:71:1a:ad:d3:b7:6b:
                    97:58:d4:c0:23:c8:6f:d9:d3:7f:06:f1:05:c7:e7:
                    05:51:55:b9:fe:da:08:33:fc:b4:2c:72:17:cf:a1:
                    c4:35:8e:fb:66:08:60:f8:1b:f3:2f:ea:6b:d9:64:
                    36:45:8c:82:fc:61:7b:04:29:b5:bc:29:97:54:68:
                    de:7b:54:2c:4d:3a:45:6d:05:e0:e5:d7:96:aa:f1:
                    cf:f1:a3:7e:46:5d:34:b5:4a:24:0f:29:98:74:64:
                    79:a9:ff:1d:3e:d0:3f:d1:23:0e:67:36:b3:15:90:
                    36:5e:09:eb:d1:64:3e:2f:ca:f4:eb:51:49:cc:29:
                    46:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:DA:BA:50:EA:B7:1C:BF:09:40:90:6D:48:33:50:DF:A5:F9:50:54
            X509v3 Authority Key Identifier:
                keyid:E2:D3:71:C4:A7:AA:A8:55:F8:CC:3B:1A:EA:80:22:94:20:A8:0F:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:d2:11:03:90:2a:5c:85:bd:43:45:44:b8:32:32:b1:c6:e8:
         88:3c:c6:0a:2e:29:fc:90:be:cb:88:64:0b:56:d5:ed:cf:13:
         a0:4a:e6:26:54:91:fa:c6:91:80:53:18:ea:92:7f:ad:1e:1e:
         79:d7:df:74:eb:39:65:b7:0f:a0:b8:04:ec:5f:61:51:8e:f4:
         e0:1b:0f:05:9f:fa:55:bb:e9:a2:4a:14:dd:26:32:bc:c9:f2:
         24:84:ab:75:e4:ed:51:eb:ec:e6:32:d7:47:0f:12:e8:58:ec:
         ef:13:34:e9:cf:70:25:b6:52:33:2e:a8:03:7d:bb:19:27:34:
         c6:db:09:c7:7f:cd:e9:51:a2:12:c1:44:17:b3:33:58:83:d9:
         5f:95:9c:0c:2a:53:68:74:43:70:03:34:50:a3:c2:78:f6:3c:
         41:00:3a:c8:4a:44:c4:0f:90:1c:43:9d:02:98:fb:d8:76:4c:
         42:89:90:f8:fd:3c:dc:f8:b9:d4:18:85:35:bb:5d:43:d8:14:
         93:9f:d3:32:f8:49:a1:ae:d4:3a:84:9e:80:e2:23:b9:4a:a6:
         52:79:4d:ec:a9:93:7b:4b:c0:c7:70:6f:e9:a5:0a:f1:2d:5c:
         62:66:b3:59:c3:01:d4:95:fd:29:77:46:c0:49:df:9e:43:33:
         ac:37:e4:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUPjSL4MLnltquwqKQoW8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDM3MWM0YTdhYWE4NTVmOGNjM2IxYWVhODAyMjk0MjBh
ODBmMjAwHhcNMjYwNDE3MTIwMTA4WhcNMjYwNDE4MTIwMTA4WjAzMTEwLwYDVQQD
Eyg3NGRhYmE1MGVhYjcxY2JmMDk0MDkwNmQ0ODMzNTBkZmE1Zjk1MDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRLQ96Pdr8HvvLveMqfVZNckB1ON
b63WjtYjR4cjU1DjQOVV7GAwRnHPV7h9anyaWt6LL+cVvQmmG35mgyfikdwZ0V0i
2MH0E85ib+iZHeXVH0Rwfl5X+WO7cVEc3JbQsu8yc3JmJP1zR2EZamxESMNdUvCR
qzPcJlFPvg4b/LdxGq3Tt2uXWNTAI8hv2dN/BvEFx+cFUVW5/toIM/y0LHIXz6HE
NY77Zghg+BvzL+pr2WQ2RYyC/GF7BCm1vCmXVGjee1QsTTpFbQXg5deWqvHP8aN+
Rl00tUokDymYdGR5qf8dPtA/0SMOZzazFZA2Xgnr0WQ+L8r061FJzClGKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHTaulDqtxy/CUCQbUgzUN+l+VBUMB8GA1UdIwQY
MBaAFOLTccSnqqhV+Mw7GuqAIpQgqA8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9mZWFhMzAtMTQyYS00ZmUwLWFhYjkt
OTA3YTU4Yzk5NGMyLzEvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9mZWFhMzAtMTQyYS00ZmUwLWFhYjktOTA3YTU4Yzk5NGMy
LzEvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFNIRA5Aq
XIW9Q0VEuDIyscboiDzGCi4p/JC+y4hkC1bV7c8ToErmJlSR+saRgFMY6pJ/rR4e
edffdOs5ZbcPoLgE7F9hUY704BsPBZ/6VbvpokoU3SYyvMnyJISrdeTtUevs5jLX
Rw8S6Fjs7xM06c9wJbZSMy6oA327GSc0xtsJx3/N6VGiEsFEF7MzWIPZX5WcDCpT
aHRDcAM0UKPCePY8QQA6yEpExA+QHEOdApj72HZMQomQ+P083Pi51BiFNbtdQ9gU
k5/TMvhJoa7UOoSegOIjuUqmUnlN7KmTe0vAx3Bv6aUK8S1cYmazWcMB1JX9KXdG
wEnfnkMzrDfkxg==
-----END CERTIFICATE-----