Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft
File:                     hUYNJS18tlxJNM6stG-pbctrVws.mft (raw, json)
Hash identifier:          Tlv36RTUOe7pM/AopqzwBusg4P0ZX3ObcEkbctUsjHY=
Subject key identifier:   43:43:BC:D6:B0:D7:1B:9B:7F:89:B8:F6:81:41:57:AE:78:B5:EB:B0
Authority key identifier: 85:46:0D:25:2D:7C:B6:5C:49:34:CE:AC:B4:6F:A9:6D:CB:6B:57:0B
Certificate issuer:       /CN=85460d252d7cb65c4934ceacb46fa96dcb6b570b
Certificate serial:       019DA3AEE7B9CD13ABCDEE52F89333EE7BFD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft
Manifest number:          09F5
Signing time:             Sun 19 Apr 2026 03:00:41 +0000
Manifest this update:     Sun 19 Apr 2026 03:00:41 +0000
Manifest next update:     Mon 20 Apr 2026 03:00:41 +0000
Files and hashes:         1: hUYNJS18tlxJNM6stG-pbctrVws.crl (hash: NjCYBVNIUdl2/XzeUq3FEbx6fSeo5DpzJKZam/GIXtM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:ae:e7:b9:cd:13:ab:cd:ee:52:f8:93:33:ee:7b:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85460d252d7cb65c4934ceacb46fa96dcb6b570b
        Validity
            Not Before: Apr 19 03:00:41 2026 GMT
            Not After : Apr 20 03:00:41 2026 GMT
        Subject: CN=4343bcd6b0d71b9b7f89b8f6814157ae78b5ebb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:eb:75:5a:19:f6:47:64:54:45:55:a2:68:0a:
                    ad:66:bd:9d:58:aa:cc:16:70:e0:f4:d9:96:07:eb:
                    34:37:ad:3b:68:77:87:dc:62:0f:56:47:dd:33:1e:
                    87:1f:8d:fa:34:66:f5:12:cc:be:f5:63:b2:78:17:
                    5f:d9:3b:e2:56:9d:b0:71:12:86:6a:d3:c8:4a:c5:
                    8f:d4:67:ff:ef:9a:66:d9:c9:22:8e:22:8c:99:83:
                    a8:e0:90:78:20:61:49:b4:57:e6:23:a7:4a:fa:46:
                    d9:85:2a:63:78:fc:ed:a9:4c:90:6f:fa:77:1b:d8:
                    3e:53:a3:a7:e3:09:8d:10:f7:0a:40:a9:ed:6f:81:
                    47:5d:40:3d:ff:d6:05:8b:74:67:4d:3a:a6:34:5f:
                    2e:97:be:f9:0a:bb:46:88:b7:76:24:49:4a:c5:cf:
                    24:90:e3:8a:4b:84:ba:3d:c8:05:ae:05:65:86:8f:
                    42:15:63:23:9d:78:e2:4e:76:8b:61:2f:c5:ab:49:
                    90:c7:f0:f0:95:41:77:24:8a:84:e5:5b:c0:e0:0c:
                    7f:6e:a5:fb:d3:d8:15:b8:7a:a6:f6:07:af:0b:d5:
                    70:5c:6c:23:6a:8b:a3:c1:5c:ae:00:f2:d1:98:ac:
                    3c:d5:1a:82:a2:e6:36:50:a3:d4:dd:a6:70:4a:34:
                    05:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:43:BC:D6:B0:D7:1B:9B:7F:89:B8:F6:81:41:57:AE:78:B5:EB:B0
            X509v3 Authority Key Identifier:
                keyid:85:46:0D:25:2D:7C:B6:5C:49:34:CE:AC:B4:6F:A9:6D:CB:6B:57:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUYNJS18tlxJNM6stG-pbctrVws.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ac3b4f-4fe9-442f-8bcd-926a0b2d57ad/1/hUYNJS18tlxJNM6stG-pbctrVws.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:b6:71:06:4f:b0:49:30:da:8e:02:95:0a:e5:4f:a6:21:63:
         a0:ce:8b:5d:a6:0c:c6:bb:f8:33:bc:fd:1c:20:09:d8:01:51:
         b3:d8:13:b9:6c:2c:9b:25:cf:b7:ea:d5:b7:a4:5b:4d:98:d6:
         13:00:6c:2b:42:2d:ab:e4:81:fe:1f:25:c1:20:d3:1a:7f:c1:
         b4:9c:13:ad:87:e0:38:63:e7:0f:10:ee:b6:ef:1b:d1:8d:1c:
         70:75:9b:74:06:66:cd:15:19:6b:7d:cc:84:e9:9b:70:95:6e:
         83:20:4a:9a:fd:fc:8e:49:6e:4e:5d:76:15:ca:e3:6f:29:99:
         ce:9d:a5:de:4a:0f:48:88:19:06:f4:96:9e:e8:fd:ff:c0:82:
         db:e6:0a:cc:eb:1c:3f:24:fd:ac:d2:bc:da:b5:d6:7a:f8:3f:
         ba:29:a4:9a:99:f0:6e:54:45:fa:89:b2:95:d8:47:a6:27:1b:
         b3:be:5d:70:1c:9c:13:73:d9:e5:1b:20:66:e5:16:e8:25:d8:
         ee:97:7f:07:07:d0:f0:61:cc:59:b1:9e:de:cc:f9:5a:f1:77:
         31:cf:d3:18:3e:60:11:f7:a4:c5:73:3d:67:79:e4:d9:6a:cb:
         5d:47:4d:ea:53:39:9c:54:76:db:d6:4f:ea:20:4d:86:30:49:
         5a:04:8c:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jrue5zROrze5S+JMz7nv9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NDYwZDI1MmQ3Y2I2NWM0OTM0Y2VhY2I0NmZhOTZkY2I2
YjU3MGIwHhcNMjYwNDE5MDMwMDQxWhcNMjYwNDIwMDMwMDQxWjAzMTEwLwYDVQQD
Eyg0MzQzYmNkNmIwZDcxYjliN2Y4OWI4ZjY4MTQxNTdhZTc4YjVlYmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2et1Whn2R2RURVWiaAqtZr2dWKrM
FnDg9NmWB+s0N607aHeH3GIPVkfdMx6HH436NGb1Esy+9WOyeBdf2TviVp2wcRKG
atPISsWP1Gf/75pm2ckijiKMmYOo4JB4IGFJtFfmI6dK+kbZhSpjePztqUyQb/p3
G9g+U6On4wmNEPcKQKntb4FHXUA9/9YFi3RnTTqmNF8ul775CrtGiLd2JElKxc8k
kOOKS4S6PcgFrgVlho9CFWMjnXjiTnaLYS/Fq0mQx/DwlUF3JIqE5VvA4Ax/bqX7
09gVuHqm9gevC9VwXGwjaoujwVyuAPLRmKw81RqCouY2UKPU3aZwSjQFKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFENDvNaw1xubf4m49oFBV654teuwMB8GA1UdIwQY
MBaAFIVGDSUtfLZcSTTOrLRvqW3La1cLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9hYzNiNGYtNGZlOS00NDJmLThiY2Qt
OTI2YTBiMmQ1N2FkLzEvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9hYzNiNGYtNGZlOS00NDJmLThiY2QtOTI2YTBiMmQ1N2Fk
LzEvaFVZTkpTMTh0bHhKTk02c3RHLXBiY3RyVndzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYrZxBk+w
STDajgKVCuVPpiFjoM6LXaYMxrv4M7z9HCAJ2AFRs9gTuWwsmyXPt+rVt6RbTZjW
EwBsK0Itq+SB/h8lwSDTGn/BtJwTrYfgOGPnDxDutu8b0Y0ccHWbdAZmzRUZa33M
hOmbcJVugyBKmv38jkluTl12FcrjbymZzp2l3koPSIgZBvSWnuj9/8CC2+YKzOsc
PyT9rNK82rXWevg/uimkmpnwblRF+omyldhHpicbs75dcBycE3PZ5RsgZuUW6CXY
7pd/BwfQ8GHMWbGe3sz5WvF3Mc/TGD5gEfekxXM9Z3nk2WrLXUdN6lM5nFR229ZP
6iBNhjBJWgSMcg==
-----END CERTIFICATE-----