Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
File:                     sgzLpAbArQxb4AB22ZgLNIhWmoo.mft (raw, json)
Hash identifier:          qTcFBScVRU1CN+GzBBiNOEtouTbCNBXC82zRcsfbbM8=
Subject key identifier:   DB:EF:A1:A2:04:9D:78:E2:81:39:B0:19:09:EE:61:0A:07:C9:54:38
Authority key identifier: B2:0C:CB:A4:06:C0:AD:0C:5B:E0:00:76:D9:98:0B:34:88:56:9A:8A
Certificate issuer:       /CN=b20ccba406c0ad0c5be00076d9980b3488569a8a
Certificate serial:       019D9AE2E0A66C5994640CC17009D15B4EDA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
Manifest number:          13A7
Signing time:             Fri 17 Apr 2026 10:00:53 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:53 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:53 +0000
Files and hashes:         1: sgzLpAbArQxb4AB22ZgLNIhWmoo.crl (hash: lqZjW3jqjmx5sHu7dIbHDpHukuhxpopCiuDhk4vPDww=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:e0:a6:6c:59:94:64:0c:c1:70:09:d1:5b:4e:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b20ccba406c0ad0c5be00076d9980b3488569a8a
        Validity
            Not Before: Apr 17 10:00:53 2026 GMT
            Not After : Apr 18 10:00:53 2026 GMT
        Subject: CN=dbefa1a2049d78e28139b01909ee610a07c95438
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:74:a5:ab:a0:5d:46:be:6d:58:88:5f:ca:1a:
                    68:5a:b4:b2:3e:d4:3f:aa:1b:12:93:d4:1e:c3:ad:
                    7e:0e:56:8b:99:41:bf:d2:3f:2a:78:59:13:67:6e:
                    22:9b:37:08:c6:4d:db:85:33:ff:e7:19:b4:77:c0:
                    81:1b:e6:07:1b:79:c2:52:24:12:7c:2d:08:7c:b0:
                    51:01:8d:cc:2b:f2:f3:ea:8b:d5:f9:36:f3:ab:ad:
                    83:51:cd:10:3d:e4:ee:c2:7e:13:cf:30:3d:56:c6:
                    b8:12:91:bd:f6:37:e8:87:33:cd:9a:d8:ea:8e:18:
                    7b:43:46:d0:58:d8:43:8e:df:32:33:a9:d0:f3:1a:
                    37:c1:d0:96:b6:44:2b:b2:a2:bf:be:a2:53:6a:e7:
                    e7:e8:46:db:85:a5:2e:b8:54:9c:57:fb:ba:87:ab:
                    92:bc:1f:5e:db:df:99:61:9d:49:46:87:ac:cb:b2:
                    c1:22:78:d2:42:e2:ef:c4:5b:58:eb:f9:28:d0:ea:
                    ea:26:25:6d:c5:19:49:ab:84:22:ea:e3:b1:81:9e:
                    65:f8:57:d4:e3:50:d8:8e:36:92:55:19:5b:ca:0d:
                    c8:65:8b:ca:c6:16:3d:28:c1:dc:5a:b9:1d:b1:ae:
                    50:5d:4b:72:a4:83:81:2e:a5:ef:ad:c7:07:b1:50:
                    0d:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:EF:A1:A2:04:9D:78:E2:81:39:B0:19:09:EE:61:0A:07:C9:54:38
            X509v3 Authority Key Identifier:
                keyid:B2:0C:CB:A4:06:C0:AD:0C:5B:E0:00:76:D9:98:0B:34:88:56:9A:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:b3:2d:a4:bb:a1:60:5b:77:8b:da:d7:1f:0e:f0:5f:8d:18:
         5c:4e:3f:de:28:e1:97:99:14:a1:4a:bd:e8:4b:cb:75:8b:ed:
         86:db:51:69:2d:8c:32:a1:fc:5f:2f:f4:a3:dc:ae:71:2c:ba:
         30:f2:a5:a8:5d:33:90:82:27:df:6d:87:3f:00:f2:ba:ee:ca:
         cc:46:76:23:12:fa:74:d6:f6:2b:a6:0f:a0:83:1d:44:51:c1:
         38:af:7b:16:fd:c3:be:71:80:ce:6f:d8:0e:44:6f:18:f1:e9:
         51:00:29:92:4f:3a:97:75:3a:75:8b:11:5c:53:3d:94:f8:64:
         c7:2c:71:2c:d5:9e:2a:a1:58:cf:f4:fa:25:3e:e6:55:b3:8f:
         f8:e3:f8:1d:d6:0c:1f:70:7b:ee:c2:fc:c6:0e:66:f9:22:94:
         23:4f:08:e9:70:b4:cb:9e:7c:e0:b5:e7:68:c1:9b:36:a5:4a:
         58:54:17:5d:02:a3:2a:09:20:73:cd:0b:cc:98:97:d1:eb:f8:
         44:ac:14:f1:82:45:02:7c:ca:21:a9:08:2c:c6:75:ff:2f:9b:
         e7:47:d5:7b:bd:84:39:7c:36:a4:f7:f6:62:48:44:98:f9:07:
         43:21:2a:b6:90:4e:92:56:50:53:6c:66:0f:fb:fd:28:81:32:
         41:60:61:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4uCmbFmUZAzBcAnRW07aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMGNjYmE0MDZjMGFkMGM1YmUwMDA3NmQ5OTgwYjM0ODg1
NjlhOGEwHhcNMjYwNDE3MTAwMDUzWhcNMjYwNDE4MTAwMDUzWjAzMTEwLwYDVQQD
EyhkYmVmYTFhMjA0OWQ3OGUyODEzOWIwMTkwOWVlNjEwYTA3Yzk1NDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHSlq6BdRr5tWIhfyhpoWrSyPtQ/
qhsSk9Qew61+DlaLmUG/0j8qeFkTZ24imzcIxk3bhTP/5xm0d8CBG+YHG3nCUiQS
fC0IfLBRAY3MK/Lz6ovV+Tbzq62DUc0QPeTuwn4TzzA9Vsa4EpG99jfohzPNmtjq
jhh7Q0bQWNhDjt8yM6nQ8xo3wdCWtkQrsqK/vqJTaufn6EbbhaUuuFScV/u6h6uS
vB9e29+ZYZ1JRoesy7LBInjSQuLvxFtY6/ko0OrqJiVtxRlJq4Qi6uOxgZ5l+FfU
41DYjjaSVRlbyg3IZYvKxhY9KMHcWrkdsa5QXUtypIOBLqXvrccHsVANqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNvvoaIEnXjigTmwGQnuYQoHyVQ4MB8GA1UdIwQY
MBaAFLIMy6QGwK0MW+AAdtmYCzSIVpqKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83NDNhNTAtZDdmNC00MmQxLWEwOWQt
N2NhOTNlY2IyMjM0LzEvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83NDNhNTAtZDdmNC00MmQxLWEwOWQtN2NhOTNlY2IyMjM0
LzEvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMrMtpLuh
YFt3i9rXHw7wX40YXE4/3ijhl5kUoUq96EvLdYvthttRaS2MMqH8Xy/0o9yucSy6
MPKlqF0zkIIn322HPwDyuu7KzEZ2IxL6dNb2K6YPoIMdRFHBOK97Fv3DvnGAzm/Y
DkRvGPHpUQApkk86l3U6dYsRXFM9lPhkxyxxLNWeKqFYz/T6JT7mVbOP+OP4HdYM
H3B77sL8xg5m+SKUI08I6XC0y5584LXnaMGbNqVKWFQXXQKjKgkgc80LzJiX0ev4
RKwU8YJFAnzKIakILMZ1/y+b50fVe72EOXw2pPf2YkhEmPkHQyEqtpBOklZQU2xm
D/v9KIEyQWBhfA==
-----END CERTIFICATE-----