Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft
File:                     dNUnZVf32kEAET2Fc5VmSBVA5hw.mft (raw, json)
Hash identifier:          LkyiY4SmfZku0TDwjEOUV1reciJEgwi+Y2vx0WkPCSw=
Subject key identifier:   B1:04:42:A4:D5:3B:3F:8A:96:CC:CE:4B:F1:3A:40:9E:F4:CA:B7:49
Authority key identifier: 74:D5:27:65:57:F7:DA:41:00:11:3D:85:73:95:66:48:15:40:E6:1C
Certificate issuer:       /CN=74d5276557f7da4100113d85739566481540e61c
Certificate serial:       019D9962EFC0D4B5F86871D9117340976B65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dNUnZVf32kEAET2Fc5VmSBVA5hw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft
Manifest number:          0B73
Signing time:             Fri 17 Apr 2026 03:01:31 +0000
Manifest this update:     Fri 17 Apr 2026 03:01:31 +0000
Manifest next update:     Sat 18 Apr 2026 03:01:31 +0000
Files and hashes:         1: dNUnZVf32kEAET2Fc5VmSBVA5hw.crl (hash: CXAAku0Zo/OyNrTaAYVrtV4V7DNYc0wJK1pIYZyq0Ig=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dNUnZVf32kEAET2Fc5VmSBVA5hw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:ef:c0:d4:b5:f8:68:71:d9:11:73:40:97:6b:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74d5276557f7da4100113d85739566481540e61c
        Validity
            Not Before: Apr 17 03:01:31 2026 GMT
            Not After : Apr 18 03:01:31 2026 GMT
        Subject: CN=b10442a4d53b3f8a96ccce4bf13a409ef4cab749
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:98:af:e1:51:d1:cb:ae:e3:07:e4:d1:c5:fc:
                    83:31:68:37:d6:de:2b:45:2c:61:2e:2e:72:97:91:
                    e0:f9:96:91:d9:76:cb:8c:49:ce:03:c1:16:88:54:
                    2f:d2:09:a8:84:79:53:b0:2c:c2:76:45:64:77:92:
                    c2:59:92:1d:5b:63:38:79:24:ba:3a:03:11:fb:72:
                    8e:15:2c:ed:1b:f8:7c:b1:a5:86:dc:30:f4:18:b0:
                    e0:66:30:04:10:5e:4e:e2:00:e0:f8:8f:f5:ec:d0:
                    1a:b2:a7:54:76:68:28:47:fd:e1:93:e3:85:84:6e:
                    be:e9:b8:dd:ed:a8:56:9a:7f:8d:fe:8e:49:dd:2d:
                    1c:fb:35:78:ea:b3:d4:02:a0:df:4f:c8:67:a8:4d:
                    52:be:ac:69:7c:54:5a:11:25:ed:31:02:b8:3d:54:
                    60:0a:d2:0d:87:51:2d:6e:46:ce:e3:a9:e1:3b:80:
                    57:7a:9d:9e:57:21:84:a4:07:98:66:34:65:38:b5:
                    a9:1b:cf:8b:9a:7c:f1:95:31:89:05:dc:34:d6:8c:
                    dc:fa:38:16:b7:6b:cf:a6:5e:b8:79:70:ad:6b:72:
                    d1:74:06:2c:d7:b6:0c:35:b5:87:99:1a:25:3a:63:
                    43:d6:b2:eb:89:4f:6f:80:c0:72:58:ba:56:1d:c0:
                    0c:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:04:42:A4:D5:3B:3F:8A:96:CC:CE:4B:F1:3A:40:9E:F4:CA:B7:49
            X509v3 Authority Key Identifier:
                keyid:74:D5:27:65:57:F7:DA:41:00:11:3D:85:73:95:66:48:15:40:E6:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dNUnZVf32kEAET2Fc5VmSBVA5hw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:68:b9:6e:17:7f:19:04:08:bd:df:a2:8d:a2:a8:6a:0f:fd:
         f3:37:af:45:ac:4d:b3:05:ee:ce:c4:e8:43:ba:82:f4:2c:d5:
         77:cd:89:f5:50:86:00:25:4b:c1:fc:89:ff:19:e7:90:ae:aa:
         b3:93:30:f2:7e:0e:3d:55:7c:6b:3c:bc:49:b9:7d:67:bf:fd:
         1b:2d:22:d8:4c:70:8b:94:c1:a1:3a:b5:04:3e:71:24:50:12:
         1d:f1:0f:a6:e0:7b:d0:40:32:d5:55:cc:49:95:45:3d:5b:ca:
         41:c4:40:35:f3:a5:21:8e:03:99:53:44:12:d1:39:c5:45:67:
         b1:96:b3:01:a6:f7:34:42:7a:22:b1:01:5d:e7:a9:e3:02:63:
         9a:56:33:7a:08:72:f7:52:2d:47:b3:0b:88:a2:37:0a:3c:ed:
         52:c3:5d:bd:d6:bd:6f:cd:12:2c:5c:42:3a:15:d6:30:f6:8c:
         db:05:de:2f:3b:df:8c:ad:ed:09:31:5d:b2:55:7d:35:97:d6:
         df:07:c0:87:0a:be:0c:2b:54:95:49:1c:ef:ea:7b:40:b1:18:
         15:05:a4:6c:0e:78:9b:7d:75:2b:4c:38:a9:ec:73:4d:b4:00:
         24:6a:fe:95:fc:2e:3f:81:3f:01:dc:e7:e3:24:38:a3:0c:0b:
         a1:c7:ea:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYu/A1LX4aHHZEXNAl2tlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZDUyNzY1NTdmN2RhNDEwMDExM2Q4NTczOTU2NjQ4MTU0
MGU2MWMwHhcNMjYwNDE3MDMwMTMxWhcNMjYwNDE4MDMwMTMxWjAzMTEwLwYDVQQD
EyhiMTA0NDJhNGQ1M2IzZjhhOTZjY2NlNGJmMTNhNDA5ZWY0Y2FiNzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJiv4VHRy67jB+TRxfyDMWg31t4r
RSxhLi5yl5Hg+ZaR2XbLjEnOA8EWiFQv0gmohHlTsCzCdkVkd5LCWZIdW2M4eSS6
OgMR+3KOFSztG/h8saWG3DD0GLDgZjAEEF5O4gDg+I/17NAasqdUdmgoR/3hk+OF
hG6+6bjd7ahWmn+N/o5J3S0c+zV46rPUAqDfT8hnqE1SvqxpfFRaESXtMQK4PVRg
CtINh1EtbkbO46nhO4BXep2eVyGEpAeYZjRlOLWpG8+LmnzxlTGJBdw01ozc+jgW
t2vPpl64eXCta3LRdAYs17YMNbWHmRolOmND1rLriU9vgMByWLpWHcAMMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLEEQqTVOz+KlszOS/E6QJ70yrdJMB8GA1UdIwQY
MBaAFHTVJ2VX99pBABE9hXOVZkgVQOYcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE5VblpWZjMya0VBRVQyRmM1Vm1TQlZBNWh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9lNWFmMTYtZGRmZC00ZjNkLTk2YTYt
NWM1YTc4YmIyYjhkLzEvZE5VblpWZjMya0VBRVQyRmM1Vm1TQlZBNWh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9lNWFmMTYtZGRmZC00ZjNkLTk2YTYtNWM1YTc4YmIyYjhk
LzEvZE5VblpWZjMya0VBRVQyRmM1Vm1TQlZBNWh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG2i5bhd/
GQQIvd+ijaKoag/98zevRaxNswXuzsToQ7qC9CzVd82J9VCGACVLwfyJ/xnnkK6q
s5Mw8n4OPVV8azy8Sbl9Z7/9Gy0i2Exwi5TBoTq1BD5xJFASHfEPpuB70EAy1VXM
SZVFPVvKQcRANfOlIY4DmVNEEtE5xUVnsZazAab3NEJ6IrEBXeep4wJjmlYzeghy
91ItR7MLiKI3CjztUsNdvda9b80SLFxCOhXWMPaM2wXeLzvfjK3tCTFdslV9NZfW
3wfAhwq+DCtUlUkc7+p7QLEYFQWkbA54m311K0w4qexzTbQAJGr+lfwuP4E/Adzn
4yQ4owwLocfqvg==
-----END CERTIFICATE-----