Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
File:                     MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft (raw, json)
Hash identifier:          yAyl0YmX5D9UEFjzlYw1yj3WVMgLrGLJtFjP/oJ87WQ=
Subject key identifier:   D8:4B:08:6C:42:FF:B3:8B:6C:E4:B0:79:A3:D4:EE:08:B8:63:CD:A8
Authority key identifier: 31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D
Certificate issuer:       /CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
Certificate serial:       019D9B1981DA6974D0E84C50F12FACB0A25B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
Manifest number:          080E
Signing time:             Fri 17 Apr 2026 11:00:33 +0000
Manifest this update:     Fri 17 Apr 2026 11:00:33 +0000
Manifest next update:     Sat 18 Apr 2026 11:00:33 +0000
Files and hashes:         1: MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl (hash: cX4pOXsE5qkNCbxga6Mciktxc25ffQBb98XUxkDX4RU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 11:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:19:81:da:69:74:d0:e8:4c:50:f1:2f:ac:b0:a2:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
        Validity
            Not Before: Apr 17 11:00:33 2026 GMT
            Not After : Apr 18 11:00:33 2026 GMT
        Subject: CN=d84b086c42ffb38b6ce4b079a3d4ee08b863cda8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:e0:d5:e8:e3:51:2f:f1:ec:de:59:ed:a9:0d:
                    e7:ad:6e:95:3a:be:88:c8:3d:97:9e:11:91:31:85:
                    98:ce:af:d6:d9:a0:03:6d:7a:ba:e5:92:74:fd:37:
                    de:d5:0c:1a:d4:e5:4a:1e:09:84:25:e3:d1:0a:d2:
                    85:b3:57:04:8d:e1:64:ec:01:71:b9:d8:99:3b:ad:
                    35:ea:f4:60:ac:2a:75:03:b0:82:30:78:1c:ef:c1:
                    d2:bd:98:c3:de:b5:10:d9:d4:08:0f:23:93:da:99:
                    7c:7b:5f:9c:78:fc:41:88:e9:ca:24:57:d6:c1:e2:
                    ce:34:3b:c1:a7:bc:43:53:2c:62:e0:f8:19:60:2b:
                    0c:67:1e:ee:14:f6:51:f4:73:e9:4f:b8:df:8e:1b:
                    5f:2d:b2:34:da:73:86:5b:04:d9:02:54:aa:bd:05:
                    65:e9:9c:8b:7e:40:39:f8:c9:24:75:08:b8:33:84:
                    bf:d1:72:a6:94:d4:be:42:a5:1d:f5:4a:75:7d:c8:
                    be:ae:41:8b:5b:8d:59:14:24:10:c6:4a:cf:88:50:
                    00:9c:4a:ae:12:1b:eb:7b:b7:a3:59:39:36:03:52:
                    ba:03:30:ed:12:b6:ec:46:ad:ad:94:97:cb:ab:b4:
                    07:08:61:94:6d:31:d3:78:fb:12:dc:c3:e0:bb:d5:
                    3e:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:4B:08:6C:42:FF:B3:8B:6C:E4:B0:79:A3:D4:EE:08:B8:63:CD:A8
            X509v3 Authority Key Identifier:
                keyid:31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:87:63:c5:51:28:0e:be:26:58:82:fc:30:93:a6:26:bb:23:
         64:b3:66:6a:bf:11:5a:ff:ec:e1:b9:be:b6:e9:67:2d:4a:82:
         a3:19:78:cf:55:e3:8e:73:d8:e7:40:01:23:ee:22:56:52:f9:
         b2:f5:6c:6d:a6:30:fd:49:74:3c:7d:bc:8c:5c:38:5e:ba:df:
         54:eb:e0:f7:72:73:f6:bb:4b:2c:d6:b7:02:d5:5d:21:e1:06:
         8b:26:36:1d:7c:2c:1e:d9:72:b2:d7:21:9c:9c:12:15:f0:d3:
         07:3e:8a:91:ca:ac:1e:7f:a9:8e:aa:08:c4:d8:ad:64:d3:65:
         c3:fe:91:e7:16:a8:61:aa:f5:c7:42:f0:11:67:6f:56:1f:42:
         fc:e8:0b:55:b7:42:de:25:73:9c:f8:ff:ff:82:09:ad:98:c3:
         3f:ba:d0:9e:e5:6d:d6:ad:3d:51:9c:1e:02:54:95:2e:d3:ea:
         72:83:51:07:96:39:46:b2:16:a7:93:8d:a6:72:39:de:77:3a:
         34:ed:6c:5a:ed:c9:a5:14:bd:35:1a:b9:96:6c:4e:81:da:d2:
         41:4c:d3:2f:32:47:e9:35:d8:62:08:25:e8:de:c8:71:8c:44:
         06:a8:37:dd:f2:76:4b:da:7c:82:64:2e:f5:78:19:89:4d:f8:
         71:4b:8d:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bGYHaaXTQ6ExQ8S+ssKJbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNGNlOTViYTIzY2RjOWQ2MDk5N2MyMzBkNjM1OWFkMzFj
MWE1OWQwHhcNMjYwNDE3MTEwMDMzWhcNMjYwNDE4MTEwMDMzWjAzMTEwLwYDVQQD
EyhkODRiMDg2YzQyZmZiMzhiNmNlNGIwNzlhM2Q0ZWUwOGI4NjNjZGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ODV6ONRL/Hs3lntqQ3nrW6VOr6I
yD2XnhGRMYWYzq/W2aADbXq65ZJ0/Tfe1Qwa1OVKHgmEJePRCtKFs1cEjeFk7AFx
udiZO6016vRgrCp1A7CCMHgc78HSvZjD3rUQ2dQIDyOT2pl8e1+cePxBiOnKJFfW
weLONDvBp7xDUyxi4PgZYCsMZx7uFPZR9HPpT7jfjhtfLbI02nOGWwTZAlSqvQVl
6ZyLfkA5+MkkdQi4M4S/0XKmlNS+QqUd9Up1fci+rkGLW41ZFCQQxkrPiFAAnEqu
Ehvre7ejWTk2A1K6AzDtErbsRq2tlJfLq7QHCGGUbTHTePsS3MPgu9U+LwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNhLCGxC/7OLbOSweaPU7gi4Y82oMB8GA1UdIwQY
MBaAFDFM6VuiPNydYJl8Iw1jWa0xwaWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgt
MTViYzliMjVkZmMwLzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgtMTViYzliMjVkZmMw
LzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYIdjxVEo
Dr4mWIL8MJOmJrsjZLNmar8RWv/s4bm+tulnLUqCoxl4z1XjjnPY50ABI+4iVlL5
svVsbaYw/Ul0PH28jFw4XrrfVOvg93Jz9rtLLNa3AtVdIeEGiyY2HXwsHtlystch
nJwSFfDTBz6KkcqsHn+pjqoIxNitZNNlw/6R5xaoYar1x0LwEWdvVh9C/OgLVbdC
3iVznPj//4IJrZjDP7rQnuVt1q09UZweAlSVLtPqcoNRB5Y5RrIWp5ONpnI53nc6
NO1sWu3JpRS9NRq5lmxOgdrSQUzTLzJH6TXYYggl6N7IcYxEBqg33fJ2S9p8gmQu
9XgZiU34cUuNVQ==
-----END CERTIFICATE-----