Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/bec563-581e-49e4-9cc7-a83a8d533275/1/rSzoJufkLt3WnfrTpZqbmqTigYM.mft
File:                     rSzoJufkLt3WnfrTpZqbmqTigYM.mft (raw, json)
Hash identifier:          3c3WtjnYajwLox4NYvt2MqPI/df2HZ0Yb6yK59SGD2s=
Subject key identifier:   3A:1B:53:12:1C:8D:69:BD:D8:80:E6:D0:43:E6:04:9F:BA:B4:9F:CB
Authority key identifier: AD:2C:E8:26:E7:E4:2E:DD:D6:9D:FA:D3:A5:9A:9B:9A:A4:E2:81:83
Certificate issuer:       /CN=ad2ce826e7e42eddd69dfad3a59a9b9aa4e28183
Certificate serial:       019D9A075E36DE8BEDFB6BDB0C1DA0D94396
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rSzoJufkLt3WnfrTpZqbmqTigYM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/bec563-581e-49e4-9cc7-a83a8d533275/1/rSzoJufkLt3WnfrTpZqbmqTigYM.mft
Manifest number:          17BD
Signing time:             Fri 17 Apr 2026 06:01:07 +0000
Manifest this update:     Fri 17 Apr 2026 06:01:07 +0000
Manifest next update:     Sat 18 Apr 2026 06:01:07 +0000
Files and hashes:         1: rSzoJufkLt3WnfrTpZqbmqTigYM.crl (hash: tOH9FPguluEV2JlcW0+RGNJbEsTbFzecqEW9MekLnrc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/bec563-581e-49e4-9cc7-a83a8d533275/1/rSzoJufkLt3WnfrTpZqbmqTigYM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/bec563-581e-49e4-9cc7-a83a8d533275/1/rSzoJufkLt3WnfrTpZqbmqTigYM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rSzoJufkLt3WnfrTpZqbmqTigYM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 06:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:07:5e:36:de:8b:ed:fb:6b:db:0c:1d:a0:d9:43:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad2ce826e7e42eddd69dfad3a59a9b9aa4e28183
        Validity
            Not Before: Apr 17 06:01:07 2026 GMT
            Not After : Apr 18 06:01:07 2026 GMT
        Subject: CN=3a1b53121c8d69bdd880e6d043e6049fbab49fcb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:70:d9:51:7b:aa:f5:83:b8:c4:75:10:59:07:
                    fe:1b:a8:6c:54:61:a2:f0:be:0b:4e:83:6f:ef:14:
                    31:49:69:ec:c5:13:ce:d5:1f:15:67:f2:c7:da:17:
                    57:5a:8d:dd:c4:eb:8f:15:ed:6b:e1:ea:95:65:17:
                    5d:75:c4:6d:be:2b:2c:2f:19:ee:20:d1:a7:58:6e:
                    25:c1:ab:68:87:f6:7d:41:f6:d0:87:cc:01:93:8e:
                    d8:01:62:d5:99:2e:23:78:85:dc:ad:88:44:c6:d2:
                    91:6f:09:94:bb:12:41:e8:c6:c5:8c:52:74:f1:bc:
                    68:90:67:58:f4:3d:98:e2:7c:bd:f4:bd:e2:dd:37:
                    89:15:3b:21:a3:f9:2c:6b:0e:a2:8f:4f:0b:53:44:
                    b8:45:86:55:f1:d5:be:fa:fc:e2:7f:74:f5:dd:99:
                    45:51:25:c6:77:dc:9d:ca:69:4e:9c:a7:4e:42:39:
                    e6:23:2b:8b:7a:3d:53:25:83:42:44:5f:91:ce:34:
                    c3:5d:f7:f7:11:9a:91:8c:57:c2:1d:1d:fb:e6:d4:
                    31:81:ee:9e:62:d3:77:f9:05:b8:0a:41:6f:71:dd:
                    d9:1e:8a:ec:a8:1d:dd:6e:1e:d6:7c:7c:a2:01:83:
                    18:24:92:ae:65:55:41:f9:aa:ed:4a:72:c8:9a:69:
                    97:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:1B:53:12:1C:8D:69:BD:D8:80:E6:D0:43:E6:04:9F:BA:B4:9F:CB
            X509v3 Authority Key Identifier:
                keyid:AD:2C:E8:26:E7:E4:2E:DD:D6:9D:FA:D3:A5:9A:9B:9A:A4:E2:81:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rSzoJufkLt3WnfrTpZqbmqTigYM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/bec563-581e-49e4-9cc7-a83a8d533275/1/rSzoJufkLt3WnfrTpZqbmqTigYM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/bec563-581e-49e4-9cc7-a83a8d533275/1/rSzoJufkLt3WnfrTpZqbmqTigYM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:ca:2f:35:84:ea:47:97:ac:83:10:56:8c:1e:13:ff:ab:1a:
         ff:a3:7c:73:a9:a0:42:16:dd:19:18:3d:57:ae:20:43:0f:f5:
         d7:f8:a1:7c:9b:a9:d8:ee:27:04:f8:e8:a0:35:35:6a:40:b0:
         92:4a:cd:67:0e:a6:dd:8b:59:14:f5:26:d4:9f:7a:3d:64:7e:
         c2:0b:cf:dc:f8:dd:02:57:93:f4:5c:4c:b1:94:42:5a:2c:4e:
         74:ce:95:3e:31:91:03:59:c9:9c:42:92:40:b8:e3:15:cc:6c:
         b2:0f:a9:a3:b5:b8:49:73:ad:59:2c:a3:56:74:18:4f:b4:14:
         44:38:d7:f2:e9:6b:47:c1:f7:4d:30:b9:3f:49:1e:dd:c0:72:
         b5:77:08:9c:e9:ef:a9:15:8b:2c:75:6f:d3:7d:d4:81:91:df:
         1d:08:60:97:37:ed:bd:96:ca:c2:98:9d:73:45:41:7a:56:1a:
         15:40:23:d5:97:0c:4e:07:04:68:66:32:5f:69:10:26:f8:99:
         cb:62:85:65:90:06:28:93:f1:86:68:9e:ba:42:f2:ee:9c:a4:
         e0:8a:1b:57:59:7b:16:5f:04:4a:02:a9:8c:6a:6d:be:9d:ec:
         28:b5:83:f1:2a:92:38:bb:2e:ad:3f:33:ed:a3:bb:7a:02:2d:
         b3:c4:5e:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aB1423ovt+2vbDB2g2UOWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMmNlODI2ZTdlNDJlZGRkNjlkZmFkM2E1OWE5YjlhYTRl
MjgxODMwHhcNMjYwNDE3MDYwMTA3WhcNMjYwNDE4MDYwMTA3WjAzMTEwLwYDVQQD
EygzYTFiNTMxMjFjOGQ2OWJkZDg4MGU2ZDA0M2U2MDQ5ZmJhYjQ5ZmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3DZUXuq9YO4xHUQWQf+G6hsVGGi
8L4LToNv7xQxSWnsxRPO1R8VZ/LH2hdXWo3dxOuPFe1r4eqVZRdddcRtvissLxnu
INGnWG4lwatoh/Z9QfbQh8wBk47YAWLVmS4jeIXcrYhExtKRbwmUuxJB6MbFjFJ0
8bxokGdY9D2Y4ny99L3i3TeJFTsho/ksaw6ij08LU0S4RYZV8dW++vzif3T13ZlF
USXGd9ydymlOnKdOQjnmIyuLej1TJYNCRF+RzjTDXff3EZqRjFfCHR375tQxge6e
YtN3+QW4CkFvcd3ZHorsqB3dbh7WfHyiAYMYJJKuZVVB+artSnLImmmXpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDobUxIcjWm92IDm0EPmBJ+6tJ/LMB8GA1UdIwQY
MBaAFK0s6Cbn5C7d1p3606Wam5qk4oGDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclN6b0p1ZmtMdDNXbmZyVHBacWJtcVRpZ1lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iZWM1NjMtNTgxZS00OWU0LTljYzct
YTgzYThkNTMzMjc1LzEvclN6b0p1ZmtMdDNXbmZyVHBacWJtcVRpZ1lNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iZWM1NjMtNTgxZS00OWU0LTljYzctYTgzYThkNTMzMjc1
LzEvclN6b0p1ZmtMdDNXbmZyVHBacWJtcVRpZ1lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVcovNYTq
R5esgxBWjB4T/6sa/6N8c6mgQhbdGRg9V64gQw/11/ihfJup2O4nBPjooDU1akCw
kkrNZw6m3YtZFPUm1J96PWR+wgvP3PjdAleT9FxMsZRCWixOdM6VPjGRA1nJnEKS
QLjjFcxssg+po7W4SXOtWSyjVnQYT7QURDjX8ulrR8H3TTC5P0ke3cBytXcInOnv
qRWLLHVv033UgZHfHQhglzftvZbKwpidc0VBelYaFUAj1ZcMTgcEaGYyX2kQJviZ
y2KFZZAGKJPxhmieukLy7pyk4IobV1l7Fl8ESgKpjGptvp3sKLWD8SqSOLsurT8z
7aO7egIts8ReHw==
-----END CERTIFICATE-----