Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
File:                     4VW0MN7doRMQ9shzieMgj8ZSnps.mft (raw, json)
Hash identifier:          aZ8gXreMrJ3dlufgCuUtiWyPRSX9WeNOpnUADvqU0Q0=
Subject key identifier:   4A:F4:1E:8C:DC:53:82:AC:DD:A8:FD:BF:71:A2:78:4B:B9:36:D4:E7
Authority key identifier: E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B
Certificate issuer:       /CN=e155b430dedda11310f6c87389e3208fc6529e9b
Certificate serial:       019D996232E71F1C4C2522E375D8F1EB5559
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
Manifest number:          11EA
Signing time:             Fri 17 Apr 2026 03:00:42 +0000
Manifest this update:     Fri 17 Apr 2026 03:00:42 +0000
Manifest next update:     Sat 18 Apr 2026 03:00:42 +0000
Files and hashes:         1: 4VW0MN7doRMQ9shzieMgj8ZSnps.crl (hash: hWs2z2QihaTRxSZMlPgNVS98fB3YLiIs1/EIRzj5MT4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 03:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:32:e7:1f:1c:4c:25:22:e3:75:d8:f1:eb:55:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e155b430dedda11310f6c87389e3208fc6529e9b
        Validity
            Not Before: Apr 17 03:00:42 2026 GMT
            Not After : Apr 18 03:00:42 2026 GMT
        Subject: CN=4af41e8cdc5382acdda8fdbf71a2784bb936d4e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:8e:c1:47:16:6f:0f:25:21:9c:77:54:05:bc:
                    9b:c0:5c:e6:91:58:68:c2:62:8d:7f:22:07:70:0e:
                    26:f4:fd:28:66:79:1d:33:5f:a5:25:07:d2:5e:39:
                    8b:0d:83:2d:c7:b6:c2:6b:f8:05:d1:9f:5f:69:76:
                    84:7c:46:d0:97:e3:44:c1:06:f0:0a:a0:82:e1:6d:
                    cf:dc:a3:0b:55:11:fc:da:27:d8:d6:a7:88:76:12:
                    cf:9a:ef:5f:e2:98:f4:d8:11:fa:e5:a5:a6:7d:6f:
                    fb:a9:96:7a:32:f8:6c:fe:3f:2b:f4:eb:53:49:69:
                    bd:ac:7e:9b:c6:a7:65:5c:e9:45:57:18:25:53:07:
                    b2:0e:82:de:a2:b2:eb:1c:69:1f:62:48:74:d4:18:
                    4e:f4:e4:60:d3:01:2b:2c:b1:61:93:51:6f:fd:25:
                    b6:e8:ba:14:9c:bc:27:c3:22:65:a6:1e:ff:db:52:
                    e9:f6:3e:c1:f4:02:9e:ee:2a:7e:da:0e:0b:c5:e6:
                    1b:81:1f:86:64:c0:c0:98:ef:23:f3:a5:ad:2f:24:
                    37:4b:a2:c5:20:af:dd:fa:69:8f:67:1c:5f:a5:84:
                    46:93:ae:86:09:f1:d5:7d:04:6b:71:22:70:63:85:
                    a5:e5:23:63:b6:9a:8e:af:ec:f8:87:e7:75:1b:82:
                    b8:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:F4:1E:8C:DC:53:82:AC:DD:A8:FD:BF:71:A2:78:4B:B9:36:D4:E7
            X509v3 Authority Key Identifier:
                keyid:E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:65:a5:fd:d0:bf:f0:a2:13:83:44:f5:6f:31:b7:33:28:34:
         04:72:2d:f2:ca:d6:5b:a3:d7:fd:20:57:1f:7c:62:33:34:66:
         64:cd:1c:e9:6b:ea:f8:d4:34:95:24:bc:6d:78:38:2c:03:b5:
         a8:3a:37:71:28:4a:79:6f:1e:41:1a:d7:f2:fa:2a:de:93:58:
         fa:52:08:5d:a8:1d:21:7b:cf:2f:a2:d8:a9:a7:c5:38:c4:15:
         d9:17:80:9f:34:7a:8c:33:e0:3e:ff:67:8e:2f:41:7b:1b:5f:
         5b:93:10:c0:5d:ea:a3:ac:51:7b:00:11:10:cc:39:1b:33:fe:
         fd:3e:d8:75:ae:fc:f3:7c:d5:20:ae:70:e8:47:13:78:e0:9b:
         4a:c4:2e:b6:60:ba:f0:ae:dc:8c:e2:a6:7e:35:be:50:81:91:
         9f:9e:17:f0:b2:5b:03:7f:d9:5f:03:13:91:e0:35:1c:3c:f6:
         c5:52:1c:3e:9d:48:8c:1d:d6:8a:97:3f:26:04:d4:c4:18:c1:
         ca:2f:d7:e4:19:8a:53:e4:eb:1e:27:fc:ff:eb:4f:e7:d5:4d:
         f7:63:da:68:91:12:67:73:23:fd:94:a0:80:5f:f1:20:8f:d0:
         eb:42:37:83:7e:c5:11:82:28:e8:f7:e7:fb:5a:7f:6e:84:ff:
         ee:a3:e6:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYjLnHxxMJSLjddjx61VZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTViNDMwZGVkZGExMTMxMGY2Yzg3Mzg5ZTMyMDhmYzY1
MjllOWIwHhcNMjYwNDE3MDMwMDQyWhcNMjYwNDE4MDMwMDQyWjAzMTEwLwYDVQQD
Eyg0YWY0MWU4Y2RjNTM4MmFjZGRhOGZkYmY3MWEyNzg0YmI5MzZkNGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjo7BRxZvDyUhnHdUBbybwFzmkVho
wmKNfyIHcA4m9P0oZnkdM1+lJQfSXjmLDYMtx7bCa/gF0Z9faXaEfEbQl+NEwQbw
CqCC4W3P3KMLVRH82ifY1qeIdhLPmu9f4pj02BH65aWmfW/7qZZ6Mvhs/j8r9OtT
SWm9rH6bxqdlXOlFVxglUweyDoLeorLrHGkfYkh01BhO9ORg0wErLLFhk1Fv/SW2
6LoUnLwnwyJlph7/21Lp9j7B9AKe7ip+2g4LxeYbgR+GZMDAmO8j86WtLyQ3S6LF
IK/d+mmPZxxfpYRGk66GCfHVfQRrcSJwY4Wl5SNjtpqOr+z4h+d1G4K4vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEr0HozcU4Ks3aj9v3GieEu5NtTnMB8GA1UdIwQY
MBaAFOFVtDDe3aETEPbIc4njII/GUp6bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAt
MGQ3NDA2MGExNmRkLzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAtMGQ3NDA2MGExNmRk
LzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoWWl/dC/
8KITg0T1bzG3Myg0BHIt8srWW6PX/SBXH3xiMzRmZM0c6Wvq+NQ0lSS8bXg4LAO1
qDo3cShKeW8eQRrX8voq3pNY+lIIXagdIXvPL6LYqafFOMQV2ReAnzR6jDPgPv9n
ji9BextfW5MQwF3qo6xRewAREMw5GzP+/T7Yda7883zVIK5w6EcTeOCbSsQutmC6
8K7cjOKmfjW+UIGRn54X8LJbA3/ZXwMTkeA1HDz2xVIcPp1IjB3Wipc/JgTUxBjB
yi/X5BmKU+TrHif8/+tP59VN92PaaJESZ3Mj/ZSggF/xII/Q60I3g37FEYIo6Pfn
+1p/boT/7qPmxw==
-----END CERTIFICATE-----