Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
File:                     CUsU8URwOb33-d7l-ik4XB3OlZ0.mft (raw, json)
Hash identifier:          eAU7p8c4P1axn8AUetEi2hkqf9iKo6dFTtCwM7FW9LY=
Subject key identifier:   60:28:30:71:4B:09:42:42:32:56:A3:E3:63:B9:1F:26:A1:9E:CE:F6
Authority key identifier: 09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D
Certificate issuer:       /CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
Certificate serial:       019D98F46145F9AE4923AC1D7B36D2A0A630
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
Manifest number:          1850
Signing time:             Fri 17 Apr 2026 01:00:45 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:45 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:45 +0000
Files and hashes:         1: CUsU8URwOb33-d7l-ik4XB3OlZ0.crl (hash: /OWhGYeJhRExNrbInvSV8ABHdv5zDmh9aEsRFuwzWAw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:61:45:f9:ae:49:23:ac:1d:7b:36:d2:a0:a6:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
        Validity
            Not Before: Apr 17 01:00:45 2026 GMT
            Not After : Apr 18 01:00:45 2026 GMT
        Subject: CN=602830714b0942423256a3e363b91f26a19ecef6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:cc:22:6c:d3:f6:e7:9c:0e:55:8f:bd:63:12:
                    14:70:ae:cd:4d:03:35:bf:1a:4b:0f:45:eb:91:2d:
                    9a:3e:8f:89:b2:21:9c:8e:b8:13:b1:e9:1b:64:a4:
                    9d:d2:8b:45:d6:4f:06:2e:fa:d6:63:2a:09:2a:83:
                    ef:88:1e:df:4f:5e:d2:78:01:80:be:ab:82:c4:80:
                    00:aa:b7:bd:40:80:c1:1c:6e:84:17:79:dd:d8:d4:
                    ba:60:5b:3a:44:02:d1:73:1d:42:ae:9b:d2:31:d0:
                    d2:bf:6c:8e:a3:6e:da:ed:9d:08:e4:dc:42:3e:8a:
                    1f:9e:9c:7c:56:07:5f:fb:ca:0a:44:9b:c7:1b:ad:
                    d2:c6:99:b7:08:5e:7b:8a:ec:46:74:54:ba:61:04:
                    f5:a9:83:0d:84:2c:49:d0:22:28:6c:9d:d2:46:65:
                    10:69:ef:86:2b:ec:b4:fc:62:9d:78:9b:8a:f8:3b:
                    54:70:80:ce:cd:30:62:7a:2b:e2:f3:50:d5:f0:b3:
                    83:5c:fd:42:5d:84:67:f1:7e:fb:2f:87:c0:dd:98:
                    7c:bb:ce:b8:1b:22:2d:f4:a4:75:f4:a4:16:cb:22:
                    6a:d6:58:e7:9a:17:4a:7e:c4:4e:a3:64:56:b8:58:
                    54:d8:90:90:be:19:6b:e7:cc:cf:2d:9e:de:de:48:
                    72:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:28:30:71:4B:09:42:42:32:56:A3:E3:63:B9:1F:26:A1:9E:CE:F6
            X509v3 Authority Key Identifier:
                keyid:09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:d7:3c:6f:37:2c:d6:09:61:c4:b9:7c:1e:bd:54:bc:80:59:
         13:db:14:c9:44:b2:08:47:6b:7c:86:66:df:bc:e7:00:89:57:
         07:c0:4e:80:54:14:40:be:16:d0:b5:8e:e0:b4:33:c6:c7:21:
         9f:7e:5b:7d:bd:7c:68:5f:4f:94:55:8c:b1:de:86:81:e9:fc:
         ee:d7:6e:a6:b1:44:0d:db:b9:ff:81:a8:ab:21:5f:2a:16:ce:
         04:52:91:10:75:aa:57:20:7b:53:cc:88:55:05:d4:27:92:53:
         2d:65:9c:dc:18:42:1f:24:4c:07:63:7b:a0:e4:e5:75:e1:1b:
         bc:b0:55:32:39:c6:9b:74:8c:9f:b5:66:cf:4d:23:6c:39:e7:
         2e:f1:92:12:48:0d:74:9e:4b:93:d3:f7:ef:74:03:b9:b6:32:
         b7:fa:1c:90:33:93:b0:7b:b4:b8:fc:31:64:2d:33:3f:fe:15:
         4c:eb:50:91:2d:62:43:e7:3d:56:86:d2:f0:47:e8:dc:33:6e:
         bd:39:26:92:79:3b:3e:6f:bb:85:e4:43:19:f4:e1:42:95:96:
         b8:e4:48:8d:0d:79:da:c7:86:14:ba:ac:01:b6:66:e0:30:b9:
         6b:11:11:bf:56:6d:9d:b0:f6:6d:19:5c:2a:ac:3d:13:0f:46:
         24:43:1c:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9GFF+a5JI6wdezbSoKYwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NGIxNGYxNDQ3MDM5YmRmN2Y5ZGVlNWZhMjkzODVjMWRj
ZTk1OWQwHhcNMjYwNDE3MDEwMDQ1WhcNMjYwNDE4MDEwMDQ1WjAzMTEwLwYDVQQD
Eyg2MDI4MzA3MTRiMDk0MjQyMzI1NmEzZTM2M2I5MWYyNmExOWVjZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8wibNP255wOVY+9YxIUcK7NTQM1
vxpLD0XrkS2aPo+JsiGcjrgTsekbZKSd0otF1k8GLvrWYyoJKoPviB7fT17SeAGA
vquCxIAAqre9QIDBHG6EF3nd2NS6YFs6RALRcx1CrpvSMdDSv2yOo27a7Z0I5NxC
Poofnpx8Vgdf+8oKRJvHG63Sxpm3CF57iuxGdFS6YQT1qYMNhCxJ0CIobJ3SRmUQ
ae+GK+y0/GKdeJuK+DtUcIDOzTBieivi81DV8LODXP1CXYRn8X77L4fA3Zh8u864
GyIt9KR19KQWyyJq1ljnmhdKfsROo2RWuFhU2JCQvhlr58zPLZ7e3khy3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGAoMHFLCUJCMlaj42O5Hyahns72MB8GA1UdIwQY
MBaAFAlLFPFEcDm99/ne5fopOFwdzpWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2Ut
NTBiNjRjYmQwZmUxLzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2UtNTBiNjRjYmQwZmUx
LzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAftc8bzcs
1glhxLl8Hr1UvIBZE9sUyUSyCEdrfIZm37znAIlXB8BOgFQUQL4W0LWO4LQzxsch
n35bfb18aF9PlFWMsd6Ggen87tduprFEDdu5/4GoqyFfKhbOBFKREHWqVyB7U8yI
VQXUJ5JTLWWc3BhCHyRMB2N7oOTldeEbvLBVMjnGm3SMn7Vmz00jbDnnLvGSEkgN
dJ5Lk9P373QDubYyt/ockDOTsHu0uPwxZC0zP/4VTOtQkS1iQ+c9VobS8Efo3DNu
vTkmknk7Pm+7heRDGfThQpWWuORIjQ152seGFLqsAbZm4DC5axERv1ZtnbD2bRlc
Kqw9Ew9GJEMcYA==
-----END CERTIFICATE-----