Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/e2f4e1-a70a-4ca1-921c-594c69fb0711/1/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.mft
File:                     sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.mft (raw, json)
Hash identifier:          Ro4y3ZX9TjnokQbIjapviPiNevkPej2AKBX0GxbhcEk=
Subject key identifier:   75:4D:BC:B2:BD:80:84:D6:14:8F:A0:18:DA:C6:FA:22:F8:AD:DF:5E
Authority key identifier: B1:9D:46:A6:A3:36:35:3A:90:F1:74:FA:99:0F:C2:24:12:01:EB:1C
Certificate issuer:       /CN=b19d46a6a336353a90f174fa990fc2241201eb1c
Certificate serial:       019D9A06AA8DBFB0EF54F0ED2093F0722A18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/e2f4e1-a70a-4ca1-921c-594c69fb0711/1/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.mft
Manifest number:          0848
Signing time:             Fri 17 Apr 2026 06:00:21 +0000
Manifest this update:     Fri 17 Apr 2026 06:00:21 +0000
Manifest next update:     Sat 18 Apr 2026 06:00:21 +0000
Files and hashes:         1: sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.crl (hash: oFVFO3TOUpw3Kgk1DOxB4ZVMD0dbYV28sifr6WtnF0I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/e2f4e1-a70a-4ca1-921c-594c69fb0711/1/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/e2f4e1-a70a-4ca1-921c-594c69fb0711/1/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 06:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:06:aa:8d:bf:b0:ef:54:f0:ed:20:93:f0:72:2a:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b19d46a6a336353a90f174fa990fc2241201eb1c
        Validity
            Not Before: Apr 17 06:00:21 2026 GMT
            Not After : Apr 18 06:00:21 2026 GMT
        Subject: CN=754dbcb2bd8084d6148fa018dac6fa22f8addf5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:c8:4a:a0:55:9c:73:90:28:08:59:e5:8e:11:
                    be:fe:f5:81:17:3f:ce:8c:e1:89:21:a2:4a:cd:f2:
                    73:85:c2:2b:0a:a0:07:32:71:bb:61:95:44:d0:41:
                    76:54:2c:67:0f:54:b1:07:7b:0d:a6:56:aa:8c:ba:
                    ab:a7:5f:89:98:f3:cf:5d:d0:15:4c:62:ee:47:85:
                    d4:59:07:ae:12:f1:db:74:6f:7c:02:7a:96:cc:ec:
                    f3:d7:36:54:5a:39:be:06:55:bf:00:b7:52:cd:48:
                    f2:44:01:ce:2a:92:f5:9f:6c:c0:71:12:61:f6:c4:
                    68:d0:4a:75:5d:65:ec:b7:88:b3:ad:5b:17:1a:75:
                    8f:9c:64:db:3e:3b:25:f0:95:d6:5f:d4:18:c4:dd:
                    80:e5:32:5d:a3:e0:6f:b9:78:37:79:7b:10:43:16:
                    48:9e:79:42:fe:4b:08:9d:68:7e:ff:f4:33:bf:78:
                    f1:cc:29:c8:ae:4c:70:eb:a9:2c:83:ff:c8:49:5c:
                    7a:2c:9b:bb:32:c0:34:fc:b7:df:4a:42:86:60:96:
                    8c:5b:0f:05:ea:43:eb:42:22:8d:c8:20:64:4f:06:
                    0c:ea:79:14:d4:55:ee:78:3b:5d:ef:5c:a4:e8:41:
                    32:f4:f2:d2:a2:48:09:b7:98:a8:1e:ad:d3:33:ba:
                    f0:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:4D:BC:B2:BD:80:84:D6:14:8F:A0:18:DA:C6:FA:22:F8:AD:DF:5E
            X509v3 Authority Key Identifier:
                keyid:B1:9D:46:A6:A3:36:35:3A:90:F1:74:FA:99:0F:C2:24:12:01:EB:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/e2f4e1-a70a-4ca1-921c-594c69fb0711/1/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/e2f4e1-a70a-4ca1-921c-594c69fb0711/1/sZ1GpqM2NTqQ8XT6mQ_CJBIB6xw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:4c:50:75:2b:23:b8:26:aa:9a:30:a7:61:b6:91:e0:0d:06:
         a9:b5:a3:e3:84:3f:6c:0f:8e:77:8a:56:11:47:50:46:27:e6:
         56:4b:b0:66:57:c9:95:11:31:77:6c:a4:18:26:af:2d:2b:6e:
         56:c0:92:47:55:e9:91:51:a4:df:d7:41:82:ad:f3:48:35:3f:
         af:d2:df:72:ca:ce:41:d4:f4:45:e2:ae:b6:d3:da:2b:c6:50:
         b3:be:4d:30:74:2c:5e:1e:93:8e:4f:b7:7f:b3:17:37:18:87:
         6a:68:12:7b:57:ae:bc:cf:4e:0d:2b:a8:f6:24:be:c9:69:96:
         67:4e:4b:c7:d8:6b:85:27:63:52:6e:18:ae:cb:d1:19:a3:c6:
         c1:78:2d:66:f1:17:59:82:0c:6e:d6:e0:fd:f1:18:21:e2:fe:
         0b:fb:cf:92:ac:4c:e4:2d:2d:86:55:72:28:c0:4d:8a:60:4a:
         94:66:d3:13:a4:66:4c:89:02:4f:64:93:c6:7c:31:d5:db:b2:
         1f:49:89:b7:db:04:0b:4c:8a:b6:e3:69:90:e4:70:3b:a2:e4:
         e6:3d:da:c8:74:b7:74:b0:4e:23:86:5c:d8:70:75:b0:80:be:
         0c:8b:7b:b6:bd:74:40:d5:92:9f:fd:2d:10:d7:5a:8c:a5:b9:
         ec:38:ec:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aBqqNv7DvVPDtIJPwcioYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxOWQ0NmE2YTMzNjM1M2E5MGYxNzRmYTk5MGZjMjI0MTIw
MWViMWMwHhcNMjYwNDE3MDYwMDIxWhcNMjYwNDE4MDYwMDIxWjAzMTEwLwYDVQQD
Eyg3NTRkYmNiMmJkODA4NGQ2MTQ4ZmEwMThkYWM2ZmEyMmY4YWRkZjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyshKoFWcc5AoCFnljhG+/vWBFz/O
jOGJIaJKzfJzhcIrCqAHMnG7YZVE0EF2VCxnD1SxB3sNplaqjLqrp1+JmPPPXdAV
TGLuR4XUWQeuEvHbdG98AnqWzOzz1zZUWjm+BlW/ALdSzUjyRAHOKpL1n2zAcRJh
9sRo0Ep1XWXst4izrVsXGnWPnGTbPjsl8JXWX9QYxN2A5TJdo+BvuXg3eXsQQxZI
nnlC/ksInWh+//Qzv3jxzCnIrkxw66ksg//ISVx6LJu7MsA0/LffSkKGYJaMWw8F
6kPrQiKNyCBkTwYM6nkU1FXueDtd71yk6EEy9PLSokgJt5ioHq3TM7rwZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHVNvLK9gITWFI+gGNrG+iL4rd9eMB8GA1UdIwQY
MBaAFLGdRqajNjU6kPF0+pkPwiQSAescMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1oxR3BxTTJOVHFROFhUNm1RX0NKQklCNnh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9lMmY0ZTEtYTcwYS00Y2ExLTkyMWMt
NTk0YzY5ZmIwNzExLzEvc1oxR3BxTTJOVHFROFhUNm1RX0NKQklCNnh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9lMmY0ZTEtYTcwYS00Y2ExLTkyMWMtNTk0YzY5ZmIwNzEx
LzEvc1oxR3BxTTJOVHFROFhUNm1RX0NKQklCNnh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFExQdSsj
uCaqmjCnYbaR4A0GqbWj44Q/bA+Od4pWEUdQRifmVkuwZlfJlRExd2ykGCavLStu
VsCSR1XpkVGk39dBgq3zSDU/r9LfcsrOQdT0ReKuttPaK8ZQs75NMHQsXh6Tjk+3
f7MXNxiHamgSe1euvM9ODSuo9iS+yWmWZ05Lx9hrhSdjUm4YrsvRGaPGwXgtZvEX
WYIMbtbg/fEYIeL+C/vPkqxM5C0thlVyKMBNimBKlGbTE6RmTIkCT2STxnwx1duy
H0mJt9sEC0yKtuNpkORwO6Lk5j3ayHS3dLBOI4Zc2HB1sIC+DIt7tr10QNWSn/0t
ENdajKW57DjsGg==
-----END CERTIFICATE-----