Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft
File:                     epHmw2HvM-JQ3YijH32Sfq03Xtk.mft (raw, json)
Hash identifier:          5qheQm74BEf/lFAfW08IKQnAJ/Dx42UVPNhpKi2KgsA=
Subject key identifier:   E8:1A:C9:BD:83:E1:98:CF:6C:17:81:30:EA:B6:F8:B4:63:6E:C1:E5
Authority key identifier: 7A:91:E6:C3:61:EF:33:E2:50:DD:88:A3:1F:7D:92:7E:AD:37:5E:D9
Certificate issuer:       /CN=7a91e6c361ef33e250dd88a31f7d927ead375ed9
Certificate serial:       019DA48A535100D4572D7E0DB7BA4A49ACF7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft
Manifest number:          0843
Signing time:             Sun 19 Apr 2026 07:00:21 +0000
Manifest this update:     Sun 19 Apr 2026 07:00:21 +0000
Manifest next update:     Mon 20 Apr 2026 07:00:21 +0000
Files and hashes:         1: epHmw2HvM-JQ3YijH32Sfq03Xtk.crl (hash: uhBf+e1gQ4uCMofevrIssDYPKCvinBbGoTzURwUOg7M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:8a:53:51:00:d4:57:2d:7e:0d:b7:ba:4a:49:ac:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a91e6c361ef33e250dd88a31f7d927ead375ed9
        Validity
            Not Before: Apr 19 07:00:21 2026 GMT
            Not After : Apr 20 07:00:21 2026 GMT
        Subject: CN=e81ac9bd83e198cf6c178130eab6f8b4636ec1e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:06:52:b0:be:76:ed:3e:7c:6a:7e:e7:dc:71:
                    f6:4c:c5:cb:7e:d0:d5:3e:fd:fb:3a:ad:46:b4:09:
                    8a:60:96:9f:94:67:1c:9c:2b:c2:46:bd:62:5e:ec:
                    46:7e:c4:de:d1:fe:c6:fe:af:2c:5e:13:e1:0e:f7:
                    02:d8:23:08:be:6a:de:48:3e:87:0f:61:a6:a9:a8:
                    c1:06:a1:cb:8a:84:09:f2:48:04:3d:c5:e2:77:d7:
                    35:8e:0f:72:89:b8:48:b8:51:e1:1e:e7:bc:d6:a0:
                    de:20:ab:82:c8:8c:a6:f8:d8:fb:7d:e4:5d:40:38:
                    c8:20:c7:2d:b0:ad:a1:73:a3:4e:f4:a5:c9:b8:07:
                    4e:fc:8f:8f:bd:ea:7a:e4:25:38:6e:89:fa:99:3b:
                    2f:d6:5d:1b:72:51:79:ae:a2:ed:be:86:ac:b1:b8:
                    e3:e9:95:a3:db:c9:94:af:94:a1:00:b7:6d:cf:73:
                    b5:6e:c0:67:07:71:ce:3a:75:cf:90:c6:6d:79:9f:
                    8a:1c:0a:c3:e8:54:d5:df:97:cf:62:0b:6e:95:c3:
                    ff:45:a0:ad:4c:e3:28:9e:67:fa:92:99:01:18:c5:
                    f3:5a:94:48:70:aa:e7:ff:c2:df:cc:65:f5:54:82:
                    0a:cb:57:f1:72:33:3a:e8:78:a6:a0:5b:83:37:93:
                    72:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:1A:C9:BD:83:E1:98:CF:6C:17:81:30:EA:B6:F8:B4:63:6E:C1:E5
            X509v3 Authority Key Identifier:
                keyid:7A:91:E6:C3:61:EF:33:E2:50:DD:88:A3:1F:7D:92:7E:AD:37:5E:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:11:72:0e:5e:4d:b8:93:1b:95:c3:d4:96:21:8d:6a:37:ab:
         77:ec:73:34:91:b0:02:da:b5:99:5c:cf:b4:92:5d:fe:f3:06:
         fc:62:6f:bb:2c:26:d7:68:89:cb:53:c7:32:16:0f:f2:80:d4:
         c2:41:19:f3:7c:98:d8:00:42:2c:eb:25:2b:c2:aa:75:84:30:
         81:73:33:b9:10:af:f7:54:98:54:5d:90:2f:f5:43:64:f2:09:
         f4:21:c5:40:c5:50:73:a7:67:71:82:46:59:a7:56:26:8a:38:
         72:d6:98:8b:51:f8:1f:6e:6f:1a:99:a7:b2:1a:55:2c:da:c6:
         04:8c:bd:65:c5:96:26:6e:eb:0b:2f:75:66:f0:1b:67:e6:33:
         3b:e4:43:1c:0b:a3:34:9c:59:92:48:f1:18:25:7b:5d:31:74:
         ff:27:4c:f7:43:f8:2b:9e:9c:8d:0d:80:5d:aa:f0:38:07:8c:
         74:df:40:ea:1b:51:2f:28:58:32:31:85:53:0a:0b:7f:e6:ed:
         4c:01:ed:98:c7:85:a6:eb:f2:28:1f:55:b0:d9:f5:b9:42:24:
         1b:b2:36:76:20:4f:bf:bd:ab:b0:4f:dd:67:13:09:37:c9:14:
         b8:a5:a4:dd:47:bb:04:25:fd:12:4f:0d:dc:3f:8c:dc:d0:8b:
         b8:3a:6c:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kilNRANRXLX4Nt7pKSaz3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhOTFlNmMzNjFlZjMzZTI1MGRkODhhMzFmN2Q5MjdlYWQz
NzVlZDkwHhcNMjYwNDE5MDcwMDIxWhcNMjYwNDIwMDcwMDIxWjAzMTEwLwYDVQQD
EyhlODFhYzliZDgzZTE5OGNmNmMxNzgxMzBlYWI2ZjhiNDYzNmVjMWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgZSsL527T58an7n3HH2TMXLftDV
Pv37Oq1GtAmKYJaflGccnCvCRr1iXuxGfsTe0f7G/q8sXhPhDvcC2CMIvmreSD6H
D2GmqajBBqHLioQJ8kgEPcXid9c1jg9yibhIuFHhHue81qDeIKuCyIym+Nj7feRd
QDjIIMctsK2hc6NO9KXJuAdO/I+Pvep65CU4bon6mTsv1l0bclF5rqLtvoassbjj
6ZWj28mUr5ShALdtz3O1bsBnB3HOOnXPkMZteZ+KHArD6FTV35fPYgtulcP/RaCt
TOMonmf6kpkBGMXzWpRIcKrn/8LfzGX1VIIKy1fxcjM66HimoFuDN5NyIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOgayb2D4ZjPbBeBMOq2+LRjbsHlMB8GA1UdIwQY
MBaAFHqR5sNh7zPiUN2Iox99kn6tN17ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80ZTNmYzMtMDQ4ZC00YjY2LWE5NTEt
M2UyNTM0NTgzNjExLzEvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80ZTNmYzMtMDQ4ZC00YjY2LWE5NTEtM2UyNTM0NTgzNjEx
LzEvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoBFyDl5N
uJMblcPUliGNajerd+xzNJGwAtq1mVzPtJJd/vMG/GJvuywm12iJy1PHMhYP8oDU
wkEZ83yY2ABCLOslK8KqdYQwgXMzuRCv91SYVF2QL/VDZPIJ9CHFQMVQc6dncYJG
WadWJoo4ctaYi1H4H25vGpmnshpVLNrGBIy9ZcWWJm7rCy91ZvAbZ+YzO+RDHAuj
NJxZkkjxGCV7XTF0/ydM90P4K56cjQ2AXarwOAeMdN9A6htRLyhYMjGFUwoLf+bt
TAHtmMeFpuvyKB9VsNn1uUIkG7I2diBPv72rsE/dZxMJN8kUuKWk3Ue7BCX9Ek8N
3D+M3NCLuDpslw==
-----END CERTIFICATE-----