Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
File:                     582m42RtyToNLUKV0esJR2xmvKY.mft (raw, json)
Hash identifier:          7YRFVi4yzHSSJbg45kV+76iDOWui1dIjJIUwiqxVrKA=
Subject key identifier:   41:56:C9:BD:C8:B3:2E:38:FF:56:10:0D:3E:5E:D9:AE:9B:A3:C2:D8
Authority key identifier: E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6
Certificate issuer:       /CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
Certificate serial:       019D9BBEA492BDB710760B838D720B3140F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
Manifest number:          05E9
Signing time:             Fri 17 Apr 2026 14:00:55 +0000
Manifest this update:     Fri 17 Apr 2026 14:00:55 +0000
Manifest next update:     Sat 18 Apr 2026 14:00:55 +0000
Files and hashes:         1: 582m42RtyToNLUKV0esJR2xmvKY.crl (hash: JY0Ea8+/jiugixcptN9+9wyNdVq56ssQ2qLwe+zezOk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 14:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:be:a4:92:bd:b7:10:76:0b:83:8d:72:0b:31:40:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
        Validity
            Not Before: Apr 17 14:00:55 2026 GMT
            Not After : Apr 18 14:00:55 2026 GMT
        Subject: CN=4156c9bdc8b32e38ff56100d3e5ed9ae9ba3c2d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:05:58:f7:d9:24:66:8d:e8:cd:fc:09:9e:e8:
                    61:34:a9:c7:f1:30:59:f8:98:6f:79:ef:d2:71:19:
                    d2:77:af:35:73:88:d4:2b:4a:04:7d:2c:e1:f7:b0:
                    97:97:cf:ca:b8:a8:1b:da:0a:f9:7b:6f:f3:6c:d5:
                    39:3e:11:c0:62:19:47:0e:7a:51:e2:50:49:58:b2:
                    0c:bc:9a:b5:a0:dc:83:43:bc:bc:02:b9:86:d6:43:
                    83:d4:a9:51:46:1a:52:2a:a2:de:85:3b:67:07:9a:
                    ea:62:aa:07:6d:ae:06:95:0c:51:72:22:a4:28:ef:
                    d4:23:9e:7f:18:02:89:5e:2f:04:42:1c:55:bc:6f:
                    2d:fb:fb:2a:38:f0:d5:69:a1:60:bb:9a:3d:04:4f:
                    2e:66:66:f3:c4:31:b6:d8:d1:9c:4e:ff:57:4a:d7:
                    79:17:1f:10:b2:8f:0e:69:76:37:01:36:7c:da:93:
                    86:1d:35:12:95:9d:7d:2b:3b:07:32:6f:73:1d:c2:
                    e7:5c:ec:0c:e0:a3:62:c5:21:fb:93:cd:8d:53:ce:
                    4d:d2:2e:83:d6:9f:5b:d9:a1:08:73:e4:ca:1f:c3:
                    f6:44:01:3d:4b:cf:26:e1:0c:bd:3b:a4:f8:e4:1b:
                    b2:98:ce:bc:b5:73:d0:ab:ed:c1:31:44:5e:a7:6d:
                    da:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:56:C9:BD:C8:B3:2E:38:FF:56:10:0D:3E:5E:D9:AE:9B:A3:C2:D8
            X509v3 Authority Key Identifier:
                keyid:E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:d0:09:c0:2a:06:ef:f8:73:11:83:8a:56:46:96:e6:aa:f2:
         8a:c5:b8:3e:2b:1c:2f:fd:8b:bd:62:f8:7e:66:90:16:53:66:
         f6:1c:a2:95:3d:8d:73:2f:7f:85:47:2e:d5:4f:df:b9:17:f0:
         12:3e:cc:fb:86:4f:85:ff:a0:19:dd:e8:97:2c:ae:d6:80:67:
         be:7a:f7:74:b6:4c:8a:da:37:96:32:d6:31:e7:fc:39:d0:4a:
         ed:eb:96:ff:30:72:e9:27:1a:10:f0:88:41:49:b7:c5:c9:0b:
         09:56:ce:8b:d0:fa:f3:96:67:78:ca:05:3d:b6:5f:c8:0c:be:
         c9:26:b2:23:f1:76:e9:1e:47:a9:a4:a3:ee:cc:bf:f4:ee:6f:
         3c:0c:3f:0f:78:bf:55:d1:9b:4a:0a:c0:ee:28:d2:4a:59:a8:
         29:e0:7e:8b:4a:5c:91:a9:40:e1:89:5c:9a:01:0f:0e:0f:e2:
         fc:91:6f:e4:cd:59:01:1d:d9:a6:00:41:f9:26:bf:aa:42:17:
         a2:77:a7:96:ab:ce:87:bf:08:03:8f:96:47:c1:71:ca:a0:c5:
         df:bb:b1:15:e9:3c:9c:88:05:bf:a1:e2:0e:d4:f5:56:7b:55:
         23:e3:7e:ec:27:f3:1b:14:1a:a4:4e:00:fa:94:30:76:71:41:
         6f:b2:9e:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bvqSSvbcQdguDjXILMUD5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2RhNmUzNjQ2ZGM5M2EwZDJkNDI5NWQxZWIwOTQ3NmM2
NmJjYTYwHhcNMjYwNDE3MTQwMDU1WhcNMjYwNDE4MTQwMDU1WjAzMTEwLwYDVQQD
Eyg0MTU2YzliZGM4YjMyZTM4ZmY1NjEwMGQzZTVlZDlhZTliYTNjMmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1QVY99kkZo3ozfwJnuhhNKnH8TBZ
+Jhvee/ScRnSd681c4jUK0oEfSzh97CXl8/KuKgb2gr5e2/zbNU5PhHAYhlHDnpR
4lBJWLIMvJq1oNyDQ7y8ArmG1kOD1KlRRhpSKqLehTtnB5rqYqoHba4GlQxRciKk
KO/UI55/GAKJXi8EQhxVvG8t+/sqOPDVaaFgu5o9BE8uZmbzxDG22NGcTv9XStd5
Fx8Qso8OaXY3ATZ82pOGHTUSlZ19KzsHMm9zHcLnXOwM4KNixSH7k82NU85N0i6D
1p9b2aEIc+TKH8P2RAE9S88m4Qy9O6T45BuymM68tXPQq+3BMURep23aFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEFWyb3Isy44/1YQDT5e2a6bo8LYMB8GA1UdIwQY
MBaAFOfNpuNkbck6DS1CldHrCUdsZrymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMt
NTY4YzQwN2IzMGY3LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMtNTY4YzQwN2IzMGY3
LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPNAJwCoG
7/hzEYOKVkaW5qryisW4PiscL/2LvWL4fmaQFlNm9hyilT2Ncy9/hUcu1U/fuRfw
Ej7M+4ZPhf+gGd3olyyu1oBnvnr3dLZMito3ljLWMef8OdBK7euW/zBy6ScaEPCI
QUm3xckLCVbOi9D685ZneMoFPbZfyAy+ySayI/F26R5HqaSj7sy/9O5vPAw/D3i/
VdGbSgrA7ijSSlmoKeB+i0pckalA4YlcmgEPDg/i/JFv5M1ZAR3ZpgBB+Sa/qkIX
onenlqvOh78IA4+WR8FxyqDF37uxFek8nIgFv6HiDtT1VntVI+N+7CfzGxQapE4A
+pQwdnFBb7KeeA==
-----END CERTIFICATE-----