Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
File:                     2Hwy4kled0lvwgKzAxZLpAjl0SI.mft (raw, json)
Hash identifier:          Afp/wLYQxnZ7TsPhMpacCKIFI9BJVvxizqdB2moHTmU=
Subject key identifier:   30:46:8E:57:E2:F5:6B:39:53:D3:D7:C2:82:7E:AF:B2:86:40:88:5D
Authority key identifier: D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22
Certificate issuer:       /CN=d87c32e2495e77496fc202b303164ba408e5d122
Certificate serial:       019D9AE3A67FE7864B7EF74CC6F0153333C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
Manifest number:          17BD
Signing time:             Fri 17 Apr 2026 10:01:43 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:43 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:43 +0000
Files and hashes:         1: 2Hwy4kled0lvwgKzAxZLpAjl0SI.crl (hash: 9TX/JIx6UBm35A4muUHHKycrkHYQB1qRJlK0/RbvaM4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:a6:7f:e7:86:4b:7e:f7:4c:c6:f0:15:33:33:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d87c32e2495e77496fc202b303164ba408e5d122
        Validity
            Not Before: Apr 17 10:01:43 2026 GMT
            Not After : Apr 18 10:01:43 2026 GMT
        Subject: CN=30468e57e2f56b3953d3d7c2827eafb28640885d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:05:68:25:e9:00:24:b6:aa:7a:cc:ce:1f:f7:
                    e7:e5:c2:ad:97:c1:28:89:02:bd:3a:ed:1b:8f:6c:
                    f5:ee:5a:25:f2:6b:4c:23:4b:de:8c:cb:54:23:cc:
                    da:52:81:32:f6:71:a2:82:c5:b0:86:d6:4c:a2:88:
                    ea:db:94:23:d0:0c:7b:cd:bf:3f:8d:47:96:7f:cb:
                    c6:9c:75:16:54:54:95:c8:8d:9f:bd:ef:b7:7e:82:
                    00:c4:ee:da:dc:18:38:a3:a0:08:a3:39:d5:71:8e:
                    82:e5:f3:c8:5a:ad:1c:e7:09:30:8a:cb:83:fa:0f:
                    98:72:d1:2c:22:bb:60:4f:f2:09:d3:da:97:fc:ee:
                    30:1e:b7:46:b0:2c:3e:91:2d:65:3b:33:2a:1e:df:
                    c1:60:53:d6:23:ad:83:50:be:1f:02:c1:74:67:8c:
                    d1:42:bc:31:52:de:e7:d9:66:86:52:e1:6b:44:3c:
                    3a:55:28:71:de:a5:d8:31:f8:21:5c:4d:a9:fc:63:
                    a1:b2:0a:a4:16:f4:38:3e:db:f2:43:0b:5d:0a:db:
                    3c:b0:b8:f6:8b:9b:74:85:5e:a2:00:03:28:c0:71:
                    9b:20:28:95:2b:7c:69:f6:bb:df:47:c6:c5:21:17:
                    a7:c2:88:2d:c1:c4:5e:4c:51:1a:04:05:c8:4b:16:
                    f1:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:46:8E:57:E2:F5:6B:39:53:D3:D7:C2:82:7E:AF:B2:86:40:88:5D
            X509v3 Authority Key Identifier:
                keyid:D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:d4:65:e1:d1:d4:fa:40:3d:48:0d:8f:ef:c5:18:b1:ec:31:
         76:6b:89:3f:f1:1c:60:f5:a3:20:d6:20:74:5f:94:a8:5a:00:
         5d:b7:b0:15:4d:f3:13:72:66:b9:d5:98:e2:0c:fd:e0:31:6f:
         72:fe:f4:90:68:b2:e2:38:1a:bc:3c:d9:d2:2f:7a:55:99:43:
         32:7d:79:50:6d:e9:7b:7c:97:6c:97:40:1b:46:d5:2b:a5:bd:
         50:58:60:f1:b5:e5:99:0d:66:4f:45:9e:73:a4:f6:52:86:9e:
         e5:4a:77:4a:2e:62:ca:65:f1:ce:3a:18:13:ba:d4:a2:a7:20:
         fa:cd:63:18:20:d9:93:05:ab:2e:41:4f:44:4f:33:94:d5:e7:
         73:49:26:ab:cb:4a:f9:69:71:22:f6:91:51:45:3a:8b:c0:33:
         69:0a:a8:6a:3c:7a:33:90:f5:86:13:c8:bc:1b:52:57:75:f3:
         07:61:9e:da:e2:9c:66:94:6b:34:11:43:62:50:69:6f:ce:18:
         f8:a0:63:4b:08:9b:1c:87:ca:c6:d6:a1:1e:83:e5:c1:44:83:
         bf:6b:1d:0d:fe:ba:71:7a:ea:ce:5f:7c:e6:2d:94:01:82:bc:
         ee:bb:df:60:61:3c:10:46:90:91:96:ff:5e:4e:f3:7c:0f:64:
         c0:a7:fb:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a46Z/54ZLfvdMxvAVMzPFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4N2MzMmUyNDk1ZTc3NDk2ZmMyMDJiMzAzMTY0YmE0MDhl
NWQxMjIwHhcNMjYwNDE3MTAwMTQzWhcNMjYwNDE4MTAwMTQzWjAzMTEwLwYDVQQD
EygzMDQ2OGU1N2UyZjU2YjM5NTNkM2Q3YzI4MjdlYWZiMjg2NDA4ODVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAVoJekAJLaqeszOH/fn5cKtl8Eo
iQK9Ou0bj2z17lol8mtMI0vejMtUI8zaUoEy9nGigsWwhtZMoojq25Qj0Ax7zb8/
jUeWf8vGnHUWVFSVyI2fve+3foIAxO7a3Bg4o6AIoznVcY6C5fPIWq0c5wkwisuD
+g+YctEsIrtgT/IJ09qX/O4wHrdGsCw+kS1lOzMqHt/BYFPWI62DUL4fAsF0Z4zR
QrwxUt7n2WaGUuFrRDw6VShx3qXYMfghXE2p/GOhsgqkFvQ4PtvyQwtdCts8sLj2
i5t0hV6iAAMowHGbICiVK3xp9rvfR8bFIRenwogtwcReTFEaBAXISxbxRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDBGjlfi9Ws5U9PXwoJ+r7KGQIhdMB8GA1UdIwQY
MBaAFNh8MuJJXndJb8ICswMWS6QI5dEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAt
NzI0M2I5ODRhNjE1LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAtNzI0M2I5ODRhNjE1
LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAtRl4dHU
+kA9SA2P78UYsewxdmuJP/EcYPWjINYgdF+UqFoAXbewFU3zE3JmudWY4gz94DFv
cv70kGiy4jgavDzZ0i96VZlDMn15UG3pe3yXbJdAG0bVK6W9UFhg8bXlmQ1mT0We
c6T2Uoae5Up3Si5iymXxzjoYE7rUoqcg+s1jGCDZkwWrLkFPRE8zlNXnc0kmq8tK
+WlxIvaRUUU6i8AzaQqoajx6M5D1hhPIvBtSV3XzB2Ge2uKcZpRrNBFDYlBpb84Y
+KBjSwibHIfKxtahHoPlwUSDv2sdDf66cXrqzl985i2UAYK87rvfYGE8EEaQkZb/
Xk7zfA9kwKf7JA==
-----END CERTIFICATE-----