Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft
File:                     SVfItkDqWWxdEac7PSZu54w_Cds.mft (raw, json)
Hash identifier:          VakL8DlkjhCEuWi5W/iWzn1Zmg5IZD07+TLwAvHRSBM=
Subject key identifier:   DE:D9:A7:FA:0B:B6:58:0F:38:88:3C:85:72:90:B4:0D:A8:F4:64:F9
Authority key identifier: 49:57:C8:B6:40:EA:59:6C:5D:11:A7:3B:3D:26:6E:E7:8C:3F:09:DB
Certificate issuer:       /CN=4957c8b640ea596c5d11a73b3d266ee78c3f09db
Certificate serial:       019D97AB41E5E1F17ECAE17C43EC020DAF32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft
Manifest number:          0B4E
Signing time:             Thu 16 Apr 2026 19:01:16 +0000
Manifest this update:     Thu 16 Apr 2026 19:01:16 +0000
Manifest next update:     Fri 17 Apr 2026 19:01:16 +0000
Files and hashes:         1: SVfItkDqWWxdEac7PSZu54w_Cds.crl (hash: QCeneOJ1lhPN7RHYirIT5fkhspQZtjqP3tYi23pfIls=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 19:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:97:ab:41:e5:e1:f1:7e:ca:e1:7c:43:ec:02:0d:af:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4957c8b640ea596c5d11a73b3d266ee78c3f09db
        Validity
            Not Before: Apr 16 19:01:16 2026 GMT
            Not After : Apr 17 19:01:16 2026 GMT
        Subject: CN=ded9a7fa0bb6580f38883c857290b40da8f464f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:5d:86:1a:40:31:5a:ff:f2:c3:50:6a:a5:2b:
                    bd:49:b2:7f:45:e5:db:bc:8f:57:36:ad:d6:62:7c:
                    00:47:65:83:39:de:c4:be:0b:56:fc:22:ae:8f:96:
                    76:16:2c:2e:5f:de:1c:09:a6:97:62:5e:4d:b0:e9:
                    cd:09:2b:cb:1b:87:6f:d2:61:ff:71:85:80:11:15:
                    5d:58:f6:fb:85:94:4d:cf:3a:42:63:35:bc:74:7e:
                    39:ca:c2:8a:ad:fa:e8:bd:ba:18:1e:81:53:41:76:
                    24:bd:83:2d:ef:b4:01:cc:b7:07:38:0b:92:58:e4:
                    24:db:5f:3b:01:53:db:e4:fa:71:53:6d:8c:65:89:
                    7e:b7:51:7f:c7:5e:da:55:13:fb:85:4b:3f:f9:43:
                    09:69:e8:da:b5:8c:ff:e0:a2:24:8f:d2:21:f0:86:
                    3b:d9:7b:36:dc:57:b5:d8:11:4d:c6:b4:57:c4:79:
                    ee:54:f3:1d:2d:de:be:5a:fe:30:ec:c0:2c:83:e6:
                    0b:de:02:0f:cc:80:de:12:f7:4f:97:c7:1f:16:74:
                    b8:31:cb:b8:b1:43:fa:4f:41:08:c3:4d:ee:ae:3c:
                    8b:17:d9:85:64:1b:9b:d9:b0:28:01:00:84:fe:f5:
                    96:a4:18:e7:67:64:75:94:17:1c:87:13:c4:57:f1:
                    3e:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:D9:A7:FA:0B:B6:58:0F:38:88:3C:85:72:90:B4:0D:A8:F4:64:F9
            X509v3 Authority Key Identifier:
                keyid:49:57:C8:B6:40:EA:59:6C:5D:11:A7:3B:3D:26:6E:E7:8C:3F:09:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:76:53:c3:e3:2b:c5:1e:b9:fe:d4:ff:ac:89:90:09:ce:b0:
         e2:56:82:b3:7f:2d:89:51:10:3c:8e:7b:ab:9c:51:6c:1e:ff:
         1c:8e:1e:ab:62:6c:7a:78:70:d9:8d:5c:30:bd:12:eb:10:96:
         5d:a8:4a:20:3b:79:19:a1:7d:8a:d6:3e:c8:8e:31:a7:2c:e4:
         2b:cd:e7:56:19:23:58:85:b1:84:d0:d1:6e:c5:9c:38:b9:95:
         cb:c0:73:43:3c:75:67:34:b3:5b:6f:b0:f7:a3:6f:95:51:a6:
         97:eb:92:c7:cc:40:98:f7:6e:61:2d:10:71:fb:46:6e:31:e2:
         f9:44:49:77:06:3c:05:a8:e1:bf:a6:0c:66:e5:37:93:5f:6b:
         5f:39:e8:a9:ae:12:21:a1:64:43:ac:88:51:30:1b:d1:dd:4c:
         c4:ee:62:de:da:82:70:3f:9d:f6:11:59:b0:20:54:14:db:97:
         8e:63:21:cf:87:1b:46:cd:28:18:ca:a7:69:03:b3:07:91:88:
         87:bd:d9:01:2f:13:2b:dd:d7:59:db:9a:fa:6c:fd:c6:04:aa:
         e8:47:08:28:2f:a2:0e:62:7b:8f:2d:f2:b1:0e:a7:2a:5e:5f:
         25:a0:29:1e:11:3c:83:8f:ab:09:62:f1:2e:01:ba:28:9b:26:
         d9:50:5c:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Xq0Hl4fF+yuF8Q+wCDa8yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NTdjOGI2NDBlYTU5NmM1ZDExYTczYjNkMjY2ZWU3OGMz
ZjA5ZGIwHhcNMjYwNDE2MTkwMTE2WhcNMjYwNDE3MTkwMTE2WjAzMTEwLwYDVQQD
EyhkZWQ5YTdmYTBiYjY1ODBmMzg4ODNjODU3MjkwYjQwZGE4ZjQ2NGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnV2GGkAxWv/yw1BqpSu9SbJ/ReXb
vI9XNq3WYnwAR2WDOd7EvgtW/CKuj5Z2FiwuX94cCaaXYl5NsOnNCSvLG4dv0mH/
cYWAERVdWPb7hZRNzzpCYzW8dH45ysKKrfrovboYHoFTQXYkvYMt77QBzLcHOAuS
WOQk2187AVPb5PpxU22MZYl+t1F/x17aVRP7hUs/+UMJaejatYz/4KIkj9Ih8IY7
2Xs23Fe12BFNxrRXxHnuVPMdLd6+Wv4w7MAsg+YL3gIPzIDeEvdPl8cfFnS4Mcu4
sUP6T0EIw03urjyLF9mFZBub2bAoAQCE/vWWpBjnZ2R1lBcchxPEV/E+sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN7Zp/oLtlgPOIg8hXKQtA2o9GT5MB8GA1UdIwQY
MBaAFElXyLZA6llsXRGnOz0mbueMPwnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wY2VlYzMtNDgyYS00MWE1LTk3ZWIt
YmZlMWUxNzNkOGYwLzEvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8wY2VlYzMtNDgyYS00MWE1LTk3ZWItYmZlMWUxNzNkOGYw
LzEvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASHZTw+Mr
xR65/tT/rImQCc6w4laCs38tiVEQPI57q5xRbB7/HI4eq2Jsenhw2Y1cML0S6xCW
XahKIDt5GaF9itY+yI4xpyzkK83nVhkjWIWxhNDRbsWcOLmVy8BzQzx1ZzSzW2+w
96NvlVGml+uSx8xAmPduYS0QcftGbjHi+URJdwY8Bajhv6YMZuU3k19rXznoqa4S
IaFkQ6yIUTAb0d1MxO5i3tqCcD+d9hFZsCBUFNuXjmMhz4cbRs0oGMqnaQOzB5GI
h73ZAS8TK93XWdua+mz9xgSq6EcIKC+iDmJ7jy3ysQ6nKl5fJaApHhE8g4+rCWLx
LgG6KJsm2VBcXg==
-----END CERTIFICATE-----