Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft
File:                     tWpL1vXr8vf_2ajRzZparN5iKFw.mft (raw, json)
Hash identifier:          TekEiBVw7W5771GUCyajlueanWmpNdluSCXAbSoLpLA=
Subject key identifier:   5D:8D:F0:9B:F8:C7:3B:AC:54:0B:29:E3:FB:92:57:4D:F1:51:D0:94
Authority key identifier: B5:6A:4B:D6:F5:EB:F2:F7:FF:D9:A8:D1:CD:9A:5A:AC:DE:62:28:5C
Certificate issuer:       /CN=b56a4bd6f5ebf2f7ffd9a8d1cd9a5aacde62285c
Certificate serial:       019DA3411F3DF366A87D09E16BBC73EA257E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tWpL1vXr8vf_2ajRzZparN5iKFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft
Manifest number:          0A80
Signing time:             Sun 19 Apr 2026 01:00:47 +0000
Manifest this update:     Sun 19 Apr 2026 01:00:47 +0000
Manifest next update:     Mon 20 Apr 2026 01:00:47 +0000
Files and hashes:         1: tWpL1vXr8vf_2ajRzZparN5iKFw.crl (hash: nQlOKn8SQpfiL5Ku+QYLR6qlw22rxaBL+1C7ijkHV2A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tWpL1vXr8vf_2ajRzZparN5iKFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 01:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:41:1f:3d:f3:66:a8:7d:09:e1:6b:bc:73:ea:25:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b56a4bd6f5ebf2f7ffd9a8d1cd9a5aacde62285c
        Validity
            Not Before: Apr 19 01:00:47 2026 GMT
            Not After : Apr 20 01:00:47 2026 GMT
        Subject: CN=5d8df09bf8c73bac540b29e3fb92574df151d094
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:1e:82:18:a7:04:c8:15:17:83:f7:17:2f:8f:
                    54:5b:fe:7f:bb:8d:ec:c1:30:08:4f:bc:df:55:c3:
                    d9:f5:ff:7f:61:8d:c3:c6:bd:b9:a1:2d:a9:a7:6f:
                    02:d5:8d:44:ad:f0:8e:b6:b0:2c:0d:b5:ca:24:e6:
                    a9:bb:30:4b:d5:53:1c:52:4b:07:d8:d0:4c:1b:04:
                    0a:ea:4b:46:f7:50:76:83:61:c5:1c:c5:d0:02:85:
                    46:44:49:1b:63:15:1f:0e:57:0d:7d:12:0c:a5:2f:
                    53:f5:03:f8:3e:dd:7a:fe:c5:80:18:d3:ef:6e:2f:
                    55:56:af:12:ce:92:5a:08:59:d1:c9:3b:54:c2:48:
                    2e:91:f4:8b:c3:af:a3:6c:75:66:9e:17:d8:56:96:
                    db:ba:f6:3a:40:61:12:68:5e:2c:01:0e:cb:3d:9c:
                    00:71:33:2b:1d:db:75:e8:c1:53:7c:22:79:d7:2f:
                    ee:40:cf:f6:5d:12:90:82:8d:32:a5:71:ed:0f:f5:
                    ca:06:9d:dc:d8:30:10:36:0e:04:44:57:14:c2:b0:
                    3b:d0:61:c9:90:2b:69:01:90:82:5a:c5:88:54:02:
                    93:dc:a3:33:03:58:69:4d:f2:b4:c7:9f:76:b2:8f:
                    96:d7:26:91:c7:a1:c6:21:0a:66:cd:a8:66:3a:1a:
                    6d:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:8D:F0:9B:F8:C7:3B:AC:54:0B:29:E3:FB:92:57:4D:F1:51:D0:94
            X509v3 Authority Key Identifier:
                keyid:B5:6A:4B:D6:F5:EB:F2:F7:FF:D9:A8:D1:CD:9A:5A:AC:DE:62:28:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tWpL1vXr8vf_2ajRzZparN5iKFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:f4:6b:5b:c2:68:99:00:57:be:6a:bf:83:25:ee:77:b8:b1:
         6f:10:d5:bb:28:59:a4:3c:4d:82:35:c5:05:95:d0:80:c5:63:
         88:c8:5b:62:3d:6e:90:26:ed:af:88:03:d3:7c:eb:40:5e:c5:
         54:a3:af:60:af:ce:d8:af:a6:7a:d7:9c:d4:1f:8e:fd:b0:61:
         7d:9c:68:da:d5:80:32:20:21:4b:9e:e4:49:d1:85:69:dd:2b:
         40:bf:47:e2:62:11:d5:a6:bb:f7:56:52:63:51:56:08:ed:40:
         9d:e1:67:c4:d9:2d:49:26:05:da:55:fc:67:f3:25:58:a6:bc:
         7c:85:85:a3:61:fe:4e:50:e4:8b:69:f1:e3:32:87:26:89:22:
         16:49:b1:a0:5c:f4:71:9f:05:c1:16:d0:d9:69:3d:f3:f2:6f:
         a2:d8:b3:83:b1:2c:3e:20:f5:a3:da:ad:7b:12:78:5f:14:94:
         f9:7a:e6:3b:e4:c2:7e:02:94:27:74:4b:51:ec:bb:b8:2d:83:
         68:34:01:45:bf:aa:75:ba:5c:38:a1:53:d6:96:4f:e6:93:9a:
         b0:46:88:bf:ed:46:80:7e:38:5d:76:1e:98:e7:48:0b:d3:92:
         ca:3b:1e:18:69:73:14:d6:73:d8:cb:3d:09:69:8a:d2:1d:eb:
         4f:53:fa:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jQR8982aofQnha7xz6iV+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NmE0YmQ2ZjVlYmYyZjdmZmQ5YThkMWNkOWE1YWFjZGU2
MjI4NWMwHhcNMjYwNDE5MDEwMDQ3WhcNMjYwNDIwMDEwMDQ3WjAzMTEwLwYDVQQD
Eyg1ZDhkZjA5YmY4YzczYmFjNTQwYjI5ZTNmYjkyNTc0ZGYxNTFkMDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuh6CGKcEyBUXg/cXL49UW/5/u43s
wTAIT7zfVcPZ9f9/YY3Dxr25oS2pp28C1Y1ErfCOtrAsDbXKJOapuzBL1VMcUksH
2NBMGwQK6ktG91B2g2HFHMXQAoVGREkbYxUfDlcNfRIMpS9T9QP4Pt16/sWAGNPv
bi9VVq8SzpJaCFnRyTtUwkgukfSLw6+jbHVmnhfYVpbbuvY6QGESaF4sAQ7LPZwA
cTMrHdt16MFTfCJ51y/uQM/2XRKQgo0ypXHtD/XKBp3c2DAQNg4ERFcUwrA70GHJ
kCtpAZCCWsWIVAKT3KMzA1hpTfK0x592so+W1yaRx6HGIQpmzahmOhptWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF2N8Jv4xzusVAsp4/uSV03xUdCUMB8GA1UdIwQY
MBaAFLVqS9b16/L3/9mo0c2aWqzeYihcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFdwTDF2WHI4dmZfMmFqUnpacGFyTjVpS0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kZGU3MzYtMjczMC00YmZlLWE1YjMt
MDgyZTExMzYzZjBhLzEvdFdwTDF2WHI4dmZfMmFqUnpacGFyTjVpS0Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kZGU3MzYtMjczMC00YmZlLWE1YjMtMDgyZTExMzYzZjBh
LzEvdFdwTDF2WHI4dmZfMmFqUnpacGFyTjVpS0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhPRrW8Jo
mQBXvmq/gyXud7ixbxDVuyhZpDxNgjXFBZXQgMVjiMhbYj1ukCbtr4gD03zrQF7F
VKOvYK/O2K+metec1B+O/bBhfZxo2tWAMiAhS57kSdGFad0rQL9H4mIR1aa791ZS
Y1FWCO1AneFnxNktSSYF2lX8Z/MlWKa8fIWFo2H+TlDki2nx4zKHJokiFkmxoFz0
cZ8FwRbQ2Wk98/Jvotizg7EsPiD1o9qtexJ4XxSU+XrmO+TCfgKUJ3RLUey7uC2D
aDQBRb+qdbpcOKFT1pZP5pOasEaIv+1GgH44XXYemOdIC9OSyjseGGlzFNZz2Ms9
CWmK0h3rT1P6zA==
-----END CERTIFICATE-----