Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
File:                     aEdQ3w66d01LTWROyOM1CPj1OP4.mft (raw, json)
Hash identifier:          BQc+TxfaEu3CIkAEolJ8RMnbgxRxtdjKXCtiEAsW4Ys=
Subject key identifier:   4F:E0:BB:F2:3E:FC:BC:C3:04:E5:38:77:AE:EE:B2:D4:15:3C:DB:50
Authority key identifier: 68:47:50:DF:0E:BA:77:4D:4B:4D:64:4E:C8:E3:35:08:F8:F5:38:FE
Certificate issuer:       /CN=684750df0eba774d4b4d644ec8e33508f8f538fe
Certificate serial:       019D99993C559463A2FC6E47BAB866EB3E9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
Manifest number:          096A
Signing time:             Fri 17 Apr 2026 04:00:49 +0000
Manifest this update:     Fri 17 Apr 2026 04:00:49 +0000
Manifest next update:     Sat 18 Apr 2026 04:00:49 +0000
Files and hashes:         1: aEdQ3w66d01LTWROyOM1CPj1OP4.crl (hash: SgX9cMJNftKpUruwEw9Zb9N57HrYpngZJsgws5N26FQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:99:3c:55:94:63:a2:fc:6e:47:ba:b8:66:eb:3e:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=684750df0eba774d4b4d644ec8e33508f8f538fe
        Validity
            Not Before: Apr 17 04:00:49 2026 GMT
            Not After : Apr 18 04:00:49 2026 GMT
        Subject: CN=4fe0bbf23efcbcc304e53877aeeeb2d4153cdb50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:e2:d9:16:6e:9c:b2:10:6d:53:25:6e:eb:2c:
                    a5:8b:46:79:ff:49:5c:5d:34:f1:f3:b5:24:f8:f7:
                    d1:dd:36:bb:a9:d1:e7:8e:e2:2c:57:78:e0:59:f2:
                    12:3f:ba:05:94:10:1f:83:98:7a:cd:bd:c6:8a:ad:
                    05:be:2d:78:aa:8c:00:d2:d4:ce:ad:9f:41:79:f2:
                    f4:63:9b:0f:2b:68:d3:9d:8b:d6:a1:ea:8d:dc:ad:
                    af:1f:7d:26:24:e2:f8:67:8b:6d:60:e3:91:55:63:
                    fc:cb:d2:4d:bf:79:07:9f:45:1a:0d:9a:eb:b6:01:
                    28:2c:0c:bf:f9:27:e5:95:14:41:a4:be:78:01:29:
                    e3:f6:68:30:34:2e:50:5e:b3:e6:52:15:fc:e3:84:
                    ae:50:af:25:70:20:a2:7a:23:d8:46:ad:4f:fa:81:
                    05:f1:e2:0a:28:80:c3:31:3f:cd:4e:09:dc:34:f9:
                    b8:2f:20:b3:12:f1:a0:6a:86:9d:b5:42:c9:ea:0a:
                    d9:62:64:93:84:08:27:ca:56:48:61:2c:f1:88:48:
                    0f:7d:8c:4e:5f:c5:26:dc:57:82:83:7c:c9:aa:7a:
                    53:e8:cb:6f:5a:7d:9a:c5:53:2e:50:66:c5:76:73:
                    4f:a3:e3:cd:09:ee:71:83:2e:48:7c:71:a0:13:af:
                    6a:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:E0:BB:F2:3E:FC:BC:C3:04:E5:38:77:AE:EE:B2:D4:15:3C:DB:50
            X509v3 Authority Key Identifier:
                keyid:68:47:50:DF:0E:BA:77:4D:4B:4D:64:4E:C8:E3:35:08:F8:F5:38:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:55:ee:df:05:9f:e8:f5:12:23:d4:01:65:4c:3e:f4:78:a0:
         1d:cb:92:44:46:91:af:43:85:23:f1:96:2a:cc:2d:d0:ff:74:
         0d:86:32:4f:5c:2f:87:50:64:12:6f:0a:03:e7:68:0e:39:74:
         08:a0:f2:cc:fe:7f:f9:15:80:70:e1:8c:45:ef:c2:49:9c:79:
         9b:f5:2e:7f:92:12:73:d1:e1:1f:af:bf:f0:07:05:fe:48:99:
         b3:68:1d:e2:84:79:2e:26:fc:f6:9b:a6:08:00:9d:16:48:40:
         b6:f0:18:ac:27:56:75:3a:f3:9d:78:50:0c:17:af:cd:9c:8c:
         09:42:7d:12:7d:f5:82:da:cb:ad:b5:e9:db:f8:26:6f:fa:d5:
         cd:62:00:d5:8e:fb:e5:a2:2c:ec:e2:cc:54:e8:70:aa:d9:91:
         82:74:57:79:1f:9a:11:10:75:b2:e0:7e:3b:01:21:24:88:ac:
         bc:cd:54:bf:b0:34:48:a9:9c:78:c1:8d:06:54:b7:70:f9:53:
         c1:67:72:f5:c2:d1:9e:6a:f9:1f:ef:09:5b:75:cf:32:c2:dc:
         24:40:9d:94:e0:88:32:61:8e:91:aa:81:b2:01:0c:2f:33:e3:
         d5:2d:00:93:1e:48:3d:0d:0e:d4:91:e0:5c:f0:20:aa:63:08:
         f9:0f:33:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmTxVlGOi/G5Hurhm6z6cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NDc1MGRmMGViYTc3NGQ0YjRkNjQ0ZWM4ZTMzNTA4Zjhm
NTM4ZmUwHhcNMjYwNDE3MDQwMDQ5WhcNMjYwNDE4MDQwMDQ5WjAzMTEwLwYDVQQD
Eyg0ZmUwYmJmMjNlZmNiY2MzMDRlNTM4NzdhZWVlYjJkNDE1M2NkYjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeLZFm6cshBtUyVu6yyli0Z5/0lc
XTTx87Uk+PfR3Ta7qdHnjuIsV3jgWfISP7oFlBAfg5h6zb3Giq0Fvi14qowA0tTO
rZ9BefL0Y5sPK2jTnYvWoeqN3K2vH30mJOL4Z4ttYOORVWP8y9JNv3kHn0UaDZrr
tgEoLAy/+SfllRRBpL54ASnj9mgwNC5QXrPmUhX844SuUK8lcCCieiPYRq1P+oEF
8eIKKIDDMT/NTgncNPm4LyCzEvGgaoadtULJ6grZYmSThAgnylZIYSzxiEgPfYxO
X8Um3FeCg3zJqnpT6MtvWn2axVMuUGbFdnNPo+PNCe5xgy5IfHGgE69quQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE/gu/I+/LzDBOU4d67ustQVPNtQMB8GA1UdIwQY
MBaAFGhHUN8OundNS01kTsjjNQj49Tj+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85OTAxZmUtNTJjMS00ZDViLTllMGYt
ZDMyNWY2ODYzMzQzLzEvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85OTAxZmUtNTJjMS00ZDViLTllMGYtZDMyNWY2ODYzMzQz
LzEvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX1Xu3wWf
6PUSI9QBZUw+9HigHcuSREaRr0OFI/GWKswt0P90DYYyT1wvh1BkEm8KA+doDjl0
CKDyzP5/+RWAcOGMRe/CSZx5m/Uuf5ISc9HhH6+/8AcF/kiZs2gd4oR5Lib89pum
CACdFkhAtvAYrCdWdTrznXhQDBevzZyMCUJ9En31gtrLrbXp2/gmb/rVzWIA1Y77
5aIs7OLMVOhwqtmRgnRXeR+aERB1suB+OwEhJIisvM1Uv7A0SKmceMGNBlS3cPlT
wWdy9cLRnmr5H+8JW3XPMsLcJECdlOCIMmGOkaqBsgEMLzPj1S0Akx5IPQ0O1JHg
XPAgqmMI+Q8zDQ==
-----END CERTIFICATE-----