Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
File:                     O4RSPDky4tGYBGI0uWLg3FGr9YY.mft (raw, json)
Hash identifier:          yh5K2HnBJdGQw3h4CERTnT3gVrjNtcmYPXY3D2iohSU=
Subject key identifier:   6E:BA:30:AF:EE:E6:2B:79:12:AE:A7:79:F4:12:15:71:82:28:F7:99
Authority key identifier: 3B:84:52:3C:39:32:E2:D1:98:04:62:34:B9:62:E0:DC:51:AB:F5:86
Certificate issuer:       /CN=3b84523c3932e2d198046234b962e0dc51abf586
Certificate serial:       019DA29D1F9B362CE250EBE67DAC3AE42FBF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
Manifest number:          18C5
Signing time:             Sat 18 Apr 2026 22:01:39 +0000
Manifest this update:     Sat 18 Apr 2026 22:01:39 +0000
Manifest next update:     Sun 19 Apr 2026 22:01:39 +0000
Files and hashes:         1: O4RSPDky4tGYBGI0uWLg3FGr9YY.crl (hash: rWm9gHYMilz1IzKFRocy5+6ljxxPY6fzg9f632351O0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 19 Apr 2026 22:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a2:9d:1f:9b:36:2c:e2:50:eb:e6:7d:ac:3a:e4:2f:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b84523c3932e2d198046234b962e0dc51abf586
        Validity
            Not Before: Apr 18 22:01:39 2026 GMT
            Not After : Apr 19 22:01:39 2026 GMT
        Subject: CN=6eba30afeee62b7912aea779f41215718228f799
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:d5:6d:e6:32:9e:f0:17:70:5d:0c:b8:b8:82:
                    0e:7b:bf:5f:36:95:bc:cb:69:7f:3b:e4:98:0b:48:
                    0c:80:b2:2e:22:d7:ad:cc:d1:10:3f:cc:f2:c8:14:
                    6f:e5:93:10:f9:68:da:7b:a6:9f:65:9a:26:b2:7f:
                    7d:51:8b:eb:ac:4c:74:42:46:8f:b1:5c:95:e6:c7:
                    1a:a5:60:2d:f8:58:d1:ee:d4:9a:1b:00:98:7f:81:
                    18:24:35:b7:63:02:39:c0:1a:6e:53:cc:9d:4a:ea:
                    25:a9:3e:96:02:5d:e1:61:cf:9d:ee:f1:42:49:b1:
                    0e:5a:16:4e:80:7c:a8:f9:ef:17:e1:bb:1e:e1:aa:
                    48:35:2b:fb:96:91:35:eb:f4:ee:bc:31:0e:8e:99:
                    e1:2d:e4:86:06:09:de:ae:05:2e:03:35:3d:86:16:
                    23:24:8d:52:00:7e:c7:4d:d7:7b:bc:81:a2:c1:25:
                    de:85:81:b0:90:e9:87:ee:db:e5:61:33:39:db:92:
                    be:73:d4:36:85:c7:fc:e4:f4:60:18:9e:32:01:b8:
                    de:50:47:31:3e:9e:50:94:06:95:ce:ec:40:15:c7:
                    63:53:0f:46:08:4f:0b:af:db:f0:7d:7f:b3:d1:25:
                    b6:e0:11:ee:03:f6:93:e0:85:3b:2d:c6:a5:69:ce:
                    d2:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:BA:30:AF:EE:E6:2B:79:12:AE:A7:79:F4:12:15:71:82:28:F7:99
            X509v3 Authority Key Identifier:
                keyid:3B:84:52:3C:39:32:E2:D1:98:04:62:34:B9:62:E0:DC:51:AB:F5:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:2e:b6:02:da:93:d7:54:88:82:8e:86:32:8b:7c:44:24:10:
         4d:69:cc:04:f8:9f:25:12:08:6c:d5:df:ba:6e:6a:f2:57:87:
         a9:b6:b2:1e:47:ba:d0:46:00:06:1d:1e:99:6a:a3:df:85:84:
         3e:b3:22:f4:bf:9d:4d:9b:f2:13:f1:f9:27:7b:e5:36:dd:44:
         a7:7c:45:bd:2d:f6:64:93:3b:06:bc:50:16:90:05:40:82:f2:
         9f:f9:77:98:ee:b8:42:8f:67:4c:ef:70:19:18:f5:0f:5b:b1:
         82:50:56:12:f0:fb:38:f0:33:03:bc:cb:a0:c1:a9:12:aa:2a:
         82:16:a5:6c:e2:67:69:7d:82:b3:43:eb:4e:2f:23:96:3b:fa:
         16:f0:6f:76:85:96:9f:58:81:96:e5:13:5d:3d:57:d4:de:3d:
         25:20:8f:be:56:85:0f:0b:0e:40:af:a3:44:d8:d9:89:c2:0c:
         a9:d6:c8:f0:27:17:07:b5:c3:2c:5a:97:bf:1a:41:c5:cf:54:
         23:c6:33:19:5d:ff:4e:20:77:f2:8f:b9:bd:41:5a:42:0f:8e:
         ef:27:1e:32:cd:bb:84:28:d5:bc:72:1f:4f:d2:27:6b:04:c6:
         b1:d4:c8:ff:c6:38:30:b6:47:f4:70:db:0c:8b:3b:34:1a:a6:
         c2:07:20:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2inR+bNiziUOvmfaw65C+/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiODQ1MjNjMzkzMmUyZDE5ODA0NjIzNGI5NjJlMGRjNTFh
YmY1ODYwHhcNMjYwNDE4MjIwMTM5WhcNMjYwNDE5MjIwMTM5WjAzMTEwLwYDVQQD
Eyg2ZWJhMzBhZmVlZTYyYjc5MTJhZWE3NzlmNDEyMTU3MTgyMjhmNzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9Vt5jKe8BdwXQy4uIIOe79fNpW8
y2l/O+SYC0gMgLIuItetzNEQP8zyyBRv5ZMQ+Wjae6afZZomsn99UYvrrEx0QkaP
sVyV5scapWAt+FjR7tSaGwCYf4EYJDW3YwI5wBpuU8ydSuolqT6WAl3hYc+d7vFC
SbEOWhZOgHyo+e8X4bse4apINSv7lpE16/TuvDEOjpnhLeSGBgnergUuAzU9hhYj
JI1SAH7HTdd7vIGiwSXehYGwkOmH7tvlYTM525K+c9Q2hcf85PRgGJ4yAbjeUEcx
Pp5QlAaVzuxAFcdjUw9GCE8Lr9vwfX+z0SW24BHuA/aT4IU7Lcalac7SKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG66MK/u5it5Eq6nefQSFXGCKPeZMB8GA1UdIwQY
MBaAFDuEUjw5MuLRmARiNLli4NxRq/WGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82NDBhNWUtZWQ1Mi00N2IwLWJjZmYt
YmRmNWM3ODA3NDJlLzEvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82NDBhNWUtZWQ1Mi00N2IwLWJjZmYtYmRmNWM3ODA3NDJl
LzEvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqS62AtqT
11SIgo6GMot8RCQQTWnMBPifJRIIbNXfum5q8leHqbayHke60EYABh0emWqj34WE
PrMi9L+dTZvyE/H5J3vlNt1Ep3xFvS32ZJM7BrxQFpAFQILyn/l3mO64Qo9nTO9w
GRj1D1uxglBWEvD7OPAzA7zLoMGpEqoqghalbOJnaX2Cs0PrTi8jljv6FvBvdoWW
n1iBluUTXT1X1N49JSCPvlaFDwsOQK+jRNjZicIMqdbI8CcXB7XDLFqXvxpBxc9U
I8YzGV3/TiB38o+5vUFaQg+O7yceMs27hCjVvHIfT9InawTGsdTI/8Y4MLZH9HDb
DIs7NBqmwgcgqg==
-----END CERTIFICATE-----