Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
File:                     oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft (raw, json)
Hash identifier:          3eD9cNoX3ML7X2Q5ezPs+39UkdI6I7GT3d+qmef/rBA=
Subject key identifier:   29:D0:C4:20:0F:A1:D4:D8:4B:3F:33:B8:49:A7:E1:F0:60:23:A1:41
Authority key identifier: A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A
Certificate issuer:       /CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a
Certificate serial:       019DA3E60843553DDA0E48EEA53A223487CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
Manifest number:          18C4
Signing time:             Sun 19 Apr 2026 04:00:54 +0000
Manifest this update:     Sun 19 Apr 2026 04:00:54 +0000
Manifest next update:     Mon 20 Apr 2026 04:00:54 +0000
Files and hashes:         1: oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl (hash: /euK/FZP9j9aOC0LaLofozNKOp4V/tZR8wkD2T74GrU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 04:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:e6:08:43:55:3d:da:0e:48:ee:a5:3a:22:34:87:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a
        Validity
            Not Before: Apr 19 04:00:54 2026 GMT
            Not After : Apr 20 04:00:54 2026 GMT
        Subject: CN=29d0c4200fa1d4d84b3f33b849a7e1f06023a141
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:d2:e7:fd:f4:3e:90:ec:f5:a9:c0:7e:79:f0:
                    4c:bd:94:ad:bd:b8:55:dc:50:47:8e:ed:d4:42:8e:
                    fb:b0:20:af:0d:3d:5f:e5:ac:9e:e1:04:0a:32:1f:
                    30:fa:e2:25:12:c1:9a:2d:37:02:0d:0d:1d:0b:58:
                    7b:e5:d3:11:46:c9:25:12:82:d4:16:7b:08:fe:39:
                    3a:54:45:14:84:50:b8:f3:c9:59:b9:14:0e:90:07:
                    62:14:af:72:85:da:b2:34:10:93:94:e9:89:54:bc:
                    6c:62:78:fd:a3:fb:f1:5a:9c:be:67:2d:6e:fc:83:
                    72:50:3b:2f:33:3b:8f:21:97:49:dd:a2:99:0e:27:
                    50:69:ef:07:e1:91:34:7b:88:53:1c:87:a0:1d:0e:
                    41:00:57:9d:53:d0:32:ab:d6:12:3d:84:a6:ec:3a:
                    38:5e:4b:cb:6a:6e:5b:70:39:d3:71:36:86:d7:54:
                    ef:31:40:c4:0c:49:fd:8d:e5:fd:89:db:ca:a2:1c:
                    d7:5d:8a:f9:2e:b3:92:06:43:52:04:f2:67:aa:0c:
                    a1:d5:6a:e5:c5:bd:aa:8a:2a:1f:df:a0:ca:cb:33:
                    b8:70:83:c0:81:57:22:ac:f3:fa:6f:f6:55:2e:c0:
                    8e:eb:03:c5:8e:9d:66:aa:bf:21:6c:02:99:b6:2d:
                    d6:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:D0:C4:20:0F:A1:D4:D8:4B:3F:33:B8:49:A7:E1:F0:60:23:A1:41
            X509v3 Authority Key Identifier:
                keyid:A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:9b:2d:0a:3a:56:60:6e:8d:39:79:8b:16:1c:fb:66:e5:ca:
         96:35:62:9b:b9:28:67:b6:5d:28:db:7e:3b:35:e4:11:90:6b:
         c2:e0:31:f6:e7:d5:11:f4:1d:c1:24:7f:28:6f:3e:72:08:23:
         4e:ad:87:04:1c:44:95:62:85:2c:20:94:f7:05:94:a8:34:25:
         cf:0a:cc:d4:85:f8:ef:f3:fa:fd:d8:6b:d5:0c:6b:da:93:62:
         09:20:1c:8f:b7:72:0d:1c:16:29:32:e7:db:62:1e:c2:6e:ce:
         bb:06:06:80:2f:c1:ea:36:46:26:f5:d5:4a:77:3f:2c:7b:49:
         bf:18:c2:23:77:cb:7f:c4:db:b0:27:58:f8:84:f4:dd:9b:8f:
         e8:d1:c6:fb:06:f5:0e:e1:43:ac:73:20:ff:48:f7:bc:21:0e:
         71:04:26:f0:40:d6:2f:18:8f:27:79:fe:93:78:47:fb:9c:89:
         2b:c2:c5:19:78:0f:f3:a0:a4:43:95:e5:87:bb:f5:d3:c5:23:
         a6:52:8b:bc:ff:c8:42:11:9c:60:f3:11:c7:8d:a2:36:59:36:
         f3:34:9c:51:7f:d2:16:ba:49:54:45:09:4f:d6:dd:db:82:0c:
         1d:03:61:bf:5c:aa:c2:ac:04:d1:6a:a7:86:91:36:77:a5:71:
         8b:a2:10:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2j5ghDVT3aDkjupToiNIfLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMzU3YTdkMGYwMzJlOWNkZDRhMDMxZDUyZDNiNDA0N2Mw
Mzk0MWEwHhcNMjYwNDE5MDQwMDU0WhcNMjYwNDIwMDQwMDU0WjAzMTEwLwYDVQQD
EygyOWQwYzQyMDBmYTFkNGQ4NGIzZjMzYjg0OWE3ZTFmMDYwMjNhMTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNLn/fQ+kOz1qcB+efBMvZStvbhV
3FBHju3UQo77sCCvDT1f5aye4QQKMh8w+uIlEsGaLTcCDQ0dC1h75dMRRsklEoLU
FnsI/jk6VEUUhFC488lZuRQOkAdiFK9yhdqyNBCTlOmJVLxsYnj9o/vxWpy+Zy1u
/INyUDsvMzuPIZdJ3aKZDidQae8H4ZE0e4hTHIegHQ5BAFedU9Ayq9YSPYSm7Do4
XkvLam5bcDnTcTaG11TvMUDEDEn9jeX9idvKohzXXYr5LrOSBkNSBPJnqgyh1Wrl
xb2qiiof36DKyzO4cIPAgVcirPP6b/ZVLsCO6wPFjp1mqr8hbAKZti3WEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCnQxCAPodTYSz8zuEmn4fBgI6FBMB8GA1UdIwQY
MBaAFKE1en0PAy6c3UoDHVLTtAR8A5QaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYt
YTBiNmFkNjcxZWUzLzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYtYTBiNmFkNjcxZWUz
LzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUZstCjpW
YG6NOXmLFhz7ZuXKljVim7koZ7ZdKNt+OzXkEZBrwuAx9ufVEfQdwSR/KG8+cggj
Tq2HBBxElWKFLCCU9wWUqDQlzwrM1IX47/P6/dhr1Qxr2pNiCSAcj7dyDRwWKTLn
22Iewm7OuwYGgC/B6jZGJvXVSnc/LHtJvxjCI3fLf8TbsCdY+IT03ZuP6NHG+wb1
DuFDrHMg/0j3vCEOcQQm8EDWLxiPJ3n+k3hH+5yJK8LFGXgP86CkQ5Xlh7v108Uj
plKLvP/IQhGcYPMRx42iNlk28zScUX/SFrpJVEUJT9bd24IMHQNhv1yqwqwE0Wqn
hpE2d6Vxi6IQ/g==
-----END CERTIFICATE-----