Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft
File:                     435CoUa5C6fNMxrWoT7vHaL7pEA.mft (raw, json)
Hash identifier:          T3kfGBq3ebD4MLE5Tv9vQ3356o5Yt3SukJG1n8rFfu4=
Subject key identifier:   73:D9:B9:F3:5D:2A:1B:54:6B:95:A6:FE:58:C6:66:83:01:D4:39:A9
Authority key identifier: E3:7E:42:A1:46:B9:0B:A7:CD:33:1A:D6:A1:3E:EF:1D:A2:FB:A4:40
Certificate issuer:       /CN=e37e42a146b90ba7cd331ad6a13eef1da2fba440
Certificate serial:       019D999985CF944AE8BA718132DB76420E3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/435CoUa5C6fNMxrWoT7vHaL7pEA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft
Manifest number:          0ACE
Signing time:             Fri 17 Apr 2026 04:01:08 +0000
Manifest this update:     Fri 17 Apr 2026 04:01:08 +0000
Manifest next update:     Sat 18 Apr 2026 04:01:08 +0000
Files and hashes:         1: 435CoUa5C6fNMxrWoT7vHaL7pEA.crl (hash: BnHXr9vEFETt5+Eg8NP3AyrEimHnpXi6YAFSZTp9KdM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/435CoUa5C6fNMxrWoT7vHaL7pEA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:99:85:cf:94:4a:e8:ba:71:81:32:db:76:42:0e:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e37e42a146b90ba7cd331ad6a13eef1da2fba440
        Validity
            Not Before: Apr 17 04:01:08 2026 GMT
            Not After : Apr 18 04:01:08 2026 GMT
        Subject: CN=73d9b9f35d2a1b546b95a6fe58c6668301d439a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:0a:28:39:96:9c:1c:f8:55:f6:5d:56:be:10:
                    58:80:2e:af:8d:ca:a3:7a:46:30:9d:38:9d:a9:1f:
                    22:67:bc:ab:a7:24:76:aa:d1:48:e1:a8:38:fd:9c:
                    be:ad:42:06:f2:65:8e:61:9e:26:d0:1c:9d:cf:32:
                    a7:1f:11:a0:a0:f2:35:9c:a2:b8:63:40:a1:10:49:
                    60:d1:20:af:1d:f3:b8:d7:84:1e:66:9f:fd:7a:02:
                    a0:57:9e:51:95:78:d1:72:6a:c8:79:6a:98:74:2f:
                    f4:7b:2f:77:40:84:bc:82:dc:02:d0:80:a2:55:4f:
                    93:81:cb:d1:e0:ad:bc:70:99:60:1a:83:d6:c6:89:
                    28:00:96:64:eb:13:86:fa:78:a0:9d:ac:39:7c:a9:
                    f2:5f:18:b3:b3:43:82:18:19:08:39:66:0d:ee:b9:
                    c1:e9:3c:95:83:e7:d6:ab:ac:a5:14:9d:bc:6e:6e:
                    0c:80:3f:58:a1:00:7b:93:dd:26:da:43:21:cd:0d:
                    36:6f:63:2d:44:58:e8:d4:bf:b7:34:f8:37:54:b2:
                    56:e9:ee:fd:68:61:ae:ef:84:c9:20:67:56:6d:ef:
                    dc:c2:5e:b2:af:e2:19:6e:b3:09:14:2a:8e:b0:76:
                    d6:27:f3:41:4d:9b:68:16:ca:16:74:ce:c3:f6:d6:
                    ab:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:D9:B9:F3:5D:2A:1B:54:6B:95:A6:FE:58:C6:66:83:01:D4:39:A9
            X509v3 Authority Key Identifier:
                keyid:E3:7E:42:A1:46:B9:0B:A7:CD:33:1A:D6:A1:3E:EF:1D:A2:FB:A4:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/435CoUa5C6fNMxrWoT7vHaL7pEA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:0f:52:7f:0d:de:af:08:9b:ad:aa:32:04:a2:f7:12:10:ce:
         66:2a:0c:96:03:43:0b:a5:3a:75:ba:22:2d:f7:69:af:a8:9b:
         a5:d1:dd:a2:28:88:df:1e:ee:06:fb:c5:70:92:6c:18:d7:d0:
         73:e5:d8:2e:f9:68:79:16:a1:a5:b1:4b:56:06:2a:e1:4a:e5:
         64:74:ca:b1:48:db:95:6b:0f:8b:42:21:7f:16:f1:ac:fc:df:
         a0:89:77:81:ed:22:8c:39:1f:12:7d:44:bd:44:03:6a:a8:43:
         5b:1d:8b:99:f4:c6:03:43:82:9c:39:e6:bf:b1:a9:37:d9:b9:
         e4:16:13:4d:f1:42:83:b6:ad:37:a3:a9:c1:2e:77:f3:fe:7b:
         55:2d:25:48:1a:ad:f3:0f:87:92:81:c5:bb:55:cb:59:68:3c:
         a7:88:6d:50:99:be:5f:b6:13:f8:19:bd:18:d4:ec:04:45:8a:
         77:6e:b7:fd:61:05:6a:0f:b2:71:92:91:bb:06:5c:e8:57:f5:
         33:cf:01:87:ec:95:67:c7:86:54:8e:bf:70:d3:1b:cd:66:f4:
         9f:a8:be:1d:61:39:2c:0a:42:c8:75:04:ae:32:f6:d0:cb:cf:
         e4:44:bf:9a:ab:6c:3a:9a:ba:da:b3:81:59:7d:3e:2b:8d:82:
         32:49:f9:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmYXPlErounGBMtt2Qg4+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzN2U0MmExNDZiOTBiYTdjZDMzMWFkNmExM2VlZjFkYTJm
YmE0NDAwHhcNMjYwNDE3MDQwMTA4WhcNMjYwNDE4MDQwMTA4WjAzMTEwLwYDVQQD
Eyg3M2Q5YjlmMzVkMmExYjU0NmI5NWE2ZmU1OGM2NjY4MzAxZDQzOWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4AooOZacHPhV9l1WvhBYgC6vjcqj
ekYwnTidqR8iZ7yrpyR2qtFI4ag4/Zy+rUIG8mWOYZ4m0BydzzKnHxGgoPI1nKK4
Y0ChEElg0SCvHfO414QeZp/9egKgV55RlXjRcmrIeWqYdC/0ey93QIS8gtwC0ICi
VU+TgcvR4K28cJlgGoPWxokoAJZk6xOG+nignaw5fKnyXxizs0OCGBkIOWYN7rnB
6TyVg+fWq6ylFJ28bm4MgD9YoQB7k90m2kMhzQ02b2MtRFjo1L+3NPg3VLJW6e79
aGGu74TJIGdWbe/cwl6yr+IZbrMJFCqOsHbWJ/NBTZtoFsoWdM7D9tarxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHPZufNdKhtUa5Wm/ljGZoMB1DmpMB8GA1UdIwQY
MBaAFON+QqFGuQunzTMa1qE+7x2i+6RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDM1Q29VYTVDNmZOTXhyV29UN3ZIYUw3cEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8zZWNlNzYtMDU3NS00NmIxLTk0YmYt
MDYzMjlmNmUwNDc1LzEvNDM1Q29VYTVDNmZOTXhyV29UN3ZIYUw3cEVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8zZWNlNzYtMDU3NS00NmIxLTk0YmYtMDYzMjlmNmUwNDc1
LzEvNDM1Q29VYTVDNmZOTXhyV29UN3ZIYUw3cEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdA9Sfw3e
rwibraoyBKL3EhDOZioMlgNDC6U6dboiLfdpr6ibpdHdoiiI3x7uBvvFcJJsGNfQ
c+XYLvloeRahpbFLVgYq4UrlZHTKsUjblWsPi0IhfxbxrPzfoIl3ge0ijDkfEn1E
vUQDaqhDWx2LmfTGA0OCnDnmv7GpN9m55BYTTfFCg7atN6OpwS538/57VS0lSBqt
8w+HkoHFu1XLWWg8p4htUJm+X7YT+Bm9GNTsBEWKd263/WEFag+ycZKRuwZc6Ff1
M88Bh+yVZ8eGVI6/cNMbzWb0n6i+HWE5LApCyHUErjL20MvP5ES/mqtsOpq62rOB
WX0+K42CMkn5JA==
-----END CERTIFICATE-----