Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.mft
File:                     T5mJlOtWGejymrO956sq0U6r_P0.mft (raw, json)
Hash identifier:          4RJAw2oxUDcfHYZhl5uCjK3uitf8QKitNgNuZ61EY9U=
Subject key identifier:   7E:3C:6E:EA:64:27:ED:6C:18:B1:DE:F3:00:8A:C0:9D:60:CC:4D:89
Authority key identifier: 4F:99:89:94:EB:56:19:E8:F2:9A:B3:BD:E7:AB:2A:D1:4E:AB:FC:FD
Certificate issuer:       /CN=4f998994eb5619e8f29ab3bde7ab2ad14eabfcfd
Certificate serial:       019D9C2C771794FA0FEFB2B49B653736C357
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T5mJlOtWGejymrO956sq0U6r_P0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 16:00:52 +0000
Manifest this update:     Fri 17 Apr 2026 16:00:52 +0000
Manifest next update:     Sat 18 Apr 2026 16:00:52 +0000
Files and hashes:         1: T5mJlOtWGejymrO956sq0U6r_P0.crl (hash: Kn4YM+NXnkUtlYcfVZmd0uS7mGxBhFxHrp1yNahVd6U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T5mJlOtWGejymrO956sq0U6r_P0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 16:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9c:2c:77:17:94:fa:0f:ef:b2:b4:9b:65:37:36:c3:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f998994eb5619e8f29ab3bde7ab2ad14eabfcfd
        Validity
            Not Before: Apr 17 16:00:52 2026 GMT
            Not After : Apr 18 16:00:52 2026 GMT
        Subject: CN=7e3c6eea6427ed6c18b1def3008ac09d60cc4d89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:67:32:78:69:18:c7:bc:7f:bd:94:41:af:b9:
                    9a:35:02:0f:56:a4:a7:ab:ce:68:42:67:81:d3:ac:
                    cb:91:46:e3:f4:7c:75:40:03:34:72:05:90:52:f5:
                    0f:f6:a7:8e:04:34:30:ab:3d:23:4a:de:96:2f:8d:
                    4e:ae:68:56:42:c4:29:e6:b4:58:25:a2:8c:b4:c3:
                    36:6d:63:6d:19:7a:ed:9f:b6:6c:8e:76:d8:8e:26:
                    93:9a:c9:bf:c7:6a:cf:7e:1c:53:b3:49:ee:31:df:
                    9d:1d:b5:40:b9:31:6d:67:44:3d:92:fa:94:d7:e4:
                    b8:8d:d7:aa:a7:77:ca:c2:73:52:03:55:e2:79:f1:
                    6f:dd:a4:15:fa:98:3f:55:b9:ae:c8:ce:e9:73:9a:
                    57:85:7f:3e:c0:62:63:34:a3:3b:69:d8:f1:72:78:
                    cd:4d:57:a1:67:8e:50:37:46:2c:0a:e7:2e:d0:29:
                    18:04:61:10:9c:b2:8f:c7:d2:f9:a7:0e:ad:58:28:
                    29:30:69:c4:45:98:2f:70:28:32:4f:75:d3:ed:c1:
                    41:a5:0f:d2:cd:77:40:6c:b7:c0:a2:11:1f:46:6e:
                    7e:f2:cb:87:ce:d8:99:0d:19:87:a9:b2:ad:b5:6c:
                    e1:94:a4:29:8e:48:5e:89:5b:39:66:62:32:a2:ef:
                    e2:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:3C:6E:EA:64:27:ED:6C:18:B1:DE:F3:00:8A:C0:9D:60:CC:4D:89
            X509v3 Authority Key Identifier:
                keyid:4F:99:89:94:EB:56:19:E8:F2:9A:B3:BD:E7:AB:2A:D1:4E:AB:FC:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5mJlOtWGejymrO956sq0U6r_P0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c487-f8fb-4035-9e28-4468d12f322b/1/T5mJlOtWGejymrO956sq0U6r_P0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c3:be:15:15:de:f0:f8:4d:cf:95:f9:02:de:65:a1:be:db:1c:
         16:a4:09:e0:f4:b6:32:69:e0:9f:c4:39:71:5f:82:03:9f:05:
         a3:50:48:70:f6:f0:cc:05:e0:15:47:71:64:0e:96:d5:fa:13:
         d2:6d:a6:8a:a4:11:1d:71:c1:1b:13:4b:3b:14:02:50:a9:9e:
         77:b9:f3:0a:14:65:9b:5c:27:1d:a8:1e:1d:3c:9a:b3:7c:0b:
         a7:46:df:59:92:f2:1e:43:18:e1:16:fc:b7:4d:bb:84:fc:8c:
         5c:b8:e5:76:ff:16:e4:70:d5:98:04:74:29:c5:c0:2e:38:2a:
         3a:6c:a7:75:44:0f:71:ce:79:2a:d2:f1:ee:c8:4f:3b:ec:23:
         53:14:e3:f3:a1:1b:38:89:39:3f:5c:c5:fa:3e:77:92:2a:53:
         32:2e:ae:ea:40:01:eb:e6:87:a2:ec:d6:79:f5:b8:2b:2f:3b:
         5f:72:6a:ca:95:eb:b3:c4:2b:a5:84:e2:3d:d1:6b:9b:36:6e:
         8d:e3:09:4e:8c:bb:9c:0a:4d:4c:8e:d1:9a:b6:39:99:83:6e:
         1c:b0:c8:ee:04:be:b4:47:3a:0e:79:f0:73:61:d1:34:73:ec:
         3a:46:59:bf:cf:c0:99:33:e5:f8:b8:1e:33:c1:0c:0c:89:a1:
         4e:41:f9:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2cLHcXlPoP77K0m2U3NsNXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTk4OTk0ZWI1NjE5ZThmMjlhYjNiZGU3YWIyYWQxNGVh
YmZjZmQwHhcNMjYwNDE3MTYwMDUyWhcNMjYwNDE4MTYwMDUyWjAzMTEwLwYDVQQD
Eyg3ZTNjNmVlYTY0MjdlZDZjMThiMWRlZjMwMDhhYzA5ZDYwY2M0ZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5WcyeGkYx7x/vZRBr7maNQIPVqSn
q85oQmeB06zLkUbj9Hx1QAM0cgWQUvUP9qeOBDQwqz0jSt6WL41OrmhWQsQp5rRY
JaKMtMM2bWNtGXrtn7ZsjnbYjiaTmsm/x2rPfhxTs0nuMd+dHbVAuTFtZ0Q9kvqU
1+S4jdeqp3fKwnNSA1XiefFv3aQV+pg/VbmuyM7pc5pXhX8+wGJjNKM7adjxcnjN
TVehZ45QN0YsCucu0CkYBGEQnLKPx9L5pw6tWCgpMGnERZgvcCgyT3XT7cFBpQ/S
zXdAbLfAohEfRm5+8suHztiZDRmHqbKttWzhlKQpjkheiVs5ZmIyou/iqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH48bupkJ+1sGLHe8wCKwJ1gzE2JMB8GA1UdIwQY
MBaAFE+ZiZTrVhno8pqzveerKtFOq/z9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVtSmxPdFdHZWp5bXJPOTU2c3EwVTZyX1AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M0ODctZjhmYi00MDM1LTllMjgt
NDQ2OGQxMmYzMjJiLzEvVDVtSmxPdFdHZWp5bXJPOTU2c3EwVTZyX1AwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M0ODctZjhmYi00MDM1LTllMjgtNDQ2OGQxMmYzMjJi
LzEvVDVtSmxPdFdHZWp5bXJPOTU2c3EwVTZyX1AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAw74VFd7w
+E3PlfkC3mWhvtscFqQJ4PS2Mmngn8Q5cV+CA58Fo1BIcPbwzAXgFUdxZA6W1foT
0m2miqQRHXHBGxNLOxQCUKmed7nzChRlm1wnHageHTyas3wLp0bfWZLyHkMY4Rb8
t027hPyMXLjldv8W5HDVmAR0KcXALjgqOmyndUQPcc55KtLx7shPO+wjUxTj86Eb
OIk5P1zF+j53kipTMi6u6kAB6+aHouzWefW4Ky87X3JqypXrs8QrpYTiPdFrmzZu
jeMJToy7nApNTI7RmrY5mYNuHLDI7gS+tEc6Dnnwc2HRNHPsOkZZv8/AmTPl+Lge
M8EMDImhTkH5oQ==
-----END CERTIFICATE-----