Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft
File:                     U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft (raw, json)
Hash identifier:          tnAaAUbs+9SkBykbSAoKd97duVfkV4d28UnKjcNSJgI=
Subject key identifier:   55:3C:16:26:9F:C9:0B:67:39:8D:E6:7D:82:CC:A3:9C:F4:3F:B2:74
Authority key identifier: 53:A3:C4:EE:67:0D:CE:A6:8B:4D:79:EA:6C:31:85:FE:02:9D:97:B6
Certificate issuer:       /CN=53a3c4ee670dcea68b4d79ea6c3185fe029d97b6
Certificate serial:       019D999980CF3176197C27CC5B3BBFDDD149
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft
Manifest number:          15E4
Signing time:             Fri 17 Apr 2026 04:01:07 +0000
Manifest this update:     Fri 17 Apr 2026 04:01:07 +0000
Manifest next update:     Sat 18 Apr 2026 04:01:07 +0000
Files and hashes:         1: U6PE7mcNzqaLTXnqbDGF_gKdl7Y.crl (hash: PM8/lng1KLXZCkuC5mN7B8tSLrDj7d2eLZIxFhhAAfQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:99:80:cf:31:76:19:7c:27:cc:5b:3b:bf:dd:d1:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53a3c4ee670dcea68b4d79ea6c3185fe029d97b6
        Validity
            Not Before: Apr 17 04:01:07 2026 GMT
            Not After : Apr 18 04:01:07 2026 GMT
        Subject: CN=553c16269fc90b67398de67d82cca39cf43fb274
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:28:39:f7:cf:86:f6:a6:8b:14:75:61:dc:df:
                    7d:db:e9:d1:19:90:aa:3e:97:9b:77:1f:f2:b6:b9:
                    63:d3:37:72:80:73:c8:57:c4:76:40:d8:f6:31:61:
                    fa:f4:6d:ba:8e:61:58:18:23:74:27:cb:e9:85:37:
                    1e:33:ab:ff:ab:e6:4f:5b:bf:9a:a9:8d:be:54:b9:
                    b4:bc:41:92:b8:74:e3:31:46:79:81:ee:d7:2b:19:
                    dd:85:d4:1c:92:0f:fd:1b:6e:a3:ae:c2:72:a8:db:
                    0a:ea:fa:3a:af:01:21:ac:38:22:f4:80:35:13:4e:
                    7a:77:49:81:27:a8:2d:08:69:0b:93:e8:27:15:7a:
                    bb:a3:9a:6c:c7:b2:33:34:ba:f3:65:38:0f:69:74:
                    fe:df:a8:a0:88:16:0c:97:df:2d:3b:d1:b1:0c:60:
                    5b:d5:a6:60:d5:39:fd:b8:18:ba:e4:14:fe:4b:c1:
                    8e:49:39:ad:f9:f2:e3:20:50:d7:3a:a7:ec:4d:9a:
                    2a:3b:55:6e:c4:da:39:a2:05:df:da:78:a3:7c:53:
                    6a:31:7b:f6:a7:84:7a:fa:b2:c2:d2:f7:78:2f:fe:
                    f8:e3:87:73:19:f5:08:bb:48:c3:f0:ea:56:36:43:
                    d2:4a:19:be:cb:d5:77:04:d5:f5:77:cf:7f:50:f0:
                    15:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:3C:16:26:9F:C9:0B:67:39:8D:E6:7D:82:CC:A3:9C:F4:3F:B2:74
            X509v3 Authority Key Identifier:
                keyid:53:A3:C4:EE:67:0D:CE:A6:8B:4D:79:EA:6C:31:85:FE:02:9D:97:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/fa4e30-fd64-486a-bb62-044c32531ad3/1/U6PE7mcNzqaLTXnqbDGF_gKdl7Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:e2:c2:65:40:dd:6a:fb:5c:d8:90:45:77:74:51:bb:1d:89:
         8a:08:a6:dd:8a:70:98:97:02:fd:cd:74:39:3e:cf:0e:cb:19:
         09:18:e3:11:8f:8f:75:55:d1:a1:bb:ea:a4:ca:69:dc:d7:b9:
         44:e4:b5:0f:92:0e:0d:4a:a9:d2:dc:4f:7d:23:fb:1c:d9:95:
         b5:8f:9a:b8:d2:a0:51:a8:73:4d:89:32:c8:dc:bd:46:e7:da:
         8f:22:00:38:5b:6c:50:73:13:74:5a:dc:0f:71:d6:48:d5:90:
         a2:63:81:0c:4c:10:74:1e:63:db:4e:45:b4:db:ec:fe:04:f0:
         e1:87:14:e6:3b:35:3a:96:f1:7e:38:c5:d6:32:95:98:f2:a4:
         cc:b3:32:9f:96:85:7e:88:e7:17:8a:e9:71:95:a9:bf:ba:41:
         b8:f1:59:35:6b:79:ac:51:d7:08:1f:90:0f:71:ac:75:42:a3:
         5f:86:e3:df:e2:90:02:48:02:4f:5e:ac:a5:63:9a:3c:58:2e:
         f8:68:5d:34:ca:cd:89:a4:29:9b:78:3c:4a:8f:21:5f:c6:0b:
         ec:5c:77:c1:83:68:0e:cc:94:42:ee:87:8a:cd:4d:f6:9e:0c:
         b6:fb:87:41:4d:4a:da:4a:94:83:7a:94:a4:ab:be:1e:4d:d3:
         cf:fa:ed:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmYDPMXYZfCfMWzu/3dFJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYTNjNGVlNjcwZGNlYTY4YjRkNzllYTZjMzE4NWZlMDI5
ZDk3YjYwHhcNMjYwNDE3MDQwMTA3WhcNMjYwNDE4MDQwMTA3WjAzMTEwLwYDVQQD
Eyg1NTNjMTYyNjlmYzkwYjY3Mzk4ZGU2N2Q4MmNjYTM5Y2Y0M2ZiMjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoig598+G9qaLFHVh3N992+nRGZCq
Ppebdx/ytrlj0zdygHPIV8R2QNj2MWH69G26jmFYGCN0J8vphTceM6v/q+ZPW7+a
qY2+VLm0vEGSuHTjMUZ5ge7XKxndhdQckg/9G26jrsJyqNsK6vo6rwEhrDgi9IA1
E056d0mBJ6gtCGkLk+gnFXq7o5psx7IzNLrzZTgPaXT+36igiBYMl98tO9GxDGBb
1aZg1Tn9uBi65BT+S8GOSTmt+fLjIFDXOqfsTZoqO1VuxNo5ogXf2nijfFNqMXv2
p4R6+rLC0vd4L/7444dzGfUIu0jD8OpWNkPSShm+y9V3BNX1d89/UPAVMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFU8FiafyQtnOY3mfYLMo5z0P7J0MB8GA1UdIwQY
MBaAFFOjxO5nDc6mi0156mwxhf4CnZe2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTZQRTdtY056cWFMVFhucWJER0ZfZ0tkbDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9mYTRlMzAtZmQ2NC00ODZhLWJiNjIt
MDQ0YzMyNTMxYWQzLzEvVTZQRTdtY056cWFMVFhucWJER0ZfZ0tkbDdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9mYTRlMzAtZmQ2NC00ODZhLWJiNjItMDQ0YzMyNTMxYWQz
LzEvVTZQRTdtY056cWFMVFhucWJER0ZfZ0tkbDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmOLCZUDd
avtc2JBFd3RRux2Jigim3YpwmJcC/c10OT7PDssZCRjjEY+PdVXRobvqpMpp3Ne5
ROS1D5IODUqp0txPfSP7HNmVtY+auNKgUahzTYkyyNy9RufajyIAOFtsUHMTdFrc
D3HWSNWQomOBDEwQdB5j205FtNvs/gTw4YcU5js1OpbxfjjF1jKVmPKkzLMyn5aF
fojnF4rpcZWpv7pBuPFZNWt5rFHXCB+QD3GsdUKjX4bj3+KQAkgCT16spWOaPFgu
+GhdNMrNiaQpm3g8So8hX8YL7Fx3wYNoDsyUQu6His1N9p4MtvuHQU1K2kqUg3qU
pKu+Hk3Tz/rtDQ==
-----END CERTIFICATE-----