Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/e0201f-8d18-48fd-a677-0d270462b7d7/1/9efoeENmtHGmpODICA-PENrmalA.mft
File:                     9efoeENmtHGmpODICA-PENrmalA.mft (raw, json)
Hash identifier:          6znpzv6M+SEoQAdJnbOE8Hpg3lKpbZbtQvcBs0xI92I=
Subject key identifier:   4F:1B:1C:CF:6D:C4:AD:21:61:9D:BD:04:27:2A:AB:9C:44:7F:7C:9C
Authority key identifier: F5:E7:E8:78:43:66:B4:71:A6:A4:E0:C8:08:0F:8F:10:DA:E6:6A:50
Certificate issuer:       /CN=f5e7e8784366b471a6a4e0c8080f8f10dae66a50
Certificate serial:       019DA566B3069BEBE2E09E257F9957572C46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9efoeENmtHGmpODICA-PENrmalA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/e0201f-8d18-48fd-a677-0d270462b7d7/1/9efoeENmtHGmpODICA-PENrmalA.mft
Manifest number:          10CC
Signing time:             Sun 19 Apr 2026 11:01:04 +0000
Manifest this update:     Sun 19 Apr 2026 11:01:04 +0000
Manifest next update:     Mon 20 Apr 2026 11:01:04 +0000
Files and hashes:         1: 9efoeENmtHGmpODICA-PENrmalA.crl (hash: 6l3lAdKj8kfEufUPQ5QOMrOJeIpvCzd/spQ3QMtWvvM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/e0201f-8d18-48fd-a677-0d270462b7d7/1/9efoeENmtHGmpODICA-PENrmalA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/e0201f-8d18-48fd-a677-0d270462b7d7/1/9efoeENmtHGmpODICA-PENrmalA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9efoeENmtHGmpODICA-PENrmalA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 04:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a5:66:b3:06:9b:eb:e2:e0:9e:25:7f:99:57:57:2c:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5e7e8784366b471a6a4e0c8080f8f10dae66a50
        Validity
            Not Before: Apr 19 11:01:04 2026 GMT
            Not After : Apr 20 11:01:04 2026 GMT
        Subject: CN=4f1b1ccf6dc4ad21619dbd04272aab9c447f7c9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:a7:68:bb:ed:9b:71:74:a2:64:dc:eb:9c:50:
                    f4:64:ba:f3:04:ee:d0:df:e7:be:e6:1e:f1:c6:f0:
                    95:b5:90:90:2a:b8:c7:ea:73:08:82:f6:ba:dd:c8:
                    66:93:64:80:c4:7a:ed:c8:62:45:ba:44:d7:9a:91:
                    3d:d1:d4:dd:37:56:92:9f:a0:d1:68:87:18:6a:1e:
                    bc:c4:dd:fa:de:76:60:9d:a6:b9:df:77:d6:9f:3c:
                    01:da:b1:9d:4a:d7:3a:6d:b9:5c:d8:b0:60:df:e1:
                    df:6a:4b:c3:42:c8:8b:80:c2:83:8c:9e:28:3b:59:
                    bb:d8:51:d4:67:91:a6:6b:2a:4e:5f:b4:6b:12:50:
                    24:fb:8c:c9:7e:14:43:d8:d0:34:14:ea:95:13:fe:
                    94:3e:08:75:03:3e:73:e1:40:80:be:9a:66:7b:8a:
                    34:27:1e:87:97:4d:af:b8:2f:ed:22:9c:a8:d2:c1:
                    5e:cd:4f:5d:7c:36:cf:94:88:f6:53:c0:1c:f9:ff:
                    c9:f0:7b:96:75:aa:b3:a7:e0:c8:23:9c:f6:f3:b1:
                    b7:53:45:45:3b:0b:0b:d4:fc:84:78:90:2e:71:92:
                    05:24:d7:75:f7:0b:dc:1b:fa:b9:2a:3a:e3:e3:57:
                    ea:fe:fd:c8:86:03:53:47:47:6b:2b:86:7f:e1:a6:
                    dc:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:1B:1C:CF:6D:C4:AD:21:61:9D:BD:04:27:2A:AB:9C:44:7F:7C:9C
            X509v3 Authority Key Identifier:
                keyid:F5:E7:E8:78:43:66:B4:71:A6:A4:E0:C8:08:0F:8F:10:DA:E6:6A:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9efoeENmtHGmpODICA-PENrmalA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/e0201f-8d18-48fd-a677-0d270462b7d7/1/9efoeENmtHGmpODICA-PENrmalA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/e0201f-8d18-48fd-a677-0d270462b7d7/1/9efoeENmtHGmpODICA-PENrmalA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:ec:bb:f2:f6:8c:be:5b:ee:ac:e9:d5:ba:1b:3b:65:d2:0c:
         f7:d3:90:76:19:9f:1c:5a:44:0c:88:fd:c8:47:e3:0c:b8:1d:
         89:2d:6b:cc:0e:34:93:d9:0e:f0:de:ac:fe:35:7f:b3:68:a5:
         17:1f:8d:01:e3:4b:7b:35:cb:33:be:82:c3:b3:93:bf:85:49:
         df:08:df:e8:05:8f:c3:1f:ed:28:ad:29:81:b7:7a:cf:08:68:
         bc:c9:c0:df:4a:61:87:04:a8:bb:09:aa:c6:70:99:8a:c6:3a:
         31:c2:aa:4f:9f:68:13:f9:5d:e3:70:3e:0c:35:4b:29:e2:71:
         ec:e3:2a:ae:75:25:54:70:b8:70:90:0c:b4:08:0f:34:2c:a4:
         c3:dc:a4:d5:d6:b1:da:26:95:d1:24:c8:4b:05:f7:28:17:18:
         70:da:f3:d2:8f:7d:90:6a:c8:8e:83:39:50:3f:af:23:f8:b6:
         85:ac:e8:21:e3:e6:e7:43:48:48:b5:bd:df:f0:37:a5:cf:0b:
         52:eb:6b:48:0d:cd:9b:90:e5:e8:bd:f3:7a:ad:35:fe:7c:9f:
         70:b5:a4:8b:5f:3c:ce:c1:fe:4e:62:3d:3c:f7:15:2a:67:0c:
         bb:bb:78:08:df:6e:cf:ce:ae:08:a8:65:ad:c7:b9:dc:1c:5a:
         93:25:70:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2lZrMGm+vi4J4lf5lXVyxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZTdlODc4NDM2NmI0NzFhNmE0ZTBjODA4MGY4ZjEwZGFl
NjZhNTAwHhcNMjYwNDE5MTEwMTA0WhcNMjYwNDIwMTEwMTA0WjAzMTEwLwYDVQQD
Eyg0ZjFiMWNjZjZkYzRhZDIxNjE5ZGJkMDQyNzJhYWI5YzQ0N2Y3YzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwadou+2bcXSiZNzrnFD0ZLrzBO7Q
3+e+5h7xxvCVtZCQKrjH6nMIgva63chmk2SAxHrtyGJFukTXmpE90dTdN1aSn6DR
aIcYah68xN363nZgnaa533fWnzwB2rGdStc6bblc2LBg3+HfakvDQsiLgMKDjJ4o
O1m72FHUZ5GmaypOX7RrElAk+4zJfhRD2NA0FOqVE/6UPgh1Az5z4UCAvppme4o0
Jx6Hl02vuC/tIpyo0sFezU9dfDbPlIj2U8Ac+f/J8HuWdaqzp+DII5z287G3U0VF
OwsL1PyEeJAucZIFJNd19wvcG/q5Kjrj41fq/v3IhgNTR0drK4Z/4abcNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE8bHM9txK0hYZ29BCcqq5xEf3ycMB8GA1UdIwQY
MBaAFPXn6HhDZrRxpqTgyAgPjxDa5mpQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWVmb2VFTm10SEdtcE9ESUNBLVBFTnJtYWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9lMDIwMWYtOGQxOC00OGZkLWE2Nzct
MGQyNzA0NjJiN2Q3LzEvOWVmb2VFTm10SEdtcE9ESUNBLVBFTnJtYWxBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9lMDIwMWYtOGQxOC00OGZkLWE2NzctMGQyNzA0NjJiN2Q3
LzEvOWVmb2VFTm10SEdtcE9ESUNBLVBFTnJtYWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq+y78vaM
vlvurOnVuhs7ZdIM99OQdhmfHFpEDIj9yEfjDLgdiS1rzA40k9kO8N6s/jV/s2il
Fx+NAeNLezXLM76Cw7OTv4VJ3wjf6AWPwx/tKK0pgbd6zwhovMnA30phhwSouwmq
xnCZisY6McKqT59oE/ld43A+DDVLKeJx7OMqrnUlVHC4cJAMtAgPNCykw9yk1dax
2iaV0STISwX3KBcYcNrz0o99kGrIjoM5UD+vI/i2hazoIePm50NISLW93/A3pc8L
UutrSA3Nm5Dl6L3zeq01/nyfcLWki188zsH+TmI9PPcVKmcMu7t4CN9uz86uCKhl
rce53BxakyVwQQ==
-----END CERTIFICATE-----