Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
File:                     U3YJ5EhhINufF7bT10v4VfJxV18.mft (raw, json)
Hash identifier:          5bbbEU2g4Z58KG+rHz3xQrKQuXTVh4lKZ5pIwjmkNlg=
Subject key identifier:   21:32:EF:E5:80:A4:4B:CE:2B:F7:BA:D2:F0:AC:8F:92:4E:B5:FB:2A
Authority key identifier: 53:76:09:E4:48:61:20:DB:9F:17:B6:D3:D7:4B:F8:55:F2:71:57:5F
Certificate issuer:       /CN=537609e4486120db9f17b6d3d74bf855f271575f
Certificate serial:       019D98F4B78754D3CE24B66797CE2B2CFDD9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
Manifest number:          0F3F
Signing time:             Fri 17 Apr 2026 01:01:07 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:07 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:07 +0000
Files and hashes:         1: U3YJ5EhhINufF7bT10v4VfJxV18.crl (hash: y2QZLKMXIZkDK5l1tjRUVB8V6qzWrL1YkFinYwyAZd4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:b7:87:54:d3:ce:24:b6:67:97:ce:2b:2c:fd:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=537609e4486120db9f17b6d3d74bf855f271575f
        Validity
            Not Before: Apr 17 01:01:07 2026 GMT
            Not After : Apr 18 01:01:07 2026 GMT
        Subject: CN=2132efe580a44bce2bf7bad2f0ac8f924eb5fb2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:47:4a:c3:60:23:9c:0d:ba:5c:b3:65:4e:56:
                    c3:e8:58:1e:89:3d:8b:8d:d6:6c:c3:55:cc:89:cc:
                    47:fe:3f:f6:e3:a8:f8:04:c5:2d:28:1b:ac:17:1a:
                    e9:9d:81:16:48:65:fa:fb:bb:28:23:67:88:0b:a2:
                    83:c4:7c:16:3e:1c:0f:f0:cb:fd:88:8b:2d:10:24:
                    70:09:98:5d:bb:6c:0a:ac:07:ed:e4:28:0d:b3:07:
                    5c:2b:7d:89:98:d8:38:f9:57:74:82:3b:15:44:d3:
                    72:55:0b:a7:e3:f7:d4:79:07:3a:11:f0:dc:57:e3:
                    a2:e5:6e:52:b7:ff:0a:04:6f:fa:f6:51:82:24:f9:
                    1f:20:0a:15:a4:44:e2:44:b0:8a:38:98:7f:45:e5:
                    17:66:7e:51:42:5d:cc:9a:11:a5:e6:c9:7a:c6:3a:
                    87:bb:13:ea:90:69:3d:38:fd:64:51:2f:06:fa:25:
                    84:16:18:a6:77:85:9c:e1:77:5b:24:a8:6a:b3:ed:
                    fc:9e:46:91:af:26:90:aa:38:9d:b1:e1:7b:7f:bd:
                    a5:fe:d2:ec:99:a1:6f:74:17:1c:43:de:c4:9c:40:
                    5d:13:92:85:1d:bb:05:5c:76:81:ee:21:d7:12:02:
                    82:25:df:c6:70:0e:de:c0:a2:9c:6e:cd:32:70:2d:
                    01:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:32:EF:E5:80:A4:4B:CE:2B:F7:BA:D2:F0:AC:8F:92:4E:B5:FB:2A
            X509v3 Authority Key Identifier:
                keyid:53:76:09:E4:48:61:20:DB:9F:17:B6:D3:D7:4B:F8:55:F2:71:57:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:d8:89:6a:85:39:69:71:72:72:04:2b:75:1f:57:50:d3:20:
         af:bd:ff:a0:ca:d3:b5:7f:83:b6:2c:3c:39:87:d4:b2:57:60:
         ee:02:f9:7e:34:9d:b6:58:78:d0:67:e6:b8:f6:a7:78:7d:27:
         e5:ed:fb:02:62:76:a3:1e:77:fa:24:a6:f8:7c:2e:58:49:df:
         97:fb:14:2e:ee:d7:ee:e7:b3:cc:5a:ee:e2:5e:9e:5e:ea:ee:
         b0:4b:bf:0d:0f:0f:1d:6d:73:28:2f:d3:7f:6a:07:2b:14:b0:
         5c:49:c0:7a:77:64:47:51:90:f2:16:67:f3:0e:ce:33:fc:90:
         92:57:28:ee:24:40:f5:65:f2:b1:69:87:03:04:9d:50:f6:79:
         f7:30:c5:40:82:ff:0e:65:b8:68:7e:5c:f9:16:2f:a7:37:25:
         da:79:e1:02:de:23:10:77:cd:7b:1f:34:94:f3:d9:dd:aa:0b:
         57:e4:fb:54:5c:47:71:70:fd:d1:8b:ff:71:81:bc:5e:17:94:
         31:65:e8:19:68:5c:3b:ea:6c:d3:1c:94:bf:a4:ed:bc:5b:ce:
         d4:92:68:82:b4:b5:88:64:66:bc:fc:5c:0b:b3:f2:1e:bb:1a:
         27:6f:89:e3:11:94:fa:7b:d1:88:ec:2d:5d:00:27:05:84:2a:
         f7:17:c5:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9LeHVNPOJLZnl84rLP3ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNzYwOWU0NDg2MTIwZGI5ZjE3YjZkM2Q3NGJmODU1ZjI3
MTU3NWYwHhcNMjYwNDE3MDEwMTA3WhcNMjYwNDE4MDEwMTA3WjAzMTEwLwYDVQQD
EygyMTMyZWZlNTgwYTQ0YmNlMmJmN2JhZDJmMGFjOGY5MjRlYjVmYjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkdKw2AjnA26XLNlTlbD6FgeiT2L
jdZsw1XMicxH/j/246j4BMUtKBusFxrpnYEWSGX6+7soI2eIC6KDxHwWPhwP8Mv9
iIstECRwCZhdu2wKrAft5CgNswdcK32JmNg4+Vd0gjsVRNNyVQun4/fUeQc6EfDc
V+Oi5W5St/8KBG/69lGCJPkfIAoVpETiRLCKOJh/ReUXZn5RQl3MmhGl5sl6xjqH
uxPqkGk9OP1kUS8G+iWEFhimd4Wc4XdbJKhqs+38nkaRryaQqjidseF7f72l/tLs
maFvdBccQ97EnEBdE5KFHbsFXHaB7iHXEgKCJd/GcA7ewKKcbs0ycC0BowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCEy7+WApEvOK/e60vCsj5JOtfsqMB8GA1UdIwQY
MBaAFFN2CeRIYSDbnxe209dL+FXycVdfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wNWRiODAtMWJhZi00MzdhLWE0OGYt
ZDRkNDRiZDkxYWZlLzEvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8wNWRiODAtMWJhZi00MzdhLWE0OGYtZDRkNDRiZDkxYWZl
LzEvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAftiJaoU5
aXFycgQrdR9XUNMgr73/oMrTtX+Dtiw8OYfUsldg7gL5fjSdtlh40GfmuPaneH0n
5e37AmJ2ox53+iSm+HwuWEnfl/sULu7X7uezzFru4l6eXurusEu/DQ8PHW1zKC/T
f2oHKxSwXEnAendkR1GQ8hZn8w7OM/yQklco7iRA9WXysWmHAwSdUPZ59zDFQIL/
DmW4aH5c+RYvpzcl2nnhAt4jEHfNex80lPPZ3aoLV+T7VFxHcXD90Yv/cYG8XheU
MWXoGWhcO+ps0xyUv6TtvFvO1JJogrS1iGRmvPxcC7PyHrsaJ2+J4xGU+nvRiOwt
XQAnBYQq9xfFBQ==
-----END CERTIFICATE-----