Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
File:                     04G3AXBRkLnOnRsYRTU4TnHKMWU.mft (raw, json)
Hash identifier:          lPllJ9ZE1/53rA/1IVlcQsPZl2tvvdsAoTVI4ESDSrA=
Subject key identifier:   A2:1C:94:AF:4A:C6:B5:F2:D5:30:72:9B:CD:4B:B0:F0:41:03:81:01
Authority key identifier: D3:81:B7:01:70:51:90:B9:CE:9D:1B:18:45:35:38:4E:71:CA:31:65
Certificate issuer:       /CN=d381b701705190b9ce9d1b184535384e71ca3165
Certificate serial:       019E1E35D726676BDCC094C4A8726DBE1FB7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
Manifest number:          1904
Signing time:             Tue 12 May 2026 22:01:45 +0000
Manifest this update:     Tue 12 May 2026 22:01:45 +0000
Manifest next update:     Wed 13 May 2026 22:01:45 +0000
Files and hashes:         1: 04G3AXBRkLnOnRsYRTU4TnHKMWU.crl (hash: WL99fS9e0OpXyyGo2RWoMI+pyxDX7rHEdfbprazwoso=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 22:01:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:35:d7:26:67:6b:dc:c0:94:c4:a8:72:6d:be:1f:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d381b701705190b9ce9d1b184535384e71ca3165
        Validity
            Not Before: May 12 22:01:45 2026 GMT
            Not After : May 13 22:01:45 2026 GMT
        Subject: CN=a21c94af4ac6b5f2d530729bcd4bb0f041038101
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:5e:bb:4e:20:6a:ae:cf:43:d6:29:b9:2a:ec:
                    1b:b1:31:c8:61:b1:71:79:da:73:50:8d:89:94:36:
                    7a:ee:17:7b:47:d0:f0:30:aa:72:6b:45:5c:14:3b:
                    f7:88:05:b7:05:c9:8b:d8:95:8f:16:66:a4:76:a6:
                    b8:38:dc:df:1a:ab:81:94:69:4b:78:81:86:7c:94:
                    7e:71:10:8c:ce:71:29:d4:47:db:9f:b3:fe:3f:c8:
                    8c:60:1a:a6:6e:a3:9f:69:3c:29:56:9d:46:13:eb:
                    8c:8b:d0:b2:01:b2:96:2e:73:05:65:d5:92:bd:0b:
                    04:a8:21:91:7d:d8:1a:2d:a4:97:3d:e4:a5:a8:01:
                    d2:0e:d6:ba:e1:25:d7:72:88:fb:ea:bd:27:5e:92:
                    31:37:0b:bd:41:b3:e6:4d:1a:ef:35:79:8e:77:ac:
                    c1:3f:8c:0e:32:79:13:fa:d3:2b:64:4f:47:68:1b:
                    38:ea:c8:4e:3d:09:18:87:d8:23:b8:42:bf:0b:22:
                    61:3e:d7:d9:c4:92:5d:f0:c7:40:28:09:a6:72:fa:
                    53:cb:3e:56:ae:7e:bf:16:13:2d:8b:25:96:09:31:
                    4e:b3:75:22:68:c3:f3:3f:a3:f2:f1:43:41:05:2e:
                    25:54:30:20:53:51:d1:3a:e8:4b:24:2b:96:49:29:
                    ca:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:1C:94:AF:4A:C6:B5:F2:D5:30:72:9B:CD:4B:B0:F0:41:03:81:01
            X509v3 Authority Key Identifier:
                keyid:D3:81:B7:01:70:51:90:B9:CE:9D:1B:18:45:35:38:4E:71:CA:31:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:ac:a9:52:50:41:76:06:bf:9e:01:85:d2:5d:ce:6e:98:32:
         15:a1:4b:e8:3a:99:e8:ce:33:86:78:dd:46:88:68:df:91:02:
         9d:35:55:a6:1e:10:59:ff:e5:ed:9f:86:34:ea:c7:c4:c5:42:
         6b:a2:15:81:14:4b:17:9a:ac:b8:ce:1e:55:6a:d6:b2:81:99:
         6d:b7:7f:ee:b6:1c:07:91:47:20:b5:de:09:8f:f7:1e:b2:34:
         c4:f1:ba:93:df:e8:1d:41:c6:73:96:e2:37:d9:aa:82:76:d8:
         1d:eb:31:7a:19:02:22:a0:6d:5e:bd:d9:66:d4:2f:27:0f:a2:
         90:63:e1:dc:a5:b1:49:5b:6e:cc:5a:6e:19:23:23:fb:bb:3a:
         77:6b:07:17:d6:12:41:51:26:4b:47:59:45:5e:7f:3c:a5:cb:
         1f:10:5f:34:8a:30:b4:c2:e4:9e:a6:c9:f1:58:ef:64:57:a5:
         d4:07:32:7c:3d:33:cb:e7:9b:17:16:de:e4:f7:48:63:52:3f:
         42:2d:f1:5d:8e:cd:90:74:23:59:fc:0b:8b:c4:47:69:63:e4:
         2b:cb:a2:f2:72:b4:b3:d8:94:f1:c3:3d:88:fe:93:48:27:61:
         a6:c1:10:b9:b7:2f:ee:56:6a:0d:54:be:c8:19:57:29:7d:f9:
         d5:38:f6:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNdcmZ2vcwJTEqHJtvh+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzODFiNzAxNzA1MTkwYjljZTlkMWIxODQ1MzUzODRlNzFj
YTMxNjUwHhcNMjYwNTEyMjIwMTQ1WhcNMjYwNTEzMjIwMTQ1WjAzMTEwLwYDVQQD
EyhhMjFjOTRhZjRhYzZiNWYyZDUzMDcyOWJjZDRiYjBmMDQxMDM4MTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu167TiBqrs9D1im5KuwbsTHIYbFx
edpzUI2JlDZ67hd7R9DwMKpya0VcFDv3iAW3BcmL2JWPFmakdqa4ONzfGquBlGlL
eIGGfJR+cRCMznEp1Efbn7P+P8iMYBqmbqOfaTwpVp1GE+uMi9CyAbKWLnMFZdWS
vQsEqCGRfdgaLaSXPeSlqAHSDta64SXXcoj76r0nXpIxNwu9QbPmTRrvNXmOd6zB
P4wOMnkT+tMrZE9HaBs46shOPQkYh9gjuEK/CyJhPtfZxJJd8MdAKAmmcvpTyz5W
rn6/FhMtiyWWCTFOs3UiaMPzP6Py8UNBBS4lVDAgU1HROuhLJCuWSSnKhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKIclK9KxrXy1TBym81LsPBBA4EBMB8GA1UdIwQY
MBaAFNOBtwFwUZC5zp0bGEU1OE5xyjFlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS82MDNjNTgtMTAwMi00MDY5LTg5MTct
NzA1NGViMmM0YzAwLzEvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS82MDNjNTgtMTAwMi00MDY5LTg5MTctNzA1NGViMmM0YzAw
LzEvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf6ypUlBB
dga/ngGF0l3ObpgyFaFL6DqZ6M4zhnjdRoho35ECnTVVph4QWf/l7Z+GNOrHxMVC
a6IVgRRLF5qsuM4eVWrWsoGZbbd/7rYcB5FHILXeCY/3HrI0xPG6k9/oHUHGc5bi
N9mqgnbYHesxehkCIqBtXr3ZZtQvJw+ikGPh3KWxSVtuzFpuGSMj+7s6d2sHF9YS
QVEmS0dZRV5/PKXLHxBfNIowtMLknqbJ8VjvZFel1AcyfD0zy+ebFxbe5PdIY1I/
Qi3xXY7NkHQjWfwLi8RHaWPkK8ui8nK0s9iU8cM9iP6TSCdhpsEQubcv7lZqDVS+
yBlXKX351Tj2ag==
-----END CERTIFICATE-----