Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
File:                     4HDNq3OhLa82gGsOFgLI2vuQk7s.mft (raw, json)
Hash identifier:          /+3D52YHlmvO9MLsow1H5u6FeL8FbKxPIT9W/FBW7sw=
Subject key identifier:   D8:79:4D:F2:C3:D0:9D:A2:CC:6E:D2:0B:71:41:A4:69:32:C3:B9:12
Authority key identifier: E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB
Certificate issuer:       /CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
Certificate serial:       019E1E35BC4086BE41D3987D1E5986CF2660
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
Manifest number:          0E50
Signing time:             Tue 12 May 2026 22:01:38 +0000
Manifest this update:     Tue 12 May 2026 22:01:38 +0000
Manifest next update:     Wed 13 May 2026 22:01:38 +0000
Files and hashes:         1: 4HDNq3OhLa82gGsOFgLI2vuQk7s.crl (hash: Ub6pNhw+WTx8tzcl3iMPh0Nk82TGHq/hbauf8UO6Kew=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:35:bc:40:86:be:41:d3:98:7d:1e:59:86:cf:26:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
        Validity
            Not Before: May 12 22:01:38 2026 GMT
            Not After : May 13 22:01:38 2026 GMT
        Subject: CN=d8794df2c3d09da2cc6ed20b7141a46932c3b912
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:fc:2c:41:37:9a:01:bb:69:1a:2e:64:00:c5:
                    c8:f3:4f:b2:ec:78:49:eb:dd:46:b2:dc:1b:ad:63:
                    e5:52:3a:11:be:6e:bd:37:8e:d4:0b:75:64:41:a8:
                    61:3b:c7:67:9f:9b:b1:01:94:e2:c7:4d:4d:52:ad:
                    12:da:6c:99:d6:cb:a6:c0:ea:95:a8:74:18:ff:de:
                    76:a0:5a:0c:c1:49:e4:8b:1c:99:95:1c:18:f8:49:
                    f0:bb:cd:37:82:5f:fe:cb:8a:c7:03:1b:9b:10:23:
                    3a:7e:35:c2:3c:57:1b:2a:40:e2:62:92:67:2f:47:
                    b6:f1:7c:99:93:59:2a:8f:d2:c0:03:37:77:4f:df:
                    be:7b:6d:11:2b:d6:f9:20:6d:ab:19:00:76:80:39:
                    73:41:da:55:18:50:37:47:bf:f1:ec:e0:c1:97:3f:
                    2d:ef:65:37:70:d2:74:ca:71:e6:60:ef:62:b1:41:
                    32:a0:e6:fc:fd:1c:81:a1:80:d5:a2:ba:50:53:ae:
                    6c:33:c2:4d:fb:82:b3:3d:ea:27:62:76:4d:fa:c6:
                    5b:9a:5e:bf:3d:e2:d6:60:37:38:ee:a8:3c:4f:89:
                    2b:cd:58:08:ac:c6:84:91:ae:d6:82:8d:40:44:20:
                    f7:f7:04:da:d8:cf:ec:d0:e3:72:41:31:e7:81:71:
                    32:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:79:4D:F2:C3:D0:9D:A2:CC:6E:D2:0B:71:41:A4:69:32:C3:B9:12
            X509v3 Authority Key Identifier:
                keyid:E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:9d:7d:5b:43:37:96:cb:ea:86:d2:9c:b3:0c:25:e5:5a:8c:
         81:1f:40:7b:9d:b0:24:1b:f7:d5:8f:5f:cb:f6:e7:7d:69:ac:
         aa:5e:91:c4:e8:81:4a:7f:c8:a6:eb:1f:d5:0a:78:31:ea:eb:
         36:0e:ba:3a:74:a2:39:85:6d:0d:96:80:86:cf:bd:34:5c:ca:
         41:be:35:85:13:71:67:82:54:20:fd:9f:9e:f7:ed:80:d0:9f:
         10:01:9f:c8:bd:b5:c5:b3:e2:ee:2c:39:0b:c3:78:e7:18:d2:
         ed:87:f8:fc:b3:33:f9:9e:cc:1b:6e:44:86:dd:8c:41:f5:f0:
         d0:8c:0d:ee:ad:82:71:9e:08:bd:ad:e1:e6:51:69:cd:ef:cb:
         94:36:55:a7:87:15:59:86:2d:7e:fb:9a:be:37:d3:22:09:08:
         95:65:68:7e:96:2a:58:0a:a2:2a:8f:f1:d9:ce:ed:38:49:ea:
         e6:71:c0:ec:72:a7:e7:e9:50:80:ac:d2:fa:1e:f9:71:45:57:
         ac:1b:3d:33:e1:4b:7a:d4:30:ce:0f:a3:7b:0e:1b:56:a3:35:
         5a:b5:99:ab:28:09:8b:8c:85:7e:8d:c2:86:9b:fd:95:9d:63:
         05:2f:34:81:33:3a:ec:bd:ea:b6:d7:52:f4:4a:4d:14:06:0a:
         5c:b6:31:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNbxAhr5B05h9HlmGzyZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNzBjZGFiNzNhMTJkYWYzNjgwNmIwZTE2MDJjOGRhZmI5
MDkzYmIwHhcNMjYwNTEyMjIwMTM4WhcNMjYwNTEzMjIwMTM4WjAzMTEwLwYDVQQD
EyhkODc5NGRmMmMzZDA5ZGEyY2M2ZWQyMGI3MTQxYTQ2OTMyYzNiOTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/wsQTeaAbtpGi5kAMXI80+y7HhJ
691GstwbrWPlUjoRvm69N47UC3VkQahhO8dnn5uxAZTix01NUq0S2myZ1sumwOqV
qHQY/952oFoMwUnkixyZlRwY+Enwu803gl/+y4rHAxubECM6fjXCPFcbKkDiYpJn
L0e28XyZk1kqj9LAAzd3T9++e20RK9b5IG2rGQB2gDlzQdpVGFA3R7/x7ODBlz8t
72U3cNJ0ynHmYO9isUEyoOb8/RyBoYDVorpQU65sM8JN+4KzPeonYnZN+sZbml6/
PeLWYDc47qg8T4krzVgIrMaEka7Wgo1ARCD39wTa2M/s0ONyQTHngXEyiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNh5TfLD0J2izG7SC3FBpGkyw7kSMB8GA1UdIwQY
MBaAFOBwzatzoS2vNoBrDhYCyNr7kJO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGIt
OTE2ODgyNmNkMzU1LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGItOTE2ODgyNmNkMzU1
LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEZ19W0M3
lsvqhtKcswwl5VqMgR9Ae52wJBv31Y9fy/bnfWmsql6RxOiBSn/Ipusf1Qp4Merr
Ng66OnSiOYVtDZaAhs+9NFzKQb41hRNxZ4JUIP2fnvftgNCfEAGfyL21xbPi7iw5
C8N45xjS7Yf4/LMz+Z7MG25Eht2MQfXw0IwN7q2CcZ4Iva3h5lFpze/LlDZVp4cV
WYYtfvuavjfTIgkIlWVofpYqWAqiKo/x2c7tOEnq5nHA7HKn5+lQgKzS+h75cUVX
rBs9M+FLetQwzg+jew4bVqM1WrWZqygJi4yFfo3Chpv9lZ1jBS80gTM67L3qttdS
9EpNFAYKXLYx2Q==
-----END CERTIFICATE-----