Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
File:                     4BpLB7xMpvoFciL96uhg9kRAR-A.mft (raw, json)
Hash identifier:          geMbFlXf8G0hpXv02LAldHwpq1WCsVtMC678hewBHRI=
Subject key identifier:   92:3C:20:5B:12:7A:2C:E2:32:05:92:7F:3D:4A:22:7F:7F:ED:8E:84
Authority key identifier: E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0
Certificate issuer:       /CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
Certificate serial:       019E1BD8CF7A2E8FEEB4DC3C1C38751DF4BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
Manifest number:          06D6
Signing time:             Tue 12 May 2026 11:00:54 +0000
Manifest this update:     Tue 12 May 2026 11:00:54 +0000
Manifest next update:     Wed 13 May 2026 11:00:54 +0000
Files and hashes:         1: 4BpLB7xMpvoFciL96uhg9kRAR-A.crl (hash: 3CoazptMZSXm9DSdEDwemqaOJNQysMP7dGOxVGusaLA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 11:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1b:d8:cf:7a:2e:8f:ee:b4:dc:3c:1c:38:75:1d:f4:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
        Validity
            Not Before: May 12 11:00:54 2026 GMT
            Not After : May 13 11:00:54 2026 GMT
        Subject: CN=923c205b127a2ce23205927f3d4a227f7fed8e84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:f7:70:bc:71:ae:0a:7e:fd:b2:a0:85:69:8b:
                    8c:d1:69:5e:49:47:29:d9:a6:58:71:64:5e:45:e0:
                    a7:ae:03:93:5d:7e:25:82:39:6d:88:41:b2:51:b7:
                    77:61:0c:ff:90:52:fc:30:55:9f:c5:76:ff:e8:cf:
                    a5:d2:c0:f4:d9:98:32:cc:15:2d:60:21:c2:f1:07:
                    87:4d:f8:10:ce:30:f9:29:fa:97:d6:4d:3c:93:a1:
                    ed:78:d4:b2:ec:3c:05:c8:20:40:c7:4d:94:c3:ab:
                    e5:dc:4e:40:7b:9d:95:af:ef:0e:f8:b2:c3:6e:1f:
                    49:cd:fa:d9:35:32:4f:3d:5b:68:c8:99:8b:60:68:
                    bd:d8:af:97:99:ad:49:15:3f:e6:9d:5d:fd:cd:b8:
                    04:b4:29:46:53:53:1b:d6:25:6e:02:5e:11:e7:38:
                    9a:88:69:00:9a:a9:e8:ef:f8:b7:3c:cb:a6:2c:26:
                    f7:20:c8:74:a1:ba:7e:5d:e6:ba:e3:61:6c:f4:81:
                    27:a2:5c:83:09:85:58:92:c9:a3:bc:95:b6:86:a7:
                    2f:67:1a:37:a3:b8:24:1b:50:d8:b1:8d:89:80:0d:
                    7b:5b:84:a7:a2:d1:0a:20:ec:bb:da:a6:bc:d3:5a:
                    49:8a:a3:db:f6:9d:00:62:b8:03:a6:a3:c7:24:34:
                    1d:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:3C:20:5B:12:7A:2C:E2:32:05:92:7F:3D:4A:22:7F:7F:ED:8E:84
            X509v3 Authority Key Identifier:
                keyid:E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:30:7f:da:c7:ab:67:bc:4e:10:3d:e3:21:a3:2f:e5:88:2e:
         e1:6c:62:b4:fb:6f:5d:78:63:44:f7:b9:db:f5:9a:19:4b:cb:
         d9:de:0f:79:55:c4:8c:44:d6:11:27:b3:90:0c:93:34:b3:20:
         d1:80:22:b4:07:82:72:46:96:c5:57:82:4d:d8:e9:94:c4:3f:
         05:ca:da:65:c9:68:28:d3:71:02:c9:9f:07:a4:f6:b0:5d:88:
         7e:10:44:08:88:89:8e:b1:d6:79:be:05:d9:a4:22:cc:79:74:
         0a:36:6a:60:ab:81:a6:89:4e:14:f0:4b:a3:99:f2:84:ae:e4:
         0b:67:d1:d2:c1:2c:89:39:00:b3:46:0c:c9:48:f5:a1:ca:e3:
         07:43:19:ee:fc:ff:eb:73:36:f4:fd:76:65:0f:0f:79:37:ab:
         6b:73:94:04:d5:ac:ab:34:d2:fb:23:8a:81:da:af:63:18:46:
         e7:61:84:82:70:38:b9:38:02:50:d4:75:64:bf:0e:47:19:01:
         93:65:9c:48:a7:d7:e7:b9:d6:38:e7:9a:15:fb:81:6f:ea:ab:
         a1:10:56:e9:36:68:4b:b6:2f:97:09:d8:80:d1:2a:5a:39:89:
         dc:8e:20:7a:f2:2a:ed:76:63:20:83:9f:71:a6:f7:f9:2d:0e:
         c8:59:0f:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4b2M96Lo/utNw8HDh1HfS6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMWE0YjA3YmM0Y2E2ZmEwNTcyMjJmZGVhZTg2MGY2NDQ0
MDQ3ZTAwHhcNMjYwNTEyMTEwMDU0WhcNMjYwNTEzMTEwMDU0WjAzMTEwLwYDVQQD
Eyg5MjNjMjA1YjEyN2EyY2UyMzIwNTkyN2YzZDRhMjI3ZjdmZWQ4ZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvdwvHGuCn79sqCFaYuM0WleSUcp
2aZYcWReReCnrgOTXX4lgjltiEGyUbd3YQz/kFL8MFWfxXb/6M+l0sD02ZgyzBUt
YCHC8QeHTfgQzjD5KfqX1k08k6HteNSy7DwFyCBAx02Uw6vl3E5Ae52Vr+8O+LLD
bh9JzfrZNTJPPVtoyJmLYGi92K+Xma1JFT/mnV39zbgEtClGU1Mb1iVuAl4R5zia
iGkAmqno7/i3PMumLCb3IMh0obp+Xea642Fs9IEnolyDCYVYksmjvJW2hqcvZxo3
o7gkG1DYsY2JgA17W4SnotEKIOy72qa801pJiqPb9p0AYrgDpqPHJDQdsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJI8IFsSeiziMgWSfz1KIn9/7Y6EMB8GA1UdIwQY
MBaAFOAaSwe8TKb6BXIi/eroYPZEQEfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUt
N2EzYzUzMmQzYTU1LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUtN2EzYzUzMmQzYTU1
LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMjB/2ser
Z7xOED3jIaMv5Ygu4WxitPtvXXhjRPe52/WaGUvL2d4PeVXEjETWESezkAyTNLMg
0YAitAeCckaWxVeCTdjplMQ/BcraZcloKNNxAsmfB6T2sF2IfhBECIiJjrHWeb4F
2aQizHl0CjZqYKuBpolOFPBLo5nyhK7kC2fR0sEsiTkAs0YMyUj1ocrjB0MZ7vz/
63M29P12ZQ8PeTera3OUBNWsqzTS+yOKgdqvYxhG52GEgnA4uTgCUNR1ZL8ORxkB
k2WcSKfX57nWOOeaFfuBb+qroRBW6TZoS7YvlwnYgNEqWjmJ3I4gevIq7XZjIIOf
cab3+S0OyFkPDA==
-----END CERTIFICATE-----