Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
File:                     4VW0MN7doRMQ9shzieMgj8ZSnps.mft (raw, json)
Hash identifier:          s4iVcwPrKhON9rN5PXdH97Z7mIHLdkuK1f/VEGuYdW0=
Subject key identifier:   7F:1C:2B:78:9D:8D:54:BF:CE:34:53:ED:2E:6D:50:CB:B9:7A:AF:B5
Authority key identifier: E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B
Certificate issuer:       /CN=e155b430dedda11310f6c87389e3208fc6529e9b
Certificate serial:       019E1EA2F06D0070471C8AB48537F4A02346
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
Manifest number:          122F
Signing time:             Wed 13 May 2026 00:00:55 +0000
Manifest this update:     Wed 13 May 2026 00:00:55 +0000
Manifest next update:     Thu 14 May 2026 00:00:55 +0000
Files and hashes:         1: 4VW0MN7doRMQ9shzieMgj8ZSnps.crl (hash: BmM/2AEEta289FrpfSxeWvgh1VkFjUsGHWANg5lq5Fw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 23:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:a2:f0:6d:00:70:47:1c:8a:b4:85:37:f4:a0:23:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e155b430dedda11310f6c87389e3208fc6529e9b
        Validity
            Not Before: May 13 00:00:55 2026 GMT
            Not After : May 14 00:00:55 2026 GMT
        Subject: CN=7f1c2b789d8d54bfce3453ed2e6d50cbb97aafb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:1d:63:5d:e3:2f:a8:7e:7c:81:82:a6:eb:0d:
                    e3:e7:97:ad:e4:0b:3a:81:89:18:87:44:7e:8d:71:
                    5f:6c:a0:86:dc:c1:a1:6a:ff:b7:0c:4d:aa:23:bf:
                    c3:2c:25:ab:a3:86:1c:11:5d:6e:71:27:67:cd:74:
                    9e:33:ce:46:d2:8e:df:23:32:89:c1:1f:c9:80:c0:
                    ac:06:e1:b0:f8:67:a6:cd:cb:45:ff:63:dd:8d:4a:
                    ed:39:30:ca:1f:b6:4f:ae:fc:c4:d7:23:b7:f5:92:
                    02:cd:d5:e6:16:3d:11:16:2c:29:70:ac:cc:58:c8:
                    85:66:16:f1:23:4e:bd:49:2a:8d:c9:91:b1:f1:01:
                    0b:67:7e:5c:fa:26:27:22:3f:b7:12:3b:0a:71:41:
                    52:46:4c:bd:50:e9:39:7b:18:95:e3:88:ae:f0:43:
                    d2:ee:d4:df:0a:62:62:c8:ed:16:4b:4f:10:c4:67:
                    ae:85:16:33:4b:cb:c6:90:30:0c:e1:dd:68:ec:91:
                    9d:df:21:6c:96:b0:05:f2:24:67:ef:a6:e1:b3:76:
                    0f:e9:41:37:e4:6e:8e:2e:82:a1:f3:d4:74:7c:da:
                    b7:58:db:c2:15:fc:9c:36:10:29:da:76:a1:6e:38:
                    3c:a0:d7:35:64:3e:e8:b7:09:0b:b5:f8:45:48:ba:
                    5b:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:1C:2B:78:9D:8D:54:BF:CE:34:53:ED:2E:6D:50:CB:B9:7A:AF:B5
            X509v3 Authority Key Identifier:
                keyid:E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:7f:95:88:92:14:1f:50:12:08:db:99:1b:e9:ec:6f:8b:6a:
         29:14:f1:a4:d0:ed:16:25:62:ff:e0:6b:b1:da:d7:35:ec:1d:
         e9:7d:f7:4c:5f:80:32:69:33:b1:8e:05:a7:ca:a9:7f:52:0f:
         0d:d0:42:45:41:1d:cb:83:ca:6c:81:4e:71:65:7f:5d:7e:45:
         2c:67:b3:57:bf:b6:4c:25:00:df:35:2b:52:69:68:03:84:59:
         b5:7a:62:62:b6:4d:02:1e:3c:36:f0:04:a7:a3:84:79:d1:f7:
         92:a4:2b:20:90:ef:3d:00:15:cf:bc:9c:23:3d:05:3d:80:71:
         72:2a:2f:fb:41:8d:ca:4a:5b:87:68:5e:a4:2e:30:cb:5b:fa:
         56:d9:3d:9a:8a:72:07:08:d7:e6:7f:92:8f:f0:76:a8:a4:a6:
         88:d1:5e:ac:5a:5a:e6:e5:bd:f7:18:df:20:55:6f:73:fc:12:
         e8:ff:60:e0:74:81:42:47:9f:db:c8:3a:79:a8:92:89:82:ee:
         ad:a4:29:2f:7e:21:75:67:1e:f7:82:7c:72:50:2a:1c:b6:fe:
         9a:de:bb:2a:3d:4a:3e:b6:4a:5a:38:8d:a5:d9:a9:41:5f:ca:
         bc:d6:ae:43:75:45:ed:a6:fc:d3:5a:d0:f1:01:3e:6f:63:0e:
         2a:72:0d:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eovBtAHBHHIq0hTf0oCNGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTViNDMwZGVkZGExMTMxMGY2Yzg3Mzg5ZTMyMDhmYzY1
MjllOWIwHhcNMjYwNTEzMDAwMDU1WhcNMjYwNTE0MDAwMDU1WjAzMTEwLwYDVQQD
Eyg3ZjFjMmI3ODlkOGQ1NGJmY2UzNDUzZWQyZTZkNTBjYmI5N2FhZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1x1jXeMvqH58gYKm6w3j55et5As6
gYkYh0R+jXFfbKCG3MGhav+3DE2qI7/DLCWro4YcEV1ucSdnzXSeM85G0o7fIzKJ
wR/JgMCsBuGw+GemzctF/2PdjUrtOTDKH7ZPrvzE1yO39ZICzdXmFj0RFiwpcKzM
WMiFZhbxI069SSqNyZGx8QELZ35c+iYnIj+3EjsKcUFSRky9UOk5exiV44iu8EPS
7tTfCmJiyO0WS08QxGeuhRYzS8vGkDAM4d1o7JGd3yFslrAF8iRn76bhs3YP6UE3
5G6OLoKh89R0fNq3WNvCFfycNhAp2nahbjg8oNc1ZD7otwkLtfhFSLpbKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH8cK3idjVS/zjRT7S5tUMu5eq+1MB8GA1UdIwQY
MBaAFOFVtDDe3aETEPbIc4njII/GUp6bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAt
MGQ3NDA2MGExNmRkLzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAtMGQ3NDA2MGExNmRk
LzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsX+ViJIU
H1ASCNuZG+nsb4tqKRTxpNDtFiVi/+BrsdrXNewd6X33TF+AMmkzsY4Fp8qpf1IP
DdBCRUEdy4PKbIFOcWV/XX5FLGezV7+2TCUA3zUrUmloA4RZtXpiYrZNAh48NvAE
p6OEedH3kqQrIJDvPQAVz7ycIz0FPYBxciov+0GNykpbh2hepC4wy1v6Vtk9mopy
BwjX5n+Sj/B2qKSmiNFerFpa5uW99xjfIFVvc/wS6P9g4HSBQkef28g6eaiSiYLu
raQpL34hdWce94J8clAqHLb+mt67Kj1KPrZKWjiNpdmpQV/KvNauQ3VF7ab801rQ
8QE+b2MOKnIN3g==
-----END CERTIFICATE-----