Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft
File:                     4iUB2aQBcJg48z0a4nm85xALPM8.mft (raw, json)
Hash identifier:          XAFoWHLbEv7Gwt4Bh3ozQxJdGJTehQRGPL1Z8XsRxwM=
Subject key identifier:   EE:E4:47:68:43:C5:60:1A:A1:A2:0C:75:14:2D:F4:E3:22:14:BC:1E
Authority key identifier: E2:25:01:D9:A4:01:70:98:38:F3:3D:1A:E2:79:BC:E7:10:0B:3C:CF
Certificate issuer:       /CN=e22501d9a401709838f33d1ae279bce7100b3ccf
Certificate serial:       019E1C473C6F4BA38CE72F2430CF85D4EC3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft
Manifest number:          137C
Signing time:             Tue 12 May 2026 13:01:30 +0000
Manifest this update:     Tue 12 May 2026 13:01:30 +0000
Manifest next update:     Wed 13 May 2026 13:01:30 +0000
Files and hashes:         1: 4iUB2aQBcJg48z0a4nm85xALPM8.crl (hash: 3/IkOd3SMwPmPHw1i0PluC47/xOcvKmezNNMcpk+NJQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 13:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:47:3c:6f:4b:a3:8c:e7:2f:24:30:cf:85:d4:ec:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e22501d9a401709838f33d1ae279bce7100b3ccf
        Validity
            Not Before: May 12 13:01:30 2026 GMT
            Not After : May 13 13:01:30 2026 GMT
        Subject: CN=eee4476843c5601aa1a20c75142df4e32214bc1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:16:d8:5b:9c:88:0d:72:be:23:de:3c:79:17:
                    d9:b5:da:97:e2:d5:55:9e:cb:51:45:83:25:af:be:
                    48:f3:13:b4:fd:0e:8b:18:fd:d2:ee:ee:fc:96:b3:
                    8b:6f:a3:6e:d9:cd:f4:23:80:35:0b:29:bd:2d:fc:
                    d1:00:7e:e7:06:1e:23:3b:03:31:34:b8:e0:79:4a:
                    af:fe:2b:ab:6a:22:11:7f:54:29:b1:e7:08:56:17:
                    f7:d4:53:d7:bd:b1:75:e9:cb:26:b3:91:38:a4:ad:
                    ec:8f:bd:c1:26:4d:01:e0:df:7f:cd:86:ba:68:29:
                    7a:c4:f4:0b:f8:17:ee:ed:a3:c8:70:50:cb:c0:f7:
                    80:ac:6f:7e:f4:3b:29:e5:c9:f8:60:aa:1b:2a:3d:
                    55:24:97:78:ec:d2:de:29:5f:7f:bc:55:f9:dc:1d:
                    88:96:94:92:c1:2d:0d:a6:1a:1a:a5:20:c2:75:0f:
                    eb:cd:33:e3:44:a8:e9:10:3d:5c:5c:4e:25:da:e2:
                    34:b4:51:90:44:33:39:3d:ed:35:58:aa:09:f0:a2:
                    1b:a5:43:1b:77:0b:6e:2b:d3:9e:15:82:ce:2d:7a:
                    b2:01:9e:05:24:4f:09:92:ea:d5:35:2c:ac:ca:c7:
                    ab:17:eb:bc:25:07:b1:12:0a:22:6d:61:77:0c:4b:
                    b4:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:E4:47:68:43:C5:60:1A:A1:A2:0C:75:14:2D:F4:E3:22:14:BC:1E
            X509v3 Authority Key Identifier:
                keyid:E2:25:01:D9:A4:01:70:98:38:F3:3D:1A:E2:79:BC:E7:10:0B:3C:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:7f:a8:90:87:f5:d6:8e:df:b5:53:21:9f:77:31:c6:c1:b5:
         6f:aa:5b:46:ff:36:4b:44:23:86:01:8c:d4:00:ac:75:93:bf:
         cc:9f:ae:75:3a:56:ba:7b:4c:1b:25:be:b8:f3:5e:5e:e2:3a:
         16:ee:6a:a9:c2:47:2e:68:d9:47:99:f8:20:68:3a:72:ab:3d:
         cb:c3:4e:2b:e7:1d:ef:67:e5:44:1d:f9:18:a9:c0:c2:42:39:
         11:71:5a:fc:5d:6f:3a:29:6f:ed:cc:1e:23:29:50:2c:9c:71:
         69:79:9e:ab:e3:62:19:85:f5:fc:1b:a2:10:c4:59:1d:86:6f:
         cc:5f:d5:f2:49:aa:2c:86:05:8f:ba:9f:af:7b:2f:ea:1c:3d:
         56:89:08:70:5c:9a:25:70:eb:0f:4d:c3:b1:3e:06:d4:e7:f6:
         df:99:b0:e8:47:bc:a9:f7:de:74:d0:31:34:db:23:64:82:a9:
         f6:10:40:35:36:ce:5a:19:ac:81:f4:09:e1:a0:5f:4d:ec:aa:
         56:e3:46:bc:f0:0c:5f:28:95:53:90:0c:df:e1:83:90:99:75:
         c8:5b:14:6c:7d:63:3b:4b:08:cb:80:f8:14:62:69:a0:82:dd:
         57:a3:8f:fe:c8:db:28:03:c3:0a:2f:6d:83:62:2a:3d:65:f1:
         7b:c2:30:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cRzxvS6OM5y8kMM+F1Ow7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMjUwMWQ5YTQwMTcwOTgzOGYzM2QxYWUyNzliY2U3MTAw
YjNjY2YwHhcNMjYwNTEyMTMwMTMwWhcNMjYwNTEzMTMwMTMwWjAzMTEwLwYDVQQD
EyhlZWU0NDc2ODQzYzU2MDFhYTFhMjBjNzUxNDJkZjRlMzIyMTRiYzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBbYW5yIDXK+I948eRfZtdqX4tVV
nstRRYMlr75I8xO0/Q6LGP3S7u78lrOLb6Nu2c30I4A1Cym9LfzRAH7nBh4jOwMx
NLjgeUqv/iuraiIRf1QpsecIVhf31FPXvbF16csms5E4pK3sj73BJk0B4N9/zYa6
aCl6xPQL+Bfu7aPIcFDLwPeArG9+9Dsp5cn4YKobKj1VJJd47NLeKV9/vFX53B2I
lpSSwS0NphoapSDCdQ/rzTPjRKjpED1cXE4l2uI0tFGQRDM5Pe01WKoJ8KIbpUMb
dwtuK9OeFYLOLXqyAZ4FJE8JkurVNSysyserF+u8JQexEgoibWF3DEu0fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO7kR2hDxWAaoaIMdRQt9OMiFLweMB8GA1UdIwQY
MBaAFOIlAdmkAXCYOPM9GuJ5vOcQCzzPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My82M2ZhZTktNDk5Zi00M2Q1LTg3Njgt
Zjk4MTFlZTNmYTg3LzEvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My82M2ZhZTktNDk5Zi00M2Q1LTg3NjgtZjk4MTFlZTNmYTg3
LzEvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbn+okIf1
1o7ftVMhn3cxxsG1b6pbRv82S0QjhgGM1ACsdZO/zJ+udTpWuntMGyW+uPNeXuI6
Fu5qqcJHLmjZR5n4IGg6cqs9y8NOK+cd72flRB35GKnAwkI5EXFa/F1vOilv7cwe
IylQLJxxaXmeq+NiGYX1/BuiEMRZHYZvzF/V8kmqLIYFj7qfr3sv6hw9VokIcFya
JXDrD03DsT4G1Of235mw6Ee8qffedNAxNNsjZIKp9hBANTbOWhmsgfQJ4aBfTeyq
VuNGvPAMXyiVU5AM3+GDkJl1yFsUbH1jO0sIy4D4FGJpoILdV6OP/sjbKAPDCi9t
g2IqPWXxe8IwcQ==
-----END CERTIFICATE-----