Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/de37fa-1bd2-47f5-9e2b-ac4c8f19876d/1/4TcnopRRvk3Zkitg0cWW6Aaplfs.mft
File:                     4TcnopRRvk3Zkitg0cWW6Aaplfs.mft (raw, json)
Hash identifier:          fhnZBgavXkyNySEwYqvytmwXaOVHXD69EWWlMnRRJEI=
Subject key identifier:   80:7C:03:FE:25:52:4B:9A:61:F8:39:5A:E5:99:43:9A:86:8E:16:A8
Authority key identifier: E1:37:27:A2:94:51:BE:4D:D9:92:2B:60:D1:C5:96:E8:06:A9:95:FB
Certificate issuer:       /CN=e13727a29451be4dd9922b60d1c596e806a995fb
Certificate serial:       019E1C470B5491E7C85994618982E8B31A17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4TcnopRRvk3Zkitg0cWW6Aaplfs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/de37fa-1bd2-47f5-9e2b-ac4c8f19876d/1/4TcnopRRvk3Zkitg0cWW6Aaplfs.mft
Manifest number:          1901
Signing time:             Tue 12 May 2026 13:01:18 +0000
Manifest this update:     Tue 12 May 2026 13:01:18 +0000
Manifest next update:     Wed 13 May 2026 13:01:18 +0000
Files and hashes:         1: 4TcnopRRvk3Zkitg0cWW6Aaplfs.crl (hash: DSG2S9XobbLrnOxq0Ii9EfQIxEJFTDYFLbeobMGRn00=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7e/de37fa-1bd2-47f5-9e2b-ac4c8f19876d/1/4TcnopRRvk3Zkitg0cWW6Aaplfs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7e/de37fa-1bd2-47f5-9e2b-ac4c8f19876d/1/4TcnopRRvk3Zkitg0cWW6Aaplfs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4TcnopRRvk3Zkitg0cWW6Aaplfs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 13:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:47:0b:54:91:e7:c8:59:94:61:89:82:e8:b3:1a:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e13727a29451be4dd9922b60d1c596e806a995fb
        Validity
            Not Before: May 12 13:01:18 2026 GMT
            Not After : May 13 13:01:18 2026 GMT
        Subject: CN=807c03fe25524b9a61f8395ae599439a868e16a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:85:26:5d:a6:9d:83:d5:22:e1:fa:3f:dc:03:
                    b3:93:79:07:02:80:77:4f:44:4a:d1:4e:df:74:cf:
                    55:62:84:90:b1:d2:85:37:e3:80:48:ed:27:2b:4e:
                    47:16:4e:a6:ab:c9:0e:1e:b6:b4:7e:4a:15:55:56:
                    a1:d7:c4:99:a0:6a:9d:7f:49:71:fd:85:16:6f:c9:
                    6b:8d:7f:36:62:45:72:15:48:d7:2f:75:8b:86:e2:
                    6c:af:c9:46:c7:3f:ed:ae:a1:70:aa:c0:b8:5d:65:
                    84:6f:e0:53:f8:7a:74:70:3f:a0:a6:aa:5d:41:66:
                    b3:2e:e1:62:14:5c:1c:65:3f:9e:d9:1c:22:01:39:
                    e5:b3:41:01:d2:d5:44:e2:9f:9b:bc:a4:7e:cd:ec:
                    18:c4:06:fb:23:39:66:88:54:2d:4c:0a:18:9f:c0:
                    23:1b:2e:96:88:8b:55:40:26:43:32:cc:e9:16:3b:
                    e6:0a:95:76:fa:31:08:fc:54:f0:e4:4b:18:bc:a0:
                    08:5b:4e:23:f9:ca:a3:09:81:a2:83:01:06:bf:d2:
                    09:8d:2f:5f:7a:47:6a:30:f6:13:41:56:cd:ed:ca:
                    53:7b:23:4f:12:1b:27:aa:17:6f:1e:67:4c:8d:62:
                    3e:cd:d9:7e:8f:f1:68:48:f9:82:3e:e2:4c:9d:c1:
                    d6:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:7C:03:FE:25:52:4B:9A:61:F8:39:5A:E5:99:43:9A:86:8E:16:A8
            X509v3 Authority Key Identifier:
                keyid:E1:37:27:A2:94:51:BE:4D:D9:92:2B:60:D1:C5:96:E8:06:A9:95:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4TcnopRRvk3Zkitg0cWW6Aaplfs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/de37fa-1bd2-47f5-9e2b-ac4c8f19876d/1/4TcnopRRvk3Zkitg0cWW6Aaplfs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/de37fa-1bd2-47f5-9e2b-ac4c8f19876d/1/4TcnopRRvk3Zkitg0cWW6Aaplfs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:79:ef:3c:2a:bd:88:57:6c:62:4a:06:5e:85:de:9e:41:61:
         09:ce:1a:47:14:d9:fd:51:8f:87:ee:1f:34:07:9c:2e:61:11:
         7b:f7:b1:78:23:e0:49:3a:1e:b8:d2:d2:bd:c9:1a:c2:65:f6:
         62:af:46:46:81:05:ca:42:7c:a0:4b:8c:3b:db:c4:d9:23:8c:
         25:83:5e:72:0a:45:3a:da:91:fc:d1:b4:54:98:57:74:08:61:
         a3:93:f9:fc:e1:b9:f4:87:09:3b:52:81:88:dd:60:6a:51:17:
         33:f6:22:37:8f:06:12:63:44:51:ce:55:18:f7:04:50:f4:9e:
         02:ea:fa:2e:ea:a8:8b:b8:10:36:55:4f:26:79:10:1b:40:9f:
         b1:42:80:f1:f0:2d:18:86:36:8c:0d:83:8f:ff:64:49:05:25:
         8e:fc:0a:e7:d9:fd:37:9d:a8:a6:a7:3e:6d:19:87:88:f7:6a:
         03:64:04:81:5b:a4:59:dc:38:40:56:c0:ba:fb:19:15:9b:85:
         14:0f:f9:10:5f:3d:96:a7:5a:37:2b:1b:53:db:04:2b:64:f9:
         39:3d:39:48:48:a9:66:4c:e7:16:7c:f2:ad:0d:34:96:73:91:
         db:30:20:94:8e:0c:46:80:3e:0b:63:71:dd:ce:ba:04:5a:3b:
         d4:21:29:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cRwtUkefIWZRhiYLosxoXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMzcyN2EyOTQ1MWJlNGRkOTkyMmI2MGQxYzU5NmU4MDZh
OTk1ZmIwHhcNMjYwNTEyMTMwMTE4WhcNMjYwNTEzMTMwMTE4WjAzMTEwLwYDVQQD
Eyg4MDdjMDNmZTI1NTI0YjlhNjFmODM5NWFlNTk5NDM5YTg2OGUxNmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYUmXaadg9Ui4fo/3AOzk3kHAoB3
T0RK0U7fdM9VYoSQsdKFN+OASO0nK05HFk6mq8kOHra0fkoVVVah18SZoGqdf0lx
/YUWb8lrjX82YkVyFUjXL3WLhuJsr8lGxz/trqFwqsC4XWWEb+BT+Hp0cD+gpqpd
QWazLuFiFFwcZT+e2RwiATnls0EB0tVE4p+bvKR+zewYxAb7IzlmiFQtTAoYn8Aj
Gy6WiItVQCZDMszpFjvmCpV2+jEI/FTw5EsYvKAIW04j+cqjCYGigwEGv9IJjS9f
ekdqMPYTQVbN7cpTeyNPEhsnqhdvHmdMjWI+zdl+j/FoSPmCPuJMncHWpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIB8A/4lUkuaYfg5WuWZQ5qGjhaoMB8GA1UdIwQY
MBaAFOE3J6KUUb5N2ZIrYNHFlugGqZX7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFRjbm9wUlJ2azNaa2l0ZzBjV1c2QWFwbGZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kZTM3ZmEtMWJkMi00N2Y1LTllMmIt
YWM0YzhmMTk4NzZkLzEvNFRjbm9wUlJ2azNaa2l0ZzBjV1c2QWFwbGZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kZTM3ZmEtMWJkMi00N2Y1LTllMmItYWM0YzhmMTk4NzZk
LzEvNFRjbm9wUlJ2azNaa2l0ZzBjV1c2QWFwbGZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeXnvPCq9
iFdsYkoGXoXenkFhCc4aRxTZ/VGPh+4fNAecLmERe/exeCPgSToeuNLSvckawmX2
Yq9GRoEFykJ8oEuMO9vE2SOMJYNecgpFOtqR/NG0VJhXdAhho5P5/OG59IcJO1KB
iN1galEXM/YiN48GEmNEUc5VGPcEUPSeAur6Luqoi7gQNlVPJnkQG0CfsUKA8fAt
GIY2jA2Dj/9kSQUljvwK59n9N52opqc+bRmHiPdqA2QEgVukWdw4QFbAuvsZFZuF
FA/5EF89lqdaNysbU9sEK2T5OT05SEipZkznFnzyrQ00lnOR2zAglI4MRoA+C2Nx
3c66BFo71CEp4Q==
-----END CERTIFICATE-----