Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/bdbee9-5eee-4561-a523-9435159c93eb/1/4CzXYQ92Hg7SUq57ufMPHisXtec.mft
File:                     4CzXYQ92Hg7SUq57ufMPHisXtec.mft (raw, json)
Hash identifier:          gAaPb5jnyqxyqGDhoeiWtRyq5soV1SEyAYQsK8Dt25o=
Subject key identifier:   68:2F:81:29:29:13:43:7E:17:C7:27:BC:43:24:BF:12:16:DE:15:08
Authority key identifier: E0:2C:D7:61:0F:76:1E:0E:D2:52:AE:7B:B9:F3:0F:1E:2B:17:B5:E7
Certificate issuer:       /CN=e02cd7610f761e0ed252ae7bb9f30f1e2b17b5e7
Certificate serial:       019E1EA2FF04C5D0C1381F20BDDCC0B6228C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4CzXYQ92Hg7SUq57ufMPHisXtec.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/bdbee9-5eee-4561-a523-9435159c93eb/1/4CzXYQ92Hg7SUq57ufMPHisXtec.mft
Manifest number:          1597
Signing time:             Wed 13 May 2026 00:00:58 +0000
Manifest this update:     Wed 13 May 2026 00:00:58 +0000
Manifest next update:     Thu 14 May 2026 00:00:58 +0000
Files and hashes:         1: 4CzXYQ92Hg7SUq57ufMPHisXtec.crl (hash: bc1x7/1fr9NnSnj/qRazeblPBOenea7BN/eWW8jtO9s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/bdbee9-5eee-4561-a523-9435159c93eb/1/4CzXYQ92Hg7SUq57ufMPHisXtec.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/bdbee9-5eee-4561-a523-9435159c93eb/1/4CzXYQ92Hg7SUq57ufMPHisXtec.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4CzXYQ92Hg7SUq57ufMPHisXtec.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 23:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:a2:ff:04:c5:d0:c1:38:1f:20:bd:dc:c0:b6:22:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e02cd7610f761e0ed252ae7bb9f30f1e2b17b5e7
        Validity
            Not Before: May 13 00:00:58 2026 GMT
            Not After : May 14 00:00:58 2026 GMT
        Subject: CN=682f81292913437e17c727bc4324bf1216de1508
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:69:c6:74:a1:bc:c4:a5:75:7b:a7:ed:41:19:
                    9d:0b:09:e8:b9:86:06:b9:e8:28:fa:0d:9d:61:2b:
                    57:35:31:8c:be:72:39:ee:30:78:75:5f:41:22:26:
                    c5:62:40:df:fd:c5:37:a2:e3:b8:bb:39:99:26:60:
                    4a:0a:d1:c0:81:2a:2c:0a:62:07:b4:97:f8:78:58:
                    0b:00:1e:1b:55:bb:30:87:49:91:fe:ca:d8:f6:1d:
                    3d:23:45:0c:15:69:85:53:85:b0:21:05:87:80:47:
                    59:f9:4c:ac:0d:ff:ac:4c:1c:26:7e:37:3e:69:16:
                    31:7e:37:a8:48:41:da:1e:35:ef:bf:a8:06:f3:a9:
                    bc:97:43:51:4a:fb:6d:c1:cb:65:ab:6b:f9:79:be:
                    26:50:e2:83:04:13:ac:ad:a3:af:5f:63:8e:89:d5:
                    1b:ae:f2:19:c2:f2:6a:92:3c:5e:cd:94:fb:73:a1:
                    33:a8:eb:35:36:48:11:34:41:cb:ea:eb:b6:98:45:
                    b4:aa:cf:58:bb:83:bf:fd:0d:6f:0d:7a:58:17:42:
                    68:9c:c0:06:cc:26:2f:6c:cf:b3:51:70:e3:f5:9b:
                    db:65:c5:5c:9e:d6:f5:3b:8b:99:a1:20:df:08:c8:
                    a4:c6:90:f2:34:c1:83:7f:76:6b:4c:c0:f9:0a:32:
                    a1:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:2F:81:29:29:13:43:7E:17:C7:27:BC:43:24:BF:12:16:DE:15:08
            X509v3 Authority Key Identifier:
                keyid:E0:2C:D7:61:0F:76:1E:0E:D2:52:AE:7B:B9:F3:0F:1E:2B:17:B5:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4CzXYQ92Hg7SUq57ufMPHisXtec.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/bdbee9-5eee-4561-a523-9435159c93eb/1/4CzXYQ92Hg7SUq57ufMPHisXtec.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/bdbee9-5eee-4561-a523-9435159c93eb/1/4CzXYQ92Hg7SUq57ufMPHisXtec.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:0b:1d:09:c0:e0:0a:3c:de:d6:83:10:95:38:ba:38:cd:d3:
         b2:84:b3:01:ea:79:18:d2:95:d9:98:99:38:cd:19:b3:2a:02:
         35:3a:84:5f:68:e2:18:37:ad:85:7b:36:10:1d:96:bf:31:e7:
         46:01:5f:c7:f8:eb:ef:47:ed:33:82:3e:3f:c5:6a:48:0c:5c:
         c6:34:d4:08:61:2c:c1:4f:56:6b:19:0d:ae:4a:67:d6:1f:69:
         5e:bd:72:64:7d:91:ab:48:bb:3c:56:53:7c:89:be:cd:11:2b:
         7c:58:a5:fc:0a:89:78:01:f5:80:4a:7b:ba:96:6f:6d:3b:16:
         41:b6:e4:ef:9e:e1:0d:0e:52:41:df:1a:4c:0e:c4:80:39:96:
         67:9a:dc:f7:17:36:50:af:44:07:68:4a:55:bc:32:f7:2f:64:
         7a:1d:03:55:74:0b:d4:00:85:b1:9a:1d:b1:2e:d7:86:f6:c5:
         01:d8:8f:28:0e:3e:1a:60:9d:64:77:55:86:89:ba:af:10:c1:
         af:39:1e:a9:53:45:c1:71:dd:06:9f:91:81:44:de:9e:7f:1d:
         ad:a9:17:81:6c:51:0a:fd:3f:14:43:8b:72:38:90:04:7a:08:
         a8:2f:09:38:44:ff:97:81:fe:58:a9:c7:9e:3b:ee:5d:ae:6f:
         e9:df:e9:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eov8ExdDBOB8gvdzAtiKMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMmNkNzYxMGY3NjFlMGVkMjUyYWU3YmI5ZjMwZjFlMmIx
N2I1ZTcwHhcNMjYwNTEzMDAwMDU4WhcNMjYwNTE0MDAwMDU4WjAzMTEwLwYDVQQD
Eyg2ODJmODEyOTI5MTM0MzdlMTdjNzI3YmM0MzI0YmYxMjE2ZGUxNTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGnGdKG8xKV1e6ftQRmdCwnouYYG
uego+g2dYStXNTGMvnI57jB4dV9BIibFYkDf/cU3ouO4uzmZJmBKCtHAgSosCmIH
tJf4eFgLAB4bVbswh0mR/srY9h09I0UMFWmFU4WwIQWHgEdZ+UysDf+sTBwmfjc+
aRYxfjeoSEHaHjXvv6gG86m8l0NRSvttwctlq2v5eb4mUOKDBBOsraOvX2OOidUb
rvIZwvJqkjxezZT7c6EzqOs1NkgRNEHL6uu2mEW0qs9Yu4O//Q1vDXpYF0JonMAG
zCYvbM+zUXDj9ZvbZcVcntb1O4uZoSDfCMikxpDyNMGDf3ZrTMD5CjKhDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGgvgSkpE0N+F8cnvEMkvxIW3hUIMB8GA1UdIwQY
MBaAFOAs12EPdh4O0lKue7nzDx4rF7XnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEN6WFlROTJIZzdTVXE1N3VmTVBIaXNYdGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iZGJlZTktNWVlZS00NTYxLWE1MjMt
OTQzNTE1OWM5M2ViLzEvNEN6WFlROTJIZzdTVXE1N3VmTVBIaXNYdGVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iZGJlZTktNWVlZS00NTYxLWE1MjMtOTQzNTE1OWM5M2Vi
LzEvNEN6WFlROTJIZzdTVXE1N3VmTVBIaXNYdGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnwsdCcDg
Cjze1oMQlTi6OM3TsoSzAep5GNKV2ZiZOM0ZsyoCNTqEX2jiGDethXs2EB2WvzHn
RgFfx/jr70ftM4I+P8VqSAxcxjTUCGEswU9WaxkNrkpn1h9pXr1yZH2Rq0i7PFZT
fIm+zRErfFil/AqJeAH1gEp7upZvbTsWQbbk757hDQ5SQd8aTA7EgDmWZ5rc9xc2
UK9EB2hKVbwy9y9keh0DVXQL1ACFsZodsS7XhvbFAdiPKA4+GmCdZHdVhom6rxDB
rzkeqVNFwXHdBp+RgUTenn8drakXgWxRCv0/FEOLcjiQBHoIqC8JOET/l4H+WKnH
njvuXa5v6d/ppQ==
-----END CERTIFICATE-----