Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
File:                     898KdcnvaBuNIzZ9vo7a0FPzvZU.mft (raw, json)
Hash identifier:          tmjmqox9MLxriDJb4AF1aNQduZu3MVumEjVMOZhu1ik=
Subject key identifier:   A0:32:9C:47:B8:D2:4F:DB:F0:E7:47:39:8F:E7:2D:3B:A8:34:24:AA
Authority key identifier: F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95
Certificate issuer:       /CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
Certificate serial:       019E1E35815D51EB3E1F2305B0910B6C954C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
Manifest number:          1904
Signing time:             Tue 12 May 2026 22:01:23 +0000
Manifest this update:     Tue 12 May 2026 22:01:23 +0000
Manifest next update:     Wed 13 May 2026 22:01:23 +0000
Files and hashes:         1: 898KdcnvaBuNIzZ9vo7a0FPzvZU.crl (hash: iBr8LBg3ov/xKil6DKttjDeT7sy3FH/6vU60p+FEFM8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 22:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:35:81:5d:51:eb:3e:1f:23:05:b0:91:0b:6c:95:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
        Validity
            Not Before: May 12 22:01:23 2026 GMT
            Not After : May 13 22:01:23 2026 GMT
        Subject: CN=a0329c47b8d24fdbf0e747398fe72d3ba83424aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:2b:ce:6e:a4:a9:fd:54:b5:e1:c0:52:c0:c2:
                    b2:9b:d1:44:07:c9:8f:e0:ee:5d:2f:b4:80:7e:1c:
                    a9:84:be:ec:19:f9:89:49:a7:df:7d:54:0d:03:8c:
                    3c:65:2f:b5:c8:09:21:c1:df:af:d3:5f:04:c0:d6:
                    30:5b:d4:fd:6c:fd:7f:ef:e3:5d:fe:98:22:4e:6c:
                    35:09:32:b5:2b:3a:49:73:1f:27:77:33:05:6f:63:
                    c6:01:6c:aa:85:e2:be:22:d1:b7:a0:5c:1f:02:f2:
                    46:b9:86:6c:a3:aa:df:29:7b:4c:f0:4c:23:cf:92:
                    ab:66:96:b5:1a:b2:a8:fb:f8:54:f1:22:32:1b:16:
                    6b:49:09:d4:e0:c4:48:ba:a3:9f:84:e4:98:a0:cd:
                    dc:a4:c8:81:83:67:23:0e:37:87:22:63:be:22:fe:
                    1e:ef:ef:46:b9:31:30:2b:61:ae:1d:a0:8a:33:b6:
                    e7:9e:9a:af:38:29:f7:d1:ab:96:0e:94:1f:ee:4f:
                    5a:0f:22:67:58:d2:f5:f0:54:42:5e:29:f4:19:17:
                    8c:92:1c:45:64:07:28:df:70:1b:f4:67:87:0a:1a:
                    0b:8b:7d:d7:1f:4d:06:aa:75:30:3c:9d:d8:34:63:
                    e4:5a:de:47:67:69:90:62:d5:75:f0:dd:e5:3f:3c:
                    39:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:32:9C:47:B8:D2:4F:DB:F0:E7:47:39:8F:E7:2D:3B:A8:34:24:AA
            X509v3 Authority Key Identifier:
                keyid:F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:76:fb:ff:4b:0c:04:b0:a8:b2:42:0b:f1:b8:e0:9a:e6:40:
         7f:7c:11:16:cd:df:1e:37:94:67:98:81:06:95:ec:04:8d:25:
         de:2e:d9:0c:a2:72:7e:cd:13:00:c6:63:4c:7c:2a:a2:fc:f1:
         a0:03:40:3a:93:27:e7:34:b9:3a:0b:99:2e:34:54:da:33:69:
         dd:45:c6:01:f9:d3:26:07:15:68:df:a7:85:43:06:98:b8:cc:
         7a:34:2b:fc:83:da:e1:64:95:d3:6b:e7:88:1e:1e:4a:51:b0:
         93:e0:59:d9:a2:0b:be:25:09:3a:41:2b:16:fa:93:f5:89:36:
         61:5c:e0:6d:a2:2d:7a:8f:7a:a2:89:89:03:0a:69:de:2c:2b:
         86:91:41:f8:38:eb:1b:33:1e:66:29:82:03:4c:1b:f5:a4:b4:
         db:17:0c:27:58:a6:81:c2:31:73:5a:e7:ed:d9:f9:ba:ee:f3:
         5f:4d:45:09:9e:63:3a:17:27:dc:de:2e:f2:65:a0:c1:49:9e:
         5e:f2:39:4e:0e:be:22:de:11:da:c9:b5:1d:08:bf:8b:a3:57:
         11:24:48:ad:4b:b5:c3:b2:7c:59:90:09:cf:29:f0:e2:9e:9d:
         0a:a5:8f:a4:bd:df:44:32:c2:ca:f7:f7:f4:6d:ea:94:22:23:
         73:1f:c4:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNYFdUes+HyMFsJELbJVMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzZGYwYTc1YzllZjY4MWI4ZDIzMzY3ZGJlOGVkYWQwNTNm
M2JkOTUwHhcNMjYwNTEyMjIwMTIzWhcNMjYwNTEzMjIwMTIzWjAzMTEwLwYDVQQD
EyhhMDMyOWM0N2I4ZDI0ZmRiZjBlNzQ3Mzk4ZmU3MmQzYmE4MzQyNGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yvObqSp/VS14cBSwMKym9FEB8mP
4O5dL7SAfhyphL7sGfmJSafffVQNA4w8ZS+1yAkhwd+v018EwNYwW9T9bP1/7+Nd
/pgiTmw1CTK1KzpJcx8ndzMFb2PGAWyqheK+ItG3oFwfAvJGuYZso6rfKXtM8Ewj
z5KrZpa1GrKo+/hU8SIyGxZrSQnU4MRIuqOfhOSYoM3cpMiBg2cjDjeHImO+Iv4e
7+9GuTEwK2GuHaCKM7bnnpqvOCn30auWDpQf7k9aDyJnWNL18FRCXin0GReMkhxF
ZAco33Ab9GeHChoLi33XH00GqnUwPJ3YNGPkWt5HZ2mQYtV18N3lPzw5VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKAynEe40k/b8OdHOY/nLTuoNCSqMB8GA1UdIwQY
MBaAFPPfCnXJ72gbjSM2fb6O2tBT872VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUt
YWI4YWJjYzY5MDE2LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUtYWI4YWJjYzY5MDE2
LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMnb7/0sM
BLCoskIL8bjgmuZAf3wRFs3fHjeUZ5iBBpXsBI0l3i7ZDKJyfs0TAMZjTHwqovzx
oANAOpMn5zS5OguZLjRU2jNp3UXGAfnTJgcVaN+nhUMGmLjMejQr/IPa4WSV02vn
iB4eSlGwk+BZ2aILviUJOkErFvqT9Yk2YVzgbaIteo96oomJAwpp3iwrhpFB+Djr
GzMeZimCA0wb9aS02xcMJ1imgcIxc1rn7dn5uu7zX01FCZ5jOhcn3N4u8mWgwUme
XvI5Tg6+It4R2sm1HQi/i6NXESRIrUu1w7J8WZAJzynw4p6dCqWPpL3fRDLCyvf3
9G3qlCIjcx/EPA==
-----END CERTIFICATE-----