Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
File:                     4BpLB7xMpvoFciL96uhg9kRAR-A.mft (raw, json)
Hash identifier:          cz32KnqiD3fGtgOHytyuCHFti6bTtmAX+gJFqyYPCj0=
Subject key identifier:   96:F5:72:64:6A:91:ED:27:22:14:5D:40:C4:6F:1E:58:45:51:3C:2E
Authority key identifier: E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0
Certificate issuer:       /CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
Certificate serial:       019D39E598DBC831350674CA1323605860B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
Manifest number:          0661
Signing time:             Sun 29 Mar 2026 14:00:41 +0000
Manifest this update:     Sun 29 Mar 2026 14:00:41 +0000
Manifest next update:     Mon 30 Mar 2026 14:00:41 +0000
Files and hashes:         1: 4BpLB7xMpvoFciL96uhg9kRAR-A.crl (hash: IF5H+ims7/OY5YugA209SMrFg+gcZFePUgd769loUdE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:e5:98:db:c8:31:35:06:74:ca:13:23:60:58:60:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
        Validity
            Not Before: Mar 29 14:00:41 2026 GMT
            Not After : Mar 30 14:00:41 2026 GMT
        Subject: CN=96f572646a91ed2722145d40c46f1e5845513c2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:0e:98:c8:96:21:7e:ba:b4:a2:9c:29:a4:10:
                    41:f0:b6:4c:6e:8c:49:ff:42:09:6d:47:f7:39:6e:
                    f3:fa:94:8c:b9:19:77:0c:ce:40:41:84:3b:11:98:
                    61:b6:d9:97:af:8d:57:46:cf:f0:01:cd:ca:1d:2d:
                    a9:83:60:1e:a9:24:c8:f2:9c:5e:3c:16:3b:b8:ec:
                    37:4f:d2:be:9a:04:9c:70:b6:b1:78:9b:26:64:eb:
                    d6:5c:37:3c:65:22:7b:df:21:0a:ec:be:01:30:2a:
                    3c:4c:cd:44:2a:3e:e4:a6:5e:5b:c7:7e:5a:ee:d5:
                    40:9b:b1:8c:d0:a9:39:74:17:b2:da:e5:ce:30:96:
                    12:18:27:33:ee:2e:3b:47:c9:5c:cd:ce:0d:a5:0e:
                    69:d5:78:93:54:e7:c9:32:7a:a2:56:de:2e:32:3c:
                    40:26:10:f2:3f:e2:6e:fd:71:f7:73:91:0b:79:42:
                    69:f7:fb:c6:36:3e:dc:64:20:15:33:1f:16:4d:62:
                    56:3f:2d:bd:8a:d5:e0:f9:4d:ac:fc:9d:02:fc:9d:
                    e1:bb:56:5b:60:de:9c:d9:7e:88:59:ac:44:a8:95:
                    37:06:1b:da:fa:e4:50:8d:05:cf:95:82:90:52:28:
                    1b:59:92:fd:8b:eb:49:6c:82:a7:d3:48:40:6d:b6:
                    40:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:F5:72:64:6A:91:ED:27:22:14:5D:40:C4:6F:1E:58:45:51:3C:2E
            X509v3 Authority Key Identifier:
                keyid:E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:0e:1a:7b:4d:ec:4a:75:21:3a:70:88:74:83:61:99:2e:69:
         5b:ad:ad:c7:fb:f0:8f:83:a9:9a:4d:4d:42:9f:b0:26:2b:f9:
         cb:f4:81:32:53:93:e5:01:ea:5f:a6:f8:83:dd:42:13:07:e0:
         51:e8:ec:6c:43:3f:dc:8b:1f:76:1b:e6:b1:57:12:33:02:a7:
         ab:19:b8:8d:da:7f:b0:0a:8c:dd:4b:af:f6:43:fa:1a:de:f4:
         52:38:28:aa:b3:22:bc:08:25:a8:9a:db:ef:b7:b4:67:b7:f8:
         78:37:1a:f6:c7:37:e1:96:a5:fe:da:79:b9:a0:15:31:74:57:
         ac:2b:99:a4:78:da:01:59:73:34:9a:a3:3d:ce:10:f6:07:79:
         22:f2:6c:b8:b9:53:57:40:4c:21:40:93:73:1e:50:39:c1:95:
         2f:95:cb:af:2a:95:70:65:ac:52:60:1d:19:28:e6:78:84:93:
         e6:8d:8e:45:a8:2d:8b:22:31:14:f8:af:c7:cf:43:50:cb:71:
         2e:25:58:03:35:59:69:f4:7d:4d:b1:7a:39:43:2a:f0:a9:7d:
         75:1e:61:b0:1f:b3:92:fe:e2:10:5b:e0:92:e0:7b:a1:54:47:
         83:e5:47:62:e9:ca:0b:52:4e:48:32:89:ab:12:23:fd:5d:7e:
         1c:87:8b:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ055ZjbyDE1BnTKEyNgWGCwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMWE0YjA3YmM0Y2E2ZmEwNTcyMjJmZGVhZTg2MGY2NDQ0
MDQ3ZTAwHhcNMjYwMzI5MTQwMDQxWhcNMjYwMzMwMTQwMDQxWjAzMTEwLwYDVQQD
Eyg5NmY1NzI2NDZhOTFlZDI3MjIxNDVkNDBjNDZmMWU1ODQ1NTEzYzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArg6YyJYhfrq0opwppBBB8LZMboxJ
/0IJbUf3OW7z+pSMuRl3DM5AQYQ7EZhhttmXr41XRs/wAc3KHS2pg2AeqSTI8pxe
PBY7uOw3T9K+mgSccLaxeJsmZOvWXDc8ZSJ73yEK7L4BMCo8TM1EKj7kpl5bx35a
7tVAm7GM0Kk5dBey2uXOMJYSGCcz7i47R8lczc4NpQ5p1XiTVOfJMnqiVt4uMjxA
JhDyP+Ju/XH3c5ELeUJp9/vGNj7cZCAVMx8WTWJWPy29itXg+U2s/J0C/J3hu1Zb
YN6c2X6IWaxEqJU3Bhva+uRQjQXPlYKQUigbWZL9i+tJbIKn00hAbbZAGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJb1cmRqke0nIhRdQMRvHlhFUTwuMB8GA1UdIwQY
MBaAFOAaSwe8TKb6BXIi/eroYPZEQEfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUt
N2EzYzUzMmQzYTU1LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUtN2EzYzUzMmQzYTU1
LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGQ4ae03s
SnUhOnCIdINhmS5pW62tx/vwj4Opmk1NQp+wJiv5y/SBMlOT5QHqX6b4g91CEwfg
UejsbEM/3IsfdhvmsVcSMwKnqxm4jdp/sAqM3Uuv9kP6Gt70UjgoqrMivAglqJrb
77e0Z7f4eDca9sc34Zal/tp5uaAVMXRXrCuZpHjaAVlzNJqjPc4Q9gd5IvJsuLlT
V0BMIUCTcx5QOcGVL5XLryqVcGWsUmAdGSjmeIST5o2ORagtiyIxFPivx89DUMtx
LiVYAzVZafR9TbF6OUMq8Kl9dR5hsB+zkv7iEFvgkuB7oVRHg+VHYunKC1JOSDKJ
qxIj/V1+HIeLqA==
-----END CERTIFICATE-----