Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
File:                     4tNxxKeqqFX4zDsa6oAilCCoDyA.mft (raw, json)
Hash identifier:          o9qRNRIFb8iZbexkRAB4dbrDH0QgZFSn0FEj1A313Is=
Subject key identifier:   F4:A1:94:53:42:CD:74:22:E9:9E:6D:83:75:25:44:48:AC:FD:D2:8F
Authority key identifier: E2:D3:71:C4:A7:AA:A8:55:F8:CC:3B:1A:EA:80:22:94:20:A8:0F:20
Certificate issuer:       /CN=e2d371c4a7aaa855f8cc3b1aea80229420a80f20
Certificate serial:       019D3AC1B86962687DE220BB24BFBF1AFDE0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
Manifest number:          1892
Signing time:             Sun 29 Mar 2026 18:01:07 +0000
Manifest this update:     Sun 29 Mar 2026 18:01:07 +0000
Manifest next update:     Mon 30 Mar 2026 18:01:07 +0000
Files and hashes:         1: 4tNxxKeqqFX4zDsa6oAilCCoDyA.crl (hash: PplLITDBPYllVk2HBmHhIDP4gnEr5mfK1Yb+rhlIXtQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:c1:b8:69:62:68:7d:e2:20:bb:24:bf:bf:1a:fd:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2d371c4a7aaa855f8cc3b1aea80229420a80f20
        Validity
            Not Before: Mar 29 18:01:07 2026 GMT
            Not After : Mar 30 18:01:07 2026 GMT
        Subject: CN=f4a1945342cd7422e99e6d8375254448acfdd28f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:96:d6:5b:f7:32:bf:4f:9d:10:5d:17:7c:8d:
                    80:2d:95:0b:d4:25:ef:45:12:13:16:1e:7f:f2:52:
                    5c:0c:4e:53:79:e8:ee:cb:98:e1:0d:a2:37:4d:b9:
                    7d:df:b6:d4:e8:29:eb:7e:cf:e5:2d:27:6e:e5:10:
                    06:c3:b7:2c:04:7d:17:0c:7c:12:14:2d:f6:63:7c:
                    da:26:18:dd:53:1e:80:67:56:44:bf:f9:1a:ad:e7:
                    6f:a6:42:ee:27:8e:50:fd:ff:69:3d:75:aa:c6:cc:
                    bc:c4:42:db:6f:77:a5:b0:08:63:c0:64:b9:ba:28:
                    ea:be:4f:fc:58:5d:5d:2d:98:04:92:fc:c9:89:58:
                    2f:f1:52:13:7e:e2:69:86:b6:1a:78:0f:71:34:05:
                    df:1c:ad:54:ca:03:a9:3a:ed:51:94:bc:4f:10:ae:
                    cf:f7:99:df:88:2f:82:f4:e0:bd:75:51:5e:12:a2:
                    8f:b7:81:5b:00:2c:7d:2a:94:f8:ea:68:93:db:a1:
                    da:68:82:fd:fd:d0:ff:a3:5e:c6:2c:84:4d:70:b5:
                    7f:c6:3c:1e:ff:6f:87:dc:8f:a5:57:fa:7c:6f:88:
                    05:37:12:be:23:8c:ce:d8:03:20:d7:e4:d8:11:09:
                    53:b3:30:ea:a3:81:df:ad:95:ef:42:e0:b5:a9:d8:
                    a8:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:A1:94:53:42:CD:74:22:E9:9E:6D:83:75:25:44:48:AC:FD:D2:8F
            X509v3 Authority Key Identifier:
                keyid:E2:D3:71:C4:A7:AA:A8:55:F8:CC:3B:1A:EA:80:22:94:20:A8:0F:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:ed:62:1e:a3:e2:66:db:70:2b:7d:db:51:fe:23:a7:23:cc:
         7f:92:0a:bc:96:8e:c9:12:4e:eb:ef:e4:43:bb:3f:08:6f:5c:
         5e:a5:96:81:80:f1:dd:b6:99:96:03:ea:87:90:cf:f0:ef:e2:
         30:aa:50:8c:cc:3c:fa:04:fd:42:95:c1:26:58:8d:10:10:0b:
         04:23:1f:dc:0a:d5:04:10:88:af:1f:fc:45:b5:dd:71:b9:ab:
         73:1d:64:bd:81:3d:2d:33:05:c7:de:94:4f:bc:b0:9f:18:fc:
         1e:bd:56:1b:7d:5f:3a:f1:74:11:9c:d1:07:3a:35:ea:08:46:
         f0:e7:18:b5:92:2b:3d:5a:cf:ad:d2:14:98:15:e4:f6:7d:0e:
         21:fb:02:42:4d:ce:a0:bf:df:c6:69:c6:d7:47:64:c0:f7:b3:
         fa:bd:e3:3b:9f:05:13:be:03:c5:b0:75:11:90:06:b1:87:63:
         ff:29:c6:01:14:e9:ed:ca:b0:fa:51:4a:b9:67:dc:33:5b:fb:
         4b:70:18:b3:1f:b8:51:95:8c:31:4f:81:d4:12:dd:8b:0f:31:
         17:c3:c5:e3:99:6e:96:f1:32:6a:ed:2b:51:0b:07:cc:c9:84:
         f8:df:21:43:57:21:2e:9e:85:b4:b5:8d:3c:86:97:78:86:2c:
         25:32:37:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06wbhpYmh94iC7JL+/Gv3gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDM3MWM0YTdhYWE4NTVmOGNjM2IxYWVhODAyMjk0MjBh
ODBmMjAwHhcNMjYwMzI5MTgwMTA3WhcNMjYwMzMwMTgwMTA3WjAzMTEwLwYDVQQD
EyhmNGExOTQ1MzQyY2Q3NDIyZTk5ZTZkODM3NTI1NDQ0OGFjZmRkMjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZbWW/cyv0+dEF0XfI2ALZUL1CXv
RRITFh5/8lJcDE5Teejuy5jhDaI3Tbl937bU6Cnrfs/lLSdu5RAGw7csBH0XDHwS
FC32Y3zaJhjdUx6AZ1ZEv/karedvpkLuJ45Q/f9pPXWqxsy8xELbb3elsAhjwGS5
uijqvk/8WF1dLZgEkvzJiVgv8VITfuJphrYaeA9xNAXfHK1UygOpOu1RlLxPEK7P
95nfiC+C9OC9dVFeEqKPt4FbACx9KpT46miT26HaaIL9/dD/o17GLIRNcLV/xjwe
/2+H3I+lV/p8b4gFNxK+I4zO2AMg1+TYEQlTszDqo4HfrZXvQuC1qdio8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPShlFNCzXQi6Z5tg3UlREis/dKPMB8GA1UdIwQY
MBaAFOLTccSnqqhV+Mw7GuqAIpQgqA8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9mZWFhMzAtMTQyYS00ZmUwLWFhYjkt
OTA3YTU4Yzk5NGMyLzEvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9mZWFhMzAtMTQyYS00ZmUwLWFhYjktOTA3YTU4Yzk5NGMy
LzEvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIu1iHqPi
ZttwK33bUf4jpyPMf5IKvJaOyRJO6+/kQ7s/CG9cXqWWgYDx3baZlgPqh5DP8O/i
MKpQjMw8+gT9QpXBJliNEBALBCMf3ArVBBCIrx/8RbXdcbmrcx1kvYE9LTMFx96U
T7ywnxj8Hr1WG31fOvF0EZzRBzo16ghG8OcYtZIrPVrPrdIUmBXk9n0OIfsCQk3O
oL/fxmnG10dkwPez+r3jO58FE74DxbB1EZAGsYdj/ynGARTp7cqw+lFKuWfcM1v7
S3AYsx+4UZWMMU+B1BLdiw8xF8PF45lulvEyau0rUQsHzMmE+N8hQ1chLp6FtLWN
PIaXeIYsJTI3yg==
-----END CERTIFICATE-----