Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
File:                     4VW0MN7doRMQ9shzieMgj8ZSnps.mft (raw, json)
Hash identifier:          /h9u1qUpyKWuJo9aV52RY5AAOxPtbE/I+A4HxkdkiUY=
Subject key identifier:   80:9C:66:8F:C0:A9:3A:A5:FB:24:62:84:6F:59:8C:C9:D6:C1:75:AD
Authority key identifier: E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B
Certificate issuer:       /CN=e155b430dedda11310f6c87389e3208fc6529e9b
Certificate serial:       019E3005529C0216A69605B6F2521A1B3BFF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
Manifest number:          1238
Signing time:             Sat 16 May 2026 09:01:55 +0000
Manifest this update:     Sat 16 May 2026 09:01:55 +0000
Manifest next update:     Sun 17 May 2026 09:01:55 +0000
Files and hashes:         1: 4VW0MN7doRMQ9shzieMgj8ZSnps.crl (hash: 2ZPv4sew02caVmwWx3kOEp/4YGc4HnL3GBoR9WL92tY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 09:01:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:05:52:9c:02:16:a6:96:05:b6:f2:52:1a:1b:3b:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e155b430dedda11310f6c87389e3208fc6529e9b
        Validity
            Not Before: May 16 09:01:55 2026 GMT
            Not After : May 17 09:01:55 2026 GMT
        Subject: CN=809c668fc0a93aa5fb2462846f598cc9d6c175ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:05:c1:12:8c:f8:7c:22:a7:d0:90:7f:72:22:
                    8a:1d:5e:8b:ec:f7:cb:ad:78:ad:d4:af:dd:0d:b8:
                    9b:85:99:e0:c8:33:c0:cc:09:b3:67:46:ce:c9:09:
                    bf:e5:d7:3e:2f:cd:a4:26:26:6e:e8:f3:10:6b:40:
                    53:89:9a:38:77:6f:c8:96:9f:65:20:49:14:ec:cd:
                    63:2a:31:6b:c4:28:a4:88:74:ff:89:ab:33:7f:e5:
                    90:eb:32:61:8f:ea:c0:8c:aa:22:59:76:48:d5:f0:
                    14:aa:6d:b6:59:75:c4:c8:bd:3c:46:17:ef:7b:18:
                    57:6a:d8:dd:11:00:9a:b5:d7:62:c7:14:bf:f7:ca:
                    1b:bc:79:58:c3:a8:90:02:0d:14:0e:fb:4a:b5:86:
                    a8:72:76:81:78:a3:6e:73:f7:de:40:d7:0f:a9:06:
                    df:44:2f:c4:18:9b:40:fb:b6:df:16:87:b7:48:26:
                    db:ce:69:f9:65:61:ff:01:ff:c2:7c:ce:13:49:bb:
                    5a:eb:6e:b4:dc:bc:33:56:6e:5d:57:01:1d:a1:8f:
                    08:a9:d0:9c:a9:fa:6a:53:c8:9f:b3:92:a6:26:72:
                    0b:6f:0e:22:23:8e:4f:98:15:a7:4e:41:86:93:0b:
                    e6:ee:a9:08:7d:d3:67:68:1a:19:54:8e:0c:ee:72:
                    ca:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:9C:66:8F:C0:A9:3A:A5:FB:24:62:84:6F:59:8C:C9:D6:C1:75:AD
            X509v3 Authority Key Identifier:
                keyid:E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:bf:76:9e:bc:e5:90:46:ef:11:78:f9:1d:03:8c:2e:05:78:
         05:63:dc:ca:39:85:e2:ab:fd:3b:a7:8c:e7:f5:55:e0:2a:92:
         fa:f9:23:76:82:43:4e:02:5c:c4:d8:f6:09:b1:8a:12:09:32:
         80:a2:9d:c2:df:ae:56:13:83:ee:10:16:14:ad:a7:2e:0f:92:
         84:0b:e6:99:6a:2f:94:e8:24:99:21:7e:08:41:a7:93:79:4e:
         d5:f3:14:ea:2e:40:50:2b:10:25:19:a3:d7:cd:19:62:c2:2b:
         f0:1e:f2:42:ee:9a:62:5f:d0:6a:2d:34:e5:5e:9d:99:71:6b:
         a9:52:68:fb:af:62:1a:4b:3c:b7:43:62:07:a8:ca:1d:6a:50:
         73:a2:4b:4c:25:be:fa:52:81:15:05:49:71:60:57:b7:36:ef:
         e5:95:06:0b:b2:15:60:f2:b8:b6:64:58:11:41:b2:4b:2b:34:
         2f:75:89:f0:a6:1c:72:fe:5d:32:2c:ad:62:33:7a:b1:71:e8:
         17:8d:cf:8e:ee:76:79:98:33:20:ea:d7:93:d9:17:f3:40:5a:
         68:f5:8c:ed:30:c8:0a:a9:a6:ed:b9:2c:87:8d:53:95:16:2a:
         46:43:6c:97:f7:68:b0:81:81:d7:0f:b3:2b:ce:3c:4d:01:2d:
         8f:cc:dc:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wBVKcAhamlgW28lIaGzv/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTViNDMwZGVkZGExMTMxMGY2Yzg3Mzg5ZTMyMDhmYzY1
MjllOWIwHhcNMjYwNTE2MDkwMTU1WhcNMjYwNTE3MDkwMTU1WjAzMTEwLwYDVQQD
Eyg4MDljNjY4ZmMwYTkzYWE1ZmIyNDYyODQ2ZjU5OGNjOWQ2YzE3NWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgXBEoz4fCKn0JB/ciKKHV6L7PfL
rXit1K/dDbibhZngyDPAzAmzZ0bOyQm/5dc+L82kJiZu6PMQa0BTiZo4d2/Ilp9l
IEkU7M1jKjFrxCikiHT/iaszf+WQ6zJhj+rAjKoiWXZI1fAUqm22WXXEyL08Rhfv
exhXatjdEQCatddixxS/98obvHlYw6iQAg0UDvtKtYaocnaBeKNuc/feQNcPqQbf
RC/EGJtA+7bfFoe3SCbbzmn5ZWH/Af/CfM4TSbta62603LwzVm5dVwEdoY8IqdCc
qfpqU8ifs5KmJnILbw4iI45PmBWnTkGGkwvm7qkIfdNnaBoZVI4M7nLK0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFICcZo/AqTql+yRihG9ZjMnWwXWtMB8GA1UdIwQY
MBaAFOFVtDDe3aETEPbIc4njII/GUp6bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAt
MGQ3NDA2MGExNmRkLzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAtMGQ3NDA2MGExNmRk
LzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIL92nrzl
kEbvEXj5HQOMLgV4BWPcyjmF4qv9O6eM5/VV4CqS+vkjdoJDTgJcxNj2CbGKEgky
gKKdwt+uVhOD7hAWFK2nLg+ShAvmmWovlOgkmSF+CEGnk3lO1fMU6i5AUCsQJRmj
180ZYsIr8B7yQu6aYl/Qai005V6dmXFrqVJo+69iGks8t0NiB6jKHWpQc6JLTCW+
+lKBFQVJcWBXtzbv5ZUGC7IVYPK4tmRYEUGySys0L3WJ8KYccv5dMiytYjN6sXHo
F43Pju52eZgzIOrXk9kX80BaaPWM7TDICqmm7bksh41TlRYqRkNsl/dosIGB1w+z
K848TQEtj8zc/A==
-----END CERTIFICATE-----