Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft
File:                     4iUB2aQBcJg48z0a4nm85xALPM8.mft (raw, json)
Hash identifier:          7Af1bbi3RGI8qMAjLJ2+wXu5yefKYiDPFsCQ48dSfKI=
Subject key identifier:   31:38:00:81:65:06:7B:FC:B7:AB:2E:96:8C:00:2B:1E:72:2D:15:C6
Authority key identifier: E2:25:01:D9:A4:01:70:98:38:F3:3D:1A:E2:79:BC:E7:10:0B:3C:CF
Certificate issuer:       /CN=e22501d9a401709838f33d1ae279bce7100b3ccf
Certificate serial:       019E2F96E00880857946275F16ADE975C576
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft
Manifest number:          1386
Signing time:             Sat 16 May 2026 07:01:17 +0000
Manifest this update:     Sat 16 May 2026 07:01:17 +0000
Manifest next update:     Sun 17 May 2026 07:01:17 +0000
Files and hashes:         1: 4iUB2aQBcJg48z0a4nm85xALPM8.crl (hash: L8UBUjhTVElMo5i2Z9F3Gs7zvzOVq4vOA4mORreM7gY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 07:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:96:e0:08:80:85:79:46:27:5f:16:ad:e9:75:c5:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e22501d9a401709838f33d1ae279bce7100b3ccf
        Validity
            Not Before: May 16 07:01:17 2026 GMT
            Not After : May 17 07:01:17 2026 GMT
        Subject: CN=3138008165067bfcb7ab2e968c002b1e722d15c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:57:8b:4f:8f:fc:e7:c9:00:d2:95:9d:38:71:
                    81:80:a7:4a:e5:0d:00:48:19:a5:4e:f5:91:81:b7:
                    ee:3b:66:c1:1c:64:1d:d0:a9:cb:01:71:72:3c:f4:
                    ec:8a:6a:d0:86:da:ee:03:17:0f:bd:4a:9a:92:ee:
                    6c:f0:dd:58:65:ad:a4:8c:40:d9:45:f7:cc:c9:a1:
                    64:9d:a8:14:c9:2c:d7:90:d6:40:98:25:ca:28:3e:
                    43:26:be:a2:9b:58:ca:53:61:5e:4c:90:75:8e:0d:
                    42:46:a9:81:fc:63:e9:87:d8:19:ad:91:be:cd:33:
                    47:9f:3d:f6:5e:7e:f2:a0:82:42:6d:0e:b6:52:7c:
                    66:dd:7f:51:f0:a7:d7:1a:bf:a4:05:7a:20:df:66:
                    8f:fd:e0:28:77:ab:63:19:1e:d1:e1:9d:d2:01:3a:
                    f4:43:cb:a6:7f:1f:cc:45:dc:d2:ed:39:a5:97:d5:
                    76:22:97:03:9a:32:1f:f5:cf:b8:4c:af:f0:40:40:
                    23:c5:bb:f8:e6:5e:f5:56:70:b8:a3:ca:0e:78:1a:
                    df:23:22:13:b9:af:14:0b:d8:2c:9c:8c:0e:7b:36:
                    66:88:77:99:c8:12:92:53:d8:84:7b:1a:0c:49:ed:
                    72:11:23:70:bd:06:57:e2:9f:a1:cd:55:4d:8a:a4:
                    0a:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:38:00:81:65:06:7B:FC:B7:AB:2E:96:8C:00:2B:1E:72:2D:15:C6
            X509v3 Authority Key Identifier:
                keyid:E2:25:01:D9:A4:01:70:98:38:F3:3D:1A:E2:79:BC:E7:10:0B:3C:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:59:f6:91:62:1c:9c:ee:3e:75:65:2b:5e:1c:f4:e9:6d:6c:
         9a:88:59:64:88:a0:63:4f:18:77:00:e8:60:e9:2c:2b:43:c1:
         7e:ed:18:d0:14:5a:2c:67:cf:e7:14:b8:6e:cf:69:af:c3:d1:
         b5:5c:2a:dc:a6:5a:ea:af:f0:36:28:62:8a:89:4e:ca:5e:10:
         9c:78:bd:ab:21:b5:38:db:49:93:0d:f7:48:fb:38:41:c0:00:
         07:0e:91:ad:86:77:3e:d2:b0:95:35:db:59:2e:3e:43:df:cf:
         05:cd:ea:41:72:0b:50:d1:ae:f3:64:82:b8:d2:51:77:38:e6:
         eb:a7:0d:0d:6a:6c:a6:40:be:77:bf:47:d1:7d:cc:81:ea:e4:
         8c:d0:86:d0:aa:94:56:d4:2e:d8:46:2b:ee:5f:c4:dc:aa:70:
         6f:7a:c4:5e:ea:a5:79:62:9a:72:ab:56:3d:a5:6e:1f:48:82:
         3e:4c:43:bc:79:df:e4:60:f8:99:cf:06:d9:ee:5f:13:1a:79:
         26:64:4d:a5:a1:38:5f:9c:21:5c:90:9c:a4:84:e3:2d:e4:c0:
         4b:c3:ae:94:25:71:5f:37:bf:3a:29:0e:14:35:36:7d:51:4b:
         55:18:7b:5a:ef:09:4d:d8:37:12:4d:9f:6b:23:a0:d2:01:96:
         9d:53:d7:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vluAIgIV5RidfFq3pdcV2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMjUwMWQ5YTQwMTcwOTgzOGYzM2QxYWUyNzliY2U3MTAw
YjNjY2YwHhcNMjYwNTE2MDcwMTE3WhcNMjYwNTE3MDcwMTE3WjAzMTEwLwYDVQQD
EygzMTM4MDA4MTY1MDY3YmZjYjdhYjJlOTY4YzAwMmIxZTcyMmQxNWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVeLT4/858kA0pWdOHGBgKdK5Q0A
SBmlTvWRgbfuO2bBHGQd0KnLAXFyPPTsimrQhtruAxcPvUqaku5s8N1YZa2kjEDZ
RffMyaFknagUySzXkNZAmCXKKD5DJr6im1jKU2FeTJB1jg1CRqmB/GPph9gZrZG+
zTNHnz32Xn7yoIJCbQ62Unxm3X9R8KfXGr+kBXog32aP/eAod6tjGR7R4Z3SATr0
Q8umfx/MRdzS7Tmll9V2IpcDmjIf9c+4TK/wQEAjxbv45l71VnC4o8oOeBrfIyIT
ua8UC9gsnIwOezZmiHeZyBKSU9iEexoMSe1yESNwvQZX4p+hzVVNiqQKOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDE4AIFlBnv8t6sulowAKx5yLRXGMB8GA1UdIwQY
MBaAFOIlAdmkAXCYOPM9GuJ5vOcQCzzPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My82M2ZhZTktNDk5Zi00M2Q1LTg3Njgt
Zjk4MTFlZTNmYTg3LzEvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My82M2ZhZTktNDk5Zi00M2Q1LTg3NjgtZjk4MTFlZTNmYTg3
LzEvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEln2kWIc
nO4+dWUrXhz06W1smohZZIigY08YdwDoYOksK0PBfu0Y0BRaLGfP5xS4bs9pr8PR
tVwq3KZa6q/wNihiiolOyl4QnHi9qyG1ONtJkw33SPs4QcAABw6RrYZ3PtKwlTXb
WS4+Q9/PBc3qQXILUNGu82SCuNJRdzjm66cNDWpspkC+d79H0X3MgerkjNCG0KqU
VtQu2EYr7l/E3Kpwb3rEXuqleWKacqtWPaVuH0iCPkxDvHnf5GD4mc8G2e5fExp5
JmRNpaE4X5whXJCcpITjLeTAS8OulCVxXze/OikOFDU2fVFLVRh7Wu8JTdg3Ek2f
ayOg0gGWnVPXSA==
-----END CERTIFICATE-----