Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.mft
File:                     bgC7pk9Ra41jNaAc8wS4It7hrtA.mft (raw, json)
Hash identifier:          O7KxZMv+VCY1xPRDTkNHvsqpqJhOsIT6RZQEuzHoqts=
Subject key identifier:   3F:94:39:24:A1:4B:76:5F:FD:6D:87:AA:F5:4B:33:00:3C:24:83:32
Authority key identifier: 6E:00:BB:A6:4F:51:6B:8D:63:35:A0:1C:F3:04:B8:22:DE:E1:AE:D0
Certificate issuer:       /CN=6e00bba64f516b8d6335a01cf304b822dee1aed0
Certificate serial:       019DA56697411AD2944A5BDA7D6010271ACE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bgC7pk9Ra41jNaAc8wS4It7hrtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.mft
Manifest number:          18C5
Signing time:             Sun 19 Apr 2026 11:00:57 +0000
Manifest this update:     Sun 19 Apr 2026 11:00:57 +0000
Manifest next update:     Mon 20 Apr 2026 11:00:57 +0000
Files and hashes:         1: bgC7pk9Ra41jNaAc8wS4It7hrtA.crl (hash: a/0tfHliBcVsKpbtwX3grQdrKD0xc8vwD+wC1odEM4s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bgC7pk9Ra41jNaAc8wS4It7hrtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 04:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a5:66:97:41:1a:d2:94:4a:5b:da:7d:60:10:27:1a:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e00bba64f516b8d6335a01cf304b822dee1aed0
        Validity
            Not Before: Apr 19 11:00:57 2026 GMT
            Not After : Apr 20 11:00:57 2026 GMT
        Subject: CN=3f943924a14b765ffd6d87aaf54b33003c248332
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:15:9e:e5:79:f2:df:69:f2:8c:d1:cf:ef:9e:
                    49:4a:0d:af:4f:09:22:38:df:0b:58:b3:ec:27:ad:
                    dc:3e:49:3e:ec:c7:83:15:e2:f1:13:51:10:ad:fa:
                    a2:59:db:a2:f3:71:f3:bd:27:ad:63:bf:00:51:63:
                    f4:02:3e:72:f3:7e:33:6f:87:c1:13:3b:51:0f:b7:
                    67:5d:29:e8:52:2b:c5:eb:32:e7:aa:e6:fc:25:fa:
                    fc:7f:94:e3:ab:8b:cc:7e:f0:8d:32:4e:7a:03:74:
                    18:ba:df:93:32:52:e9:3d:cc:9a:20:21:c1:45:b0:
                    dd:8b:ec:7e:3e:01:fc:40:8e:2f:2f:f4:17:de:a7:
                    42:58:01:83:82:5a:73:c4:9f:f2:5d:46:d3:33:f9:
                    ad:8a:c6:37:3b:1e:ec:a2:fb:52:71:d9:22:d6:f5:
                    e4:df:57:aa:c6:a1:01:a9:0f:30:2e:86:b8:d5:f1:
                    3e:92:10:70:00:a9:55:01:59:c7:54:e3:f0:d5:b5:
                    01:f6:2b:ed:ba:11:89:6b:20:3a:b9:f5:8d:70:50:
                    4a:4e:4d:bb:92:92:5d:8b:c1:00:19:e9:00:68:b1:
                    53:d9:d9:55:2a:6d:72:0f:d6:b0:71:4b:c6:08:91:
                    02:96:a5:da:3f:f9:94:f0:08:12:7a:07:6c:e7:4f:
                    85:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:94:39:24:A1:4B:76:5F:FD:6D:87:AA:F5:4B:33:00:3C:24:83:32
            X509v3 Authority Key Identifier:
                keyid:6E:00:BB:A6:4F:51:6B:8D:63:35:A0:1C:F3:04:B8:22:DE:E1:AE:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bgC7pk9Ra41jNaAc8wS4It7hrtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:e8:db:81:dd:00:71:46:c5:39:98:15:4f:f8:90:90:d2:96:
         2d:73:00:25:3e:a7:f5:ee:f3:1a:3e:60:d0:99:bb:ad:40:a5:
         e1:c0:47:8f:88:31:c3:2f:a2:69:5e:a0:5f:a7:6a:40:ba:ff:
         5f:b2:7f:ed:00:7e:f6:70:7e:f4:37:5f:c7:94:51:b4:5e:ba:
         70:96:fa:2c:15:79:4e:01:cd:da:6c:d1:09:be:25:10:f1:d8:
         66:c7:69:1c:71:c1:f2:05:4b:3a:95:22:73:26:56:c7:f7:79:
         28:f5:bf:b7:5d:fe:99:a2:af:9b:36:8e:54:7a:4e:37:57:c8:
         8b:93:6b:64:5d:0d:32:6b:41:4d:b5:9c:5e:d8:34:27:99:a9:
         36:13:8e:32:6a:29:bb:d3:9b:8a:93:64:46:9e:c9:6e:47:b4:
         71:97:47:ac:53:3d:4c:4b:ab:05:fc:cd:fb:5f:e2:78:e3:94:
         38:38:01:59:c0:34:56:0c:78:36:26:b8:5d:9f:cb:92:c9:c2:
         ab:e0:b3:98:a0:20:36:a3:b4:14:55:a1:ac:7b:1d:89:51:f3:
         40:4d:6e:c6:f7:94:55:27:2f:c3:08:b9:3c:08:23:ba:39:28:
         1f:c7:5d:2b:86:15:e8:a4:ba:b4:8f:f0:ea:32:1d:c6:e5:65:
         4d:4c:94:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2lZpdBGtKUSlvafWAQJxrOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlMDBiYmE2NGY1MTZiOGQ2MzM1YTAxY2YzMDRiODIyZGVl
MWFlZDAwHhcNMjYwNDE5MTEwMDU3WhcNMjYwNDIwMTEwMDU3WjAzMTEwLwYDVQQD
EygzZjk0MzkyNGExNGI3NjVmZmQ2ZDg3YWFmNTRiMzMwMDNjMjQ4MzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBWe5Xny32nyjNHP755JSg2vTwki
ON8LWLPsJ63cPkk+7MeDFeLxE1EQrfqiWdui83HzvSetY78AUWP0Aj5y834zb4fB
EztRD7dnXSnoUivF6zLnqub8Jfr8f5Tjq4vMfvCNMk56A3QYut+TMlLpPcyaICHB
RbDdi+x+PgH8QI4vL/QX3qdCWAGDglpzxJ/yXUbTM/mtisY3Ox7sovtScdki1vXk
31eqxqEBqQ8wLoa41fE+khBwAKlVAVnHVOPw1bUB9ivtuhGJayA6ufWNcFBKTk27
kpJdi8EAGekAaLFT2dlVKm1yD9awcUvGCJEClqXaP/mU8AgSegds50+FswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD+UOSShS3Zf/W2HqvVLMwA8JIMyMB8GA1UdIwQY
MBaAFG4Au6ZPUWuNYzWgHPMEuCLe4a7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmdDN3BrOVJhNDFqTmFBYzh3UzRJdDdocnRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9hZTVlNmMtYzcwZi00MGYyLTg5MGQt
NTc1Y2Y1ZDMzNWU0LzEvYmdDN3BrOVJhNDFqTmFBYzh3UzRJdDdocnRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9hZTVlNmMtYzcwZi00MGYyLTg5MGQtNTc1Y2Y1ZDMzNWU0
LzEvYmdDN3BrOVJhNDFqTmFBYzh3UzRJdDdocnRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEOjbgd0A
cUbFOZgVT/iQkNKWLXMAJT6n9e7zGj5g0Jm7rUCl4cBHj4gxwy+iaV6gX6dqQLr/
X7J/7QB+9nB+9Ddfx5RRtF66cJb6LBV5TgHN2mzRCb4lEPHYZsdpHHHB8gVLOpUi
cyZWx/d5KPW/t13+maKvmzaOVHpON1fIi5NrZF0NMmtBTbWcXtg0J5mpNhOOMmop
u9ObipNkRp7Jbke0cZdHrFM9TEurBfzN+1/ieOOUODgBWcA0Vgx4Nia4XZ/LksnC
q+CzmKAgNqO0FFWhrHsdiVHzQE1uxveUVScvwwi5PAgjujkoH8ddK4YV6KS6tI/w
6jIdxuVlTUyUTg==
-----END CERTIFICATE-----