Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
File:                     20YNIBeVpqmS7UrBi7fFLBCLeFI.mft (raw, json)
Hash identifier:          h2xSEjRnnYO+/zKT3xPj7xBGKRDjQvKlcFKKNfGIoHw=
Subject key identifier:   F9:62:C5:42:D8:DE:93:F4:DF:62:26:E4:26:0E:F1:D1:15:9D:75:21
Authority key identifier: DB:46:0D:20:17:95:A6:A9:92:ED:4A:C1:8B:B7:C5:2C:10:8B:78:52
Certificate issuer:       /CN=db460d201795a6a992ed4ac18bb7c52c108b7852
Certificate serial:       019D97AB0B5A76CAE7373B6775BC89C47F9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
Manifest number:          18BC
Signing time:             Thu 16 Apr 2026 19:01:02 +0000
Manifest this update:     Thu 16 Apr 2026 19:01:02 +0000
Manifest next update:     Fri 17 Apr 2026 19:01:02 +0000
Files and hashes:         1: 20YNIBeVpqmS7UrBi7fFLBCLeFI.crl (hash: x3bffUOS/YKfEEDAcGYIYkCNfocE9dBebsxfZz9HaBs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 19:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:97:ab:0b:5a:76:ca:e7:37:3b:67:75:bc:89:c4:7f:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db460d201795a6a992ed4ac18bb7c52c108b7852
        Validity
            Not Before: Apr 16 19:01:02 2026 GMT
            Not After : Apr 17 19:01:02 2026 GMT
        Subject: CN=f962c542d8de93f4df6226e4260ef1d1159d7521
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:c5:d8:73:f4:ce:f1:56:0b:28:58:a6:ec:15:
                    15:94:0b:7d:1d:37:24:aa:d8:c4:bb:08:12:8e:ad:
                    07:9b:46:8c:f2:35:1a:86:23:54:3b:f7:43:1b:2d:
                    28:d7:bd:f5:d7:55:94:15:e7:ed:f0:00:36:7f:d3:
                    59:8b:bb:50:82:d9:7e:c2:8a:e4:49:0e:fd:1f:90:
                    f5:06:14:06:7a:3b:70:82:0e:b9:64:c3:e2:61:50:
                    e1:16:d9:20:ab:70:b4:94:d7:6d:f7:d2:23:c7:2a:
                    24:f5:fa:a8:47:dd:e9:bc:47:81:c6:6b:f2:44:a3:
                    2d:39:ee:74:f4:eb:bf:84:2c:38:21:4c:e0:bb:89:
                    11:b4:06:7b:f4:80:7d:c3:ed:2b:84:c1:52:09:f1:
                    93:31:1b:db:25:b6:c6:d5:93:3c:71:f8:df:ac:1f:
                    42:07:1e:ad:b5:1b:d2:ba:69:e6:ad:0d:4b:2b:2a:
                    df:f1:c1:dc:01:e4:9d:a8:a9:01:b5:7e:dc:4f:25:
                    3f:e8:7d:10:c2:96:7d:06:57:48:44:dc:26:cb:07:
                    7e:70:6c:1d:c9:f8:ff:9a:9d:da:69:25:ef:67:6e:
                    46:a1:f9:91:03:30:99:ca:59:81:2c:51:58:e5:52:
                    8d:40:84:e8:c6:40:bf:6a:ce:b3:13:53:78:ed:90:
                    00:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:62:C5:42:D8:DE:93:F4:DF:62:26:E4:26:0E:F1:D1:15:9D:75:21
            X509v3 Authority Key Identifier:
                keyid:DB:46:0D:20:17:95:A6:A9:92:ED:4A:C1:8B:B7:C5:2C:10:8B:78:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:21:fe:58:3a:ea:10:12:fa:ab:b5:77:1e:8d:5b:bd:ea:59:
         19:d7:99:bb:17:58:be:c6:e5:70:f2:e9:21:52:96:47:f7:47:
         5f:df:aa:6c:07:f4:2c:d0:4d:89:df:ed:20:e4:34:f9:d7:8d:
         d9:90:91:ed:9b:ce:1b:3f:cc:46:f6:a2:f6:0e:45:8a:8b:98:
         85:a3:a7:b2:64:61:f6:68:7a:e1:76:97:48:a3:5f:3f:66:4c:
         a3:34:a3:dc:a6:30:6b:03:e9:48:b4:70:7d:65:d3:4b:fc:f1:
         85:b2:30:d5:52:81:ed:56:6a:29:9d:28:a5:1b:4c:b0:06:e8:
         1c:dc:9b:42:86:5a:1f:60:12:bb:86:b3:df:d8:60:08:dd:d4:
         57:e1:d4:65:8f:f2:fe:f5:8e:16:0e:da:cf:67:63:b1:a3:bb:
         40:db:a6:8d:79:de:34:3a:7a:ec:28:9d:33:7b:88:94:95:90:
         2c:b9:e8:6d:f7:22:08:ed:69:e5:72:5f:13:cc:4f:00:c9:45:
         d6:af:a2:29:d9:86:10:c2:c4:fe:69:dd:27:d7:e0:6c:8b:f2:
         50:5c:f1:59:4f:15:6f:4b:7c:c4:bb:64:cc:ac:8a:ad:1f:65:
         84:5d:0b:34:19:13:7b:6b:f7:da:ea:bb:67:5a:02:04:a8:a2:
         93:74:b4:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2XqwtadsrnNztndbyJxH+aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDYwZDIwMTc5NWE2YTk5MmVkNGFjMThiYjdjNTJjMTA4
Yjc4NTIwHhcNMjYwNDE2MTkwMTAyWhcNMjYwNDE3MTkwMTAyWjAzMTEwLwYDVQQD
EyhmOTYyYzU0MmQ4ZGU5M2Y0ZGY2MjI2ZTQyNjBlZjFkMTE1OWQ3NTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsXYc/TO8VYLKFim7BUVlAt9HTck
qtjEuwgSjq0Hm0aM8jUahiNUO/dDGy0o173111WUFeft8AA2f9NZi7tQgtl+work
SQ79H5D1BhQGejtwgg65ZMPiYVDhFtkgq3C0lNdt99Ijxyok9fqoR93pvEeBxmvy
RKMtOe509Ou/hCw4IUzgu4kRtAZ79IB9w+0rhMFSCfGTMRvbJbbG1ZM8cfjfrB9C
Bx6ttRvSumnmrQ1LKyrf8cHcAeSdqKkBtX7cTyU/6H0QwpZ9BldIRNwmywd+cGwd
yfj/mp3aaSXvZ25GofmRAzCZylmBLFFY5VKNQIToxkC/as6zE1N47ZAATwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPlixULY3pP032Im5CYO8dEVnXUhMB8GA1UdIwQY
MBaAFNtGDSAXlaapku1KwYu3xSwQi3hSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xZjM0NmEtYTg3ZC00OTU3LWE0Y2Ut
ZTgyZWQzZDc2YTg3LzEvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xZjM0NmEtYTg3ZC00OTU3LWE0Y2UtZTgyZWQzZDc2YTg3
LzEvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPCH+WDrq
EBL6q7V3Ho1bvepZGdeZuxdYvsblcPLpIVKWR/dHX9+qbAf0LNBNid/tIOQ0+deN
2ZCR7ZvOGz/MRvai9g5FiouYhaOnsmRh9mh64XaXSKNfP2ZMozSj3KYwawPpSLRw
fWXTS/zxhbIw1VKB7VZqKZ0opRtMsAboHNybQoZaH2ASu4az39hgCN3UV+HUZY/y
/vWOFg7az2djsaO7QNumjXneNDp67CidM3uIlJWQLLnobfciCO1p5XJfE8xPAMlF
1q+iKdmGEMLE/mndJ9fgbIvyUFzxWU8Vb0t8xLtkzKyKrR9lhF0LNBkTe2v32uq7
Z1oCBKiik3S0hg==
-----END CERTIFICATE-----