Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/b711d7-ea06-4e42-98f7-63a4caedb38e/1/FAd8W3ds23z3vDXWtELjZ3arDG4.mft
File:                     FAd8W3ds23z3vDXWtELjZ3arDG4.mft (raw, json)
Hash identifier:          cnwAY3f6lOrisX3oagtCpKP63JpGooCb+fceZtzkHj4=
Subject key identifier:   22:4A:8B:EF:EC:3B:3D:E5:74:C1:9D:A7:9B:6B:76:3E:27:24:5C:76
Authority key identifier: 14:07:7C:5B:77:6C:DB:7C:F7:BC:35:D6:B4:42:E3:67:76:AB:0C:6E
Certificate issuer:       /CN=14077c5b776cdb7cf7bc35d6b442e36776ab0c6e
Certificate serial:       019D98F40112A09A48D9A7DEB1FEF332AFA5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FAd8W3ds23z3vDXWtELjZ3arDG4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/b711d7-ea06-4e42-98f7-63a4caedb38e/1/FAd8W3ds23z3vDXWtELjZ3arDG4.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 01:00:20 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:20 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:20 +0000
Files and hashes:         1: FAd8W3ds23z3vDXWtELjZ3arDG4.crl (hash: DmdI/AX9Qtcg6V/sBRaYn9u2vHcLtQXqrMGY41Xpng0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/b711d7-ea06-4e42-98f7-63a4caedb38e/1/FAd8W3ds23z3vDXWtELjZ3arDG4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/b711d7-ea06-4e42-98f7-63a4caedb38e/1/FAd8W3ds23z3vDXWtELjZ3arDG4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FAd8W3ds23z3vDXWtELjZ3arDG4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:01:12:a0:9a:48:d9:a7:de:b1:fe:f3:32:af:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14077c5b776cdb7cf7bc35d6b442e36776ab0c6e
        Validity
            Not Before: Apr 17 01:00:20 2026 GMT
            Not After : Apr 18 01:00:20 2026 GMT
        Subject: CN=224a8befec3b3de574c19da79b6b763e27245c76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:39:f1:bb:e7:11:10:2a:45:82:eb:50:2b:aa:
                    58:46:e2:bd:65:0a:ad:44:c3:d1:5a:21:0e:b4:e4:
                    20:29:75:c2:be:ec:88:8b:37:59:c7:8b:d4:a0:9e:
                    4c:97:fe:08:62:93:4b:e7:54:b1:3d:0d:cf:86:c2:
                    da:b4:5e:67:a0:79:48:3e:f9:56:f2:43:54:cf:cf:
                    b3:c2:87:1c:b9:e6:47:43:10:e7:95:9d:9d:a5:dc:
                    b7:97:30:07:b6:02:62:c4:d0:bb:8c:f1:db:54:e0:
                    11:00:17:1f:b5:11:c2:fb:dc:ae:14:0a:7c:c8:65:
                    7d:93:a6:65:8d:c2:f2:54:84:b3:36:5d:36:2b:d4:
                    12:2d:0f:60:e8:92:bf:18:84:c6:f0:27:4d:c5:4b:
                    4e:08:e5:d6:98:60:d4:3c:be:9d:25:f4:f2:31:13:
                    ea:86:58:8e:20:9e:71:bc:dd:58:a4:68:0c:0e:21:
                    4d:53:a5:97:78:8b:a0:e5:3c:55:ae:9c:3b:e4:06:
                    31:dc:85:e4:55:8c:f9:23:c8:63:17:6c:04:90:83:
                    aa:17:37:48:0d:e8:dc:91:c7:b4:ae:df:06:7e:db:
                    bd:23:d4:0b:fc:03:41:54:1f:ab:3b:33:1a:1f:cd:
                    b1:6e:d9:6b:8b:9a:48:d8:e2:87:d2:ab:5c:d2:a3:
                    38:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:4A:8B:EF:EC:3B:3D:E5:74:C1:9D:A7:9B:6B:76:3E:27:24:5C:76
            X509v3 Authority Key Identifier:
                keyid:14:07:7C:5B:77:6C:DB:7C:F7:BC:35:D6:B4:42:E3:67:76:AB:0C:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FAd8W3ds23z3vDXWtELjZ3arDG4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/b711d7-ea06-4e42-98f7-63a4caedb38e/1/FAd8W3ds23z3vDXWtELjZ3arDG4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/b711d7-ea06-4e42-98f7-63a4caedb38e/1/FAd8W3ds23z3vDXWtELjZ3arDG4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:d4:f5:37:24:5c:4f:48:90:3e:d9:79:dd:59:11:e8:c1:b9:
         3d:2e:c9:42:c7:38:42:55:df:c7:a5:d9:bb:8a:f3:53:20:11:
         11:ca:3d:c4:37:20:b4:a2:64:e8:cd:20:9f:83:ad:93:ad:10:
         87:63:5b:52:ad:c4:73:4d:07:c4:8e:b8:e6:59:16:e2:23:45:
         6c:fe:27:f5:d0:ba:52:89:25:72:26:58:bf:3a:c5:05:53:48:
         30:13:e9:65:a8:49:a6:eb:a7:a8:9e:7c:42:b3:10:c6:94:20:
         57:3b:71:95:5f:88:43:a0:54:df:00:5f:a5:07:cb:f4:19:fd:
         a4:ef:2b:3b:f0:8b:c3:99:67:cb:28:40:d1:1f:6d:52:ef:e1:
         3d:50:4a:d8:dc:22:08:b5:00:16:c5:f8:d4:4a:1e:60:d8:0c:
         94:ce:86:60:c4:99:b0:ab:91:9e:69:32:39:17:7d:ce:cf:ab:
         fd:44:d3:12:16:73:42:28:7f:74:11:51:8f:df:cd:dd:4f:9d:
         25:d9:52:1e:95:e5:ad:a4:8c:b5:db:f4:f6:1f:f6:82:db:1e:
         0a:08:47:d2:e0:2a:15:d5:7c:14:07:a1:ce:16:65:1f:29:4c:
         22:76:1d:76:68:4c:34:da:fd:0f:ff:a7:f8:72:79:6d:82:3d:
         27:7c:d7:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9AESoJpI2afesf7zMq+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0MDc3YzViNzc2Y2RiN2NmN2JjMzVkNmI0NDJlMzY3NzZh
YjBjNmUwHhcNMjYwNDE3MDEwMDIwWhcNMjYwNDE4MDEwMDIwWjAzMTEwLwYDVQQD
EygyMjRhOGJlZmVjM2IzZGU1NzRjMTlkYTc5YjZiNzYzZTI3MjQ1Yzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzznxu+cRECpFgutQK6pYRuK9ZQqt
RMPRWiEOtOQgKXXCvuyIizdZx4vUoJ5Ml/4IYpNL51SxPQ3PhsLatF5noHlIPvlW
8kNUz8+zwoccueZHQxDnlZ2dpdy3lzAHtgJixNC7jPHbVOARABcftRHC+9yuFAp8
yGV9k6ZljcLyVISzNl02K9QSLQ9g6JK/GITG8CdNxUtOCOXWmGDUPL6dJfTyMRPq
hliOIJ5xvN1YpGgMDiFNU6WXeIug5TxVrpw75AYx3IXkVYz5I8hjF2wEkIOqFzdI
Dejckce0rt8Gftu9I9QL/ANBVB+rOzMaH82xbtlri5pI2OKH0qtc0qM44QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJKi+/sOz3ldMGdp5trdj4nJFx2MB8GA1UdIwQY
MBaAFBQHfFt3bNt897w11rRC42d2qwxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkFkOFczZHMyM3ozdkRYV3RFTGpaM2FyREc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9iNzExZDctZWEwNi00ZTQyLTk4Zjct
NjNhNGNhZWRiMzhlLzEvRkFkOFczZHMyM3ozdkRYV3RFTGpaM2FyREc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9iNzExZDctZWEwNi00ZTQyLTk4ZjctNjNhNGNhZWRiMzhl
LzEvRkFkOFczZHMyM3ozdkRYV3RFTGpaM2FyREc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD9T1NyRc
T0iQPtl53VkR6MG5PS7JQsc4QlXfx6XZu4rzUyAREco9xDcgtKJk6M0gn4Otk60Q
h2NbUq3Ec00HxI645lkW4iNFbP4n9dC6UoklciZYvzrFBVNIMBPpZahJpuunqJ58
QrMQxpQgVztxlV+IQ6BU3wBfpQfL9Bn9pO8rO/CLw5lnyyhA0R9tUu/hPVBK2Nwi
CLUAFsX41EoeYNgMlM6GYMSZsKuRnmkyORd9zs+r/UTTEhZzQih/dBFRj9/N3U+d
JdlSHpXlraSMtdv09h/2gtseCghH0uAqFdV8FAehzhZlHylMInYddmhMNNr9D/+n
+HJ5bYI9J3zXQg==
-----END CERTIFICATE-----