Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.mft
File:                     cLqzJoCFMIofjVcIS52qHr-V4Nw.mft (raw, json)
Hash identifier:          Z7gY/HlTTJPrYKdOPqQ/dLq2WMfppbHfJ/ctfgeQz3A=
Subject key identifier:   FD:7F:CF:03:68:8B:D0:34:61:58:6E:EB:9C:0E:9E:79:92:30:E0:87
Authority key identifier: 70:BA:B3:26:80:85:30:8A:1F:8D:57:08:4B:9D:AA:1E:BF:95:E0:DC
Certificate issuer:       /CN=70bab3268085308a1f8d57084b9daa1ebf95e0dc
Certificate serial:       019D98F547F2AAF32B93023AAE2E0859AA4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cLqzJoCFMIofjVcIS52qHr-V4Nw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.mft
Manifest number:          18BB
Signing time:             Fri 17 Apr 2026 01:01:44 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:44 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:44 +0000
Files and hashes:         1: cLqzJoCFMIofjVcIS52qHr-V4Nw.crl (hash: 5lBeX5s0o+ajcHp3cQXAqpkDBegMT9qZYEqi9Z6CTNA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cLqzJoCFMIofjVcIS52qHr-V4Nw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f5:47:f2:aa:f3:2b:93:02:3a:ae:2e:08:59:aa:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70bab3268085308a1f8d57084b9daa1ebf95e0dc
        Validity
            Not Before: Apr 17 01:01:44 2026 GMT
            Not After : Apr 18 01:01:44 2026 GMT
        Subject: CN=fd7fcf03688bd03461586eeb9c0e9e799230e087
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:78:07:b7:6f:41:b4:02:44:2f:0f:80:c8:37:
                    25:4e:02:2a:fe:2f:d3:57:f5:60:5d:9c:f4:bf:72:
                    55:29:64:d2:0d:6f:43:54:5b:17:6f:9e:42:ba:36:
                    1e:57:ab:21:d1:b7:6a:3d:3b:56:49:27:0d:3d:21:
                    78:cb:74:51:d6:0b:dd:2d:61:c7:ce:17:2f:84:ac:
                    ea:e8:6c:0b:8b:e8:6e:15:33:4e:40:5b:69:eb:4c:
                    3b:22:f6:83:9a:7d:58:96:db:72:e0:ab:54:df:c2:
                    04:c5:b6:4c:04:25:c9:53:33:f1:14:c2:5d:85:47:
                    c3:6a:a4:3d:68:a9:71:05:13:08:96:8e:b7:81:1e:
                    da:e0:3d:0b:24:b9:d0:7b:db:1a:a8:f9:cc:81:38:
                    b2:a1:22:30:a7:af:86:87:2b:e5:7d:f4:b9:3f:1e:
                    cd:ee:cd:fa:c7:d4:dc:20:5a:a4:61:f1:29:73:08:
                    5a:40:56:d7:ec:93:69:f9:93:cc:3e:0f:f9:2d:bd:
                    dd:82:c1:51:98:30:e8:3a:da:00:73:2a:5d:f1:13:
                    74:43:6b:0f:33:33:74:20:d8:e1:f3:12:25:e8:e4:
                    16:42:d6:74:e3:73:bc:af:8a:be:a9:80:46:fb:12:
                    ae:d6:02:10:4a:ff:bc:76:4c:6c:78:85:24:d9:d6:
                    26:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:7F:CF:03:68:8B:D0:34:61:58:6E:EB:9C:0E:9E:79:92:30:E0:87
            X509v3 Authority Key Identifier:
                keyid:70:BA:B3:26:80:85:30:8A:1F:8D:57:08:4B:9D:AA:1E:BF:95:E0:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLqzJoCFMIofjVcIS52qHr-V4Nw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:33:73:6f:19:2c:dc:c3:b3:4f:75:23:9e:29:f9:b7:c7:a1:
         69:11:bd:28:3f:53:db:ed:9a:10:a6:2c:a3:07:c8:c2:2f:fd:
         32:76:94:34:88:6f:96:d6:8b:21:c2:9a:ce:9f:33:ba:7e:62:
         39:cd:4a:66:d1:f4:2d:5a:83:95:80:f0:ae:2d:fa:9e:09:5b:
         7e:45:a0:ba:5e:42:b4:fc:b7:c6:0b:d2:cc:54:29:70:bc:91:
         15:48:9f:eb:bf:83:d9:12:18:f0:d2:76:9d:5e:d3:aa:b0:93:
         4f:a4:48:b9:c3:fc:7f:15:ca:e1:76:f6:90:19:bb:d3:91:13:
         99:c0:fa:0e:f6:44:4f:55:70:a6:47:3c:5b:7c:34:8e:47:94:
         ab:3d:6f:60:9e:91:d0:65:4e:55:f7:67:9d:a6:c5:25:1b:11:
         1f:45:ab:63:d9:57:32:8a:53:cd:20:99:32:74:34:1f:15:44:
         3e:e6:dd:72:03:45:2d:89:ee:84:5c:10:80:c5:e3:40:16:29:
         69:94:40:c1:02:25:e8:34:6e:62:2b:e8:3a:56:0d:f6:f2:5a:
         a1:1a:67:34:b2:12:10:a2:a3:7c:27:8d:fb:47:b6:ae:8b:00:
         73:88:56:7b:81:8d:0d:ac:8c:b7:46:99:91:dc:cc:bc:66:8e:
         cc:d9:e9:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9UfyqvMrkwI6ri4IWapLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYmFiMzI2ODA4NTMwOGExZjhkNTcwODRiOWRhYTFlYmY5
NWUwZGMwHhcNMjYwNDE3MDEwMTQ0WhcNMjYwNDE4MDEwMTQ0WjAzMTEwLwYDVQQD
EyhmZDdmY2YwMzY4OGJkMDM0NjE1ODZlZWI5YzBlOWU3OTkyMzBlMDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqngHt29BtAJELw+AyDclTgIq/i/T
V/VgXZz0v3JVKWTSDW9DVFsXb55CujYeV6sh0bdqPTtWSScNPSF4y3RR1gvdLWHH
zhcvhKzq6GwLi+huFTNOQFtp60w7IvaDmn1Yltty4KtU38IExbZMBCXJUzPxFMJd
hUfDaqQ9aKlxBRMIlo63gR7a4D0LJLnQe9saqPnMgTiyoSIwp6+GhyvlffS5Px7N
7s36x9TcIFqkYfEpcwhaQFbX7JNp+ZPMPg/5Lb3dgsFRmDDoOtoAcypd8RN0Q2sP
MzN0INjh8xIl6OQWQtZ043O8r4q+qYBG+xKu1gIQSv+8dkxseIUk2dYmkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP1/zwNoi9A0YVhu65wOnnmSMOCHMB8GA1UdIwQY
MBaAFHC6syaAhTCKH41XCEudqh6/leDcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0xxekpvQ0ZNSW9malZjSVM1MnFIci1WNE53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82ZmQzZWYtZDU1OC00ZTcwLWEyMTQt
NTJhZWZiNjU2OGFlLzEvY0xxekpvQ0ZNSW9malZjSVM1MnFIci1WNE53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82ZmQzZWYtZDU1OC00ZTcwLWEyMTQtNTJhZWZiNjU2OGFl
LzEvY0xxekpvQ0ZNSW9malZjSVM1MnFIci1WNE53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABDNzbxks
3MOzT3Ujnin5t8ehaRG9KD9T2+2aEKYsowfIwi/9MnaUNIhvltaLIcKazp8zun5i
Oc1KZtH0LVqDlYDwri36nglbfkWgul5CtPy3xgvSzFQpcLyRFUif67+D2RIY8NJ2
nV7TqrCTT6RIucP8fxXK4Xb2kBm705ETmcD6DvZET1Vwpkc8W3w0jkeUqz1vYJ6R
0GVOVfdnnabFJRsRH0WrY9lXMopTzSCZMnQ0HxVEPubdcgNFLYnuhFwQgMXjQBYp
aZRAwQIl6DRuYivoOlYN9vJaoRpnNLISEKKjfCeN+0e2rosAc4hWe4GNDayMt0aZ
kdzMvGaOzNnpyg==
-----END CERTIFICATE-----