Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/27f7fa-b019-4842-a6a6-59df73d3bb91/1/rRIanMsoPqIejQoHCi4LakDph30.mft
File:                     rRIanMsoPqIejQoHCi4LakDph30.mft (raw, json)
Hash identifier:          JBNfa94Y/ulJujkKe4cND4gz5VFf4Eir6+ngMR/aoRM=
Subject key identifier:   0B:3E:50:BE:8B:00:87:62:E8:B7:7B:52:5B:37:23:12:D9:E4:03:43
Authority key identifier: AD:12:1A:9C:CB:28:3E:A2:1E:8D:0A:07:0A:2E:0B:6A:40:E9:87:7D
Certificate issuer:       /CN=ad121a9ccb283ea21e8d0a070a2e0b6a40e9877d
Certificate serial:       019D98F417ACDC5C7D8E0BAD93DD2B807E12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rRIanMsoPqIejQoHCi4LakDph30.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/27f7fa-b019-4842-a6a6-59df73d3bb91/1/rRIanMsoPqIejQoHCi4LakDph30.mft
Manifest number:          18BD
Signing time:             Fri 17 Apr 2026 01:00:26 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:26 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:26 +0000
Files and hashes:         1: rRIanMsoPqIejQoHCi4LakDph30.crl (hash: s8qeYKSRLwXLHukE+PuN5/wArXJfDp9pXssUxPLwTO8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/27f7fa-b019-4842-a6a6-59df73d3bb91/1/rRIanMsoPqIejQoHCi4LakDph30.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/27f7fa-b019-4842-a6a6-59df73d3bb91/1/rRIanMsoPqIejQoHCi4LakDph30.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rRIanMsoPqIejQoHCi4LakDph30.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:17:ac:dc:5c:7d:8e:0b:ad:93:dd:2b:80:7e:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad121a9ccb283ea21e8d0a070a2e0b6a40e9877d
        Validity
            Not Before: Apr 17 01:00:26 2026 GMT
            Not After : Apr 18 01:00:26 2026 GMT
        Subject: CN=0b3e50be8b008762e8b77b525b372312d9e40343
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:6a:26:3a:36:01:7f:bd:4f:16:33:f7:fa:d5:
                    b9:05:c5:49:f9:ac:83:04:65:d6:cc:c2:aa:4e:1c:
                    af:c0:06:a8:c6:58:9a:c5:5f:9e:46:44:c2:92:57:
                    84:62:0f:22:3d:26:b6:ce:cc:c6:37:62:2f:3d:8b:
                    4c:29:ea:ba:83:cc:21:77:5c:fb:e3:70:bb:bd:6e:
                    04:9d:ad:ff:5d:87:86:75:82:34:a7:d8:94:82:49:
                    d6:36:f6:93:4f:48:97:c2:40:7e:ff:6b:83:4d:09:
                    92:cc:e1:11:be:97:3b:cb:8f:fa:e8:e8:3e:06:f6:
                    00:1e:d0:cc:77:e4:9b:7b:90:61:e7:10:6b:97:9b:
                    ed:6e:79:6c:95:b0:88:90:2c:7d:ef:52:ac:91:4f:
                    a3:9f:1e:0b:81:99:93:59:9b:fd:1e:82:e8:03:64:
                    fb:fd:85:84:55:35:66:8f:c0:f9:5f:20:a1:a8:1e:
                    8a:45:e2:0c:43:64:ed:cd:17:b3:0d:5e:59:58:e9:
                    f9:72:c7:5e:11:ba:df:ec:f1:73:e2:d2:bf:eb:19:
                    65:61:60:55:22:0d:0a:ab:0e:cb:c3:1b:a9:f2:71:
                    72:6e:77:83:0f:b9:aa:9f:fe:1f:41:4f:34:36:16:
                    33:4f:a1:9e:62:e5:a5:0e:e3:39:48:50:9f:bb:78:
                    24:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:3E:50:BE:8B:00:87:62:E8:B7:7B:52:5B:37:23:12:D9:E4:03:43
            X509v3 Authority Key Identifier:
                keyid:AD:12:1A:9C:CB:28:3E:A2:1E:8D:0A:07:0A:2E:0B:6A:40:E9:87:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rRIanMsoPqIejQoHCi4LakDph30.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/27f7fa-b019-4842-a6a6-59df73d3bb91/1/rRIanMsoPqIejQoHCi4LakDph30.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/27f7fa-b019-4842-a6a6-59df73d3bb91/1/rRIanMsoPqIejQoHCi4LakDph30.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:ba:00:06:db:8f:b9:9d:dd:b5:c2:55:bc:a7:3a:63:7b:86:
         0d:12:6a:28:07:d5:ac:bd:56:1d:39:75:54:56:7d:88:91:6f:
         d5:fe:b2:17:bd:35:74:66:29:49:32:0f:2a:d0:87:b7:e6:f5:
         26:c9:f8:3f:79:7d:9e:dd:c3:57:6a:12:0d:54:c3:e6:7f:27:
         04:49:f2:9a:92:86:9d:78:e6:78:39:55:48:e5:d8:f4:97:db:
         92:75:e0:88:35:e8:98:66:f1:92:86:1b:e2:9f:e4:ad:94:e6:
         3f:ac:1b:5c:98:ac:9b:24:10:b5:b1:c8:b9:08:b4:36:75:99:
         46:40:cd:19:9f:d2:36:da:69:11:c4:2d:b7:98:f9:20:6a:49:
         79:25:0e:25:f7:aa:de:b7:af:89:b2:96:a1:d4:ef:de:8a:8f:
         2d:e6:49:94:94:be:a6:de:2a:28:e2:96:4d:92:de:ee:e5:98:
         a3:50:ff:20:a7:ad:1a:94:a5:2a:1b:55:ca:5d:11:4c:b9:3a:
         35:2c:f6:64:f8:a1:4b:bd:3c:21:1e:e8:ec:66:45:55:56:ac:
         25:c0:1c:0b:28:31:7d:ec:26:a5:a1:ef:5d:ba:bd:1b:04:f2:
         eb:38:e2:86:97:56:ad:8d:97:7f:93:39:e8:42:6f:8f:f3:7a:
         14:6c:6f:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9Bes3Fx9jgutk90rgH4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMTIxYTljY2IyODNlYTIxZThkMGEwNzBhMmUwYjZhNDBl
OTg3N2QwHhcNMjYwNDE3MDEwMDI2WhcNMjYwNDE4MDEwMDI2WjAzMTEwLwYDVQQD
EygwYjNlNTBiZThiMDA4NzYyZThiNzdiNTI1YjM3MjMxMmQ5ZTQwMzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWomOjYBf71PFjP3+tW5BcVJ+ayD
BGXWzMKqThyvwAaoxliaxV+eRkTCkleEYg8iPSa2zszGN2IvPYtMKeq6g8whd1z7
43C7vW4Ena3/XYeGdYI0p9iUgknWNvaTT0iXwkB+/2uDTQmSzOERvpc7y4/66Og+
BvYAHtDMd+Sbe5Bh5xBrl5vtbnlslbCIkCx971KskU+jnx4LgZmTWZv9HoLoA2T7
/YWEVTVmj8D5XyChqB6KReIMQ2TtzRezDV5ZWOn5csdeEbrf7PFz4tK/6xllYWBV
Ig0Kqw7Lwxup8nFybneDD7mqn/4fQU80NhYzT6GeYuWlDuM5SFCfu3gkawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAs+UL6LAIdi6Ld7Uls3IxLZ5ANDMB8GA1UdIwQY
MBaAFK0SGpzLKD6iHo0KBwouC2pA6Yd9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclJJYW5Nc29QcUllalFvSENpNExha0RwaDMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8yN2Y3ZmEtYjAxOS00ODQyLWE2YTYt
NTlkZjczZDNiYjkxLzEvclJJYW5Nc29QcUllalFvSENpNExha0RwaDMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8yN2Y3ZmEtYjAxOS00ODQyLWE2YTYtNTlkZjczZDNiYjkx
LzEvclJJYW5Nc29QcUllalFvSENpNExha0RwaDMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqLoABtuP
uZ3dtcJVvKc6Y3uGDRJqKAfVrL1WHTl1VFZ9iJFv1f6yF701dGYpSTIPKtCHt+b1
Jsn4P3l9nt3DV2oSDVTD5n8nBEnympKGnXjmeDlVSOXY9JfbknXgiDXomGbxkoYb
4p/krZTmP6wbXJismyQQtbHIuQi0NnWZRkDNGZ/SNtppEcQtt5j5IGpJeSUOJfeq
3revibKWodTv3oqPLeZJlJS+pt4qKOKWTZLe7uWYo1D/IKetGpSlKhtVyl0RTLk6
NSz2ZPihS708IR7o7GZFVVasJcAcCygxfewmpaHvXbq9GwTy6zjihpdWrY2Xf5M5
6EJvj/N6FGxvMQ==
-----END CERTIFICATE-----