Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/4a6c6d-b855-4b46-b32f-cac2cfff6779/1/iwUOQskY3jwnNm3vQzph8Tw7FrI.mft
File:                     iwUOQskY3jwnNm3vQzph8Tw7FrI.mft (raw, json)
Hash identifier:          GEPgH3ulaVNU4njWmAqTNf6NtWvD7+nfsn43gAnFPuA=
Subject key identifier:   BF:A4:1B:C2:1F:C4:72:16:F4:51:73:51:E6:49:76:5B:67:CA:10:BB
Authority key identifier: 8B:05:0E:42:C9:18:DE:3C:27:36:6D:EF:43:3A:61:F1:3C:3B:16:B2
Certificate issuer:       /CN=8b050e42c918de3c27366def433a61f13c3b16b2
Certificate serial:       019DA48A714EC22A1920A0961BD45B9BBC39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iwUOQskY3jwnNm3vQzph8Tw7FrI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/4a6c6d-b855-4b46-b32f-cac2cfff6779/1/iwUOQskY3jwnNm3vQzph8Tw7FrI.mft
Manifest number:          18C3
Signing time:             Sun 19 Apr 2026 07:00:29 +0000
Manifest this update:     Sun 19 Apr 2026 07:00:29 +0000
Manifest next update:     Mon 20 Apr 2026 07:00:29 +0000
Files and hashes:         1: iwUOQskY3jwnNm3vQzph8Tw7FrI.crl (hash: e5A+cyRFWxZkKC7LvinTFTa1XBvoT9zl0pgtRKpltsc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/4a6c6d-b855-4b46-b32f-cac2cfff6779/1/iwUOQskY3jwnNm3vQzph8Tw7FrI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/4a6c6d-b855-4b46-b32f-cac2cfff6779/1/iwUOQskY3jwnNm3vQzph8Tw7FrI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iwUOQskY3jwnNm3vQzph8Tw7FrI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:8a:71:4e:c2:2a:19:20:a0:96:1b:d4:5b:9b:bc:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b050e42c918de3c27366def433a61f13c3b16b2
        Validity
            Not Before: Apr 19 07:00:29 2026 GMT
            Not After : Apr 20 07:00:29 2026 GMT
        Subject: CN=bfa41bc21fc47216f4517351e649765b67ca10bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:96:c7:97:12:00:9c:58:4f:72:23:6b:94:bc:
                    a1:17:aa:3b:ca:a2:2a:66:41:a3:e6:4f:7e:4c:ac:
                    27:a9:52:19:4f:a8:87:dc:30:56:ec:3d:14:e9:a7:
                    58:02:43:f5:1e:87:61:52:cc:ec:e6:19:a8:18:66:
                    8d:c7:70:04:5d:71:01:57:a5:03:50:49:c3:da:19:
                    7d:9c:84:1d:08:30:36:c0:5c:65:b1:db:e4:ba:0f:
                    d7:9d:35:45:06:f4:43:93:25:4d:c0:5f:20:4e:26:
                    7d:72:0d:ae:a4:de:eb:ca:5a:a4:91:76:83:fa:54:
                    ec:c9:ef:4b:f2:6b:20:a2:3c:82:cf:63:e0:a9:14:
                    7e:6d:30:ff:48:0c:05:19:8f:f6:57:29:ae:09:31:
                    97:25:57:22:80:d4:cf:84:34:39:74:d9:32:32:1c:
                    40:cd:ba:9d:b0:79:cd:05:07:c5:49:9f:49:4f:75:
                    af:12:82:c7:8e:e1:22:13:db:6e:f8:d7:13:b5:9c:
                    e5:86:ff:71:53:53:89:71:58:b7:40:07:65:07:e7:
                    cb:c7:94:23:2c:c0:41:d2:47:45:aa:45:3e:97:a3:
                    b7:52:35:8b:20:7f:a7:08:88:fd:25:ef:52:3a:60:
                    5c:77:12:fa:09:9d:5a:75:30:c3:ba:33:91:c5:1a:
                    70:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:A4:1B:C2:1F:C4:72:16:F4:51:73:51:E6:49:76:5B:67:CA:10:BB
            X509v3 Authority Key Identifier:
                keyid:8B:05:0E:42:C9:18:DE:3C:27:36:6D:EF:43:3A:61:F1:3C:3B:16:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iwUOQskY3jwnNm3vQzph8Tw7FrI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/4a6c6d-b855-4b46-b32f-cac2cfff6779/1/iwUOQskY3jwnNm3vQzph8Tw7FrI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/4a6c6d-b855-4b46-b32f-cac2cfff6779/1/iwUOQskY3jwnNm3vQzph8Tw7FrI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:98:4a:18:17:57:2a:db:ce:1d:0a:90:0b:fe:92:87:44:41:
         8a:48:10:50:c0:09:fd:5a:74:3d:5f:a4:21:dd:84:2f:c4:3a:
         6f:25:79:f2:00:bb:a6:c8:11:4d:26:5b:14:17:9f:2d:26:df:
         3d:09:da:98:b9:96:46:36:86:67:e8:b1:a2:db:32:5f:6c:f3:
         82:75:9b:02:b1:35:96:b1:54:26:f6:27:e3:89:43:bc:e8:db:
         28:ad:df:98:84:f0:54:a0:1f:32:92:ca:62:ac:7c:47:af:d6:
         e2:ee:a1:de:1d:e4:b4:34:52:74:59:39:3c:18:be:7c:d2:85:
         61:9a:85:ae:79:69:37:19:7a:c5:a5:5c:48:3d:3f:2a:29:23:
         91:59:81:10:5a:09:59:71:89:1b:3e:cd:36:31:98:45:62:98:
         2f:5b:e6:47:ed:3e:79:1f:ed:86:81:dd:8d:aa:0a:93:42:cc:
         ab:e8:41:1c:a6:07:a1:aa:0e:eb:e9:2d:17:dc:74:77:a8:fa:
         61:df:03:90:f5:19:ce:04:29:e4:8f:a6:af:a6:fc:df:32:e5:
         96:8a:49:60:f3:8f:8f:8b:92:19:95:6e:e1:a1:d3:72:5d:a8:
         db:32:d2:fd:84:36:bd:9f:fe:9d:e0:3a:a5:cb:82:c2:00:42:
         c5:0a:e1:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kinFOwioZIKCWG9Rbm7w5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMDUwZTQyYzkxOGRlM2MyNzM2NmRlZjQzM2E2MWYxM2Mz
YjE2YjIwHhcNMjYwNDE5MDcwMDI5WhcNMjYwNDIwMDcwMDI5WjAzMTEwLwYDVQQD
EyhiZmE0MWJjMjFmYzQ3MjE2ZjQ1MTczNTFlNjQ5NzY1YjY3Y2ExMGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZbHlxIAnFhPciNrlLyhF6o7yqIq
ZkGj5k9+TKwnqVIZT6iH3DBW7D0U6adYAkP1HodhUszs5hmoGGaNx3AEXXEBV6UD
UEnD2hl9nIQdCDA2wFxlsdvkug/XnTVFBvRDkyVNwF8gTiZ9cg2upN7rylqkkXaD
+lTsye9L8msgojyCz2PgqRR+bTD/SAwFGY/2VymuCTGXJVcigNTPhDQ5dNkyMhxA
zbqdsHnNBQfFSZ9JT3WvEoLHjuEiE9tu+NcTtZzlhv9xU1OJcVi3QAdlB+fLx5Qj
LMBB0kdFqkU+l6O3UjWLIH+nCIj9Je9SOmBcdxL6CZ1adTDDujORxRpw5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL+kG8IfxHIW9FFzUeZJdltnyhC7MB8GA1UdIwQY
MBaAFIsFDkLJGN48JzZt70M6YfE8OxayMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXdVT1Fza1kzanduTm0zdlF6cGg4VHc3RnJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80YTZjNmQtYjg1NS00YjQ2LWIzMmYt
Y2FjMmNmZmY2Nzc5LzEvaXdVT1Fza1kzanduTm0zdlF6cGg4VHc3RnJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80YTZjNmQtYjg1NS00YjQ2LWIzMmYtY2FjMmNmZmY2Nzc5
LzEvaXdVT1Fza1kzanduTm0zdlF6cGg4VHc3RnJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdJhKGBdX
KtvOHQqQC/6Sh0RBikgQUMAJ/Vp0PV+kId2EL8Q6byV58gC7psgRTSZbFBefLSbf
PQnamLmWRjaGZ+ixotsyX2zzgnWbArE1lrFUJvYn44lDvOjbKK3fmITwVKAfMpLK
Yqx8R6/W4u6h3h3ktDRSdFk5PBi+fNKFYZqFrnlpNxl6xaVcSD0/KikjkVmBEFoJ
WXGJGz7NNjGYRWKYL1vmR+0+eR/thoHdjaoKk0LMq+hBHKYHoaoO6+ktF9x0d6j6
Yd8DkPUZzgQp5I+mr6b83zLllopJYPOPj4uSGZVu4aHTcl2o2zLS/YQ2vZ/+neA6
pcuCwgBCxQrhwg==
-----END CERTIFICATE-----