Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
File:                     aUSJSM9NjazkdxjA9yWe3usJPns.mft (raw, json)
Hash identifier:          jAoUHXGlpTHDG6ZjGmitzMkFPqyTYnnCg0bdWpcgPvk=
Subject key identifier:   72:49:BF:0B:88:33:57:BB:F6:A8:BD:69:51:E3:68:7E:17:65:AB:81
Authority key identifier: 69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B
Certificate issuer:       /CN=69448948cf4d8dace47718c0f7259edeeb093e7b
Certificate serial:       019D9A3E5B0C9D3A25F0D3ECF747463B5512
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
Manifest number:          18BF
Signing time:             Fri 17 Apr 2026 07:01:10 +0000
Manifest this update:     Fri 17 Apr 2026 07:01:10 +0000
Manifest next update:     Sat 18 Apr 2026 07:01:10 +0000
Files and hashes:         1: aUSJSM9NjazkdxjA9yWe3usJPns.crl (hash: 9aTbDmIyjvzueZHwgFPkLZJjxnDJqCRBAs+2wZztGTo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:3e:5b:0c:9d:3a:25:f0:d3:ec:f7:47:46:3b:55:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69448948cf4d8dace47718c0f7259edeeb093e7b
        Validity
            Not Before: Apr 17 07:01:10 2026 GMT
            Not After : Apr 18 07:01:10 2026 GMT
        Subject: CN=7249bf0b883357bbf6a8bd6951e3687e1765ab81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:cc:e9:e5:b7:51:8f:81:d6:a4:b1:bc:ff:32:
                    8d:23:16:9b:81:91:63:7c:bb:9d:c1:44:5f:7f:54:
                    a0:3d:ca:97:50:95:47:03:f1:09:5f:5a:52:89:32:
                    7b:f6:c3:c9:eb:74:e3:b2:34:de:b0:b3:4e:58:74:
                    f7:d6:f0:77:ff:80:98:ba:e5:bd:c6:58:1c:bf:02:
                    f5:9b:b7:ee:41:a4:4f:15:68:51:65:ae:79:c3:43:
                    5d:83:1c:3a:b9:41:d9:fe:bb:e5:43:ea:dc:bb:bc:
                    b8:d9:7d:8c:c6:2e:92:d9:24:b9:75:2c:35:f1:ab:
                    dc:b2:42:03:9c:97:14:6c:f3:84:23:74:fb:44:b4:
                    63:ae:9e:f8:d6:b0:8b:8b:d6:86:3a:7e:a4:f2:1b:
                    73:b6:d6:e8:14:b1:6e:61:73:4b:ac:c7:ef:4e:5c:
                    36:72:0c:31:5d:7c:de:95:43:89:d3:6f:e7:a5:4d:
                    62:88:d8:63:c9:f1:4b:e9:b7:bf:04:9b:e1:80:6d:
                    25:7f:6c:31:f3:4b:0a:61:2e:d2:bf:c0:bd:77:27:
                    05:b1:f1:48:b8:f4:a7:b0:e0:0e:73:84:be:3b:e7:
                    03:09:a3:cf:62:93:f5:1b:09:a3:f1:c5:9e:ba:92:
                    4a:25:32:d8:51:3f:e9:ab:63:26:ae:fd:16:33:ac:
                    f9:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:49:BF:0B:88:33:57:BB:F6:A8:BD:69:51:E3:68:7E:17:65:AB:81
            X509v3 Authority Key Identifier:
                keyid:69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:7a:dc:6c:6a:5b:9b:47:9f:24:7c:05:3d:36:0a:ee:e1:68:
         8d:b0:ec:90:60:ea:0f:ff:dc:99:74:3d:4d:72:dc:a8:d2:e0:
         0b:f4:5f:1a:3b:57:3d:e0:5e:ce:ff:7b:57:64:55:8e:32:b7:
         40:fb:d3:88:0b:12:30:6f:fd:fb:a0:7d:eb:f9:ff:34:df:74:
         dd:8f:0f:dd:23:cb:36:72:d6:16:7f:86:25:bf:13:19:da:0e:
         c5:5f:a1:35:bc:68:35:c2:3f:99:a4:31:c3:3e:9c:ba:6c:f4:
         bd:e0:a6:44:21:3f:d4:7e:6f:06:d9:d8:f9:39:06:dc:70:74:
         9b:ba:c4:67:12:92:24:de:04:d0:b8:e2:b1:91:a5:93:bf:80:
         1a:eb:38:14:36:be:85:4f:e5:ab:02:94:ca:e3:96:51:16:b0:
         14:a6:c3:09:d6:ba:81:a8:ac:bf:6f:df:01:eb:55:e5:6f:1b:
         7d:71:5b:fc:6a:36:7e:2c:7e:48:85:c5:26:3f:af:1c:a2:e8:
         da:d4:f7:25:ee:07:95:ad:9e:5b:48:1d:f2:1e:70:bd:bf:c1:
         59:4e:7e:7c:ae:00:3a:40:db:f3:1f:ff:fc:14:e6:94:a0:89:
         6f:e1:10:33:6d:a8:2e:fe:57:e6:86:91:db:94:aa:73:fe:98:
         84:17:0c:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPlsMnTol8NPs90dGO1USMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NDQ4OTQ4Y2Y0ZDhkYWNlNDc3MThjMGY3MjU5ZWRlZWIw
OTNlN2IwHhcNMjYwNDE3MDcwMTEwWhcNMjYwNDE4MDcwMTEwWjAzMTEwLwYDVQQD
Eyg3MjQ5YmYwYjg4MzM1N2JiZjZhOGJkNjk1MWUzNjg3ZTE3NjVhYjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtszp5bdRj4HWpLG8/zKNIxabgZFj
fLudwURff1SgPcqXUJVHA/EJX1pSiTJ79sPJ63TjsjTesLNOWHT31vB3/4CYuuW9
xlgcvwL1m7fuQaRPFWhRZa55w0Ndgxw6uUHZ/rvlQ+rcu7y42X2Mxi6S2SS5dSw1
8avcskIDnJcUbPOEI3T7RLRjrp741rCLi9aGOn6k8htzttboFLFuYXNLrMfvTlw2
cgwxXXzelUOJ02/npU1iiNhjyfFL6be/BJvhgG0lf2wx80sKYS7Sv8C9dycFsfFI
uPSnsOAOc4S+O+cDCaPPYpP1Gwmj8cWeupJKJTLYUT/pq2Mmrv0WM6z5nQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHJJvwuIM1e79qi9aVHjaH4XZauBMB8GA1UdIwQY
MBaAFGlEiUjPTY2s5HcYwPclnt7rCT57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYt
NGIxMzdhNGRiYzZlLzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYtNGIxMzdhNGRiYzZl
LzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhXrcbGpb
m0efJHwFPTYK7uFojbDskGDqD//cmXQ9TXLcqNLgC/RfGjtXPeBezv97V2RVjjK3
QPvTiAsSMG/9+6B96/n/NN903Y8P3SPLNnLWFn+GJb8TGdoOxV+hNbxoNcI/maQx
wz6cumz0veCmRCE/1H5vBtnY+TkG3HB0m7rEZxKSJN4E0LjisZGlk7+AGus4FDa+
hU/lqwKUyuOWURawFKbDCda6gaisv2/fAetV5W8bfXFb/Go2fix+SIXFJj+vHKLo
2tT3Je4Hla2eW0gd8h5wvb/BWU5+fK4AOkDb8x///BTmlKCJb+EQM22oLv5X5oaR
25Sqc/6YhBcMVw==
-----END CERTIFICATE-----