Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
File:                     gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft (raw, json)
Hash identifier:          g2BJuKq+crpJtRiGp/hXqTi1KNUmUs2gYKcA20y76N8=
Subject key identifier:   5D:63:B4:1F:A9:76:85:30:16:EB:9E:56:9B:CB:53:75:1D:CF:80:19
Authority key identifier: 80:EB:71:D0:19:A4:83:22:5C:32:4C:88:C6:C4:80:20:EF:9F:11:68
Certificate issuer:       /CN=80eb71d019a483225c324c88c6c48020ef9f1168
Certificate serial:       019D9998E27343CE1AED370B736632D41D73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 04:00:26 +0000
Manifest this update:     Fri 17 Apr 2026 04:00:26 +0000
Manifest next update:     Sat 18 Apr 2026 04:00:26 +0000
Files and hashes:         1: gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl (hash: SJWUKVURJzU1By3gf/18rPGnOfjsX3jjrl6OtQ+90Pw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 04:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:98:e2:73:43:ce:1a:ed:37:0b:73:66:32:d4:1d:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80eb71d019a483225c324c88c6c48020ef9f1168
        Validity
            Not Before: Apr 17 04:00:26 2026 GMT
            Not After : Apr 18 04:00:26 2026 GMT
        Subject: CN=5d63b41fa976853016eb9e569bcb53751dcf8019
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:b7:b3:b3:b5:36:54:13:54:73:a8:75:0b:e5:
                    f5:e8:ea:e2:7f:ef:82:f5:7e:1d:52:b6:e0:42:d1:
                    f5:ec:42:ff:0b:2f:10:31:a7:73:ed:91:1c:9a:4d:
                    f6:84:e1:f7:2b:45:12:45:ba:93:33:1d:ab:4a:1c:
                    24:9c:7b:ac:f2:90:09:62:b4:12:d9:2c:6d:2b:84:
                    3b:ce:6c:e5:d9:ba:82:53:5c:41:1a:a5:c4:ae:5a:
                    06:a5:11:3f:3c:23:a0:43:18:d5:f6:80:b2:a0:e4:
                    96:8d:eb:f2:ef:b5:92:d5:25:ed:13:2d:01:d7:41:
                    a8:47:fa:9c:8a:d5:6b:59:38:6b:39:97:b0:b7:aa:
                    b2:47:e7:e4:88:39:2a:5a:6b:19:b1:d7:b5:36:ff:
                    23:bd:e6:a2:99:55:60:4e:ec:1f:a7:7c:e8:51:9b:
                    84:49:14:95:68:69:f7:07:fa:97:dd:17:6b:42:14:
                    79:af:5a:3b:29:03:9b:dd:5d:4c:25:14:e2:97:96:
                    3f:bd:ef:aa:2b:73:3c:76:7a:32:30:5c:6b:76:90:
                    91:aa:59:88:1a:20:e0:74:b8:e9:22:fb:02:e0:0e:
                    67:fc:a9:78:61:05:25:b7:69:e1:83:98:fe:a8:c0:
                    9b:af:3c:9f:b4:b5:95:8e:90:bd:b9:2e:42:2e:c9:
                    d0:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:63:B4:1F:A9:76:85:30:16:EB:9E:56:9B:CB:53:75:1D:CF:80:19
            X509v3 Authority Key Identifier:
                keyid:80:EB:71:D0:19:A4:83:22:5C:32:4C:88:C6:C4:80:20:EF:9F:11:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:19:b6:3d:d1:4c:dd:23:da:e5:50:a5:7c:1d:b2:90:c2:fc:
         78:56:69:60:a9:f6:ed:fe:22:7a:d4:78:33:16:68:86:46:19:
         6f:76:a2:13:24:35:d8:10:e0:70:ac:92:ea:20:58:f9:da:35:
         53:4d:12:95:9f:12:b4:e9:3f:e1:9d:6e:cc:cb:4d:21:fa:29:
         58:5d:1d:c2:4e:fd:9a:25:1c:ee:a6:a0:fd:71:2b:a5:fa:c4:
         e5:13:21:e4:f7:42:c4:e6:71:d6:7a:9e:15:c8:ed:87:62:36:
         58:2e:1c:99:1c:c7:e7:ac:59:bb:c9:80:2a:4c:c0:5b:00:cd:
         79:3e:fb:90:b0:9e:24:a7:54:7c:d6:af:b6:fe:9e:c0:91:5d:
         e9:c3:50:33:f1:3b:8f:d6:eb:52:8b:78:fc:3f:b3:38:a6:28:
         25:3d:82:83:e7:c1:5b:28:66:36:3f:b2:bb:c3:6b:36:84:b2:
         85:dd:f7:c2:50:b8:6f:1b:76:5a:bd:86:99:82:ab:e4:b6:66:
         a6:88:a5:f7:cf:ce:74:04:17:75:1f:b8:e0:ed:89:e2:73:97:
         a2:ed:34:ac:53:bf:8a:57:9b:f6:7f:ab:4f:9c:0d:2e:c3:83:
         d4:91:05:65:b3:21:ae:95:19:7b:ab:27:14:ef:3c:72:23:55:
         87:ba:af:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmOJzQ84a7TcLc2Yy1B1zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZWI3MWQwMTlhNDgzMjI1YzMyNGM4OGM2YzQ4MDIwZWY5
ZjExNjgwHhcNMjYwNDE3MDQwMDI2WhcNMjYwNDE4MDQwMDI2WjAzMTEwLwYDVQQD
Eyg1ZDYzYjQxZmE5NzY4NTMwMTZlYjllNTY5YmNiNTM3NTFkY2Y4MDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurezs7U2VBNUc6h1C+X16Orif++C
9X4dUrbgQtH17EL/Cy8QMadz7ZEcmk32hOH3K0USRbqTMx2rShwknHus8pAJYrQS
2SxtK4Q7zmzl2bqCU1xBGqXErloGpRE/PCOgQxjV9oCyoOSWjevy77WS1SXtEy0B
10GoR/qcitVrWThrOZewt6qyR+fkiDkqWmsZsde1Nv8jveaimVVgTuwfp3zoUZuE
SRSVaGn3B/qX3RdrQhR5r1o7KQOb3V1MJRTil5Y/ve+qK3M8dnoyMFxrdpCRqlmI
GiDgdLjpIvsC4A5n/Kl4YQUlt2nhg5j+qMCbrzyftLWVjpC9uS5CLsnQ6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF1jtB+pdoUwFuueVpvLU3Udz4AZMB8GA1UdIwQY
MBaAFIDrcdAZpIMiXDJMiMbEgCDvnxFoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yOTA3ODktMTkyMi00ZWIwLThhZDQt
ZmVkODlkMTcwZGE0LzEvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yOTA3ODktMTkyMi00ZWIwLThhZDQtZmVkODlkMTcwZGE0
LzEvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAShm2PdFM
3SPa5VClfB2ykML8eFZpYKn27f4ietR4MxZohkYZb3aiEyQ12BDgcKyS6iBY+do1
U00SlZ8StOk/4Z1uzMtNIfopWF0dwk79miUc7qag/XErpfrE5RMh5PdCxOZx1nqe
Fcjth2I2WC4cmRzH56xZu8mAKkzAWwDNeT77kLCeJKdUfNavtv6ewJFd6cNQM/E7
j9brUot4/D+zOKYoJT2Cg+fBWyhmNj+yu8NrNoSyhd33wlC4bxt2Wr2GmYKr5LZm
poil98/OdAQXdR+44O2J4nOXou00rFO/ileb9n+rT5wNLsOD1JEFZbMhrpUZe6sn
FO88ciNVh7qvZg==
-----END CERTIFICATE-----