Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
File:                     s9nxe5jDqWQThWY7jNW3X-HwpJg.mft (raw, json)
Hash identifier:          4ymzjEAN1qNTuCOAJf9p3BcTKTsvXw+poTYbUoUy8gM=
Subject key identifier:   BB:33:76:E9:F2:91:4A:39:E0:40:82:20:FD:10:E4:8B:A1:C7:99:38
Authority key identifier: B3:D9:F1:7B:98:C3:A9:64:13:85:66:3B:8C:D5:B7:5F:E1:F0:A4:98
Certificate issuer:       /CN=b3d9f17b98c3a9641385663b8cd5b75fe1f0a498
Certificate serial:       019D9AAB86C184F81171A59ABB0CFAA4B566
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
Manifest number:          18BD
Signing time:             Fri 17 Apr 2026 09:00:25 +0000
Manifest this update:     Fri 17 Apr 2026 09:00:25 +0000
Manifest next update:     Sat 18 Apr 2026 09:00:25 +0000
Files and hashes:         1: s9nxe5jDqWQThWY7jNW3X-HwpJg.crl (hash: W08Pj1wBpMf2gDsfAOzVbDQr8JfaK9e5ABwvi1VwrSc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 09:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:ab:86:c1:84:f8:11:71:a5:9a:bb:0c:fa:a4:b5:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3d9f17b98c3a9641385663b8cd5b75fe1f0a498
        Validity
            Not Before: Apr 17 09:00:25 2026 GMT
            Not After : Apr 18 09:00:25 2026 GMT
        Subject: CN=bb3376e9f2914a39e0408220fd10e48ba1c79938
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:5a:fa:4e:30:f2:a1:f6:28:f7:50:61:99:2e:
                    b7:79:c5:39:ca:bd:a2:7e:db:e0:d1:d4:47:bf:c2:
                    28:b9:0c:56:26:22:12:21:84:92:be:bb:cf:d3:a3:
                    9d:27:52:f7:82:95:93:2c:2d:77:c2:c2:29:82:86:
                    cc:f4:51:83:c9:de:97:ed:b9:53:0a:24:6d:88:56:
                    9a:35:51:72:da:f4:db:96:62:80:ac:16:33:2f:8f:
                    13:93:6c:a3:85:2d:21:58:b0:f7:3e:70:d9:65:b8:
                    cf:e9:1b:db:20:18:f5:b0:52:47:15:fb:5f:46:f4:
                    62:42:81:e6:b0:7d:3f:03:2d:c9:4c:c4:e5:03:1c:
                    a6:8b:81:ab:41:d9:51:3a:94:89:9f:25:fa:db:d2:
                    da:0d:a7:fd:1c:fd:83:de:62:2f:50:8b:f4:f1:66:
                    f1:d3:b6:f4:20:8c:2a:cd:d3:f0:b1:20:8a:5b:ca:
                    e3:9d:9f:8a:d9:f2:cb:a7:a7:94:c1:8e:25:4a:c1:
                    a1:9a:23:87:52:48:18:29:ec:de:7f:5d:59:20:b5:
                    75:71:c0:16:9d:f8:f5:c1:7f:c5:e2:f5:9d:48:d9:
                    51:c6:50:72:2b:05:72:f0:90:d1:20:0f:18:24:97:
                    f4:b9:0a:80:ef:0d:f6:e7:93:79:19:07:ca:59:32:
                    d1:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:33:76:E9:F2:91:4A:39:E0:40:82:20:FD:10:E4:8B:A1:C7:99:38
            X509v3 Authority Key Identifier:
                keyid:B3:D9:F1:7B:98:C3:A9:64:13:85:66:3B:8C:D5:B7:5F:E1:F0:A4:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:10:5f:97:2d:e4:14:1b:24:90:30:66:03:12:29:b7:5c:e2:
         ec:08:3f:d8:f9:84:6b:ca:11:58:e8:3d:75:02:93:66:25:36:
         e0:10:41:90:9a:7a:79:75:48:05:eb:80:01:1b:cf:08:cf:24:
         07:cf:a8:c7:8a:ad:8f:c8:2a:84:48:ac:03:9d:bc:f0:d2:6a:
         37:74:cb:04:2c:d2:d4:46:17:7a:07:45:44:b2:cc:71:eb:4c:
         2e:19:a6:91:2a:84:7a:9d:12:29:be:e1:76:dc:a4:b1:70:3d:
         db:3e:e6:83:8c:fe:96:e4:da:02:1c:31:f9:d6:9e:2d:57:ba:
         7e:1e:0e:f9:86:d8:18:58:6e:67:01:47:76:9f:2c:67:ba:4c:
         75:71:40:ec:cd:dd:60:a5:72:c7:3e:76:2f:dc:9b:99:52:b5:
         68:ca:b8:1e:36:c5:72:14:e8:89:02:6a:1a:23:01:a5:a8:34:
         05:3f:2c:a8:26:88:df:3d:80:32:63:ee:56:62:df:3e:94:28:
         f3:f8:60:c8:96:e0:83:f0:e4:56:b4:00:cc:e4:2d:6a:b2:e6:
         08:e6:f3:87:94:7f:26:a9:c9:d4:12:d8:d2:3c:d3:48:9f:3c:
         5b:7f:71:a0:1f:82:af:67:b0:63:9f:30:58:60:9b:a5:0c:cb:
         6b:5a:ef:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aq4bBhPgRcaWauwz6pLVmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDlmMTdiOThjM2E5NjQxMzg1NjYzYjhjZDViNzVmZTFm
MGE0OTgwHhcNMjYwNDE3MDkwMDI1WhcNMjYwNDE4MDkwMDI1WjAzMTEwLwYDVQQD
EyhiYjMzNzZlOWYyOTE0YTM5ZTA0MDgyMjBmZDEwZTQ4YmExYzc5OTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFr6TjDyofYo91BhmS63ecU5yr2i
ftvg0dRHv8IouQxWJiISIYSSvrvP06OdJ1L3gpWTLC13wsIpgobM9FGDyd6X7blT
CiRtiFaaNVFy2vTblmKArBYzL48Tk2yjhS0hWLD3PnDZZbjP6RvbIBj1sFJHFftf
RvRiQoHmsH0/Ay3JTMTlAxymi4GrQdlROpSJnyX629LaDaf9HP2D3mIvUIv08Wbx
07b0IIwqzdPwsSCKW8rjnZ+K2fLLp6eUwY4lSsGhmiOHUkgYKezef11ZILV1ccAW
nfj1wX/F4vWdSNlRxlByKwVy8JDRIA8YJJf0uQqA7w3255N5GQfKWTLR5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLszdunykUo54ECCIP0Q5Iuhx5k4MB8GA1UdIwQY
MBaAFLPZ8XuYw6lkE4VmO4zVt1/h8KSYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi81ZmU1ZTYtMWE2Zi00NmYxLWE5OTkt
MThlYzZhMDA4YzU2LzEvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi81ZmU1ZTYtMWE2Zi00NmYxLWE5OTktMThlYzZhMDA4YzU2
LzEvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaBBfly3k
FBskkDBmAxIpt1zi7Ag/2PmEa8oRWOg9dQKTZiU24BBBkJp6eXVIBeuAARvPCM8k
B8+ox4qtj8gqhEisA5288NJqN3TLBCzS1EYXegdFRLLMcetMLhmmkSqEep0SKb7h
dtyksXA92z7mg4z+luTaAhwx+daeLVe6fh4O+YbYGFhuZwFHdp8sZ7pMdXFA7M3d
YKVyxz52L9ybmVK1aMq4HjbFchToiQJqGiMBpag0BT8sqCaI3z2AMmPuVmLfPpQo
8/hgyJbgg/DkVrQAzOQtarLmCObzh5R/JqnJ1BLY0jzTSJ88W39xoB+Cr2ewY58w
WGCbpQzLa1rviA==
-----END CERTIFICATE-----