Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
File:                     4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft (raw, json)
Hash identifier:          ok7JchKT8Ahsk2qYoymrC59WZ49JzIxlpy5GlCnHAQQ=
Subject key identifier:   C5:5A:D5:9F:2C:FF:B9:D2:54:6D:B9:27:2F:8B:7A:6F:FF:BB:C4:D5
Authority key identifier: E3:37:79:B8:38:8D:00:1F:DC:BD:DC:48:AC:E2:27:F0:09:85:06:60
Certificate issuer:       /CN=e33779b8388d001fdcbddc48ace227f009850660
Certificate serial:       019D9AE2DA74099C41B8DE9649959ACB23E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
Manifest number:          18BD
Signing time:             Fri 17 Apr 2026 10:00:51 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:51 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:51 +0000
Files and hashes:         1: 4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl (hash: 3Yhv4g5GYlQeDGFEUqbb+Z2Rd3ux0Og4caz8+Tao/+Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:da:74:09:9c:41:b8:de:96:49:95:9a:cb:23:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e33779b8388d001fdcbddc48ace227f009850660
        Validity
            Not Before: Apr 17 10:00:51 2026 GMT
            Not After : Apr 18 10:00:51 2026 GMT
        Subject: CN=c55ad59f2cffb9d2546db9272f8b7a6fffbbc4d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:7d:d6:a1:8b:05:b3:0f:11:72:b6:52:e5:f3:
                    07:b6:31:19:4b:69:90:0f:f9:d8:55:76:a4:c2:01:
                    da:02:a4:7c:df:c3:ba:d1:f8:64:ac:fd:83:6b:3d:
                    e5:68:0e:3f:c9:b0:32:50:90:65:9b:21:7d:b8:11:
                    91:c8:40:a4:0d:2d:c1:4b:a5:d7:0b:05:ad:d9:58:
                    fb:9e:12:9b:1e:ab:77:e0:3c:4c:fb:03:d2:4e:e9:
                    43:db:a5:8f:ca:c8:c6:b7:5b:eb:ff:eb:42:7f:fd:
                    72:3f:3f:ae:b9:12:4f:07:6b:62:8e:9c:37:b7:9f:
                    79:4e:fb:43:b2:9f:5a:7c:61:3f:c9:fa:32:3c:4b:
                    56:2d:d7:2a:2d:a8:0a:ec:d2:94:a5:2c:7a:1e:bb:
                    4a:62:c1:b5:57:cf:07:c5:4f:ea:f8:30:e9:b6:51:
                    90:69:02:73:d7:6c:45:cd:5d:bd:6e:42:3c:ef:a2:
                    bb:1e:b7:91:de:23:c6:54:6f:16:6c:4c:87:1a:54:
                    e5:55:80:17:fc:31:f8:8d:85:4a:e8:f2:52:0f:91:
                    f3:69:dc:67:3f:cd:31:f2:eb:fa:a5:cd:7f:c2:d5:
                    4d:eb:2f:90:96:62:aa:7e:14:53:af:63:22:b9:85:
                    f7:3b:fd:7e:23:f1:66:61:2c:49:66:9e:d9:25:f7:
                    68:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:5A:D5:9F:2C:FF:B9:D2:54:6D:B9:27:2F:8B:7A:6F:FF:BB:C4:D5
            X509v3 Authority Key Identifier:
                keyid:E3:37:79:B8:38:8D:00:1F:DC:BD:DC:48:AC:E2:27:F0:09:85:06:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:e0:53:10:05:81:19:55:a5:5d:b2:96:22:bc:b2:89:43:e3:
         f7:7e:9e:ec:99:7e:05:46:88:4f:7f:42:38:6b:68:73:3c:c2:
         80:55:8d:52:44:4d:2d:84:dc:d6:57:66:7d:44:80:18:ff:62:
         b6:58:20:c9:f4:32:f9:f8:96:61:bd:8e:4e:59:ba:34:26:b2:
         c6:1f:33:03:7b:5a:77:d6:13:2d:7a:b7:f7:85:70:32:e7:8a:
         eb:e9:68:64:80:93:2a:1e:7f:dd:73:41:8a:fb:ea:95:a6:99:
         bf:9d:23:80:77:c4:62:41:0b:97:12:9a:6f:49:6c:72:f5:a8:
         57:cb:2d:a5:4b:84:cd:48:b8:ab:49:02:07:d9:73:1b:28:fa:
         a0:ac:da:c8:9e:d3:1c:9c:a4:45:2c:5f:59:89:cf:ac:1a:bd:
         ef:04:97:8e:22:44:a7:11:24:12:85:74:30:50:72:74:ec:6f:
         82:ee:0b:79:68:94:86:e0:2e:34:48:fc:e3:19:22:0c:d9:78:
         5b:e0:d8:8c:79:c9:11:ac:09:a8:ca:4e:9c:17:c5:6b:33:36:
         14:01:d9:a6:2a:ff:7f:58:0d:99:dd:14:db:94:69:21:f1:a7:
         20:31:33:e8:be:96:da:a8:ce:de:95:8d:ae:4f:93:0b:c1:d8:
         1a:f7:16:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4tp0CZxBuN6WSZWayyPkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMzc3OWI4Mzg4ZDAwMWZkY2JkZGM0OGFjZTIyN2YwMDk4
NTA2NjAwHhcNMjYwNDE3MTAwMDUxWhcNMjYwNDE4MTAwMDUxWjAzMTEwLwYDVQQD
EyhjNTVhZDU5ZjJjZmZiOWQyNTQ2ZGI5MjcyZjhiN2E2ZmZmYmJjNGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH3WoYsFsw8RcrZS5fMHtjEZS2mQ
D/nYVXakwgHaAqR838O60fhkrP2Daz3laA4/ybAyUJBlmyF9uBGRyECkDS3BS6XX
CwWt2Vj7nhKbHqt34DxM+wPSTulD26WPysjGt1vr/+tCf/1yPz+uuRJPB2tijpw3
t595TvtDsp9afGE/yfoyPEtWLdcqLagK7NKUpSx6HrtKYsG1V88HxU/q+DDptlGQ
aQJz12xFzV29bkI876K7HreR3iPGVG8WbEyHGlTlVYAX/DH4jYVK6PJSD5Hzadxn
P80x8uv6pc1/wtVN6y+QlmKqfhRTr2MiuYX3O/1+I/FmYSxJZp7ZJfdoewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMVa1Z8s/7nSVG25Jy+Lem//u8TVMB8GA1UdIwQY
MBaAFOM3ebg4jQAf3L3cSKziJ/AJhQZgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi85ZGIzMjYtMTE4OS00YWM5LWI0MTIt
ZjI5NGQzYjEyY2ZkLzEvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi85ZGIzMjYtMTE4OS00YWM5LWI0MTItZjI5NGQzYjEyY2Zk
LzEvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK+BTEAWB
GVWlXbKWIryyiUPj936e7Jl+BUaIT39COGtoczzCgFWNUkRNLYTc1ldmfUSAGP9i
tlggyfQy+fiWYb2OTlm6NCayxh8zA3tad9YTLXq394VwMueK6+loZICTKh5/3XNB
ivvqlaaZv50jgHfEYkELlxKab0lscvWoV8stpUuEzUi4q0kCB9lzGyj6oKzayJ7T
HJykRSxfWYnPrBq97wSXjiJEpxEkEoV0MFBydOxvgu4LeWiUhuAuNEj84xkiDNl4
W+DYjHnJEawJqMpOnBfFazM2FAHZpir/f1gNmd0U25RpIfGnIDEz6L6W2qjO3pWN
rk+TC8HYGvcWjA==
-----END CERTIFICATE-----