Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
File:                     nckgfnB-NQXfaLmlvXCtKM1N04U.mft (raw, json)
Hash identifier:          msEw4oWa4Bz9Xb+QqDC0OZYdE2faqLsy3ybuYC5Duwc=
Subject key identifier:   F6:D0:DC:F6:C9:F5:A8:9F:7E:1C:5B:21:99:3B:27:86:A2:02:C3:75
Authority key identifier: 9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85
Certificate issuer:       /CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
Certificate serial:       019D9B517449228145C0895FA4FDE9E3C8C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
Manifest number:          18BF
Signing time:             Fri 17 Apr 2026 12:01:39 +0000
Manifest this update:     Fri 17 Apr 2026 12:01:39 +0000
Manifest next update:     Sat 18 Apr 2026 12:01:39 +0000
Files and hashes:         1: nckgfnB-NQXfaLmlvXCtKM1N04U.crl (hash: 7yNrCTaPUmnq9Fp1DKV4UsKxFAKzDUaJnFeHF7w8cEI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:51:74:49:22:81:45:c0:89:5f:a4:fd:e9:e3:c8:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
        Validity
            Not Before: Apr 17 12:01:39 2026 GMT
            Not After : Apr 18 12:01:39 2026 GMT
        Subject: CN=f6d0dcf6c9f5a89f7e1c5b21993b2786a202c375
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:88:91:f7:8d:f6:83:91:9b:1f:69:ee:4f:4a:
                    00:23:3e:11:63:cd:52:1c:a2:1c:d4:83:fd:55:6e:
                    d7:60:70:8e:48:52:b2:f5:1e:a7:19:27:27:c9:fc:
                    3e:00:6c:71:62:b3:46:9d:cd:65:5c:7a:de:ee:cb:
                    76:14:09:3f:01:ab:4b:c9:8a:63:de:26:15:fe:bc:
                    5f:d7:ea:82:ec:fe:0c:c4:13:30:72:cc:de:20:c4:
                    42:f4:d4:91:83:eb:c7:db:63:a9:67:b6:a4:34:43:
                    31:b1:91:4e:d2:a1:d6:22:08:87:60:29:71:4e:3f:
                    48:e8:72:05:03:5a:c3:ff:d8:e5:62:57:44:3c:4e:
                    92:40:f7:95:77:96:0d:08:88:27:d3:47:53:ff:ef:
                    e7:e6:e3:69:ca:63:60:4c:23:ab:d0:ce:d5:70:db:
                    c2:66:1d:9f:9f:ec:bd:73:ae:6d:b0:f8:46:06:26:
                    13:4b:2a:83:1d:a3:29:7c:e6:45:e3:d2:19:29:14:
                    10:be:74:c5:d4:95:50:64:1b:06:2e:1f:ad:a8:ba:
                    14:45:2f:5d:1d:37:25:90:51:b7:f1:26:c3:a6:2b:
                    0b:9f:e8:81:07:84:3e:8d:bc:a0:18:d3:e8:88:d3:
                    5e:cc:b9:a7:36:4c:c0:db:40:b5:ea:93:57:58:7e:
                    08:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:D0:DC:F6:C9:F5:A8:9F:7E:1C:5B:21:99:3B:27:86:A2:02:C3:75
            X509v3 Authority Key Identifier:
                keyid:9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bd:e8:42:3d:73:aa:4d:55:ec:e8:27:48:99:06:0e:b9:3b:f0:
         42:9b:ae:0c:50:60:5a:14:19:bb:c7:98:37:b1:d8:a4:7b:a1:
         ac:77:b6:31:5d:c1:c0:b8:71:55:3c:9a:30:53:0c:2c:73:15:
         4e:5b:34:82:0a:f7:f4:73:48:be:69:30:1d:6a:14:14:9d:9c:
         af:f1:e9:21:5d:bf:52:b3:3a:1c:b2:0b:cc:43:b6:db:f5:6a:
         8c:76:ba:b8:91:05:e6:ad:c1:1a:56:92:ba:f4:5c:44:cb:94:
         29:1e:0a:52:53:1c:93:75:cb:bf:f8:b8:c2:8a:f3:36:ac:d0:
         68:2e:cf:21:02:a8:54:e4:6b:ed:c8:58:f2:9f:8d:e6:f5:16:
         40:af:54:be:5b:00:58:f7:8a:2a:88:9b:b4:04:44:28:b8:5f:
         08:ae:3e:87:5f:9b:8d:7b:03:5c:f1:ae:40:85:89:8a:8b:f9:
         9c:40:76:31:8a:5f:44:40:ae:bc:d3:a8:b6:62:2e:02:2c:a3:
         b9:e4:8f:07:37:ce:8f:d0:72:22:a9:f6:ba:8e:21:c8:e5:64:
         48:e5:83:aa:c9:08:1c:b4:5d:b1:b5:a5:53:ed:70:c4:e2:2f:
         38:85:00:a7:31:c6:b4:6b:a4:97:3a:f9:dc:92:c7:44:13:dd:
         a9:e9:b1:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUXRJIoFFwIlfpP3p48jJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzkyMDdlNzA3ZTM1MDVkZjY4YjlhNWJkNzBhZDI4Y2Q0
ZGQzODUwHhcNMjYwNDE3MTIwMTM5WhcNMjYwNDE4MTIwMTM5WjAzMTEwLwYDVQQD
EyhmNmQwZGNmNmM5ZjVhODlmN2UxYzViMjE5OTNiMjc4NmEyMDJjMzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoiR9432g5GbH2nuT0oAIz4RY81S
HKIc1IP9VW7XYHCOSFKy9R6nGScnyfw+AGxxYrNGnc1lXHre7st2FAk/AatLyYpj
3iYV/rxf1+qC7P4MxBMwcszeIMRC9NSRg+vH22OpZ7akNEMxsZFO0qHWIgiHYClx
Tj9I6HIFA1rD/9jlYldEPE6SQPeVd5YNCIgn00dT/+/n5uNpymNgTCOr0M7VcNvC
Zh2fn+y9c65tsPhGBiYTSyqDHaMpfOZF49IZKRQQvnTF1JVQZBsGLh+tqLoURS9d
HTclkFG38SbDpisLn+iBB4Q+jbygGNPoiNNezLmnNkzA20C16pNXWH4IewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPbQ3PbJ9aiffhxbIZk7J4aiAsN1MB8GA1UdIwQY
MBaAFJ3JIH5wfjUF32i5pb1wrSjNTdOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAt
ZmY2YTFmNDFkMWY4LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAtZmY2YTFmNDFkMWY4
LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvehCPXOq
TVXs6CdImQYOuTvwQpuuDFBgWhQZu8eYN7HYpHuhrHe2MV3BwLhxVTyaMFMMLHMV
Tls0ggr39HNIvmkwHWoUFJ2cr/HpIV2/UrM6HLILzEO22/VqjHa6uJEF5q3BGlaS
uvRcRMuUKR4KUlMck3XLv/i4worzNqzQaC7PIQKoVORr7chY8p+N5vUWQK9UvlsA
WPeKKoibtAREKLhfCK4+h1+bjXsDXPGuQIWJiov5nEB2MYpfRECuvNOotmIuAiyj
ueSPBzfOj9ByIqn2uo4hyOVkSOWDqskIHLRdsbWlU+1wxOIvOIUApzHGtGuklzr5
3JLHRBPdqemxrQ==
-----END CERTIFICATE-----