Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
File:                     leN5E1KsgsnSB0NCTNxhcAlvT68.mft (raw, json)
Hash identifier:          JpC0kkR5iOVSTp0BUJsg8JeWemF0tZz6Mt4SDS6Ey5E=
Subject key identifier:   A8:9C:B7:17:72:0F:47:17:95:89:71:81:B5:B3:5C:3F:B6:C2:AE:A3
Authority key identifier: 95:E3:79:13:52:AC:82:C9:D2:07:43:42:4C:DC:61:70:09:6F:4F:AF
Certificate issuer:       /CN=95e3791352ac82c9d20743424cdc6170096f4faf
Certificate serial:       019D98F4D291601F56FFBC7D8D53E8B65555
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
Manifest number:          18BD
Signing time:             Fri 17 Apr 2026 01:01:14 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:14 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:14 +0000
Files and hashes:         1: leN5E1KsgsnSB0NCTNxhcAlvT68.crl (hash: v0BL3mAH4She332oLbls5aNWw5IH+2MMFEs3gsOTJ5A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:d2:91:60:1f:56:ff:bc:7d:8d:53:e8:b6:55:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95e3791352ac82c9d20743424cdc6170096f4faf
        Validity
            Not Before: Apr 17 01:01:14 2026 GMT
            Not After : Apr 18 01:01:14 2026 GMT
        Subject: CN=a89cb717720f471795897181b5b35c3fb6c2aea3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:2a:5b:7f:d9:f3:c8:8d:d8:27:e4:99:84:b3:
                    17:31:99:91:18:10:c9:d8:e2:73:54:4c:c5:de:c0:
                    66:67:48:c5:0f:1b:c7:0b:91:32:ba:f8:b4:7a:9a:
                    47:bd:e1:1f:f2:15:07:e7:02:f5:38:79:9c:ff:96:
                    98:19:7e:ee:09:69:18:3b:74:83:6b:98:13:9f:d0:
                    f1:30:12:85:9f:0d:43:1a:ca:b9:c4:8f:6a:e9:03:
                    d2:03:2b:65:05:d6:94:b9:16:08:77:c7:91:0b:23:
                    57:5a:8d:e3:4b:c6:b9:f7:d6:b8:6a:0c:f9:49:f9:
                    09:83:b9:24:49:f0:16:97:32:0b:75:92:ef:fd:98:
                    68:40:4c:77:88:55:3c:15:03:19:6c:9c:39:38:42:
                    98:60:3d:ea:a6:03:b8:43:8b:1c:53:56:03:e2:2a:
                    03:95:fe:3d:95:7b:80:be:9f:ef:74:05:19:d3:81:
                    ba:26:1b:73:d5:0c:fe:c7:a8:97:e9:fe:e4:a3:54:
                    63:ba:70:fe:86:50:30:29:f0:c3:52:ef:01:25:f2:
                    a3:8f:c2:97:d3:68:23:fd:93:2e:83:30:b6:70:1f:
                    8a:20:69:1c:0d:2c:ed:8f:92:1b:dd:69:f3:d5:ba:
                    f1:02:4a:99:af:f4:46:0a:30:40:d7:00:c1:ce:70:
                    cb:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:9C:B7:17:72:0F:47:17:95:89:71:81:B5:B3:5C:3F:B6:C2:AE:A3
            X509v3 Authority Key Identifier:
                keyid:95:E3:79:13:52:AC:82:C9:D2:07:43:42:4C:DC:61:70:09:6F:4F:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:dd:6b:28:c9:40:95:0e:01:f2:df:a3:5d:f8:5e:43:c3:48:
         4f:0d:c5:a8:2a:64:19:ba:f8:b8:46:ae:b3:ba:10:11:2f:b2:
         37:df:2a:7e:2c:76:b1:28:f2:41:81:16:d1:68:12:d7:2b:ae:
         3a:c9:68:ed:b5:10:b3:48:75:6e:93:15:3d:ae:44:71:15:b8:
         0b:7f:eb:cb:91:7c:83:49:84:c5:a3:51:d5:93:79:c4:22:e9:
         d6:95:3b:7d:b7:c0:66:1b:c8:d3:eb:59:88:1e:4d:4f:cf:67:
         58:81:b8:26:cc:ad:21:7f:22:bf:0a:b5:7b:e1:a5:a0:b2:60:
         54:dc:7e:ca:d5:88:ac:37:b2:81:88:ee:6e:79:4b:13:48:bb:
         5a:2f:53:9b:cf:41:b0:f9:e6:0c:7e:4b:7f:3b:ac:ec:21:79:
         63:45:b4:b7:d2:44:aa:da:59:07:34:8e:b7:33:f9:ff:0e:01:
         43:ea:25:8c:0d:2e:7d:5b:3a:79:d0:3a:5c:1b:08:bd:f9:d1:
         2b:0b:1c:36:ec:5b:7f:09:e9:66:e4:94:bb:90:86:45:b4:b8:
         17:0a:bb:51:bd:9b:b6:bc:00:ba:b6:01:8a:6b:0a:a6:b4:94:
         9b:ee:7f:44:b5:43:f9:bf:b1:5f:ff:b7:57:c2:84:5f:94:b5:
         25:20:6e:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9NKRYB9W/7x9jVPotlVVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZTM3OTEzNTJhYzgyYzlkMjA3NDM0MjRjZGM2MTcwMDk2
ZjRmYWYwHhcNMjYwNDE3MDEwMTE0WhcNMjYwNDE4MDEwMTE0WjAzMTEwLwYDVQQD
EyhhODljYjcxNzcyMGY0NzE3OTU4OTcxODFiNWIzNWMzZmI2YzJhZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjipbf9nzyI3YJ+SZhLMXMZmRGBDJ
2OJzVEzF3sBmZ0jFDxvHC5Eyuvi0eppHveEf8hUH5wL1OHmc/5aYGX7uCWkYO3SD
a5gTn9DxMBKFnw1DGsq5xI9q6QPSAytlBdaUuRYId8eRCyNXWo3jS8a599a4agz5
SfkJg7kkSfAWlzILdZLv/ZhoQEx3iFU8FQMZbJw5OEKYYD3qpgO4Q4scU1YD4ioD
lf49lXuAvp/vdAUZ04G6Jhtz1Qz+x6iX6f7ko1RjunD+hlAwKfDDUu8BJfKjj8KX
02gj/ZMugzC2cB+KIGkcDSztj5Ib3Wnz1brxAkqZr/RGCjBA1wDBznDLwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKictxdyD0cXlYlxgbWzXD+2wq6jMB8GA1UdIwQY
MBaAFJXjeRNSrILJ0gdDQkzcYXAJb0+vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xYTQ3MmYtYTEzNy00MmM5LWFjOWYt
NGMyYzBjOGYyNDYyLzEvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xYTQ3MmYtYTEzNy00MmM5LWFjOWYtNGMyYzBjOGYyNDYy
LzEvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn91rKMlA
lQ4B8t+jXfheQ8NITw3FqCpkGbr4uEaus7oQES+yN98qfix2sSjyQYEW0WgS1yuu
Oslo7bUQs0h1bpMVPa5EcRW4C3/ry5F8g0mExaNR1ZN5xCLp1pU7fbfAZhvI0+tZ
iB5NT89nWIG4JsytIX8ivwq1e+GloLJgVNx+ytWIrDeygYjubnlLE0i7Wi9Tm89B
sPnmDH5Lfzus7CF5Y0W0t9JEqtpZBzSOtzP5/w4BQ+oljA0ufVs6edA6XBsIvfnR
KwscNuxbfwnpZuSUu5CGRbS4Fwq7Ub2btrwAurYBimsKprSUm+5/RLVD+b+xX/+3
V8KEX5S1JSBuOw==
-----END CERTIFICATE-----