Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
File:                     YcGgEMsk-ZbneJixJHJbVbY0OOA.mft (raw, json)
Hash identifier:          394IHnXxD0kVWhImlJkQ8JeEO8bxkP26uLOHs1odAyw=
Subject key identifier:   7B:C2:02:4D:46:75:05:C4:A7:25:E8:CA:58:B3:1E:6D:8F:1C:CD:D5
Authority key identifier: 61:C1:A0:10:CB:24:F9:96:E7:78:98:B1:24:72:5B:55:B6:34:38:E0
Certificate issuer:       /CN=61c1a010cb24f996e77898b124725b55b63438e0
Certificate serial:       019DA29C59EAE93C81D49B86B409F2474336
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
Manifest number:          18C2
Signing time:             Sat 18 Apr 2026 22:00:48 +0000
Manifest this update:     Sat 18 Apr 2026 22:00:48 +0000
Manifest next update:     Sun 19 Apr 2026 22:00:48 +0000
Files and hashes:         1: YcGgEMsk-ZbneJixJHJbVbY0OOA.crl (hash: 3maKuKwgNUoxTCs8UQr/8z6SVunDBA5QqzhNFh11RoE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 19 Apr 2026 22:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a2:9c:59:ea:e9:3c:81:d4:9b:86:b4:09:f2:47:43:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61c1a010cb24f996e77898b124725b55b63438e0
        Validity
            Not Before: Apr 18 22:00:48 2026 GMT
            Not After : Apr 19 22:00:48 2026 GMT
        Subject: CN=7bc2024d467505c4a725e8ca58b31e6d8f1ccdd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:c4:eb:0a:4c:e6:96:b4:fd:9e:5c:67:ef:21:
                    a0:e9:01:b0:ae:44:52:0f:9b:73:a5:89:78:5f:59:
                    8c:b8:04:91:44:66:00:26:d2:94:2a:26:4c:f2:a2:
                    0b:d1:e3:8d:9a:3e:d5:5a:05:b6:ae:93:63:94:e6:
                    85:5f:5e:df:54:9c:49:8a:e1:a5:0d:1b:77:81:55:
                    d4:8a:aa:b7:61:c7:ae:bf:ad:e5:64:9c:50:cf:9c:
                    07:76:cb:e1:d3:c0:77:fc:31:07:a0:fb:30:7d:44:
                    21:c9:fd:a9:59:e6:56:f5:d1:ef:8a:e9:e5:e5:47:
                    b9:bb:b0:84:19:bf:f9:4f:20:83:c5:a8:74:61:a9:
                    0c:af:d3:79:c8:5f:d2:f4:99:5e:00:f6:a4:8f:3c:
                    6d:f6:74:3d:1e:99:10:e6:5e:d8:9a:f3:e9:48:58:
                    0b:56:ae:e6:4e:07:19:cf:51:1f:23:26:dd:6e:72:
                    7e:cf:79:d5:fa:d7:75:ee:7c:22:f5:ff:75:de:25:
                    e9:90:8b:c1:04:68:3b:c7:35:62:24:c8:42:3e:94:
                    15:ca:52:1f:61:ff:05:47:6b:a6:c0:b0:14:56:ef:
                    3f:84:b2:6a:50:39:e1:9d:0a:2b:47:31:ad:90:3e:
                    c0:7c:17:77:54:a9:4e:fa:b2:c2:ae:f5:4f:ab:86:
                    96:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:C2:02:4D:46:75:05:C4:A7:25:E8:CA:58:B3:1E:6D:8F:1C:CD:D5
            X509v3 Authority Key Identifier:
                keyid:61:C1:A0:10:CB:24:F9:96:E7:78:98:B1:24:72:5B:55:B6:34:38:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:b1:48:f8:d3:f0:ad:32:fd:31:b8:00:48:0a:d3:97:0e:02:
         2c:18:e2:d3:38:0c:d6:99:75:95:a5:1c:da:58:e1:95:48:de:
         6a:4a:eb:df:31:af:99:11:70:a1:84:9a:ee:cf:71:ae:c7:79:
         e9:bb:cd:b9:ea:12:30:e3:da:82:17:a6:e0:e5:19:75:ec:3f:
         79:18:26:a2:27:5a:70:0f:a2:a1:35:26:1d:80:65:67:94:64:
         0f:8a:81:d9:8e:33:40:62:36:88:aa:1f:fb:18:17:c6:cf:88:
         49:18:76:49:e5:25:2f:75:43:04:ef:cd:bb:d3:c5:55:6c:ac:
         92:34:e1:9b:5d:13:bd:c3:94:79:71:f4:ba:90:99:20:a3:2f:
         4b:29:03:16:96:c8:10:98:28:ce:10:46:b8:55:4b:3a:77:0f:
         bd:9a:d8:cf:16:dc:1f:3a:0b:9d:16:44:d8:3b:a0:4b:06:b1:
         78:b7:4e:66:36:06:5b:eb:17:26:00:76:ce:f4:13:f4:1d:07:
         ff:45:95:4d:ff:6e:9f:27:67:0e:16:13:41:64:5b:1d:24:5c:
         22:43:dd:16:60:7d:1c:69:95:79:57:01:12:0e:e2:2d:5d:5d:
         d6:c5:73:e0:74:2c:be:8b:f3:91:0a:75:b3:5d:8f:93:09:7d:
         38:45:d7:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2inFnq6TyB1JuGtAnyR0M2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzFhMDEwY2IyNGY5OTZlNzc4OThiMTI0NzI1YjU1YjYz
NDM4ZTAwHhcNMjYwNDE4MjIwMDQ4WhcNMjYwNDE5MjIwMDQ4WjAzMTEwLwYDVQQD
Eyg3YmMyMDI0ZDQ2NzUwNWM0YTcyNWU4Y2E1OGIzMWU2ZDhmMWNjZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMTrCkzmlrT9nlxn7yGg6QGwrkRS
D5tzpYl4X1mMuASRRGYAJtKUKiZM8qIL0eONmj7VWgW2rpNjlOaFX17fVJxJiuGl
DRt3gVXUiqq3Yceuv63lZJxQz5wHdsvh08B3/DEHoPswfUQhyf2pWeZW9dHviunl
5Ue5u7CEGb/5TyCDxah0YakMr9N5yF/S9JleAPakjzxt9nQ9HpkQ5l7YmvPpSFgL
Vq7mTgcZz1EfIybdbnJ+z3nV+td17nwi9f913iXpkIvBBGg7xzViJMhCPpQVylIf
Yf8FR2umwLAUVu8/hLJqUDnhnQorRzGtkD7AfBd3VKlO+rLCrvVPq4aW1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHvCAk1GdQXEpyXoylizHm2PHM3VMB8GA1UdIwQY
MBaAFGHBoBDLJPmW53iYsSRyW1W2NDjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8zM2MxYzAtNGNiOC00NGI5LWEzZTkt
ZTllOTkzN2I4ZGNlLzEvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8zM2MxYzAtNGNiOC00NGI5LWEzZTktZTllOTkzN2I4ZGNl
LzEvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKLFI+NPw
rTL9MbgASArTlw4CLBji0zgM1pl1laUc2ljhlUjeakrr3zGvmRFwoYSa7s9xrsd5
6bvNueoSMOPaghem4OUZdew/eRgmoidacA+ioTUmHYBlZ5RkD4qB2Y4zQGI2iKof
+xgXxs+ISRh2SeUlL3VDBO/Nu9PFVWyskjThm10TvcOUeXH0upCZIKMvSykDFpbI
EJgozhBGuFVLOncPvZrYzxbcHzoLnRZE2DugSwaxeLdOZjYGW+sXJgB2zvQT9B0H
/0WVTf9unydnDhYTQWRbHSRcIkPdFmB9HGmVeVcBEg7iLV1d1sVz4HQsvovzkQp1
s12Pkwl9OEXXZw==
-----END CERTIFICATE-----