Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/97c916-81b1-4b3a-9fee-356a19f55506/1/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.mft
File:                     Sh7Uv1AsDy2LyHAmwYrJhZsPHew.mft (raw, json)
Hash identifier:          bb7IJfmGvEGbsgbI+xotzSg32NzOoIr92VnrZED5fVA=
Subject key identifier:   FD:49:EB:47:23:4B:3A:8F:F2:14:47:3E:9A:88:89:30:1F:58:F5:15
Authority key identifier: 4A:1E:D4:BF:50:2C:0F:2D:8B:C8:70:26:C1:8A:C9:85:9B:0F:1D:EC
Certificate issuer:       /CN=4a1ed4bf502c0f2d8bc87026c18ac9859b0f1dec
Certificate serial:       019D9D75F9F761511B7B0CB4EB105678703C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/97c916-81b1-4b3a-9fee-356a19f55506/1/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.mft
Manifest number:          18C2
Signing time:             Fri 17 Apr 2026 22:00:47 +0000
Manifest this update:     Fri 17 Apr 2026 22:00:47 +0000
Manifest next update:     Sat 18 Apr 2026 22:00:47 +0000
Files and hashes:         1: Sh7Uv1AsDy2LyHAmwYrJhZsPHew.crl (hash: qv3F3chFvaNKXASHafzVOQRxbTFwBLLTSxMlkiYiVi0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/97c916-81b1-4b3a-9fee-356a19f55506/1/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/97c916-81b1-4b3a-9fee-356a19f55506/1/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 21:23:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9d:75:f9:f7:61:51:1b:7b:0c:b4:eb:10:56:78:70:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a1ed4bf502c0f2d8bc87026c18ac9859b0f1dec
        Validity
            Not Before: Apr 17 22:00:47 2026 GMT
            Not After : Apr 18 22:00:47 2026 GMT
        Subject: CN=fd49eb47234b3a8ff214473e9a8889301f58f515
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:02:0a:1c:f0:02:7c:49:28:fd:57:d4:dc:d9:
                    bc:e1:7b:c1:d8:c6:d3:dc:d8:dd:c5:67:11:39:d0:
                    5c:ad:37:57:27:3e:7b:35:fd:3a:75:ee:f0:7f:ba:
                    e5:fd:33:7f:07:d9:2f:21:d4:22:9d:bc:2d:58:62:
                    0b:98:86:a3:c4:31:88:53:84:2e:63:1c:77:6a:43:
                    5e:43:21:68:85:e7:e7:15:e8:f0:e2:46:ca:9f:cd:
                    4a:77:3e:b5:7d:d5:8d:90:8e:84:81:50:f5:9a:f0:
                    5c:60:23:23:81:eb:94:fc:b0:6c:4a:fd:82:8c:12:
                    34:c1:c5:da:34:24:66:0d:46:ec:df:a8:cd:bf:5a:
                    c3:36:84:6d:6a:0c:33:dd:0e:a8:04:10:2a:7f:76:
                    40:1d:08:bb:bd:b9:3a:7d:4d:2d:1c:48:3f:e6:85:
                    97:b0:ab:cf:1f:b6:cf:14:b4:f8:58:26:97:5f:83:
                    07:d0:94:a6:58:4e:9f:b8:39:c8:64:57:36:22:67:
                    31:62:ef:18:e7:39:92:84:cc:ea:13:e2:5b:27:a5:
                    c1:f3:7e:26:d5:da:0e:d5:19:58:d0:d6:06:84:a0:
                    71:fb:59:71:44:61:1d:0e:5a:96:05:54:fc:2b:c6:
                    5b:47:71:07:1d:09:2b:e2:2c:6f:f4:74:3e:8e:03:
                    4d:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:49:EB:47:23:4B:3A:8F:F2:14:47:3E:9A:88:89:30:1F:58:F5:15
            X509v3 Authority Key Identifier:
                keyid:4A:1E:D4:BF:50:2C:0F:2D:8B:C8:70:26:C1:8A:C9:85:9B:0F:1D:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/97c916-81b1-4b3a-9fee-356a19f55506/1/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/97c916-81b1-4b3a-9fee-356a19f55506/1/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:39:2d:42:58:3e:d4:47:af:f3:b2:da:58:89:ef:43:0a:aa:
         9b:5a:2e:dc:c1:90:9f:f4:00:3a:95:56:83:6f:93:20:a8:45:
         3f:ce:65:9d:3e:1b:69:42:93:5c:9e:cd:00:b7:39:f4:de:b3:
         b6:b6:d0:d0:53:a2:2d:89:b0:c6:b6:a4:15:b5:ab:8e:1c:c7:
         46:a2:c7:85:a3:c5:11:0f:87:0a:a2:01:de:b2:9b:d0:88:45:
         d6:a8:89:a7:79:a3:c9:9f:9c:0a:58:1d:e2:9f:51:b9:31:44:
         3c:b7:4d:e0:3d:de:0a:fe:b7:71:0a:8a:39:9b:c3:d4:f4:98:
         ef:0b:f4:d0:13:a2:64:be:11:33:b0:d9:2f:e2:ad:c1:c7:a7:
         67:2b:2c:1e:5a:17:3f:a0:cf:e6:df:de:a9:b4:2d:0c:e5:d6:
         44:66:47:a9:35:25:79:9e:9c:bd:c5:a3:32:53:8a:33:7c:3f:
         eb:1d:7a:e9:69:7f:d2:65:2b:bb:25:ce:42:7d:1e:01:0f:44:
         17:ee:b9:47:93:a3:13:5c:75:ef:b1:7f:7d:6a:5c:53:3e:e5:
         98:e9:3b:a0:3d:23:28:9a:e4:9b:a0:b0:00:44:63:1b:2d:01:
         05:f5:a0:7a:f1:ec:c9:a3:07:2c:ae:06:35:fb:a0:80:c3:f2:
         7f:64:1e:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ddfn3YVEbewy06xBWeHA8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhMWVkNGJmNTAyYzBmMmQ4YmM4NzAyNmMxOGFjOTg1OWIw
ZjFkZWMwHhcNMjYwNDE3MjIwMDQ3WhcNMjYwNDE4MjIwMDQ3WjAzMTEwLwYDVQQD
EyhmZDQ5ZWI0NzIzNGIzYThmZjIxNDQ3M2U5YTg4ODkzMDFmNThmNTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwIKHPACfEko/VfU3Nm84XvB2MbT
3NjdxWcROdBcrTdXJz57Nf06de7wf7rl/TN/B9kvIdQinbwtWGILmIajxDGIU4Qu
Yxx3akNeQyFohefnFejw4kbKn81Kdz61fdWNkI6EgVD1mvBcYCMjgeuU/LBsSv2C
jBI0wcXaNCRmDUbs36jNv1rDNoRtagwz3Q6oBBAqf3ZAHQi7vbk6fU0tHEg/5oWX
sKvPH7bPFLT4WCaXX4MH0JSmWE6fuDnIZFc2ImcxYu8Y5zmShMzqE+JbJ6XB834m
1doO1RlY0NYGhKBx+1lxRGEdDlqWBVT8K8ZbR3EHHQkr4ixv9HQ+jgNN9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP1J60cjSzqP8hRHPpqIiTAfWPUVMB8GA1UdIwQY
MBaAFEoe1L9QLA8ti8hwJsGKyYWbDx3sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2g3VXYxQXNEeTJMeUhBbXdZckpoWnNQSGV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85N2M5MTYtODFiMS00YjNhLTlmZWUt
MzU2YTE5ZjU1NTA2LzEvU2g3VXYxQXNEeTJMeUhBbXdZckpoWnNQSGV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85N2M5MTYtODFiMS00YjNhLTlmZWUtMzU2YTE5ZjU1NTA2
LzEvU2g3VXYxQXNEeTJMeUhBbXdZckpoWnNQSGV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdzktQlg+
1Eev87LaWInvQwqqm1ou3MGQn/QAOpVWg2+TIKhFP85lnT4baUKTXJ7NALc59N6z
trbQ0FOiLYmwxrakFbWrjhzHRqLHhaPFEQ+HCqIB3rKb0IhF1qiJp3mjyZ+cClgd
4p9RuTFEPLdN4D3eCv63cQqKOZvD1PSY7wv00BOiZL4RM7DZL+KtwcenZyssHloX
P6DP5t/eqbQtDOXWRGZHqTUleZ6cvcWjMlOKM3w/6x166Wl/0mUruyXOQn0eAQ9E
F+65R5OjE1x177F/fWpcUz7lmOk7oD0jKJrkm6CwAERjGy0BBfWgevHsyaMHLK4G
NfuggMPyf2QebQ==
-----END CERTIFICATE-----