Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
File:                     l37KDVyVbeF79pcQRvLrlc5hXik.mft (raw, json)
Hash identifier:          glQ5BzntKGxEzWVP0FYxyTvQAMZqv8539c+ufruj1Do=
Subject key identifier:   BB:A4:DC:A6:52:08:1E:F9:77:A7:6C:23:31:00:3C:97:84:07:FE:84
Authority key identifier: 97:7E:CA:0D:5C:95:6D:E1:7B:F6:97:10:46:F2:EB:95:CE:61:5E:29
Certificate issuer:       /CN=977eca0d5c956de17bf6971046f2eb95ce615e29
Certificate serial:       019D98F43978741339A0C8C015973BE04E0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l37KDVyVbeF79pcQRvLrlc5hXik.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 01:00:35 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:35 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:35 +0000
Files and hashes:         1: l37KDVyVbeF79pcQRvLrlc5hXik.crl (hash: pXu0uZagVTfgHZNlkEE11I18an496Wt0LX9GMoyTzvY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l37KDVyVbeF79pcQRvLrlc5hXik.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:39:78:74:13:39:a0:c8:c0:15:97:3b:e0:4e:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=977eca0d5c956de17bf6971046f2eb95ce615e29
        Validity
            Not Before: Apr 17 01:00:35 2026 GMT
            Not After : Apr 18 01:00:35 2026 GMT
        Subject: CN=bba4dca652081ef977a76c2331003c978407fe84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:e7:fc:c9:1f:82:2d:8a:92:03:ef:9f:c8:6f:
                    8d:35:b3:e3:31:09:f9:ed:6c:38:d1:5f:c9:37:ca:
                    19:ca:71:35:32:f2:e4:ee:f0:83:71:36:cd:a7:bb:
                    a4:d8:b6:b9:67:a3:11:2f:71:85:fa:ac:a0:85:63:
                    2d:14:a4:69:ea:04:8d:33:8c:da:c2:7d:73:bc:f8:
                    19:fb:cf:85:f1:33:79:df:91:ab:a8:0c:36:d4:f8:
                    01:7b:fd:14:72:6e:7c:eb:6c:3c:0a:01:b6:82:60:
                    2e:6f:10:23:90:64:5a:0c:1d:e6:3c:d1:38:28:1c:
                    b5:db:9a:5c:a8:28:71:5b:2d:c9:cc:80:96:c9:d4:
                    cb:05:e3:7a:42:11:d5:84:a8:5c:da:1c:b7:b4:af:
                    8d:4c:d2:c4:16:f6:76:38:83:42:51:43:47:61:53:
                    1e:31:89:b0:a7:c8:27:12:b6:a2:ae:74:c7:2a:e8:
                    8d:87:8f:af:bc:9c:74:29:ff:5f:af:e2:04:a4:02:
                    f8:4b:b5:45:14:62:41:63:09:25:74:72:fb:ab:a5:
                    3a:37:f6:f6:90:e0:e7:6c:2e:b4:5c:1d:70:6d:2e:
                    a2:3b:71:80:1d:a9:fa:12:86:9b:0a:d4:50:ba:dd:
                    14:5c:bf:4c:d0:f5:8e:94:b7:04:2b:fa:d0:b8:ea:
                    58:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:A4:DC:A6:52:08:1E:F9:77:A7:6C:23:31:00:3C:97:84:07:FE:84
            X509v3 Authority Key Identifier:
                keyid:97:7E:CA:0D:5C:95:6D:E1:7B:F6:97:10:46:F2:EB:95:CE:61:5E:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l37KDVyVbeF79pcQRvLrlc5hXik.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:70:16:d1:d7:6e:65:8a:a6:65:90:27:fd:ee:8f:be:6d:32:
         24:e1:26:66:1a:ef:01:b4:67:7e:f1:10:c1:9a:86:9c:4d:f0:
         11:c6:2b:47:3a:23:8e:85:00:b5:a4:a9:ae:9e:d3:8d:ad:c6:
         30:41:3f:f8:97:ed:80:f4:8b:b2:b4:c4:12:19:05:69:98:73:
         5c:6d:56:35:97:43:ab:ae:00:23:50:f5:f5:c9:17:81:42:f6:
         4a:a0:d1:bb:84:d3:bf:e6:dd:2b:ac:1a:3c:83:80:89:47:7c:
         c1:47:ea:26:2e:80:df:33:35:3d:60:3c:34:a6:ab:72:79:a3:
         84:b9:e0:f2:cf:10:23:ed:d4:ad:e5:7d:47:ec:2a:a6:61:80:
         32:71:d5:a9:7b:aa:d8:6d:08:72:9b:50:1a:60:95:12:55:47:
         f1:ee:2a:eb:cf:a3:7f:df:e5:9d:39:be:9a:c4:f0:e0:34:3a:
         b9:58:0a:88:cf:6b:3a:02:ee:a8:f5:a8:24:d8:6e:73:df:8f:
         a6:97:98:88:68:c2:e9:44:4e:91:73:5b:26:eb:12:37:1c:05:
         41:8e:16:33:89:11:01:24:ce:89:21:f3:66:d8:4e:cd:8f:5d:
         d3:9a:ec:db:61:90:b0:12:c9:94:e1:53:12:2c:0a:58:8d:54:
         32:93:be:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9Dl4dBM5oMjAFZc74E4KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3N2VjYTBkNWM5NTZkZTE3YmY2OTcxMDQ2ZjJlYjk1Y2U2
MTVlMjkwHhcNMjYwNDE3MDEwMDM1WhcNMjYwNDE4MDEwMDM1WjAzMTEwLwYDVQQD
EyhiYmE0ZGNhNjUyMDgxZWY5NzdhNzZjMjMzMTAwM2M5Nzg0MDdmZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOf8yR+CLYqSA++fyG+NNbPjMQn5
7Ww40V/JN8oZynE1MvLk7vCDcTbNp7uk2La5Z6MRL3GF+qyghWMtFKRp6gSNM4za
wn1zvPgZ+8+F8TN535GrqAw21PgBe/0Ucm5862w8CgG2gmAubxAjkGRaDB3mPNE4
KBy125pcqChxWy3JzICWydTLBeN6QhHVhKhc2hy3tK+NTNLEFvZ2OINCUUNHYVMe
MYmwp8gnErairnTHKuiNh4+vvJx0Kf9fr+IEpAL4S7VFFGJBYwkldHL7q6U6N/b2
kODnbC60XB1wbS6iO3GAHan6EoabCtRQut0UXL9M0PWOlLcEK/rQuOpY3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLuk3KZSCB75d6dsIzEAPJeEB/6EMB8GA1UdIwQY
MBaAFJd+yg1clW3he/aXEEby65XOYV4pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDM3S0RWeVZiZUY3OXBjUVJ2THJsYzVoWGlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8zMmFiZDgtYmVkYi00YjdkLWE0NjMt
Nzk3MDZiMzQ1YmJiLzEvbDM3S0RWeVZiZUY3OXBjUVJ2THJsYzVoWGlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8zMmFiZDgtYmVkYi00YjdkLWE0NjMtNzk3MDZiMzQ1YmJi
LzEvbDM3S0RWeVZiZUY3OXBjUVJ2THJsYzVoWGlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfnAW0ddu
ZYqmZZAn/e6Pvm0yJOEmZhrvAbRnfvEQwZqGnE3wEcYrRzojjoUAtaSprp7Tja3G
MEE/+JftgPSLsrTEEhkFaZhzXG1WNZdDq64AI1D19ckXgUL2SqDRu4TTv+bdK6wa
PIOAiUd8wUfqJi6A3zM1PWA8NKarcnmjhLng8s8QI+3UreV9R+wqpmGAMnHVqXuq
2G0IcptQGmCVElVH8e4q68+jf9/lnTm+msTw4DQ6uVgKiM9rOgLuqPWoJNhuc9+P
ppeYiGjC6UROkXNbJusSNxwFQY4WM4kRASTOiSHzZthOzY9d05rs22GQsBLJlOFT
EiwKWI1UMpO+aA==
-----END CERTIFICATE-----