Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
File:                     DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft (raw, json)
Hash identifier:          Cg2zFcOoTvqNeIwumJY1bL4jqChJnNAhO5QnRj1cHwk=
Subject key identifier:   38:62:84:AD:C2:11:92:DE:94:4D:FC:5A:1F:38:6B:B9:72:2F:F0:25
Authority key identifier: 0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90
Certificate issuer:       /CN=0e85fd3c9f9558b218022ff409fc554faee79090
Certificate serial:       019D9B87DD49F85307271F81168593A7C911
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
Manifest number:          18BF
Signing time:             Fri 17 Apr 2026 13:01:05 +0000
Manifest this update:     Fri 17 Apr 2026 13:01:05 +0000
Manifest next update:     Sat 18 Apr 2026 13:01:05 +0000
Files and hashes:         1: DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl (hash: 8spU9X30PWnLvXcPIBfYbsmmhRksuOSmwKMrJgGulvQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:87:dd:49:f8:53:07:27:1f:81:16:85:93:a7:c9:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e85fd3c9f9558b218022ff409fc554faee79090
        Validity
            Not Before: Apr 17 13:01:05 2026 GMT
            Not After : Apr 18 13:01:05 2026 GMT
        Subject: CN=386284adc21192de944dfc5a1f386bb9722ff025
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:2a:81:ae:a7:9f:29:f9:e6:e8:27:c7:50:da:
                    b5:e6:07:2c:23:5e:89:9a:0c:96:07:f0:7e:a6:49:
                    8a:56:0e:1e:d8:9f:a7:fe:94:47:42:2d:d8:88:06:
                    8f:2f:32:51:e5:66:a2:89:dc:45:e0:3c:87:e9:32:
                    bd:3f:b5:c5:a5:04:ef:9e:36:15:5c:9b:98:5a:11:
                    96:82:8f:fc:0d:56:b5:25:cb:93:bb:b4:71:24:7b:
                    ab:79:7c:69:c3:5c:1d:9f:1a:09:d5:e0:a5:81:1c:
                    b4:d1:30:b6:4a:d4:c3:4f:25:24:20:3e:16:13:bf:
                    35:38:03:40:7f:7a:74:a3:d3:24:ee:35:4a:fa:87:
                    5b:ab:26:1e:f3:9e:d5:c9:0d:e3:85:ce:7f:d8:43:
                    b1:df:5f:2b:37:29:c3:d8:0e:35:08:14:38:a8:30:
                    9c:9e:ce:f5:55:45:fc:91:13:c9:e4:40:e3:73:d1:
                    36:d0:05:58:a3:e2:8a:f0:da:30:f3:71:d0:0d:1e:
                    41:29:d8:43:02:0d:c9:f9:a1:b5:f9:db:fe:63:2b:
                    2c:fd:ce:68:e3:e2:00:8e:7b:b9:e1:20:a3:11:1a:
                    26:99:11:c7:01:27:61:8c:75:f3:51:66:18:54:e4:
                    58:f0:3f:0b:31:ca:61:d3:89:a3:26:24:4a:62:d2:
                    cb:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:62:84:AD:C2:11:92:DE:94:4D:FC:5A:1F:38:6B:B9:72:2F:F0:25
            X509v3 Authority Key Identifier:
                keyid:0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:e3:c4:9f:6e:72:19:20:23:18:b6:c9:27:e4:db:d2:d6:79:
         30:26:2f:cd:b4:44:91:ba:c5:16:db:fd:2e:98:f5:ba:85:4e:
         f8:54:c1:3c:32:51:09:ad:82:ab:43:5f:62:ea:45:6d:67:97:
         d4:87:42:44:b7:0b:be:06:50:70:db:52:ba:c9:e9:f8:5b:7e:
         36:4e:e8:e1:a4:ce:dd:93:90:a9:c0:1c:c1:2b:70:2b:7b:83:
         f8:6e:24:16:23:9a:20:e6:0f:56:94:85:bf:03:5c:c5:f9:9a:
         13:cc:df:d3:cc:ab:b9:5d:17:68:3a:b7:ab:6f:52:0d:d2:8b:
         3c:ba:34:41:d9:ca:36:5b:73:ca:12:79:0c:4a:76:c7:d3:4c:
         56:b7:85:26:8f:53:20:b6:32:90:22:e2:b1:6f:ec:f0:b0:43:
         8c:a7:0b:9a:e7:ec:4a:61:fa:63:70:65:cd:ff:0f:43:a3:5f:
         18:07:43:f4:71:f2:33:d6:a7:ad:fe:40:0f:70:a3:51:97:68:
         6f:1b:55:72:40:46:9d:e7:a6:a8:84:90:44:f7:74:a3:33:90:
         b0:8d:12:08:a4:b6:33:4a:49:c4:41:9f:92:a8:45:30:81:99:
         77:eb:08:5c:dd:c6:6a:25:08:b5:e0:da:1f:2b:6c:6f:75:e9:
         db:9f:83:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bh91J+FMHJx+BFoWTp8kRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODVmZDNjOWY5NTU4YjIxODAyMmZmNDA5ZmM1NTRmYWVl
NzkwOTAwHhcNMjYwNDE3MTMwMTA1WhcNMjYwNDE4MTMwMTA1WjAzMTEwLwYDVQQD
EygzODYyODRhZGMyMTE5MmRlOTQ0ZGZjNWExZjM4NmJiOTcyMmZmMDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yqBrqefKfnm6CfHUNq15gcsI16J
mgyWB/B+pkmKVg4e2J+n/pRHQi3YiAaPLzJR5WaiidxF4DyH6TK9P7XFpQTvnjYV
XJuYWhGWgo/8DVa1JcuTu7RxJHureXxpw1wdnxoJ1eClgRy00TC2StTDTyUkID4W
E781OANAf3p0o9Mk7jVK+odbqyYe857VyQ3jhc5/2EOx318rNynD2A41CBQ4qDCc
ns71VUX8kRPJ5EDjc9E20AVYo+KK8Now83HQDR5BKdhDAg3J+aG1+dv+Yyss/c5o
4+IAjnu54SCjERommRHHASdhjHXzUWYYVORY8D8LMcph04mjJiRKYtLLDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDhihK3CEZLelE38Wh84a7lyL/AlMB8GA1UdIwQY
MBaAFA6F/TyflViyGAIv9An8VU+u55CQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUt
MzMwM2FmZTVjODliLzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUtMzMwM2FmZTVjODli
LzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH+PEn25y
GSAjGLbJJ+Tb0tZ5MCYvzbREkbrFFtv9Lpj1uoVO+FTBPDJRCa2Cq0NfYupFbWeX
1IdCRLcLvgZQcNtSusnp+Ft+Nk7o4aTO3ZOQqcAcwStwK3uD+G4kFiOaIOYPVpSF
vwNcxfmaE8zf08yruV0XaDq3q29SDdKLPLo0QdnKNltzyhJ5DEp2x9NMVreFJo9T
ILYykCLisW/s8LBDjKcLmufsSmH6Y3Blzf8PQ6NfGAdD9HHyM9anrf5AD3CjUZdo
bxtVckBGneemqISQRPd0ozOQsI0SCKS2M0pJxEGfkqhFMIGZd+sIXN3GaiUIteDa
Hytsb3Xp25+DdA==
-----END CERTIFICATE-----