Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
File:                     oYhrwvjZOpz8WoN-LydS7knyJHQ.mft (raw, json)
Hash identifier:          f1QN9H5U7wESr4lPmeeDC67rJqtopNTiql0yLHKZATg=
Subject key identifier:   03:0A:38:14:DB:FD:CD:EF:8C:1C:58:FE:D9:C9:4F:B0:2C:EA:72:BC
Authority key identifier: A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74
Certificate issuer:       /CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
Certificate serial:       019D9B511861BDEDED36AE189843CCD613BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 12:01:16 +0000
Manifest this update:     Fri 17 Apr 2026 12:01:16 +0000
Manifest next update:     Sat 18 Apr 2026 12:01:16 +0000
Files and hashes:         1: oYhrwvjZOpz8WoN-LydS7knyJHQ.crl (hash: cfCEU07vbkA0cddqnn8UH97DrZDjv+21ZAS9nH36e+Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 12:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:51:18:61:bd:ed:ed:36:ae:18:98:43:cc:d6:13:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
        Validity
            Not Before: Apr 17 12:01:16 2026 GMT
            Not After : Apr 18 12:01:16 2026 GMT
        Subject: CN=030a3814dbfdcdef8c1c58fed9c94fb02cea72bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:76:b5:ab:fb:19:ab:33:2a:4b:2f:35:41:62:
                    06:1f:80:64:d1:2f:73:2c:8f:9d:dc:40:52:d3:c2:
                    0f:81:c4:d0:55:0b:94:95:10:66:94:20:09:70:02:
                    78:2f:4d:68:71:b7:b0:51:b3:c5:24:83:e3:b0:64:
                    f6:d1:29:f3:42:75:c7:d7:18:3d:40:50:10:13:c0:
                    eb:0c:60:7d:a0:00:56:40:9c:05:77:76:92:74:5a:
                    30:e5:71:29:3d:59:86:56:5f:27:11:d5:e1:dd:67:
                    6d:58:97:39:0b:e5:33:48:4d:87:0b:b9:80:cc:15:
                    88:c3:e1:68:ff:c8:ee:9d:94:9d:92:fe:88:d7:67:
                    ea:e3:a8:82:de:20:10:d4:c8:b2:ba:40:7c:16:65:
                    86:68:2d:c7:83:ea:be:fe:d1:0a:1e:3b:72:7e:e9:
                    ba:46:72:e7:f6:5b:15:5b:67:3e:6a:a7:85:09:7a:
                    d2:c0:f4:9e:1f:60:bf:68:7c:8f:e8:42:5a:c0:3d:
                    46:1c:16:f5:c6:ad:ec:87:e1:e4:29:bb:16:67:be:
                    02:e1:26:82:20:25:da:0c:77:9b:0b:ea:9e:e9:a6:
                    e6:7f:5d:58:70:74:d4:3d:54:d2:12:be:41:da:4a:
                    18:47:53:82:e8:ac:65:51:89:97:f4:ec:5d:b3:ed:
                    46:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:0A:38:14:DB:FD:CD:EF:8C:1C:58:FE:D9:C9:4F:B0:2C:EA:72:BC
            X509v3 Authority Key Identifier:
                keyid:A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:d4:e6:f5:1e:7c:a6:e3:40:77:aa:8e:3d:2e:94:6b:a4:c8:
         be:52:54:be:24:87:b7:79:d2:f8:3e:a0:e7:aa:d8:ec:fb:67:
         ef:85:06:e1:77:6a:ef:05:24:3c:93:30:99:0e:bf:c5:36:89:
         85:30:24:c6:64:d2:a5:67:1c:07:05:a1:c2:a2:5f:4b:19:06:
         b0:20:23:7e:0e:22:2d:08:0e:b7:0d:6d:6d:28:fa:07:7e:66:
         7a:be:be:69:61:45:96:04:51:14:b2:6e:ea:d6:7c:3f:c3:20:
         c3:e2:15:00:f7:be:60:b5:5f:8d:58:f1:e7:0b:76:99:97:f8:
         47:4a:12:3d:6a:11:1c:ae:b9:35:ef:6b:e6:1a:ae:86:46:6d:
         59:8c:76:dd:b7:3e:fd:a3:b3:52:40:8d:ea:01:9d:fa:cc:c1:
         d4:ec:33:e3:55:c1:0e:c2:82:8e:de:39:9c:d7:62:b5:81:e0:
         21:8c:3a:27:e9:79:f4:ec:b1:9b:87:f3:de:25:69:05:29:ed:
         40:85:bb:43:55:9f:7b:c9:b0:63:0e:7d:cd:ea:9e:6f:0e:64:
         5e:7d:9d:cb:c1:0c:6f:4a:2e:65:ae:e9:16:bf:10:fd:bc:3b:
         be:68:5d:4d:54:cf:da:57:0c:1e:cd:bb:63:15:72:a4:14:4e:
         3d:3e:1b:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bURhhve3tNq4YmEPM1hO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODg2YmMyZjhkOTNhOWNmYzVhODM3ZTJmMjc1MmVlNDlm
MjI0NzQwHhcNMjYwNDE3MTIwMTE2WhcNMjYwNDE4MTIwMTE2WjAzMTEwLwYDVQQD
EygwMzBhMzgxNGRiZmRjZGVmOGMxYzU4ZmVkOWM5NGZiMDJjZWE3MmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3a1q/sZqzMqSy81QWIGH4Bk0S9z
LI+d3EBS08IPgcTQVQuUlRBmlCAJcAJ4L01ocbewUbPFJIPjsGT20SnzQnXH1xg9
QFAQE8DrDGB9oABWQJwFd3aSdFow5XEpPVmGVl8nEdXh3WdtWJc5C+UzSE2HC7mA
zBWIw+Fo/8junZSdkv6I12fq46iC3iAQ1MiyukB8FmWGaC3Hg+q+/tEKHjtyfum6
RnLn9lsVW2c+aqeFCXrSwPSeH2C/aHyP6EJawD1GHBb1xq3sh+HkKbsWZ74C4SaC
ICXaDHebC+qe6abmf11YcHTUPVTSEr5B2koYR1OC6KxlUYmX9Oxds+1G1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAMKOBTb/c3vjBxY/tnJT7As6nK8MB8GA1UdIwQY
MBaAFKGIa8L42Tqc/FqDfi8nUu5J8iR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5Yzkt
OTk1ZDExYTg2MDE1LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5YzktOTk1ZDExYTg2MDE1
LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAotTm9R58
puNAd6qOPS6Ua6TIvlJUviSHt3nS+D6g56rY7Ptn74UG4Xdq7wUkPJMwmQ6/xTaJ
hTAkxmTSpWccBwWhwqJfSxkGsCAjfg4iLQgOtw1tbSj6B35mer6+aWFFlgRRFLJu
6tZ8P8Mgw+IVAPe+YLVfjVjx5wt2mZf4R0oSPWoRHK65Ne9r5hquhkZtWYx23bc+
/aOzUkCN6gGd+szB1Owz41XBDsKCjt45nNditYHgIYw6J+l59Oyxm4fz3iVpBSnt
QIW7Q1Wfe8mwYw59zeqebw5kXn2dy8EMb0ouZa7pFr8Q/bw7vmhdTVTP2lcMHs27
YxVypBROPT4biA==
-----END CERTIFICATE-----