Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
File:                     u0WFtGeSNzbELHly4QQvGy4w3GY.mft (raw, json)
Hash identifier:          1m/S8PGMcJaVJqhLB1VS4/wdtnc0+5eq5q5WvRntuJ8=
Subject key identifier:   AF:66:5D:2E:4D:60:C9:64:75:F1:22:C3:FB:48:68:8D:57:C6:E4:C2
Authority key identifier: BB:45:85:B4:67:92:37:36:C4:2C:79:72:E1:04:2F:1B:2E:30:DC:66
Certificate issuer:       /CN=bb4585b467923736c42c7972e1042f1b2e30dc66
Certificate serial:       019D98F540A066608D38F2D374E20EA7CA5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
Manifest number:          18BF
Signing time:             Fri 17 Apr 2026 01:01:42 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:42 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:42 +0000
Files and hashes:         1: u0WFtGeSNzbELHly4QQvGy4w3GY.crl (hash: Ogh1fOR5aKcI878YqSDI3egUVIp06R5r/8LwMLk74fU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f5:40:a0:66:60:8d:38:f2:d3:74:e2:0e:a7:ca:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb4585b467923736c42c7972e1042f1b2e30dc66
        Validity
            Not Before: Apr 17 01:01:42 2026 GMT
            Not After : Apr 18 01:01:42 2026 GMT
        Subject: CN=af665d2e4d60c96475f122c3fb48688d57c6e4c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:08:b9:dc:93:0c:99:3d:96:33:38:53:45:6a:
                    02:c3:90:ca:13:81:25:1b:02:69:f3:e8:2d:d2:a4:
                    e2:fc:ef:e7:13:c1:b5:a9:45:e6:f0:c2:dd:4e:45:
                    d2:e2:89:a5:bc:94:26:a5:c2:c1:25:ac:54:41:a2:
                    2f:c0:54:ca:80:0b:29:2a:ac:75:4b:ff:ff:21:72:
                    0d:21:2d:53:eb:f8:a7:5a:b9:d9:c5:9e:9c:b7:69:
                    c3:a3:5c:f6:d2:48:48:24:e0:0f:4f:b3:8a:ce:11:
                    ba:9e:4b:6f:04:85:8f:42:40:13:d1:d0:d3:4e:b5:
                    9e:0e:c7:82:9c:ee:00:94:1d:f8:e1:e0:18:85:e9:
                    20:95:07:f0:81:95:60:71:49:eb:d4:06:49:59:60:
                    09:9d:bc:b9:3b:fa:21:6b:27:f9:f3:93:63:d6:21:
                    cf:83:56:71:58:e1:01:f4:77:eb:68:8a:5b:58:9f:
                    85:a3:f5:b3:12:6a:0e:8e:0e:29:a9:b8:f9:d7:78:
                    97:82:0d:74:dd:9b:56:2d:d2:37:f8:9a:d3:63:76:
                    d1:9f:f6:95:e4:ef:7c:33:50:cf:9e:6b:a9:92:93:
                    ed:c9:2e:54:01:c9:f4:a4:47:a5:40:69:a4:86:82:
                    7a:24:2c:fb:8e:ef:8c:82:95:da:1a:ef:6e:5a:17:
                    41:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:66:5D:2E:4D:60:C9:64:75:F1:22:C3:FB:48:68:8D:57:C6:E4:C2
            X509v3 Authority Key Identifier:
                keyid:BB:45:85:B4:67:92:37:36:C4:2C:79:72:E1:04:2F:1B:2E:30:DC:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:fe:02:24:4f:5d:57:98:3c:0d:68:28:bf:59:12:02:cb:48:
         40:25:1f:ef:24:54:dd:53:4c:b4:85:48:06:8a:b5:fe:cf:3b:
         ff:c9:4f:af:10:4d:f7:51:b7:7d:af:94:83:f4:c6:46:78:bc:
         cd:4a:52:e9:8f:7c:8f:0b:12:13:e4:27:4d:fc:26:03:d9:0a:
         13:d9:51:de:af:78:8e:8b:15:c6:73:3f:14:14:0a:47:31:0c:
         99:de:80:25:76:f5:a9:2f:a1:8c:37:3d:14:15:92:9e:69:74:
         74:20:a4:1b:e8:d9:e6:b1:e4:6b:22:6c:a1:cf:66:9b:78:b7:
         ad:b5:d5:67:e8:3a:bf:44:a6:26:eb:f3:b6:17:f1:60:e1:5b:
         77:b3:5e:ed:41:12:d2:b4:c6:a8:89:20:78:2a:51:7f:6d:9c:
         f1:cd:a9:f9:75:ca:4f:72:d4:6a:f2:14:60:11:7d:b3:3a:84:
         6e:94:6a:18:1d:75:57:42:42:ea:0e:de:ad:5d:83:8a:aa:04:
         98:57:78:68:05:1c:ed:ce:4f:9a:06:84:13:84:fa:35:23:69:
         27:06:02:f6:f1:f6:93:9c:26:c3:d1:7f:2a:e2:21:28:31:f3:
         d4:e4:33:d2:4a:a7:80:a0:3d:fb:cf:70:34:6c:24:e6:90:fb:
         05:c4:76:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9UCgZmCNOPLTdOIOp8pdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDU4NWI0Njc5MjM3MzZjNDJjNzk3MmUxMDQyZjFiMmUz
MGRjNjYwHhcNMjYwNDE3MDEwMTQyWhcNMjYwNDE4MDEwMTQyWjAzMTEwLwYDVQQD
EyhhZjY2NWQyZTRkNjBjOTY0NzVmMTIyYzNmYjQ4Njg4ZDU3YzZlNGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugi53JMMmT2WMzhTRWoCw5DKE4El
GwJp8+gt0qTi/O/nE8G1qUXm8MLdTkXS4omlvJQmpcLBJaxUQaIvwFTKgAspKqx1
S///IXINIS1T6/inWrnZxZ6ct2nDo1z20khIJOAPT7OKzhG6nktvBIWPQkAT0dDT
TrWeDseCnO4AlB344eAYhekglQfwgZVgcUnr1AZJWWAJnby5O/ohayf585Nj1iHP
g1ZxWOEB9HfraIpbWJ+Fo/WzEmoOjg4pqbj513iXgg103ZtWLdI3+JrTY3bRn/aV
5O98M1DPnmupkpPtyS5UAcn0pEelQGmkhoJ6JCz7ju+MgpXaGu9uWhdBOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK9mXS5NYMlkdfEiw/tIaI1XxuTCMB8GA1UdIwQY
MBaAFLtFhbRnkjc2xCx5cuEELxsuMNxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9kY2I4NDYtM2ZhMi00NTdmLTg5ODUt
NjYzODEwMWUzMTliLzEvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9kY2I4NDYtM2ZhMi00NTdmLTg5ODUtNjYzODEwMWUzMTli
LzEvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGP4CJE9d
V5g8DWgov1kSAstIQCUf7yRU3VNMtIVIBoq1/s87/8lPrxBN91G3fa+Ug/TGRni8
zUpS6Y98jwsSE+QnTfwmA9kKE9lR3q94josVxnM/FBQKRzEMmd6AJXb1qS+hjDc9
FBWSnml0dCCkG+jZ5rHkayJsoc9mm3i3rbXVZ+g6v0SmJuvzthfxYOFbd7Ne7UES
0rTGqIkgeCpRf22c8c2p+XXKT3LUavIUYBF9szqEbpRqGB11V0JC6g7erV2DiqoE
mFd4aAUc7c5PmgaEE4T6NSNpJwYC9vH2k5wmw9F/KuIhKDHz1OQz0kqngKA9+89w
NGwk5pD7BcR26Q==
-----END CERTIFICATE-----