Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
File:                     y_nNJDztaTe2vqVxAoFP-bpCZiE.mft (raw, json)
Hash identifier:          5lJSDIXEaFBGkD5EGUrxm3/ybE20wD5Yy8E6o5I1WNw=
Subject key identifier:   4C:0B:61:0D:1A:78:29:EE:9C:44:29:46:43:49:23:6F:D0:58:2D:8C
Authority key identifier: CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21
Certificate issuer:       /CN=cbf9cd243ced6937b6bea57102814ff9ba426621
Certificate serial:       019D9B509FB34A223D5D065A6AA8001032C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
Manifest number:          18BF
Signing time:             Fri 17 Apr 2026 12:00:45 +0000
Manifest this update:     Fri 17 Apr 2026 12:00:45 +0000
Manifest next update:     Sat 18 Apr 2026 12:00:45 +0000
Files and hashes:         1: y_nNJDztaTe2vqVxAoFP-bpCZiE.crl (hash: re0oGj8trEyCqnm+9hVy7sEz41qhWB5ZrJm84GCx1FE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 12:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:50:9f:b3:4a:22:3d:5d:06:5a:6a:a8:00:10:32:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbf9cd243ced6937b6bea57102814ff9ba426621
        Validity
            Not Before: Apr 17 12:00:45 2026 GMT
            Not After : Apr 18 12:00:45 2026 GMT
        Subject: CN=4c0b610d1a7829ee9c4429464349236fd0582d8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:93:2f:e1:b4:2d:e4:ba:75:a2:a0:20:c5:a4:
                    2c:ce:99:94:82:3a:f1:52:36:a5:08:24:fd:75:dc:
                    47:31:77:5b:13:1c:fc:5a:8c:77:37:78:c8:e4:96:
                    48:b2:4e:8b:bc:40:27:17:9c:2c:4e:31:ec:24:28:
                    92:ff:84:51:88:ed:68:ee:98:c1:c4:a0:ab:68:b7:
                    e3:f0:3a:56:b5:7a:d9:67:c1:d5:2c:6d:e5:da:b7:
                    69:d4:aa:87:8c:44:11:b3:25:65:1f:10:26:e1:13:
                    60:5a:b2:ee:db:9d:4d:94:7c:bb:1c:ef:13:fa:26:
                    2a:84:08:9e:97:13:da:61:04:44:eb:6f:03:d2:58:
                    f2:4c:59:af:71:81:6f:23:4b:d8:44:ed:ce:83:b8:
                    03:87:1b:20:52:75:27:f4:f2:1a:1c:bb:66:f6:dd:
                    4e:77:5d:9b:b8:ee:21:31:f5:98:64:98:37:9f:b2:
                    00:c4:22:1b:8d:00:c4:00:1e:fb:cc:a7:b4:cf:cc:
                    4f:a5:1e:d7:f8:8e:72:e0:99:00:48:1f:c6:9b:d6:
                    44:2c:0d:ac:33:ec:a4:af:82:f9:cd:1b:bc:c3:db:
                    b1:18:41:44:24:13:01:90:4c:49:e1:31:78:2c:dc:
                    98:e8:7f:29:64:1b:89:a6:97:21:21:f1:ee:19:65:
                    97:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:0B:61:0D:1A:78:29:EE:9C:44:29:46:43:49:23:6F:D0:58:2D:8C
            X509v3 Authority Key Identifier:
                keyid:CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:ae:9f:b6:45:a3:e7:46:a3:11:2a:03:95:31:b4:52:4a:24:
         a9:36:eb:c9:74:70:08:41:f9:ed:6f:da:44:53:0a:83:d2:87:
         45:c9:c5:8c:23:89:7b:44:6e:32:0a:e9:2d:ba:a7:a8:dd:26:
         5a:7e:fa:6b:e3:c3:ba:cc:0f:86:e6:85:25:bf:57:9f:29:31:
         a1:b8:27:d8:af:fa:74:9e:a6:14:c2:43:7d:ed:a7:82:f6:d2:
         d9:c6:c7:ba:a1:1a:b4:29:7c:22:37:a2:ca:08:5f:36:ed:8d:
         b9:17:05:e5:6e:7a:ae:02:49:e3:19:3a:44:f9:9e:d5:0f:94:
         8d:fe:00:10:95:1d:33:7b:76:4a:6d:2f:c1:73:5c:13:4c:a8:
         ab:6f:ef:9c:94:bb:4a:a6:b8:46:43:07:d3:83:5c:17:d2:2a:
         0a:09:78:b0:46:4a:72:15:37:52:90:82:5d:86:80:b8:64:f0:
         ac:17:49:c7:fb:ff:a7:5c:f9:26:47:93:f5:6e:bb:c2:d9:38:
         a8:9a:39:4e:05:d7:bb:81:a6:d1:68:df:d8:ac:86:4e:18:ae:
         74:cb:84:39:b2:f4:2d:e5:e5:b8:66:bc:87:46:61:86:15:de:
         84:1d:a9:26:90:c6:9e:7b:68:0b:bd:2d:75:b0:21:a3:71:fa:
         2a:41:cd:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUJ+zSiI9XQZaaqgAEDLIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZjljZDI0M2NlZDY5MzdiNmJlYTU3MTAyODE0ZmY5YmE0
MjY2MjEwHhcNMjYwNDE3MTIwMDQ1WhcNMjYwNDE4MTIwMDQ1WjAzMTEwLwYDVQQD
Eyg0YzBiNjEwZDFhNzgyOWVlOWM0NDI5NDY0MzQ5MjM2ZmQwNTgyZDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5Mv4bQt5Lp1oqAgxaQszpmUgjrx
UjalCCT9ddxHMXdbExz8Wox3N3jI5JZIsk6LvEAnF5wsTjHsJCiS/4RRiO1o7pjB
xKCraLfj8DpWtXrZZ8HVLG3l2rdp1KqHjEQRsyVlHxAm4RNgWrLu251NlHy7HO8T
+iYqhAielxPaYQRE628D0ljyTFmvcYFvI0vYRO3Og7gDhxsgUnUn9PIaHLtm9t1O
d12buO4hMfWYZJg3n7IAxCIbjQDEAB77zKe0z8xPpR7X+I5y4JkASB/Gm9ZELA2s
M+ykr4L5zRu8w9uxGEFEJBMBkExJ4TF4LNyY6H8pZBuJppchIfHuGWWXcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEwLYQ0aeCnunEQpRkNJI2/QWC2MMB8GA1UdIwQY
MBaAFMv5zSQ87Wk3tr6lcQKBT/m6QmYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQt
MWMxMzI1MGE2YTNjLzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQtMWMxMzI1MGE2YTNj
LzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAda6ftkWj
50ajESoDlTG0UkokqTbryXRwCEH57W/aRFMKg9KHRcnFjCOJe0RuMgrpLbqnqN0m
Wn76a+PDuswPhuaFJb9Xnykxobgn2K/6dJ6mFMJDfe2ngvbS2cbHuqEatCl8Ijei
yghfNu2NuRcF5W56rgJJ4xk6RPme1Q+Ujf4AEJUdM3t2Sm0vwXNcE0yoq2/vnJS7
Sqa4RkMH04NcF9IqCgl4sEZKchU3UpCCXYaAuGTwrBdJx/v/p1z5JkeT9W67wtk4
qJo5TgXXu4Gm0Wjf2KyGThiudMuEObL0LeXluGa8h0ZhhhXehB2pJpDGnntoC70t
dbAho3H6KkHNog==
-----END CERTIFICATE-----