Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
File:                     XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft (raw, json)
Hash identifier:          xG6NIWyEapWDQ7PV2KDtpINot9FpJrNrgbjgO0gGA9U=
Subject key identifier:   E7:41:96:1B:9A:F4:B1:4D:B6:B5:BA:D3:53:91:33:C8:D4:74:06:4F
Authority key identifier: 5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76
Certificate issuer:       /CN=5ed6772b90212e577249f7356c218ed1068b6776
Certificate serial:       019D9AE3460AA858169CAD5216ABF67305C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
Manifest number:          18C0
Signing time:             Fri 17 Apr 2026 10:01:18 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:18 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:18 +0000
Files and hashes:         1: XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl (hash: 4W2A1FyQuNk+cP2Rxl9JvePpxMQMx+PP6Qf3GvX5qxQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:46:0a:a8:58:16:9c:ad:52:16:ab:f6:73:05:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ed6772b90212e577249f7356c218ed1068b6776
        Validity
            Not Before: Apr 17 10:01:18 2026 GMT
            Not After : Apr 18 10:01:18 2026 GMT
        Subject: CN=e741961b9af4b14db6b5bad3539133c8d474064f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:43:7c:64:6e:71:15:f3:6a:72:6d:69:a6:4e:
                    d5:38:2e:f9:bc:c9:30:cf:8b:c5:b6:62:a4:21:a7:
                    f3:bf:27:a2:03:a5:d4:b8:e1:3a:cb:d6:fb:13:ae:
                    82:8e:99:f2:1b:4c:64:ad:0a:e7:a0:51:67:1d:8c:
                    76:1a:f8:48:cc:35:9c:2d:8a:62:2f:81:8f:34:fe:
                    fb:6e:72:f9:d3:5e:de:e9:1d:ba:11:11:9b:e5:a7:
                    c2:b3:d2:be:6d:f6:c5:46:0e:02:aa:4d:45:9c:f4:
                    2a:ac:5c:55:60:57:59:74:b0:95:ba:8a:52:71:f8:
                    1a:6d:f6:bd:1b:25:24:40:af:d8:f3:52:6b:a2:63:
                    e8:e5:73:e3:d2:b0:de:62:4e:28:7e:7e:3e:c8:2d:
                    f7:a7:3b:0b:26:f7:35:78:a0:6e:1e:8b:03:86:5a:
                    14:c6:d9:53:0d:cd:f4:af:db:01:14:4b:43:b6:b8:
                    84:72:da:14:d6:47:85:1c:ea:81:a1:76:b4:80:5f:
                    5c:27:db:29:1a:f4:79:7a:9a:00:9e:99:9b:4c:7f:
                    0c:e6:dc:3b:c5:f2:f7:ee:a1:14:38:86:a4:fd:cb:
                    82:35:49:4c:d2:f2:0a:47:f5:b6:cf:f6:33:c4:63:
                    00:ca:f5:79:13:cd:ae:9f:ce:23:34:1e:a8:5e:77:
                    16:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:41:96:1B:9A:F4:B1:4D:B6:B5:BA:D3:53:91:33:C8:D4:74:06:4F
            X509v3 Authority Key Identifier:
                keyid:5E:D6:77:2B:90:21:2E:57:72:49:F7:35:6C:21:8E:D1:06:8B:67:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f5ee76-eeae-436c-8843-862106853860/1/XtZ3K5AhLldySfc1bCGO0QaLZ3Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:46:11:3d:01:25:e6:89:e9:6a:a5:69:d9:71:af:1a:67:04:
         f7:27:fa:32:33:75:21:1f:0c:ec:f6:4a:27:d4:cb:fe:5f:9c:
         0b:ce:38:d0:1b:1c:17:b5:2f:42:4d:cd:aa:29:12:1b:24:cd:
         51:be:1a:ef:ed:11:97:b0:2c:1f:04:d1:2b:be:0d:ab:d2:b4:
         63:b4:54:72:06:dc:4a:a9:55:d8:4b:5e:d0:21:7a:75:d5:f3:
         90:69:75:4a:3e:ca:68:25:e0:e3:17:a7:3e:f4:21:25:43:60:
         cf:aa:c4:6b:a7:cd:c7:be:c7:c9:74:23:e1:90:1d:b3:8f:fd:
         0b:08:92:5d:92:52:54:29:f7:48:40:c9:ba:8f:92:9a:44:58:
         11:dd:ed:e9:ce:33:c2:fa:4e:a4:b9:82:33:cd:b1:6a:3c:67:
         24:1e:8e:c3:95:bc:25:6e:ae:53:31:ca:a8:7c:87:8f:c1:4b:
         f3:74:12:20:ff:af:bd:dd:be:a3:e8:7c:77:bc:e7:85:68:91:
         64:84:50:26:76:be:65:54:cc:a3:09:f0:01:b3:dc:00:b4:8a:
         69:dd:96:ce:09:0d:cd:9c:af:d3:29:01:8f:c4:74:0a:ec:d1:
         60:67:53:f7:5e:63:44:d9:f1:2c:21:6b:1a:f2:cc:4d:d8:86:
         1a:3f:ed:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a40YKqFgWnK1SFqv2cwXCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDY3NzJiOTAyMTJlNTc3MjQ5ZjczNTZjMjE4ZWQxMDY4
YjY3NzYwHhcNMjYwNDE3MTAwMTE4WhcNMjYwNDE4MTAwMTE4WjAzMTEwLwYDVQQD
EyhlNzQxOTYxYjlhZjRiMTRkYjZiNWJhZDM1MzkxMzNjOGQ0NzQwNjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UN8ZG5xFfNqcm1ppk7VOC75vMkw
z4vFtmKkIafzvyeiA6XUuOE6y9b7E66CjpnyG0xkrQrnoFFnHYx2GvhIzDWcLYpi
L4GPNP77bnL5017e6R26ERGb5afCs9K+bfbFRg4Cqk1FnPQqrFxVYFdZdLCVuopS
cfgabfa9GyUkQK/Y81JromPo5XPj0rDeYk4ofn4+yC33pzsLJvc1eKBuHosDhloU
xtlTDc30r9sBFEtDtriEctoU1keFHOqBoXa0gF9cJ9spGvR5epoAnpmbTH8M5tw7
xfL37qEUOIak/cuCNUlM0vIKR/W2z/YzxGMAyvV5E82un84jNB6oXncWdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOdBlhua9LFNtrW601ORM8jUdAZPMB8GA1UdIwQY
MBaAFF7WdyuQIS5Xckn3NWwhjtEGi2d2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMt
ODYyMTA2ODUzODYwLzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mNWVlNzYtZWVhZS00MzZjLTg4NDMtODYyMTA2ODUzODYw
LzEvWHRaM0s1QWhMbGR5U2ZjMWJDR08wUWFMWjNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApUYRPQEl
5onpaqVp2XGvGmcE9yf6MjN1IR8M7PZKJ9TL/l+cC8440BscF7UvQk3NqikSGyTN
Ub4a7+0Rl7AsHwTRK74Nq9K0Y7RUcgbcSqlV2Ete0CF6ddXzkGl1Sj7KaCXg4xen
PvQhJUNgz6rEa6fNx77HyXQj4ZAds4/9CwiSXZJSVCn3SEDJuo+SmkRYEd3t6c4z
wvpOpLmCM82xajxnJB6Ow5W8JW6uUzHKqHyHj8FL83QSIP+vvd2+o+h8d7znhWiR
ZIRQJna+ZVTMownwAbPcALSKad2WzgkNzZyv0ykBj8R0CuzRYGdT915jRNnxLCFr
GvLMTdiGGj/tUg==
-----END CERTIFICATE-----