Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
File:                     OQlq7uS6fDS4EkCtSRrEba90wx0.mft (raw, json)
Hash identifier:          oKBw7wJDUS3WGApLVR/wGVDyprV5U/u17QWX65fp9Hc=
Subject key identifier:   A6:42:8B:1A:A1:68:AC:49:B3:23:CD:99:96:4A:27:1E:A0:6E:5E:1B
Authority key identifier: 39:09:6A:EE:E4:BA:7C:34:B8:12:40:AD:49:1A:C4:6D:AF:74:C3:1D
Certificate issuer:       /CN=39096aeee4ba7c34b81240ad491ac46daf74c31d
Certificate serial:       019D9999735B663369EA424A255536070E31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
Manifest number:          18BF
Signing time:             Fri 17 Apr 2026 04:01:03 +0000
Manifest this update:     Fri 17 Apr 2026 04:01:03 +0000
Manifest next update:     Sat 18 Apr 2026 04:01:03 +0000
Files and hashes:         1: OQlq7uS6fDS4EkCtSRrEba90wx0.crl (hash: QxCw9Qys+84WevROSBZznJspym7X9mw0HCiiyYB44vI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 04:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:99:73:5b:66:33:69:ea:42:4a:25:55:36:07:0e:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39096aeee4ba7c34b81240ad491ac46daf74c31d
        Validity
            Not Before: Apr 17 04:01:03 2026 GMT
            Not After : Apr 18 04:01:03 2026 GMT
        Subject: CN=a6428b1aa168ac49b323cd99964a271ea06e5e1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:1c:55:8a:f9:65:50:c0:07:c5:f2:79:1f:4f:
                    a6:0c:05:da:75:45:a7:75:59:40:97:90:3e:c4:ae:
                    a1:aa:6b:4c:d0:57:61:58:6d:bb:64:84:a8:81:74:
                    f8:09:43:65:b9:ad:32:59:1e:4f:d6:6d:5f:d8:ef:
                    d5:bf:b3:0a:b3:75:d3:5c:6e:c8:9e:e9:8e:be:d9:
                    57:a3:2e:65:7f:8b:8b:cd:ce:ee:d3:78:a9:d5:c2:
                    ec:35:8b:f1:7d:b3:29:4a:f5:50:78:9b:98:cc:c8:
                    2a:d5:2b:59:26:25:1f:17:a1:f5:1f:d1:10:a6:5e:
                    25:ac:07:23:06:0b:7d:c9:4e:04:92:39:01:c0:cc:
                    09:d3:d9:d8:98:c3:c6:ce:a4:c9:c1:d1:e7:6d:f1:
                    a0:17:ac:d8:63:61:ac:c8:94:16:e4:38:71:04:09:
                    2c:c5:b4:14:0c:24:3e:63:4f:8c:56:42:d8:a9:46:
                    15:ec:b8:7c:ab:95:4e:9a:88:95:e7:69:81:a7:76:
                    a1:87:d8:ce:68:03:ad:22:12:d4:30:26:88:c0:cf:
                    12:ac:91:16:15:c4:87:11:7e:20:9d:b4:0d:d7:e6:
                    0b:a7:a1:f3:a2:b5:29:ce:ea:b9:de:86:a1:19:ce:
                    dc:62:c4:8d:de:50:11:d1:91:ae:e2:ae:96:2b:39:
                    b1:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:42:8B:1A:A1:68:AC:49:B3:23:CD:99:96:4A:27:1E:A0:6E:5E:1B
            X509v3 Authority Key Identifier:
                keyid:39:09:6A:EE:E4:BA:7C:34:B8:12:40:AD:49:1A:C4:6D:AF:74:C3:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:ef:57:c2:22:b7:e9:4a:ad:0b:63:8a:9f:ae:ee:94:f0:88:
         d3:fe:79:14:ae:1d:ca:63:ab:20:6e:66:04:54:64:c9:be:ca:
         61:57:43:d6:d2:9a:4b:9b:d1:76:84:a3:41:7d:30:6b:aa:6c:
         01:2f:36:9d:6f:7d:9a:c0:79:11:fc:0f:31:1a:3e:5d:4e:ec:
         f6:da:14:50:c5:75:26:51:49:e0:67:4f:64:04:51:e7:5b:b5:
         f9:66:0c:c2:4e:44:07:9d:3d:93:18:3d:31:b0:e0:12:b1:b3:
         63:23:0e:9c:44:cd:31:41:bb:e0:9a:e4:53:24:0f:4b:49:74:
         b0:53:f3:fa:a1:76:c3:bc:cd:3b:dc:28:6a:34:4d:52:ee:42:
         e6:90:5e:57:ff:6e:da:4f:23:16:96:56:ec:e5:e1:8b:cf:fc:
         7c:59:fc:4a:ac:1d:1e:13:7f:bc:42:34:5a:da:7c:e9:b1:85:
         3d:91:c5:ac:38:c4:4a:fa:c9:a0:bc:28:15:f3:87:17:0a:30:
         bf:74:a6:a2:fd:6d:1f:43:e8:bf:68:48:05:0b:8e:06:fb:de:
         21:a2:19:c7:42:d2:93:07:25:f4:43:4d:43:d7:5d:70:e9:72:
         05:3d:cd:d4:a8:9e:b4:de:cb:e8:f6:cc:67:95:a6:de:19:79:
         2e:a4:1e:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmXNbZjNp6kJKJVU2Bw4xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDk2YWVlZTRiYTdjMzRiODEyNDBhZDQ5MWFjNDZkYWY3
NGMzMWQwHhcNMjYwNDE3MDQwMTAzWhcNMjYwNDE4MDQwMTAzWjAzMTEwLwYDVQQD
EyhhNjQyOGIxYWExNjhhYzQ5YjMyM2NkOTk5NjRhMjcxZWEwNmU1ZTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxxVivllUMAHxfJ5H0+mDAXadUWn
dVlAl5A+xK6hqmtM0FdhWG27ZISogXT4CUNlua0yWR5P1m1f2O/Vv7MKs3XTXG7I
numOvtlXoy5lf4uLzc7u03ip1cLsNYvxfbMpSvVQeJuYzMgq1StZJiUfF6H1H9EQ
pl4lrAcjBgt9yU4EkjkBwMwJ09nYmMPGzqTJwdHnbfGgF6zYY2GsyJQW5DhxBAks
xbQUDCQ+Y0+MVkLYqUYV7Lh8q5VOmoiV52mBp3ahh9jOaAOtIhLUMCaIwM8SrJEW
FcSHEX4gnbQN1+YLp6HzorUpzuq53oahGc7cYsSN3lAR0ZGu4q6WKzmxmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKZCixqhaKxJsyPNmZZKJx6gbl4bMB8GA1UdIwQY
MBaAFDkJau7kunw0uBJArUkaxG2vdMMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iYjFhYTctNzQ1NS00ZDJkLTgyZGEt
MTA1NjE3NjM4NzI2LzEvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iYjFhYTctNzQ1NS00ZDJkLTgyZGEtMTA1NjE3NjM4NzI2
LzEvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApu9XwiK3
6UqtC2OKn67ulPCI0/55FK4dymOrIG5mBFRkyb7KYVdD1tKaS5vRdoSjQX0wa6ps
AS82nW99msB5EfwPMRo+XU7s9toUUMV1JlFJ4GdPZARR51u1+WYMwk5EB509kxg9
MbDgErGzYyMOnETNMUG74JrkUyQPS0l0sFPz+qF2w7zNO9woajRNUu5C5pBeV/9u
2k8jFpZW7OXhi8/8fFn8SqwdHhN/vEI0Wtp86bGFPZHFrDjESvrJoLwoFfOHFwow
v3Smov1tH0Pov2hIBQuOBvveIaIZx0LSkwcl9ENNQ9ddcOlyBT3N1KietN7L6PbM
Z5Wm3hl5LqQeYQ==
-----END CERTIFICATE-----