Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
File:                     ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft (raw, json)
Hash identifier:          u6dd4MErVypeJBAED+7ww3J3hLcL9VHUvhswOgsMt1A=
Subject key identifier:   47:04:21:A4:C1:4B:77:3B:22:DD:CB:B9:80:05:C2:01:F0:70:4C:A3
Authority key identifier: 64:B9:0F:34:52:5F:80:02:5E:A7:7C:B6:18:E7:51:99:82:AB:85:92
Certificate issuer:       /CN=64b90f34525f80025ea77cb618e7519982ab8592
Certificate serial:       019D98F4FDFF2142FF23979B38C8F138C571
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
Manifest number:          18BF
Signing time:             Fri 17 Apr 2026 01:01:25 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:25 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:25 +0000
Files and hashes:         1: ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl (hash: 6qs6F6+3bhedA2IAng3ZHLf7oMV8DucDjNkCkgl3PdY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:fd:ff:21:42:ff:23:97:9b:38:c8:f1:38:c5:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64b90f34525f80025ea77cb618e7519982ab8592
        Validity
            Not Before: Apr 17 01:01:25 2026 GMT
            Not After : Apr 18 01:01:25 2026 GMT
        Subject: CN=470421a4c14b773b22ddcbb98005c201f0704ca3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:6f:f6:7b:82:f1:f3:7c:46:8e:ec:40:11:61:
                    b6:f0:8f:89:bd:b1:57:cc:9a:fe:39:32:d1:37:88:
                    55:2e:42:72:51:f5:b2:74:c2:04:5a:d4:be:04:d5:
                    f2:87:f3:2c:23:5a:77:b6:53:a7:9d:ea:cc:38:c7:
                    1d:ab:9c:4a:7f:88:d6:c2:21:ef:66:19:ba:e3:f8:
                    98:9a:21:6c:a9:7f:1f:a4:c7:b8:85:62:5e:90:fc:
                    a3:ca:cb:eb:c8:a7:ca:88:96:6c:1a:85:b4:3d:c4:
                    3e:29:46:8c:c4:5b:5d:74:53:d5:5e:46:75:58:ca:
                    02:51:4e:60:2c:7e:08:df:2f:39:82:35:e8:f9:05:
                    3b:fc:7f:6d:d8:dc:b6:f9:35:11:33:aa:c2:83:e2:
                    17:01:db:5a:81:55:6f:54:75:6c:3b:85:78:1a:aa:
                    89:d0:ce:4c:f7:8b:63:c7:06:93:bd:ec:d6:14:b7:
                    e9:5e:94:de:90:4d:42:08:42:d9:0c:f1:bd:32:73:
                    1d:24:65:22:28:63:ad:e2:6e:03:57:9e:4b:c8:0e:
                    63:2b:bd:9f:ef:24:5d:c1:97:8b:a4:e7:5a:19:25:
                    94:28:16:27:c6:bd:27:e9:76:24:ac:0d:e2:73:bb:
                    bb:47:99:1a:f8:21:48:fe:d5:c5:08:b0:96:5f:12:
                    8d:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:04:21:A4:C1:4B:77:3B:22:DD:CB:B9:80:05:C2:01:F0:70:4C:A3
            X509v3 Authority Key Identifier:
                keyid:64:B9:0F:34:52:5F:80:02:5E:A7:7C:B6:18:E7:51:99:82:AB:85:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c4:2d:65:28:f4:08:b6:54:4c:69:60:47:00:e0:8a:29:c7:ee:
         e6:d3:5e:2b:76:91:20:e4:f7:96:f4:a1:94:27:a9:aa:69:43:
         83:48:11:a4:de:2b:1b:92:9a:11:d9:52:46:69:59:39:4c:79:
         81:0f:f4:9f:98:28:7f:a2:1c:d0:de:5a:3a:07:2c:78:05:f1:
         b1:3a:ef:7a:5e:b3:23:b2:ae:ae:3d:1d:13:76:f6:67:01:96:
         a2:56:31:97:e0:f6:05:91:a3:df:16:4d:c0:f5:ca:07:76:23:
         13:cd:b5:22:e2:4a:5b:8c:21:54:28:80:b3:2b:8f:69:ea:77:
         09:a4:54:26:8b:fd:a4:84:e4:3d:31:31:97:da:28:12:46:08:
         03:e7:06:63:ea:36:70:dc:5d:f5:83:39:ef:5b:33:22:27:00:
         d1:d8:fa:3c:b4:16:dc:6a:db:13:75:5f:c9:5a:be:7b:30:ec:
         dd:f3:c0:16:f0:6e:44:50:0c:b9:72:08:08:5d:aa:38:e8:10:
         c3:94:17:cf:52:72:ac:db:90:bb:fe:45:ee:af:67:ba:63:16:
         ba:65:b2:7f:9e:cb:65:dd:0d:ee:c9:61:b9:48:1b:be:77:06:
         dd:88:fe:09:d0:90:d5:10:af:75:68:bc:1d:46:f6:4e:3f:85:
         13:72:b2:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9P3/IUL/I5ebOMjxOMVxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YjkwZjM0NTI1ZjgwMDI1ZWE3N2NiNjE4ZTc1MTk5ODJh
Yjg1OTIwHhcNMjYwNDE3MDEwMTI1WhcNMjYwNDE4MDEwMTI1WjAzMTEwLwYDVQQD
Eyg0NzA0MjFhNGMxNGI3NzNiMjJkZGNiYjk4MDA1YzIwMWYwNzA0Y2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2/2e4Lx83xGjuxAEWG28I+JvbFX
zJr+OTLRN4hVLkJyUfWydMIEWtS+BNXyh/MsI1p3tlOnnerMOMcdq5xKf4jWwiHv
Zhm64/iYmiFsqX8fpMe4hWJekPyjysvryKfKiJZsGoW0PcQ+KUaMxFtddFPVXkZ1
WMoCUU5gLH4I3y85gjXo+QU7/H9t2Ny2+TURM6rCg+IXAdtagVVvVHVsO4V4GqqJ
0M5M94tjxwaTvezWFLfpXpTekE1CCELZDPG9MnMdJGUiKGOt4m4DV55LyA5jK72f
7yRdwZeLpOdaGSWUKBYnxr0n6XYkrA3ic7u7R5ka+CFI/tXFCLCWXxKNcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEcEIaTBS3c7It3LuYAFwgHwcEyjMB8GA1UdIwQY
MBaAFGS5DzRSX4ACXqd8thjnUZmCq4WSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jN2E3ZjUtZTNhMi00OTNiLWE4YmQt
N2JkYjY3MmUwYzU0LzEvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jN2E3ZjUtZTNhMi00OTNiLWE4YmQtN2JkYjY3MmUwYzU0
LzEvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxC1lKPQI
tlRMaWBHAOCKKcfu5tNeK3aRIOT3lvShlCepqmlDg0gRpN4rG5KaEdlSRmlZOUx5
gQ/0n5gof6Ic0N5aOgcseAXxsTrvel6zI7Kurj0dE3b2ZwGWolYxl+D2BZGj3xZN
wPXKB3YjE821IuJKW4whVCiAsyuPaep3CaRUJov9pITkPTExl9ooEkYIA+cGY+o2
cNxd9YM571szIicA0dj6PLQW3GrbE3VfyVq+ezDs3fPAFvBuRFAMuXIICF2qOOgQ
w5QXz1JyrNuQu/5F7q9numMWumWyf57LZd0N7slhuUgbvncG3Yj+CdCQ1RCvdWi8
HUb2Tj+FE3Kygw==
-----END CERTIFICATE-----