Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
File:                     YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft (raw, json)
Hash identifier:          +m1FZV+8TAY1JWEkw2izBkLsL2H+GVr7SSxttkzwOG8=
Subject key identifier:   8D:7E:E5:2C:94:92:3E:7D:7E:0D:2A:E4:DC:0C:41:23:AD:32:66:3C
Authority key identifier: 60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30
Certificate issuer:       /CN=6062b21fb6655b897923e29d6fcb644ab10ac530
Certificate serial:       019D99D034542DE8A455DAD08C72AE1FF768
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 05:00:52 +0000
Manifest this update:     Fri 17 Apr 2026 05:00:52 +0000
Manifest next update:     Sat 18 Apr 2026 05:00:52 +0000
Files and hashes:         1: YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl (hash: UUhcloULSo1XI6FRQin8Sa+gGIG1iSvCvk/Ji6/jEuw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:d0:34:54:2d:e8:a4:55:da:d0:8c:72:ae:1f:f7:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6062b21fb6655b897923e29d6fcb644ab10ac530
        Validity
            Not Before: Apr 17 05:00:52 2026 GMT
            Not After : Apr 18 05:00:52 2026 GMT
        Subject: CN=8d7ee52c94923e7d7e0d2ae4dc0c4123ad32663c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:a2:11:e9:6a:2d:96:ad:9f:ea:08:92:cf:c5:
                    16:d7:15:22:7e:14:f6:0b:4c:be:42:fc:f0:b6:3b:
                    dd:b6:ee:5c:6b:42:8a:4f:65:2d:86:96:cf:4d:dd:
                    23:3d:c6:f8:84:2a:ff:b7:04:17:7a:1d:ec:58:98:
                    2f:39:5f:59:7c:89:fe:af:35:01:99:6f:36:30:0f:
                    81:d0:c6:31:03:51:4a:ad:73:79:e2:51:b3:4b:7f:
                    ea:b9:8f:d7:4d:ab:32:b4:34:38:60:6b:19:ef:e4:
                    5b:5f:26:0c:8f:2c:4e:2f:52:49:74:d9:66:a5:ee:
                    24:ec:e7:b2:8c:b1:3b:6e:ad:d9:2e:a3:71:d7:7b:
                    78:e0:14:a3:1d:47:72:a5:e3:68:e8:68:83:72:a1:
                    c3:3c:fd:3d:24:cb:6e:5a:48:c5:64:55:c6:8c:cd:
                    b3:05:5e:f6:bf:c3:f3:89:ec:22:f5:51:d8:39:c1:
                    1d:b8:10:38:21:88:7d:2f:08:3e:9e:3b:1d:0d:c6:
                    b4:b8:18:d7:73:cc:63:c2:a7:b6:46:43:4f:1c:af:
                    3a:09:40:8a:ad:b1:6f:ad:57:c1:6f:9a:95:ab:0c:
                    62:ce:9b:bd:ec:b4:e8:8e:a8:d6:47:cd:52:a1:36:
                    62:9b:9f:65:ea:ee:72:1c:bc:45:c8:0e:c6:17:28:
                    c5:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:7E:E5:2C:94:92:3E:7D:7E:0D:2A:E4:DC:0C:41:23:AD:32:66:3C
            X509v3 Authority Key Identifier:
                keyid:60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:2d:ac:90:74:01:83:6d:b4:2b:fe:87:8e:3c:da:1b:2d:bf:
         71:93:39:13:98:03:8b:d0:c0:93:73:10:26:cb:0e:0c:10:cd:
         31:24:f7:5a:1d:3c:02:c5:d7:34:89:e9:b9:3f:f3:8b:cf:a7:
         65:91:e7:00:ce:91:a8:35:0d:ff:e6:9c:fd:0a:c6:d2:39:e2:
         36:01:e1:6b:d0:06:a1:ec:1c:1f:d6:49:bb:b1:34:27:91:db:
         80:84:52:ef:2c:40:45:39:c2:a3:e3:63:be:ba:7a:8c:74:ba:
         9d:be:ca:d2:b6:eb:10:6d:88:bb:2b:12:b3:15:48:2f:4a:f8:
         d7:e6:09:20:59:07:da:c1:47:bd:dd:ea:21:74:a9:b9:25:8d:
         2e:9e:43:63:4c:ed:cd:5e:17:81:06:60:09:6b:d1:1f:5c:06:
         33:b3:17:9c:14:c9:74:d8:51:2f:d1:c0:e6:ba:89:f8:be:b7:
         9f:a6:ea:4e:4e:5b:5f:ec:51:4f:cd:05:3f:a8:dc:6a:18:d1:
         1a:0f:ff:aa:cd:d8:5a:0b:d2:e6:fa:ec:41:da:b4:7e:de:68:
         bd:b5:09:34:6f:f4:ca:f2:88:27:69:90:64:f7:30:88:e4:5f:
         18:bb:cf:d6:f7:74:5d:a7:4e:13:cf:fa:b2:24:91:52:cb:ca:
         d7:29:2e:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Z0DRULeikVdrQjHKuH/doMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjJiMjFmYjY2NTViODk3OTIzZTI5ZDZmY2I2NDRhYjEw
YWM1MzAwHhcNMjYwNDE3MDUwMDUyWhcNMjYwNDE4MDUwMDUyWjAzMTEwLwYDVQQD
Eyg4ZDdlZTUyYzk0OTIzZTdkN2UwZDJhZTRkYzBjNDEyM2FkMzI2NjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaIR6Wotlq2f6giSz8UW1xUifhT2
C0y+Qvzwtjvdtu5ca0KKT2UthpbPTd0jPcb4hCr/twQXeh3sWJgvOV9ZfIn+rzUB
mW82MA+B0MYxA1FKrXN54lGzS3/quY/XTasytDQ4YGsZ7+RbXyYMjyxOL1JJdNlm
pe4k7OeyjLE7bq3ZLqNx13t44BSjHUdypeNo6GiDcqHDPP09JMtuWkjFZFXGjM2z
BV72v8Pziewi9VHYOcEduBA4IYh9Lwg+njsdDca0uBjXc8xjwqe2RkNPHK86CUCK
rbFvrVfBb5qVqwxizpu97LTojqjWR81SoTZim59l6u5yHLxFyA7GFyjF4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI1+5SyUkj59fg0q5NwMQSOtMmY8MB8GA1UdIwQY
MBaAFGBish+2ZVuJeSPinW/LZEqxCsUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYt
YjUyMGJlZGE2NjI2LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYtYjUyMGJlZGE2NjI2
LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEy2skHQB
g220K/6HjjzaGy2/cZM5E5gDi9DAk3MQJssODBDNMST3Wh08AsXXNInpuT/zi8+n
ZZHnAM6RqDUN/+ac/QrG0jniNgHha9AGoewcH9ZJu7E0J5HbgIRS7yxARTnCo+Nj
vrp6jHS6nb7K0rbrEG2IuysSsxVIL0r41+YJIFkH2sFHvd3qIXSpuSWNLp5DY0zt
zV4XgQZgCWvRH1wGM7MXnBTJdNhRL9HA5rqJ+L63n6bqTk5bX+xRT80FP6jcahjR
Gg//qs3YWgvS5vrsQdq0ft5ovbUJNG/0yvKIJ2mQZPcwiORfGLvP1vd0XadOE8/6
siSRUsvK1ykunQ==
-----END CERTIFICATE-----