Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
File:                     Le43b1HIyKVVUo1MFesfTKOZxJE.mft (raw, json)
Hash identifier:          MdpjWtYsxaRIgDpfBDFoT1i+9Gz45nzASyIwaMQdpwM=
Subject key identifier:   70:0F:4A:CE:6B:20:A0:F9:7C:27:CE:25:B5:AA:13:4B:5B:0A:A2:AD
Authority key identifier: 2D:EE:37:6F:51:C8:C8:A5:55:52:8D:4C:15:EB:1F:4C:A3:99:C4:91
Certificate issuer:       /CN=2dee376f51c8c8a555528d4c15eb1f4ca399c491
Certificate serial:       019D9CD0FA1EF097F3CC827A09DF94E7F7F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
Manifest number:          18BF
Signing time:             Fri 17 Apr 2026 19:00:34 +0000
Manifest this update:     Fri 17 Apr 2026 19:00:34 +0000
Manifest next update:     Sat 18 Apr 2026 19:00:34 +0000
Files and hashes:         1: Le43b1HIyKVVUo1MFesfTKOZxJE.crl (hash: 1XbanK5M1UWjqK5x+usPFjWqoR29iZ8GZ1O1Z5BAdDg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 16:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9c:d0:fa:1e:f0:97:f3:cc:82:7a:09:df:94:e7:f7:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2dee376f51c8c8a555528d4c15eb1f4ca399c491
        Validity
            Not Before: Apr 17 19:00:34 2026 GMT
            Not After : Apr 18 19:00:34 2026 GMT
        Subject: CN=700f4ace6b20a0f97c27ce25b5aa134b5b0aa2ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:29:70:80:17:c7:7e:3c:ae:48:27:b9:2b:4f:
                    e1:3f:66:78:28:bf:07:12:f7:b1:24:f8:8d:7d:a0:
                    e9:35:e9:9d:1b:5d:f4:03:da:b9:e5:ac:1c:51:56:
                    54:df:67:e7:44:4e:4e:66:10:5a:e4:43:d6:74:b9:
                    e4:34:5d:86:a1:b0:37:df:c7:03:d8:ee:75:1a:75:
                    e1:28:7b:c4:d7:f3:80:92:a2:36:92:d3:ce:a3:0b:
                    42:60:ea:2d:63:c7:7a:4c:23:64:ab:ed:77:35:e5:
                    b9:be:7c:20:7b:c6:90:e7:37:9b:16:80:7d:28:6a:
                    16:6c:cb:da:79:9d:a2:3e:cd:6f:07:8f:9b:01:71:
                    16:1a:83:01:e6:90:4f:ec:0d:04:dc:0f:da:6a:ae:
                    63:8a:7f:37:cb:0f:91:c7:e8:34:da:e3:92:01:0d:
                    11:da:66:46:31:c4:3a:ff:d4:3c:09:0a:2f:dc:df:
                    ca:32:4e:c4:a4:fa:ef:dc:f3:a1:f5:82:0e:06:8d:
                    30:68:d1:5b:11:ed:d9:b6:3c:7f:05:52:f7:42:9f:
                    f4:f2:d4:20:2f:7b:33:2f:0d:c0:06:60:57:16:ba:
                    23:18:a8:cb:9c:12:34:2e:8e:45:59:48:3f:3a:d3:
                    de:54:ba:71:81:b7:c6:0d:77:f5:8a:c0:8f:1c:f2:
                    eb:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:0F:4A:CE:6B:20:A0:F9:7C:27:CE:25:B5:AA:13:4B:5B:0A:A2:AD
            X509v3 Authority Key Identifier:
                keyid:2D:EE:37:6F:51:C8:C8:A5:55:52:8D:4C:15:EB:1F:4C:A3:99:C4:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:d0:ce:c3:74:b5:56:a0:59:9e:1e:3e:08:4c:3d:c5:6d:70:
         f1:68:d4:36:ae:fe:ea:dd:be:ff:81:b9:dd:02:7c:b6:9f:f1:
         19:e1:e9:c9:0b:dc:cf:4b:85:01:65:1d:6c:a6:4e:f6:60:05:
         e0:a7:00:39:af:40:9a:9c:a1:28:9f:86:48:28:19:3c:0b:de:
         7a:a4:c2:e3:74:0b:94:27:12:5c:31:31:6f:cc:b5:ee:dd:db:
         8c:d1:c7:d9:ab:38:4a:9b:c3:df:d9:56:0a:01:f2:2f:55:f8:
         45:88:08:55:28:a4:a8:24:27:6c:2a:27:23:8d:97:71:93:19:
         ba:e2:38:32:c2:e5:83:fa:32:13:a0:b7:fb:1c:02:3b:14:4a:
         ed:2f:f4:38:ae:b5:f2:11:f4:74:c0:d1:cf:39:c9:4f:e3:c4:
         07:c5:81:74:c9:4a:41:d9:f2:cc:6b:9c:1b:34:b3:3b:1f:4d:
         78:87:c4:79:60:d2:88:db:78:e3:87:fb:5b:fb:67:d4:49:e3:
         5a:0b:21:3f:ea:0f:a1:9f:a0:03:44:0c:34:52:c4:7a:7b:ff:
         18:70:0b:43:fb:89:64:05:7f:52:06:46:b2:3e:43:28:77:75:
         61:0a:92:40:eb:95:07:0a:a9:95:fe:17:6e:66:b9:e8:71:39:
         09:99:73:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2c0Poe8JfzzIJ6Cd+U5/f4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZWUzNzZmNTFjOGM4YTU1NTUyOGQ0YzE1ZWIxZjRjYTM5
OWM0OTEwHhcNMjYwNDE3MTkwMDM0WhcNMjYwNDE4MTkwMDM0WjAzMTEwLwYDVQQD
Eyg3MDBmNGFjZTZiMjBhMGY5N2MyN2NlMjViNWFhMTM0YjViMGFhMmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSlwgBfHfjyuSCe5K0/hP2Z4KL8H
EvexJPiNfaDpNemdG130A9q55awcUVZU32fnRE5OZhBa5EPWdLnkNF2GobA338cD
2O51GnXhKHvE1/OAkqI2ktPOowtCYOotY8d6TCNkq+13NeW5vnwge8aQ5zebFoB9
KGoWbMvaeZ2iPs1vB4+bAXEWGoMB5pBP7A0E3A/aaq5jin83yw+Rx+g02uOSAQ0R
2mZGMcQ6/9Q8CQov3N/KMk7EpPrv3POh9YIOBo0waNFbEe3Ztjx/BVL3Qp/08tQg
L3szLw3ABmBXFrojGKjLnBI0Lo5FWUg/OtPeVLpxgbfGDXf1isCPHPLrdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHAPSs5rIKD5fCfOJbWqE0tbCqKtMB8GA1UdIwQY
MBaAFC3uN29RyMilVVKNTBXrH0yjmcSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8zYmUwOTctMjhmNC00OWU4LWFkMjUt
ZmY1Y2JkYWM1ODQ1LzEvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8zYmUwOTctMjhmNC00OWU4LWFkMjUtZmY1Y2JkYWM1ODQ1
LzEvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfdDOw3S1
VqBZnh4+CEw9xW1w8WjUNq7+6t2+/4G53QJ8tp/xGeHpyQvcz0uFAWUdbKZO9mAF
4KcAOa9AmpyhKJ+GSCgZPAveeqTC43QLlCcSXDExb8y17t3bjNHH2as4SpvD39lW
CgHyL1X4RYgIVSikqCQnbConI42XcZMZuuI4MsLlg/oyE6C3+xwCOxRK7S/0OK61
8hH0dMDRzznJT+PEB8WBdMlKQdnyzGucGzSzOx9NeIfEeWDSiNt444f7W/tn1Enj
WgshP+oPoZ+gA0QMNFLEenv/GHALQ/uJZAV/UgZGsj5DKHd1YQqSQOuVBwqplf4X
bma56HE5CZlzCg==
-----END CERTIFICATE-----