Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
File:                     7bKno-y66qV0GCMdsLYkq797pkU.mft (raw, json)
Hash identifier:          avKLXyOADgx1p1DaASmmSqMV2nrpvKweAtcg0T12Yak=
Subject key identifier:   71:E5:DE:A1:46:F9:D1:73:80:2C:90:CE:5B:77:1E:2C:03:3C:B4:91
Authority key identifier: ED:B2:A7:A3:EC:BA:EA:A5:74:18:23:1D:B0:B6:24:AB:BF:7B:A6:45
Certificate issuer:       /CN=edb2a7a3ecbaeaa57418231db0b624abbf7ba645
Certificate serial:       019D9962F1F795055B4A49CBD19F0374D6BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
Manifest number:          18BD
Signing time:             Fri 17 Apr 2026 03:01:31 +0000
Manifest this update:     Fri 17 Apr 2026 03:01:31 +0000
Manifest next update:     Sat 18 Apr 2026 03:01:31 +0000
Files and hashes:         1: 7bKno-y66qV0GCMdsLYkq797pkU.crl (hash: P7pPXHv25BNEcUIBu9WMrENGKRq6doDq48zDhzEQOUM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:f1:f7:95:05:5b:4a:49:cb:d1:9f:03:74:d6:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=edb2a7a3ecbaeaa57418231db0b624abbf7ba645
        Validity
            Not Before: Apr 17 03:01:31 2026 GMT
            Not After : Apr 18 03:01:31 2026 GMT
        Subject: CN=71e5dea146f9d173802c90ce5b771e2c033cb491
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:7d:5b:1a:b9:6f:59:fc:91:ac:d5:62:95:2d:
                    af:43:46:f9:8f:bb:6e:eb:6f:31:91:d4:13:8c:61:
                    e0:d1:d8:7b:64:be:d8:38:6e:0c:47:c7:20:b2:fc:
                    47:b2:f8:20:de:99:e0:7e:a9:5e:28:b2:4a:50:cf:
                    46:fc:45:3e:4b:5d:70:50:c3:77:c3:27:77:44:a1:
                    32:41:ce:6d:92:3f:dc:5e:46:f2:d2:26:97:38:ca:
                    b7:ba:c4:57:a6:87:5e:98:3f:be:17:e3:37:2f:05:
                    79:6b:9b:68:c6:dd:05:42:d8:63:86:fe:7f:32:f4:
                    66:e0:bc:ac:e9:70:02:0c:22:35:94:2b:8a:99:ac:
                    e7:9b:fe:18:64:73:db:aa:fc:5f:a1:85:7f:d8:2a:
                    b8:49:b3:29:c9:a9:0b:96:20:61:ef:8d:55:95:b6:
                    f9:29:7c:d5:fd:56:d8:b5:b2:ea:21:9e:85:bd:60:
                    82:bb:44:32:92:0b:9e:c6:7c:b1:14:fd:dc:49:bb:
                    4f:a6:d0:b1:9b:fb:dd:2c:30:ae:aa:75:63:be:b4:
                    7e:47:63:76:ed:d1:2a:93:d5:f2:0d:2d:5d:10:41:
                    0b:54:86:9e:34:14:81:48:c4:c8:e4:23:a4:0a:c3:
                    16:ec:c3:20:8d:48:2a:f9:73:3a:c5:7c:ba:47:99:
                    f1:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:E5:DE:A1:46:F9:D1:73:80:2C:90:CE:5B:77:1E:2C:03:3C:B4:91
            X509v3 Authority Key Identifier:
                keyid:ED:B2:A7:A3:EC:BA:EA:A5:74:18:23:1D:B0:B6:24:AB:BF:7B:A6:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:4b:11:cf:c9:6e:05:d3:64:db:79:7b:2c:2e:b3:8a:60:c8:
         2e:d2:ab:a0:7c:d3:0c:59:c2:b2:02:23:dc:e5:d3:ce:45:ab:
         73:5c:b8:db:6a:0d:9d:60:a0:28:ce:0c:a7:e3:76:ba:54:30:
         23:80:08:39:6c:84:96:30:ab:79:29:ff:9b:ad:3f:e5:00:72:
         5a:e4:a5:85:48:5e:0a:c6:66:5e:20:82:dc:1d:18:5a:f1:bf:
         ab:95:7a:44:99:95:bf:c5:9f:95:3a:c1:42:a3:f3:60:d4:6b:
         e4:ca:1b:8b:31:b4:9d:0a:82:cd:4d:c2:c5:56:3c:d8:73:b1:
         1f:e0:aa:ca:fd:a2:31:58:7c:29:2f:67:58:6b:7a:f4:c3:15:
         64:58:ff:00:3c:b2:2f:de:2d:60:02:80:d9:95:91:e0:bd:78:
         5e:31:1e:00:dc:30:db:94:c0:78:48:ea:fe:33:64:47:fc:07:
         46:9d:a4:b6:a5:9f:07:7d:b1:21:74:39:c7:7d:03:e3:31:55:
         6b:d9:aa:8a:db:24:6a:51:11:22:5d:ca:98:e2:e1:69:5c:f8:
         4c:a6:54:27:be:37:84:76:a3:80:77:42:e8:b9:d5:09:9c:96:
         51:35:00:b3:73:04:c1:8b:02:be:48:48:c0:c4:b1:4a:11:31:
         de:e1:1b:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYvH3lQVbSknL0Z8DdNa9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYjJhN2EzZWNiYWVhYTU3NDE4MjMxZGIwYjYyNGFiYmY3
YmE2NDUwHhcNMjYwNDE3MDMwMTMxWhcNMjYwNDE4MDMwMTMxWjAzMTEwLwYDVQQD
Eyg3MWU1ZGVhMTQ2ZjlkMTczODAyYzkwY2U1Yjc3MWUyYzAzM2NiNDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvH1bGrlvWfyRrNVilS2vQ0b5j7tu
628xkdQTjGHg0dh7ZL7YOG4MR8cgsvxHsvgg3pngfqleKLJKUM9G/EU+S11wUMN3
wyd3RKEyQc5tkj/cXkby0iaXOMq3usRXpodemD++F+M3LwV5a5toxt0FQthjhv5/
MvRm4Lys6XACDCI1lCuKmaznm/4YZHPbqvxfoYV/2Cq4SbMpyakLliBh741Vlbb5
KXzV/VbYtbLqIZ6FvWCCu0QykguexnyxFP3cSbtPptCxm/vdLDCuqnVjvrR+R2N2
7dEqk9XyDS1dEEELVIaeNBSBSMTI5COkCsMW7MMgjUgq+XM6xXy6R5nxIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHHl3qFG+dFzgCyQzlt3HiwDPLSRMB8GA1UdIwQY
MBaAFO2yp6PsuuqldBgjHbC2JKu/e6ZFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS80M2VkMWMtZmY1MC00MmUwLWI3ZDQt
YWYyNTRjZTNmZTY5LzEvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS80M2VkMWMtZmY1MC00MmUwLWI3ZDQtYWYyNTRjZTNmZTY5
LzEvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATUsRz8lu
BdNk23l7LC6zimDILtKroHzTDFnCsgIj3OXTzkWrc1y422oNnWCgKM4Mp+N2ulQw
I4AIOWyEljCreSn/m60/5QByWuSlhUheCsZmXiCC3B0YWvG/q5V6RJmVv8WflTrB
QqPzYNRr5MobizG0nQqCzU3CxVY82HOxH+Cqyv2iMVh8KS9nWGt69MMVZFj/ADyy
L94tYAKA2ZWR4L14XjEeANww25TAeEjq/jNkR/wHRp2ktqWfB32xIXQ5x30D4zFV
a9mqitskalERIl3KmOLhaVz4TKZUJ743hHajgHdC6LnVCZyWUTUAs3MEwYsCvkhI
wMSxShEx3uEb4A==
-----END CERTIFICATE-----