Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/c75e16-6647-407a-a201-d0327df02628/1/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.mft
File:                     vHfLiWTE7WAUSKQ2hoW_CNy14fQ.mft (raw, json)
Hash identifier:          4PGCqt4r2g2IVJnuqPNUkl9JZrJCGZLKYZhBkfrvnTA=
Subject key identifier:   FD:9B:EE:F3:C6:4A:DA:2C:35:DD:DF:C6:98:8F:27:BC:62:D2:7F:67
Authority key identifier: BC:77:CB:89:64:C4:ED:60:14:48:A4:36:86:85:BF:08:DC:B5:E1:F4
Certificate issuer:       /CN=bc77cb8964c4ed601448a4368685bf08dcb5e1f4
Certificate serial:       019D98F4D08FBC1E0FD44F310DF481E02394
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/c75e16-6647-407a-a201-d0327df02628/1/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.mft
Manifest number:          18C1
Signing time:             Fri 17 Apr 2026 01:01:14 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:14 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:14 +0000
Files and hashes:         1: vHfLiWTE7WAUSKQ2hoW_CNy14fQ.crl (hash: PTX4O41nhIv9hX/0yJo+h43JA3y0yRLJAJelRABK6E4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/c75e16-6647-407a-a201-d0327df02628/1/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/c75e16-6647-407a-a201-d0327df02628/1/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:d0:8f:bc:1e:0f:d4:4f:31:0d:f4:81:e0:23:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bc77cb8964c4ed601448a4368685bf08dcb5e1f4
        Validity
            Not Before: Apr 17 01:01:14 2026 GMT
            Not After : Apr 18 01:01:14 2026 GMT
        Subject: CN=fd9beef3c64ada2c35dddfc6988f27bc62d27f67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:ee:3c:f8:d5:71:01:52:a8:24:d9:d9:a3:14:
                    36:90:e2:91:ee:a3:78:3f:6d:0c:7d:cc:cb:94:5e:
                    03:c3:e7:f4:62:ac:5e:25:4f:6d:04:db:5d:23:d4:
                    dc:a5:82:89:18:a8:82:e8:a1:ed:f7:40:05:a5:ac:
                    d1:aa:28:48:68:c6:49:80:c3:ff:8a:f7:ee:42:21:
                    e7:d7:85:f5:75:2a:3d:a8:cf:ca:2b:a1:89:1b:5a:
                    3e:b4:ab:66:8c:ef:fb:de:21:e8:d1:44:de:41:f4:
                    1d:96:e6:73:c0:81:71:1a:ad:4f:f0:62:93:f9:b9:
                    29:36:6a:5c:79:92:cf:a1:1e:53:8c:de:8b:49:12:
                    4f:92:1b:b2:93:6e:43:4a:d2:64:03:2b:5c:6a:49:
                    c2:c2:45:0b:71:19:32:a0:2a:27:91:84:fd:41:55:
                    09:06:7e:fb:60:be:3c:4e:75:23:5b:48:8d:4b:dd:
                    33:2b:3b:66:31:a5:14:6e:45:be:b8:0c:1a:da:65:
                    3d:67:f6:63:09:af:d6:79:af:31:e7:71:e9:9c:48:
                    96:9a:0c:d6:83:02:60:84:9e:c6:4e:98:b4:c6:cc:
                    78:14:55:8b:96:f2:46:73:f1:3b:5b:4c:e5:7d:28:
                    c5:12:ad:17:38:91:45:05:14:3f:72:f9:fc:94:de:
                    df:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:9B:EE:F3:C6:4A:DA:2C:35:DD:DF:C6:98:8F:27:BC:62:D2:7F:67
            X509v3 Authority Key Identifier:
                keyid:BC:77:CB:89:64:C4:ED:60:14:48:A4:36:86:85:BF:08:DC:B5:E1:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/c75e16-6647-407a-a201-d0327df02628/1/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/c75e16-6647-407a-a201-d0327df02628/1/vHfLiWTE7WAUSKQ2hoW_CNy14fQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:0d:63:08:25:62:36:47:3f:f4:9f:07:f5:e2:70:8c:27:9d:
         fb:cd:87:47:53:9c:0d:df:6d:a0:7d:9e:b8:6e:0d:4f:79:fd:
         f9:6c:84:2f:c8:49:b4:f8:e1:ba:c4:59:3e:b0:3b:22:09:dc:
         cd:ec:50:53:e0:ce:21:30:6c:91:f3:6a:e8:33:2d:05:3a:3f:
         5a:b2:39:8c:a8:51:ea:84:0a:df:04:05:06:09:77:32:a3:66:
         23:e9:ec:fa:1a:8e:44:6d:f7:e1:a1:aa:c7:c1:93:43:47:b2:
         18:3a:56:e7:82:d8:66:e4:82:64:c3:a4:4c:a2:19:bf:fe:5a:
         4d:cf:2b:5d:88:49:fc:d1:3e:66:3a:4d:53:9f:bf:c4:26:ae:
         12:3e:6b:4b:42:bf:e9:43:26:23:ab:13:36:32:9e:3c:61:ab:
         00:16:38:f0:10:3f:b5:59:7f:b0:1c:27:ab:c3:7a:8b:d6:b0:
         10:9e:88:d0:cf:42:ff:74:74:68:b2:bd:a3:c1:d1:67:3d:ad:
         b7:a1:d5:c6:07:c1:0c:d5:7c:50:8a:7e:65:3c:d1:c7:4b:ca:
         e3:00:d3:fb:77:12:b3:24:36:b2:82:e7:d7:b2:a5:ac:a2:6d:
         be:45:e0:e4:cb:a9:9d:8e:99:64:fe:f8:a2:d7:d2:8c:b9:59:
         a7:4e:11:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9NCPvB4P1E8xDfSB4COUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNzdjYjg5NjRjNGVkNjAxNDQ4YTQzNjg2ODViZjA4ZGNi
NWUxZjQwHhcNMjYwNDE3MDEwMTE0WhcNMjYwNDE4MDEwMTE0WjAzMTEwLwYDVQQD
EyhmZDliZWVmM2M2NGFkYTJjMzVkZGRmYzY5ODhmMjdiYzYyZDI3ZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyu48+NVxAVKoJNnZoxQ2kOKR7qN4
P20MfczLlF4Dw+f0YqxeJU9tBNtdI9TcpYKJGKiC6KHt90AFpazRqihIaMZJgMP/
ivfuQiHn14X1dSo9qM/KK6GJG1o+tKtmjO/73iHo0UTeQfQdluZzwIFxGq1P8GKT
+bkpNmpceZLPoR5TjN6LSRJPkhuyk25DStJkAytcaknCwkULcRkyoConkYT9QVUJ
Bn77YL48TnUjW0iNS90zKztmMaUUbkW+uAwa2mU9Z/ZjCa/Wea8x53HpnEiWmgzW
gwJghJ7GTpi0xsx4FFWLlvJGc/E7W0zlfSjFEq0XOJFFBRQ/cvn8lN7f9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP2b7vPGStosNd3fxpiPJ7xi0n9nMB8GA1UdIwQY
MBaAFLx3y4lkxO1gFEikNoaFvwjcteH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkhmTGlXVEU3V0FVU0tRMmhvV19DTnkxNGZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9jNzVlMTYtNjY0Ny00MDdhLWEyMDEt
ZDAzMjdkZjAyNjI4LzEvdkhmTGlXVEU3V0FVU0tRMmhvV19DTnkxNGZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9jNzVlMTYtNjY0Ny00MDdhLWEyMDEtZDAzMjdkZjAyNjI4
LzEvdkhmTGlXVEU3V0FVU0tRMmhvV19DTnkxNGZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEQ1jCCVi
Nkc/9J8H9eJwjCed+82HR1OcDd9toH2euG4NT3n9+WyEL8hJtPjhusRZPrA7Ignc
zexQU+DOITBskfNq6DMtBTo/WrI5jKhR6oQK3wQFBgl3MqNmI+ns+hqORG334aGq
x8GTQ0eyGDpW54LYZuSCZMOkTKIZv/5aTc8rXYhJ/NE+ZjpNU5+/xCauEj5rS0K/
6UMmI6sTNjKePGGrABY48BA/tVl/sBwnq8N6i9awEJ6I0M9C/3R0aLK9o8HRZz2t
t6HVxgfBDNV8UIp+ZTzRx0vK4wDT+3cSsyQ2soLn17KlrKJtvkXg5MupnY6ZZP74
otfSjLlZp04R7A==
-----END CERTIFICATE-----