Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.mft
File:                     0NxXC8HJZLq37VbGc6pAUY-FRXg.mft (raw, json)
Hash identifier:          hTEF1ZRgK+UMjjfoCgZ9EfVmLmaQanYWU3Zy7GXf1gg=
Subject key identifier:   33:B1:0C:79:73:BD:05:70:73:FC:5D:64:79:EC:AE:98:92:33:FA:A0
Authority key identifier: D0:DC:57:0B:C1:C9:64:BA:B7:ED:56:C6:73:AA:40:51:8F:85:45:78
Certificate issuer:       /CN=d0dc570bc1c964bab7ed56c673aa40518f854578
Certificate serial:       019DA48B73B1A4E1A8C86F98B438B2F05ABE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0NxXC8HJZLq37VbGc6pAUY-FRXg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.mft
Manifest number:          18C5
Signing time:             Sun 19 Apr 2026 07:01:35 +0000
Manifest this update:     Sun 19 Apr 2026 07:01:35 +0000
Manifest next update:     Mon 20 Apr 2026 07:01:35 +0000
Files and hashes:         1: 0NxXC8HJZLq37VbGc6pAUY-FRXg.crl (hash: BPttcpBifMV1Ez/PO50f6o4cU00w0Vu+aO8VS9UzUqc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0NxXC8HJZLq37VbGc6pAUY-FRXg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 04:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:8b:73:b1:a4:e1:a8:c8:6f:98:b4:38:b2:f0:5a:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d0dc570bc1c964bab7ed56c673aa40518f854578
        Validity
            Not Before: Apr 19 07:01:35 2026 GMT
            Not After : Apr 20 07:01:35 2026 GMT
        Subject: CN=33b10c7973bd057073fc5d6479ecae989233faa0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:3e:09:86:94:eb:bc:75:6f:85:0b:6b:05:ca:
                    3c:e9:10:38:98:7d:19:7a:0e:11:6b:96:ed:8e:b5:
                    e8:7e:d7:af:d3:fe:0c:88:7f:a1:87:a4:8b:77:be:
                    e9:cc:cd:d5:25:4a:15:0c:22:b0:ca:78:91:0c:7e:
                    9e:77:8c:e5:4e:c6:af:b1:63:0a:fd:58:33:e3:c2:
                    e8:d7:70:b1:97:40:38:7f:cc:cf:a8:99:00:9c:c5:
                    9b:4c:1e:c7:36:3d:cf:45:1a:e0:75:25:aa:11:7d:
                    e9:40:0d:9c:10:ee:b3:33:4b:a5:8e:e2:68:a0:58:
                    03:50:fb:88:ca:65:76:79:bf:e6:ff:69:5e:1b:99:
                    d9:5f:8d:10:12:d0:2b:23:fb:e5:da:79:f4:aa:54:
                    32:f1:77:a1:52:bc:e2:90:bb:39:23:62:a2:21:c0:
                    0c:7e:0b:d9:8c:09:d3:12:f4:b0:fa:51:f7:fd:99:
                    f0:a2:5a:93:e1:d3:e2:0b:c7:42:6a:c5:52:1a:91:
                    f0:37:98:78:bd:a8:99:6c:d5:80:56:71:a0:3a:38:
                    29:82:6b:8e:98:64:2f:42:6d:f7:88:7d:3a:d0:97:
                    36:ad:38:ac:21:b1:ce:97:a5:b6:55:a0:f0:33:98:
                    8d:7a:75:e7:58:f2:8a:21:be:6a:14:13:4d:45:d4:
                    26:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:B1:0C:79:73:BD:05:70:73:FC:5D:64:79:EC:AE:98:92:33:FA:A0
            X509v3 Authority Key Identifier:
                keyid:D0:DC:57:0B:C1:C9:64:BA:B7:ED:56:C6:73:AA:40:51:8F:85:45:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0NxXC8HJZLq37VbGc6pAUY-FRXg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:c9:b9:4a:f3:cb:f6:76:e1:be:86:64:c6:71:22:fb:8f:2f:
         c7:b4:8c:94:38:b2:de:73:d2:62:bb:5d:d3:c8:f6:f4:f0:9b:
         4d:cc:e4:4a:d6:f8:0c:bb:88:3b:e4:e1:f2:6a:4e:d9:90:36:
         f6:8d:7a:6e:bb:a9:ae:83:cc:f9:04:f3:32:f5:05:d9:7c:cd:
         b9:98:ae:5f:ce:a2:ec:4c:78:af:80:5d:5b:3f:34:02:17:38:
         db:fe:b0:75:83:f2:c2:a9:10:ad:5b:af:98:d0:b9:24:7d:11:
         a1:70:ca:ea:a0:3a:77:60:33:a4:06:32:60:d8:c6:f5:a8:b3:
         8b:63:12:6a:4e:4f:c0:99:5e:37:ac:ea:c8:dc:29:b8:b8:60:
         34:1a:b7:00:7c:99:bb:9a:1f:34:79:3f:d5:11:88:a4:71:c2:
         35:73:13:29:62:af:72:e2:fd:0d:3c:6c:56:67:17:c5:28:f7:
         82:d2:71:b3:38:c0:68:e5:e1:47:ed:aa:58:c2:48:cd:c5:a2:
         78:40:f9:4d:a2:41:e6:56:af:2f:c3:9a:f6:e5:a4:35:59:40:
         d9:69:f5:b2:b1:0d:b9:cf:d3:31:ab:1a:d3:a5:fe:cd:8e:58:
         5f:3b:b6:ff:c5:17:ef:c7:61:e0:87:cf:d6:81:95:19:20:47:
         ad:4f:cc:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ki3OxpOGoyG+YtDiy8Fq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZGM1NzBiYzFjOTY0YmFiN2VkNTZjNjczYWE0MDUxOGY4
NTQ1NzgwHhcNMjYwNDE5MDcwMTM1WhcNMjYwNDIwMDcwMTM1WjAzMTEwLwYDVQQD
EygzM2IxMGM3OTczYmQwNTcwNzNmYzVkNjQ3OWVjYWU5ODkyMzNmYWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuT4JhpTrvHVvhQtrBco86RA4mH0Z
eg4Ra5btjrXoftev0/4MiH+hh6SLd77pzM3VJUoVDCKwyniRDH6ed4zlTsavsWMK
/Vgz48Lo13Cxl0A4f8zPqJkAnMWbTB7HNj3PRRrgdSWqEX3pQA2cEO6zM0uljuJo
oFgDUPuIymV2eb/m/2leG5nZX40QEtArI/vl2nn0qlQy8XehUrzikLs5I2KiIcAM
fgvZjAnTEvSw+lH3/ZnwolqT4dPiC8dCasVSGpHwN5h4vaiZbNWAVnGgOjgpgmuO
mGQvQm33iH060Jc2rTisIbHOl6W2VaDwM5iNenXnWPKKIb5qFBNNRdQmwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDOxDHlzvQVwc/xdZHnsrpiSM/qgMB8GA1UdIwQY
MBaAFNDcVwvByWS6t+1WxnOqQFGPhUV4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME54WEM4SEpaTHEzN1ZiR2M2cEFVWS1GUlhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80N2Q2OTItZGQ0MC00YmYyLTg5M2Yt
ZDM4ZGQwYjc4OTA5LzEvME54WEM4SEpaTHEzN1ZiR2M2cEFVWS1GUlhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80N2Q2OTItZGQ0MC00YmYyLTg5M2YtZDM4ZGQwYjc4OTA5
LzEvME54WEM4SEpaTHEzN1ZiR2M2cEFVWS1GUlhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKMm5SvPL
9nbhvoZkxnEi+48vx7SMlDiy3nPSYrtd08j29PCbTczkStb4DLuIO+Th8mpO2ZA2
9o16bruproPM+QTzMvUF2XzNuZiuX86i7Ex4r4BdWz80Ahc42/6wdYPywqkQrVuv
mNC5JH0RoXDK6qA6d2AzpAYyYNjG9aizi2MSak5PwJleN6zqyNwpuLhgNBq3AHyZ
u5ofNHk/1RGIpHHCNXMTKWKvcuL9DTxsVmcXxSj3gtJxszjAaOXhR+2qWMJIzcWi
eED5TaJB5lavL8Oa9uWkNVlA2Wn1srENuc/TMasa06X+zY5YXzu2/8UX78dh4IfP
1oGVGSBHrU/MMw==
-----END CERTIFICATE-----