Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
File:                     _tPwXKP9-ef5nGXMagpnJPWTGnA.mft (raw, json)
Hash identifier:          EKzCdLoVmvMC0ZSltHTU8Jt8z7K6tzdRdNI++eIsosY=
Subject key identifier:   17:32:EA:9E:6A:2E:38:B4:E3:CA:80:AF:6B:4D:7B:67:A9:99:24:50
Authority key identifier: FE:D3:F0:5C:A3:FD:F9:E7:F9:9C:65:CC:6A:0A:67:24:F5:93:1A:70
Certificate issuer:       /CN=fed3f05ca3fdf9e7f99c65cc6a0a6724f5931a70
Certificate serial:       019D9AE2BC4B7A8FA2273DF536B4CB7C833C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
Manifest number:          18BD
Signing time:             Fri 17 Apr 2026 10:00:43 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:43 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:43 +0000
Files and hashes:         1: _tPwXKP9-ef5nGXMagpnJPWTGnA.crl (hash: +bgb7SIDxzt7apc18GFQak6tzr0F5duvtG6oi1XN35Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:bc:4b:7a:8f:a2:27:3d:f5:36:b4:cb:7c:83:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fed3f05ca3fdf9e7f99c65cc6a0a6724f5931a70
        Validity
            Not Before: Apr 17 10:00:43 2026 GMT
            Not After : Apr 18 10:00:43 2026 GMT
        Subject: CN=1732ea9e6a2e38b4e3ca80af6b4d7b67a9992450
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:d6:1c:04:16:5b:d4:75:22:5f:ac:e3:bb:ad:
                    a0:02:51:ee:6e:6d:b1:6e:34:1c:57:97:37:2e:28:
                    e2:df:5b:a7:5c:a9:6b:97:91:a8:a1:dd:01:6e:11:
                    54:d3:db:d3:b8:84:f2:4c:c7:a7:df:7c:97:be:f1:
                    52:74:ed:1a:c5:21:c3:9c:49:d7:dc:4a:8b:2c:f4:
                    61:6c:a1:c1:0c:73:af:62:18:c3:57:fa:29:b4:3c:
                    2f:71:8f:f3:cb:ba:58:24:6e:72:62:8c:3c:22:7e:
                    93:fa:82:ef:ab:8f:60:97:d4:41:88:26:ba:c9:0b:
                    b0:ae:4a:43:ee:c8:1f:c1:2c:52:a0:4c:d6:2b:02:
                    96:9e:86:62:a8:3f:2c:60:45:7c:c2:4b:21:e6:1a:
                    ae:26:7c:ad:60:f4:f7:c9:a7:ae:3d:e0:19:27:ab:
                    2f:fd:35:6f:83:f7:1f:c2:aa:fa:0d:bb:5f:14:fc:
                    f9:ef:0b:51:01:50:37:80:ce:5e:f8:9a:39:4a:aa:
                    2d:74:40:b3:ce:c5:05:25:c4:94:0f:7e:7c:b3:dd:
                    9a:64:88:c4:2e:71:b6:4b:41:bc:ac:a2:93:9e:63:
                    7d:19:83:d1:8f:d6:b4:4f:73:b9:42:0f:1f:96:63:
                    33:54:cf:b8:f8:33:6a:d9:d8:9a:0f:84:dd:31:97:
                    22:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:32:EA:9E:6A:2E:38:B4:E3:CA:80:AF:6B:4D:7B:67:A9:99:24:50
            X509v3 Authority Key Identifier:
                keyid:FE:D3:F0:5C:A3:FD:F9:E7:F9:9C:65:CC:6A:0A:67:24:F5:93:1A:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:b8:40:73:c6:7a:01:fd:f7:e2:c2:37:e5:1b:0f:55:19:d5:
         3f:b1:e7:7c:81:76:db:18:8d:54:e3:e2:85:dc:16:83:58:58:
         b1:89:d5:b3:2d:38:60:8d:5f:35:e3:9e:e1:c1:dc:29:56:c9:
         10:27:4b:c1:45:2b:26:aa:07:36:49:07:7e:4d:2c:c8:5d:eb:
         6d:0b:e1:2b:0b:73:c9:03:25:87:aa:e1:f2:a5:ff:70:65:3d:
         d5:67:86:2c:a6:6e:19:7f:6e:47:35:cf:3b:66:98:76:a0:ec:
         01:df:47:88:e0:e5:72:b2:2d:db:f2:6a:49:c9:e1:f1:77:6e:
         f3:c3:9c:d7:66:bb:16:fd:49:76:b7:8e:90:16:55:b6:2c:30:
         20:8a:56:87:b3:7d:16:0a:fc:8a:7c:82:94:f4:12:24:10:53:
         4e:c9:cc:89:04:a1:0b:4c:0c:6e:98:3d:57:c8:79:d3:ca:1e:
         9b:aa:33:38:23:5d:22:2b:1b:3f:b1:57:f1:fa:00:c7:89:db:
         1c:93:c1:0a:df:21:9a:c5:95:8a:e6:3d:e4:0b:58:b2:dd:d6:
         6c:45:66:4e:4c:7d:7e:e5:8d:0e:a1:23:c9:58:3b:f8:04:74:
         f2:ad:04:2d:76:89:13:2d:8c:77:68:d8:77:ce:55:c9:49:17:
         1e:6c:b9:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4rxLeo+iJz31NrTLfIM8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZDNmMDVjYTNmZGY5ZTdmOTljNjVjYzZhMGE2NzI0ZjU5
MzFhNzAwHhcNMjYwNDE3MTAwMDQzWhcNMjYwNDE4MTAwMDQzWjAzMTEwLwYDVQQD
EygxNzMyZWE5ZTZhMmUzOGI0ZTNjYTgwYWY2YjRkN2I2N2E5OTkyNDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9YcBBZb1HUiX6zju62gAlHubm2x
bjQcV5c3Liji31unXKlrl5Good0BbhFU09vTuITyTMen33yXvvFSdO0axSHDnEnX
3EqLLPRhbKHBDHOvYhjDV/optDwvcY/zy7pYJG5yYow8In6T+oLvq49gl9RBiCa6
yQuwrkpD7sgfwSxSoEzWKwKWnoZiqD8sYEV8wksh5hquJnytYPT3yaeuPeAZJ6sv
/TVvg/cfwqr6DbtfFPz57wtRAVA3gM5e+Jo5SqotdECzzsUFJcSUD358s92aZIjE
LnG2S0G8rKKTnmN9GYPRj9a0T3O5Qg8flmMzVM+4+DNq2diaD4TdMZcizwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBcy6p5qLji048qAr2tNe2epmSRQMB8GA1UdIwQY
MBaAFP7T8Fyj/fnn+ZxlzGoKZyT1kxpwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9jOTU2MzktNzIyYS00MDIxLWJlZWIt
YWM1ZWU2MjViYWJjLzEvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9jOTU2MzktNzIyYS00MDIxLWJlZWItYWM1ZWU2MjViYWJj
LzEvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqLhAc8Z6
Af334sI35RsPVRnVP7HnfIF22xiNVOPihdwWg1hYsYnVsy04YI1fNeOe4cHcKVbJ
ECdLwUUrJqoHNkkHfk0syF3rbQvhKwtzyQMlh6rh8qX/cGU91WeGLKZuGX9uRzXP
O2aYdqDsAd9HiODlcrIt2/JqScnh8Xdu88Oc12a7Fv1JdreOkBZVtiwwIIpWh7N9
Fgr8inyClPQSJBBTTsnMiQShC0wMbpg9V8h508oem6ozOCNdIisbP7FX8foAx4nb
HJPBCt8hmsWViuY95AtYst3WbEVmTkx9fuWNDqEjyVg7+AR08q0ELXaJEy2Md2jY
d85VyUkXHmy5nA==
-----END CERTIFICATE-----