Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
File:                     I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft (raw, json)
Hash identifier:          v7HkFQ9llp0D/NGRW+xpFYCFekhdlOMR3iDSNsSGe1s=
Subject key identifier:   2C:7F:67:9E:84:46:84:E0:39:8E:D3:BA:46:55:91:0E:33:7D:5B:DA
Authority key identifier: 23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0
Certificate issuer:       /CN=23f91084058819889a4a8f32ea347759543134f0
Certificate serial:       019D9B508110740D8910C6507162462E0BC9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
Manifest number:          18BF
Signing time:             Fri 17 Apr 2026 12:00:37 +0000
Manifest this update:     Fri 17 Apr 2026 12:00:37 +0000
Manifest next update:     Sat 18 Apr 2026 12:00:37 +0000
Files and hashes:         1: I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl (hash: a7nK8N/0+alpWKTvAYqP91tS5VXXt6umRW5ylWhFBgA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:50:81:10:74:0d:89:10:c6:50:71:62:46:2e:0b:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23f91084058819889a4a8f32ea347759543134f0
        Validity
            Not Before: Apr 17 12:00:37 2026 GMT
            Not After : Apr 18 12:00:37 2026 GMT
        Subject: CN=2c7f679e844684e0398ed3ba4655910e337d5bda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:3c:05:98:31:47:d0:d5:53:ed:ba:f2:0f:ed:
                    7b:f6:09:89:5f:b5:43:46:ae:59:aa:e6:05:c7:12:
                    e4:f6:5d:37:f2:63:28:de:e6:2d:cd:44:03:1e:8d:
                    58:86:9a:5e:51:44:39:9e:aa:1a:e9:12:01:0a:17:
                    cb:c4:66:35:27:0e:dd:6e:6b:2d:6b:d0:b2:f1:ca:
                    5e:5a:e7:cd:f3:00:59:2a:74:0c:63:e3:c2:55:e8:
                    97:18:1d:27:e1:15:d9:f8:fd:7f:d4:5d:70:f5:e2:
                    84:1c:4a:d2:cb:12:74:68:e2:a9:b9:23:74:51:0a:
                    c3:4d:bd:c2:3d:e2:0d:71:ff:93:b3:22:84:de:11:
                    a3:26:5a:54:7b:bf:fb:c9:b0:12:10:3b:46:e7:4c:
                    a6:e8:1f:90:91:9d:d6:6c:a1:13:ff:4d:ee:c6:77:
                    b9:14:66:5c:b8:8c:8d:7d:b2:23:e0:57:0f:d4:65:
                    d8:fc:65:ae:7e:d0:52:8b:0f:4b:85:2d:58:ad:f9:
                    1d:0a:0e:86:33:4a:49:58:ae:fc:f9:17:fd:24:2b:
                    b5:e3:cd:61:91:b7:3b:c6:b6:47:c4:2c:20:0b:5d:
                    9c:33:c5:01:70:05:3d:7d:63:aa:b9:53:f3:3d:e8:
                    ac:ca:e0:c2:b7:b1:e7:7f:ed:57:02:c3:5d:ec:20:
                    68:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:7F:67:9E:84:46:84:E0:39:8E:D3:BA:46:55:91:0E:33:7D:5B:DA
            X509v3 Authority Key Identifier:
                keyid:23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:ca:ae:fe:37:14:48:fa:c2:6c:57:cc:13:0e:67:68:9c:27:
         f0:bf:09:d3:36:6b:cd:aa:84:21:9f:2e:98:f7:72:2b:58:38:
         5d:5c:d8:a5:04:57:84:f2:ac:bb:39:fe:14:eb:b4:6d:dd:8f:
         14:7a:c3:6f:1a:c3:56:97:41:f0:d6:83:93:ae:34:3a:60:5b:
         c7:e6:83:30:31:74:95:50:7c:15:81:08:1e:38:69:db:07:e5:
         92:49:c7:55:4e:0a:21:40:0c:d9:92:48:f0:68:af:76:3c:7c:
         db:28:a5:b4:be:8b:97:da:18:56:34:6c:96:85:5e:6b:e6:08:
         3f:2f:04:6d:a4:03:ae:f1:11:79:c6:75:0e:76:f0:37:a0:d8:
         38:86:71:9d:c3:2f:0a:15:27:02:5f:ab:ee:8c:4e:0e:89:83:
         f2:68:d7:80:82:16:d9:8e:ca:43:37:95:08:3b:13:7b:1d:e2:
         dc:6e:ac:6d:3d:87:2f:86:72:01:4f:b3:98:83:65:d3:a0:18:
         8a:57:e2:53:dc:19:0d:eb:90:e3:86:04:31:85:ec:33:bc:76:
         cc:ae:4c:a8:c8:7c:41:4a:15:7b:bd:74:ab:26:2d:b0:27:f1:
         2a:8c:2f:4a:31:31:8b:47:89:d5:1f:51:61:66:8f:50:43:c3:
         75:59:f6:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUIEQdA2JEMZQcWJGLgvJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZjkxMDg0MDU4ODE5ODg5YTRhOGYzMmVhMzQ3NzU5NTQz
MTM0ZjAwHhcNMjYwNDE3MTIwMDM3WhcNMjYwNDE4MTIwMDM3WjAzMTEwLwYDVQQD
EygyYzdmNjc5ZTg0NDY4NGUwMzk4ZWQzYmE0NjU1OTEwZTMzN2Q1YmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDwFmDFH0NVT7bryD+179gmJX7VD
Rq5ZquYFxxLk9l038mMo3uYtzUQDHo1YhppeUUQ5nqoa6RIBChfLxGY1Jw7dbmst
a9Cy8cpeWufN8wBZKnQMY+PCVeiXGB0n4RXZ+P1/1F1w9eKEHErSyxJ0aOKpuSN0
UQrDTb3CPeINcf+TsyKE3hGjJlpUe7/7ybASEDtG50ym6B+QkZ3WbKET/03uxne5
FGZcuIyNfbIj4FcP1GXY/GWuftBSiw9LhS1YrfkdCg6GM0pJWK78+Rf9JCu1481h
kbc7xrZHxCwgC12cM8UBcAU9fWOquVPzPeisyuDCt7Hnf+1XAsNd7CBo3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCx/Z56ERoTgOY7TukZVkQ4zfVvaMB8GA1UdIwQY
MBaAFCP5EIQFiBmImkqPMuo0d1lUMTTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQt
ZmRjZWQ0NWQyZmVjLzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQtZmRjZWQ0NWQyZmVj
LzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXMqu/jcU
SPrCbFfMEw5naJwn8L8J0zZrzaqEIZ8umPdyK1g4XVzYpQRXhPKsuzn+FOu0bd2P
FHrDbxrDVpdB8NaDk640OmBbx+aDMDF0lVB8FYEIHjhp2wflkknHVU4KIUAM2ZJI
8Givdjx82yiltL6Ll9oYVjRsloVea+YIPy8EbaQDrvERecZ1DnbwN6DYOIZxncMv
ChUnAl+r7oxODomD8mjXgIIW2Y7KQzeVCDsTex3i3G6sbT2HL4ZyAU+zmINl06AY
ilfiU9wZDeuQ44YEMYXsM7x2zK5MqMh8QUoVe710qyYtsCfxKowvSjExi0eJ1R9R
YWaPUEPDdVn2WA==
-----END CERTIFICATE-----