Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
File:                     QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft (raw, json)
Hash identifier:          +RlZLkn1VcChGfr9o4CYHpZ1dM8vE0kNoln+zhfssas=
Subject key identifier:   CF:7F:C7:88:78:4A:C9:2B:C8:74:B6:33:B4:13:4B:DF:1B:DB:8E:16
Authority key identifier: 40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94
Certificate issuer:       /CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
Certificate serial:       019D9B8771E959EE110C54702182C77EF04A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 13:00:37 +0000
Manifest this update:     Fri 17 Apr 2026 13:00:37 +0000
Manifest next update:     Sat 18 Apr 2026 13:00:37 +0000
Files and hashes:         1: QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl (hash: E/rTGhL4D/LRQIQsAVz5VUnMsUsHt+B0GjEeNU4DevU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:87:71:e9:59:ee:11:0c:54:70:21:82:c7:7e:f0:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
        Validity
            Not Before: Apr 17 13:00:37 2026 GMT
            Not After : Apr 18 13:00:37 2026 GMT
        Subject: CN=cf7fc788784ac92bc874b633b4134bdf1bdb8e16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:53:bb:5b:66:75:33:b4:f6:b8:da:ce:91:9d:
                    07:97:60:47:bc:29:bc:98:3b:bb:22:5f:61:eb:bf:
                    0f:b5:e7:a4:66:fa:3b:96:af:14:cf:d1:ca:ab:cd:
                    dc:de:fc:a9:bf:6a:38:78:09:01:60:6d:2f:6d:e6:
                    97:5d:1c:af:88:ff:b9:fc:4c:b5:0e:71:f8:e4:71:
                    cc:4d:a3:7e:5f:f2:7a:16:c0:fe:b9:90:d9:85:08:
                    7f:b8:f7:53:75:22:f9:ce:1a:00:6c:36:4f:75:4a:
                    8b:97:5c:e6:60:5d:8d:f4:86:53:8e:ab:7c:a9:1f:
                    97:05:72:43:25:76:34:6b:39:80:09:b1:41:be:0d:
                    e8:82:d3:eb:a0:aa:aa:62:70:96:16:59:7a:90:f3:
                    1d:17:d8:09:88:46:9b:cb:a4:86:55:5c:5b:92:d7:
                    1e:e1:40:3b:c1:71:55:0a:88:4f:1f:8b:34:ef:bd:
                    89:0b:f5:8e:d0:26:98:68:d3:56:b4:16:fc:fb:2d:
                    84:d6:e7:43:c5:c1:59:66:d7:01:85:cd:eb:b2:f8:
                    36:32:48:30:c8:96:db:de:55:18:0f:9f:e1:bf:43:
                    f4:8f:f8:5d:f1:ad:99:fa:ed:53:9c:09:db:0f:47:
                    ec:16:2f:18:3b:43:f6:09:92:0e:bf:70:6b:65:99:
                    3c:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:7F:C7:88:78:4A:C9:2B:C8:74:B6:33:B4:13:4B:DF:1B:DB:8E:16
            X509v3 Authority Key Identifier:
                keyid:40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:23:30:83:d5:32:2b:a5:0c:dc:1c:cf:ed:73:3c:01:3e:ac:
         9b:bb:d3:5d:e5:af:ad:68:48:13:ea:7a:21:a0:1d:c8:32:d5:
         d5:b8:97:54:18:76:5d:5d:c1:57:ff:da:f0:1f:9a:85:84:8d:
         16:a2:83:be:45:7b:96:95:be:d0:4d:5f:e0:e4:c2:6e:84:1a:
         11:ce:6c:3a:a9:d0:2c:3b:50:b8:f4:34:31:31:fe:ed:b7:09:
         d2:6c:5d:66:36:7b:23:74:bd:d2:ee:e0:1f:0a:d0:ca:bf:d2:
         ee:dc:87:f0:da:eb:6f:ad:a8:de:ba:49:9c:12:15:c3:7b:7e:
         0e:12:5a:7b:fb:83:5d:e9:74:c1:f3:91:a2:32:72:15:0a:5f:
         b5:57:63:f4:af:77:57:76:43:cc:49:88:0f:a6:e4:99:67:0b:
         49:d2:66:cc:1a:e5:2f:cf:07:9d:2d:e8:7e:41:29:5a:57:39:
         35:b0:ac:3e:a8:45:c3:35:92:03:9d:20:95:eb:48:ea:1d:cd:
         fb:33:fa:0c:a6:37:f3:3c:5f:be:3a:79:65:63:98:bd:0d:16:
         f3:9c:d5:7d:8b:85:25:2b:1e:f2:a6:ca:02:ba:30:9e:0e:ea:
         5b:06:39:67:9c:a6:c3:71:b8:5a:1f:0b:6e:40:ad:18:6d:02:
         ed:36:84:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bh3HpWe4RDFRwIYLHfvBKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOGIwZmU2NThlYjk2ZmI1MGIxMzVmNzFiYjkyZjI3Yjky
YzEzOTQwHhcNMjYwNDE3MTMwMDM3WhcNMjYwNDE4MTMwMDM3WjAzMTEwLwYDVQQD
EyhjZjdmYzc4ODc4NGFjOTJiYzg3NGI2MzNiNDEzNGJkZjFiZGI4ZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVO7W2Z1M7T2uNrOkZ0Hl2BHvCm8
mDu7Il9h678PteekZvo7lq8Uz9HKq83c3vypv2o4eAkBYG0vbeaXXRyviP+5/Ey1
DnH45HHMTaN+X/J6FsD+uZDZhQh/uPdTdSL5zhoAbDZPdUqLl1zmYF2N9IZTjqt8
qR+XBXJDJXY0azmACbFBvg3ogtProKqqYnCWFll6kPMdF9gJiEaby6SGVVxbktce
4UA7wXFVCohPH4s0772JC/WO0CaYaNNWtBb8+y2E1udDxcFZZtcBhc3rsvg2Mkgw
yJbb3lUYD5/hv0P0j/hd8a2Z+u1TnAnbD0fsFi8YO0P2CZIOv3BrZZk86wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM9/x4h4SskryHS2M7QTS98b244WMB8GA1UdIwQY
MBaAFECLD+ZY65b7ULE19xu5Lye5LBOUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYt
NDBlZGFkZWVlODYwLzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYtNDBlZGFkZWVlODYw
LzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAECMwg9Uy
K6UM3BzP7XM8AT6sm7vTXeWvrWhIE+p6IaAdyDLV1biXVBh2XV3BV//a8B+ahYSN
FqKDvkV7lpW+0E1f4OTCboQaEc5sOqnQLDtQuPQ0MTH+7bcJ0mxdZjZ7I3S90u7g
HwrQyr/S7tyH8Nrrb62o3rpJnBIVw3t+DhJae/uDXel0wfORojJyFQpftVdj9K93
V3ZDzEmID6bkmWcLSdJmzBrlL88HnS3ofkEpWlc5NbCsPqhFwzWSA50gletI6h3N
+zP6DKY38zxfvjp5ZWOYvQ0W85zVfYuFJSse8qbKArowng7qWwY5Z5ymw3G4Wh8L
bkCtGG0C7TaEQw==
-----END CERTIFICATE-----