Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.mft
File:                     rrlJQmajhxkETYKaSgqPF6QHBOg.mft (raw, json)
Hash identifier:          EurVOHxaBMCpHDvOMDD0K2DRyNA/WDrjXAXZIgSxYzI=
Subject key identifier:   4B:E6:F5:28:C2:EB:8C:F6:CE:79:C9:63:D5:A1:B8:ED:67:FC:83:E2
Authority key identifier: AE:B9:49:42:66:A3:87:19:04:4D:82:9A:4A:0A:8F:17:A4:07:04:E8
Certificate issuer:       /CN=aeb9494266a38719044d829a4a0a8f17a40704e8
Certificate serial:       019D9AE34DDD1D19B85E56C1F644B8E2B643
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rrlJQmajhxkETYKaSgqPF6QHBOg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.mft
Manifest number:          18BF
Signing time:             Fri 17 Apr 2026 10:01:20 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:20 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:20 +0000
Files and hashes:         1: rrlJQmajhxkETYKaSgqPF6QHBOg.crl (hash: aN8chAEh6fMwitgMhV5ymD8YVRD7tTRvXdJtm9yahkA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rrlJQmajhxkETYKaSgqPF6QHBOg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:4d:dd:1d:19:b8:5e:56:c1:f6:44:b8:e2:b6:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aeb9494266a38719044d829a4a0a8f17a40704e8
        Validity
            Not Before: Apr 17 10:01:20 2026 GMT
            Not After : Apr 18 10:01:20 2026 GMT
        Subject: CN=4be6f528c2eb8cf6ce79c963d5a1b8ed67fc83e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:9d:81:12:1e:92:f1:5c:a7:37:24:d5:b0:45:
                    81:55:35:12:61:f8:f7:fb:fa:d8:04:b4:48:e8:aa:
                    82:c6:9e:e4:bc:03:25:f9:d7:58:c1:bd:99:09:3e:
                    65:eb:8f:bc:80:6b:65:c4:29:92:eb:2e:39:18:59:
                    a7:e6:61:fd:71:e2:62:8a:0b:d7:b6:37:a9:1f:bd:
                    46:cb:3b:da:f3:95:72:b3:9a:4d:9b:e5:3d:40:42:
                    2c:83:19:cb:68:c0:d7:1c:c5:83:83:f9:35:34:51:
                    04:5e:59:f4:37:f4:e1:ba:f1:81:a1:d5:f2:fe:a0:
                    38:56:9a:4f:c3:54:40:1f:be:5e:d2:5d:3f:62:34:
                    8a:a6:c8:22:fd:81:ba:ed:95:6b:f9:48:ad:21:7f:
                    72:03:f0:47:53:b6:f1:f0:78:72:84:8f:85:39:c6:
                    73:7c:4f:4e:92:23:cc:53:08:9f:d0:cc:80:2b:d0:
                    da:89:cb:e5:ac:97:f1:b5:da:fb:a7:fa:d1:f3:de:
                    12:e1:ae:9a:3d:b7:b0:cd:5d:7f:18:52:cd:6b:ba:
                    07:f0:a6:78:5b:fd:93:6f:3d:15:cb:4c:4c:04:67:
                    e8:81:5c:b4:b8:a6:b9:1f:6d:7a:29:51:dc:7c:c9:
                    45:31:ec:6f:d1:52:1e:17:55:47:4f:74:2d:e2:43:
                    20:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:E6:F5:28:C2:EB:8C:F6:CE:79:C9:63:D5:A1:B8:ED:67:FC:83:E2
            X509v3 Authority Key Identifier:
                keyid:AE:B9:49:42:66:A3:87:19:04:4D:82:9A:4A:0A:8F:17:A4:07:04:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrlJQmajhxkETYKaSgqPF6QHBOg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e7adab-8055-4785-8df5-2a7b58bdf945/1/rrlJQmajhxkETYKaSgqPF6QHBOg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:a1:21:de:74:d9:37:23:ac:1d:a0:67:09:37:6b:5d:78:0e:
         9c:0b:37:8c:2a:2b:a3:cd:31:77:86:19:08:40:9d:b1:d1:b7:
         01:06:7c:14:dd:02:b1:35:1b:6c:99:95:f9:28:64:05:11:d8:
         ea:ca:78:cc:43:03:0b:3b:a8:12:05:97:60:ec:8f:87:d1:84:
         09:59:15:dc:c2:51:13:89:c7:82:b7:81:ae:b6:f7:35:4f:1b:
         e2:f8:70:0a:4f:36:43:d6:4d:d8:a9:89:bf:76:fc:04:e7:3c:
         64:3e:b1:01:13:e9:42:f2:06:0e:ac:18:47:a8:30:b7:04:e1:
         fb:6e:de:32:55:4a:fc:67:b9:0b:d8:3d:b0:1a:6b:1d:d2:c3:
         d0:a0:75:4d:3e:c0:16:e8:08:4c:b7:4c:84:7c:98:13:0f:8f:
         1e:83:49:c2:3f:47:4b:3c:c0:5b:9c:c2:63:2c:a3:c0:6a:db:
         c8:e5:32:51:95:09:b5:b8:aa:13:f2:5c:a4:f8:6b:ad:7e:5b:
         f5:4d:d2:96:80:de:a1:ba:b7:5a:ac:6c:f8:b8:5c:10:c5:4d:
         dc:5c:b1:e1:7a:d4:16:41:c5:36:94:f4:a0:89:60:4c:d5:77:
         58:e1:73:66:3b:38:ff:0b:1d:ef:d0:93:d2:02:00:07:59:07:
         ab:75:29:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a403dHRm4XlbB9kS44rZDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYjk0OTQyNjZhMzg3MTkwNDRkODI5YTRhMGE4ZjE3YTQw
NzA0ZTgwHhcNMjYwNDE3MTAwMTIwWhcNMjYwNDE4MTAwMTIwWjAzMTEwLwYDVQQD
Eyg0YmU2ZjUyOGMyZWI4Y2Y2Y2U3OWM5NjNkNWExYjhlZDY3ZmM4M2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3J2BEh6S8VynNyTVsEWBVTUSYfj3
+/rYBLRI6KqCxp7kvAMl+ddYwb2ZCT5l64+8gGtlxCmS6y45GFmn5mH9ceJiigvX
tjepH71Gyzva85Vys5pNm+U9QEIsgxnLaMDXHMWDg/k1NFEEXln0N/ThuvGBodXy
/qA4VppPw1RAH75e0l0/YjSKpsgi/YG67ZVr+UitIX9yA/BHU7bx8HhyhI+FOcZz
fE9OkiPMUwif0MyAK9DaicvlrJfxtdr7p/rR894S4a6aPbewzV1/GFLNa7oH8KZ4
W/2Tbz0Vy0xMBGfogVy0uKa5H216KVHcfMlFMexv0VIeF1VHT3Qt4kMgcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEvm9SjC64z2znnJY9WhuO1n/IPiMB8GA1UdIwQY
MBaAFK65SUJmo4cZBE2CmkoKjxekBwToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnJsSlFtYWpoeGtFVFlLYVNncVBGNlFIQk9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9lN2FkYWItODA1NS00Nzg1LThkZjUt
MmE3YjU4YmRmOTQ1LzEvcnJsSlFtYWpoeGtFVFlLYVNncVBGNlFIQk9nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9lN2FkYWItODA1NS00Nzg1LThkZjUtMmE3YjU4YmRmOTQ1
LzEvcnJsSlFtYWpoeGtFVFlLYVNncVBGNlFIQk9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK6Eh3nTZ
NyOsHaBnCTdrXXgOnAs3jCoro80xd4YZCECdsdG3AQZ8FN0CsTUbbJmV+ShkBRHY
6sp4zEMDCzuoEgWXYOyPh9GECVkV3MJRE4nHgreBrrb3NU8b4vhwCk82Q9ZN2KmJ
v3b8BOc8ZD6xARPpQvIGDqwYR6gwtwTh+27eMlVK/Ge5C9g9sBprHdLD0KB1TT7A
FugITLdMhHyYEw+PHoNJwj9HSzzAW5zCYyyjwGrbyOUyUZUJtbiqE/JcpPhrrX5b
9U3SloDeobq3Wqxs+LhcEMVN3Fyx4XrUFkHFNpT0oIlgTNV3WOFzZjs4/wsd79CT
0gIAB1kHq3UpRA==
-----END CERTIFICATE-----