Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4668d1-22a4-432e-81fc-284e9bcf82c5/1/rARWSrE5dm8d7mSLNaChi702IQk.mft
File:                     rARWSrE5dm8d7mSLNaChi702IQk.mft (raw, json)
Hash identifier:          wLyHDnG/zmRb7C6CLKG9bmrjECwZHJk1vi+2nGKXKh8=
Subject key identifier:   1F:AD:94:C3:87:19:25:F1:A7:01:B0:3C:D9:EB:A3:DC:90:38:A3:A8
Authority key identifier: AC:04:56:4A:B1:39:76:6F:1D:EE:64:8B:35:A0:A1:8B:BD:36:21:09
Certificate issuer:       /CN=ac04564ab139766f1dee648b35a0a18bbd362109
Certificate serial:       019D992B3C1BAFD6B7AB5573E305D4A09153
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rARWSrE5dm8d7mSLNaChi702IQk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4668d1-22a4-432e-81fc-284e9bcf82c5/1/rARWSrE5dm8d7mSLNaChi702IQk.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 02:00:40 +0000
Manifest this update:     Fri 17 Apr 2026 02:00:40 +0000
Manifest next update:     Sat 18 Apr 2026 02:00:40 +0000
Files and hashes:         1: rARWSrE5dm8d7mSLNaChi702IQk.crl (hash: fPcCGNPUqKxgAx/wadB5M6KTnb4I8L2phhaaeEKh9us=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/4668d1-22a4-432e-81fc-284e9bcf82c5/1/rARWSrE5dm8d7mSLNaChi702IQk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/4668d1-22a4-432e-81fc-284e9bcf82c5/1/rARWSrE5dm8d7mSLNaChi702IQk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rARWSrE5dm8d7mSLNaChi702IQk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:2b:3c:1b:af:d6:b7:ab:55:73:e3:05:d4:a0:91:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ac04564ab139766f1dee648b35a0a18bbd362109
        Validity
            Not Before: Apr 17 02:00:40 2026 GMT
            Not After : Apr 18 02:00:40 2026 GMT
        Subject: CN=1fad94c3871925f1a701b03cd9eba3dc9038a3a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ab:e0:11:1c:91:f0:c1:05:63:17:e9:14:b3:
                    20:83:84:fc:11:4b:19:ac:ff:a9:4f:d2:b3:cb:1a:
                    95:bd:d5:c9:64:22:8c:f0:74:22:82:4b:e7:1f:54:
                    d6:15:ec:85:80:1d:ff:78:4c:12:f8:84:84:a2:8e:
                    e2:43:72:83:3e:82:26:1e:51:fc:03:8d:31:3b:3c:
                    9d:eb:3f:d7:b1:ff:b2:aa:83:fc:22:7f:97:34:53:
                    fa:83:9f:c7:e6:8d:20:b5:32:96:94:9b:3a:9f:55:
                    7f:97:63:fd:ce:91:e1:df:15:49:56:a5:c7:33:d9:
                    0e:17:dc:ce:06:13:50:4c:76:f3:39:96:01:f8:3c:
                    4b:6a:d0:10:ed:b6:e2:93:9c:29:85:e5:68:05:cb:
                    5d:61:5e:3d:4e:9b:c4:f0:53:bd:8e:77:c4:d5:a6:
                    ca:c3:7b:81:59:74:9e:b1:5f:2c:47:49:12:4c:f8:
                    ce:8e:b2:f2:b2:82:21:99:ed:eb:0b:77:c8:d4:16:
                    f4:f1:55:8c:28:ba:9a:d3:d9:2b:73:a7:e2:de:5b:
                    cc:e5:dd:da:72:4f:32:ad:91:d9:c2:21:87:8c:31:
                    90:a4:cb:34:a6:65:b0:48:13:b2:34:1c:3c:af:fe:
                    75:f7:d0:92:23:1f:6e:13:82:a0:62:d0:b6:e2:ec:
                    07:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:AD:94:C3:87:19:25:F1:A7:01:B0:3C:D9:EB:A3:DC:90:38:A3:A8
            X509v3 Authority Key Identifier:
                keyid:AC:04:56:4A:B1:39:76:6F:1D:EE:64:8B:35:A0:A1:8B:BD:36:21:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rARWSrE5dm8d7mSLNaChi702IQk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4668d1-22a4-432e-81fc-284e9bcf82c5/1/rARWSrE5dm8d7mSLNaChi702IQk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4668d1-22a4-432e-81fc-284e9bcf82c5/1/rARWSrE5dm8d7mSLNaChi702IQk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:8b:b4:68:91:09:4d:e8:19:52:5b:e1:75:6c:01:b0:19:cb:
         02:0c:2f:e0:f4:ce:c5:ad:b2:fc:1d:ec:ea:e4:fb:42:de:cb:
         f9:05:1a:d5:94:ad:3e:7d:8b:ab:15:73:cc:37:c0:95:0a:47:
         82:76:38:45:2e:3f:3e:89:75:12:d2:3d:51:82:82:80:c2:6c:
         04:75:27:61:47:ce:0d:8b:ca:c8:5e:d5:75:45:7f:7c:2c:16:
         3c:ed:5e:1a:d8:93:63:5c:ca:b0:c6:65:20:4b:d0:28:37:58:
         f4:f4:d7:44:2e:36:6a:95:6f:92:2f:f9:05:bf:73:03:c7:db:
         88:ae:cb:4b:07:76:52:0d:80:84:15:f9:a7:8a:c3:50:52:41:
         64:04:91:29:9b:a2:dc:19:d4:20:eb:81:9d:cc:2e:49:64:0a:
         3d:39:dd:1f:b4:a1:25:2b:5b:3e:3b:0d:ba:a9:bf:8a:48:16:
         86:a8:b3:67:54:43:eb:fc:b8:0a:c2:45:d1:b6:64:ae:14:fb:
         87:b5:83:e5:c0:65:df:aa:b3:2b:2b:20:4b:32:a5:4c:f3:dd:
         f9:98:1e:74:b7:bf:b8:e7:0a:90:9a:ec:97:7a:e5:3b:aa:4b:
         6e:99:67:96:48:f9:ac:6b:30:be:2f:63:e6:f4:c3:47:1e:79:
         d8:bc:6a:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZKzwbr9a3q1Vz4wXUoJFTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMDQ1NjRhYjEzOTc2NmYxZGVlNjQ4YjM1YTBhMThiYmQz
NjIxMDkwHhcNMjYwNDE3MDIwMDQwWhcNMjYwNDE4MDIwMDQwWjAzMTEwLwYDVQQD
EygxZmFkOTRjMzg3MTkyNWYxYTcwMWIwM2NkOWViYTNkYzkwMzhhM2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6vgERyR8MEFYxfpFLMgg4T8EUsZ
rP+pT9KzyxqVvdXJZCKM8HQigkvnH1TWFeyFgB3/eEwS+ISEoo7iQ3KDPoImHlH8
A40xOzyd6z/Xsf+yqoP8In+XNFP6g5/H5o0gtTKWlJs6n1V/l2P9zpHh3xVJVqXH
M9kOF9zOBhNQTHbzOZYB+DxLatAQ7bbik5wpheVoBctdYV49TpvE8FO9jnfE1abK
w3uBWXSesV8sR0kSTPjOjrLysoIhme3rC3fI1Bb08VWMKLqa09krc6fi3lvM5d3a
ck8yrZHZwiGHjDGQpMs0pmWwSBOyNBw8r/5199CSIx9uE4KgYtC24uwHpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB+tlMOHGSXxpwGwPNnro9yQOKOoMB8GA1UdIwQY
MBaAFKwEVkqxOXZvHe5kizWgoYu9NiEJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckFSV1NyRTVkbThkN21TTE5hQ2hpNzAySVFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80NjY4ZDEtMjJhNC00MzJlLTgxZmMt
Mjg0ZTliY2Y4MmM1LzEvckFSV1NyRTVkbThkN21TTE5hQ2hpNzAySVFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80NjY4ZDEtMjJhNC00MzJlLTgxZmMtMjg0ZTliY2Y4MmM1
LzEvckFSV1NyRTVkbThkN21TTE5hQ2hpNzAySVFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdYu0aJEJ
TegZUlvhdWwBsBnLAgwv4PTOxa2y/B3s6uT7Qt7L+QUa1ZStPn2LqxVzzDfAlQpH
gnY4RS4/Pol1EtI9UYKCgMJsBHUnYUfODYvKyF7VdUV/fCwWPO1eGtiTY1zKsMZl
IEvQKDdY9PTXRC42apVvki/5Bb9zA8fbiK7LSwd2Ug2AhBX5p4rDUFJBZASRKZui
3BnUIOuBncwuSWQKPTndH7ShJStbPjsNuqm/ikgWhqizZ1RD6/y4CsJF0bZkrhT7
h7WD5cBl36qzKysgSzKlTPPd+ZgedLe/uOcKkJrsl3rlO6pLbplnlkj5rGswvi9j
5vTDRx552Lxq6w==
-----END CERTIFICATE-----