Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft
File:                     yAH8mVpSGvH1Atnq8S1mIaZMr00.mft (raw, json)
Hash identifier:          3Lcj8BRhFOQtA2RQDfeIM4pr009bFTcD20ngMB5lMGM=
Subject key identifier:   43:4E:FF:8A:F9:AC:C0:6A:F6:94:DA:59:E9:74:2E:A1:7B:9D:41:7C
Authority key identifier: C8:01:FC:99:5A:52:1A:F1:F5:02:D9:EA:F1:2D:66:21:A6:4C:AF:4D
Certificate issuer:       /CN=c801fc995a521af1f502d9eaf12d6621a64caf4d
Certificate serial:       019D9AE2E15C0771EC0C863BFABFDDB93357
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 10:00:53 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:53 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:53 +0000
Files and hashes:         1: yAH8mVpSGvH1Atnq8S1mIaZMr00.crl (hash: DYCCUnh2EHpxLvQt1FTCwXcw+PQCbhXDV6mxKKpGnt4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 10:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:e1:5c:07:71:ec:0c:86:3b:fa:bf:dd:b9:33:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c801fc995a521af1f502d9eaf12d6621a64caf4d
        Validity
            Not Before: Apr 17 10:00:53 2026 GMT
            Not After : Apr 18 10:00:53 2026 GMT
        Subject: CN=434eff8af9acc06af694da59e9742ea17b9d417c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:5b:39:8a:2a:f5:80:c8:09:e1:4c:ec:c7:e9:
                    fc:1a:41:d9:7b:40:b3:0c:7b:d0:87:56:c6:3d:5a:
                    30:1d:d6:c4:77:3f:63:1b:49:3d:71:96:a1:91:40:
                    99:f2:90:66:bf:2d:4e:3e:7a:d9:2b:d0:c3:9b:04:
                    eb:79:4f:4e:d1:83:11:f8:6d:8c:0e:1b:30:8d:63:
                    14:76:7f:e9:a6:eb:f4:43:13:d8:4e:94:88:61:d8:
                    7d:69:8f:46:62:74:13:d6:c1:02:57:16:d9:75:6e:
                    4a:f6:45:1c:42:a9:ea:e6:48:82:2c:2c:16:0a:fa:
                    37:36:7e:e2:41:b8:76:bb:97:04:9b:da:80:24:0c:
                    88:c9:80:9d:c1:1f:34:7f:0b:e5:00:19:e5:52:b1:
                    7f:21:0d:a0:0a:d0:29:ad:6d:fa:94:b9:33:be:dc:
                    ab:db:22:4d:7b:35:2b:cb:64:24:b7:3e:e7:dc:0d:
                    bd:a7:31:a9:cf:25:44:7c:53:76:c4:6d:6d:6b:1b:
                    1d:df:16:0a:b0:9d:9a:eb:db:21:c3:9c:fc:81:e9:
                    c7:4f:ca:29:47:5d:9e:49:55:b4:bf:16:e5:dd:2c:
                    62:d4:84:4c:e2:42:10:0a:f8:e5:a6:38:60:0d:04:
                    43:ec:a9:5f:1d:76:8b:e6:50:44:1c:6f:02:71:d1:
                    ef:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:4E:FF:8A:F9:AC:C0:6A:F6:94:DA:59:E9:74:2E:A1:7B:9D:41:7C
            X509v3 Authority Key Identifier:
                keyid:C8:01:FC:99:5A:52:1A:F1:F5:02:D9:EA:F1:2D:66:21:A6:4C:AF:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:06:90:71:56:ef:e9:54:65:c0:e7:d4:09:08:59:cf:fc:d1:
         cd:3c:5e:05:0d:e6:b7:8f:23:03:01:6d:04:69:62:70:7c:6c:
         85:6c:94:fc:bd:40:52:e6:3c:91:bc:8c:49:cd:01:bb:07:11:
         21:fa:27:42:dd:3e:a1:2c:70:0e:c1:83:b8:b4:35:a9:d2:e8:
         df:f6:6d:6f:6b:8d:11:d1:d2:1a:c8:21:18:a4:a9:b9:7b:7c:
         94:ac:6d:ad:e6:9c:d9:97:84:11:cb:fc:c4:5a:a1:73:9c:09:
         32:63:4e:b5:3d:e7:c2:e2:a5:cf:32:d7:04:c0:32:4d:a9:8b:
         2f:b8:20:ae:91:cb:2c:97:26:f3:e8:2a:21:4e:d4:eb:a4:6a:
         c9:ee:75:c0:e7:79:54:a3:b1:18:fe:65:6a:75:ca:35:87:c8:
         fb:1a:ab:fc:ee:39:e9:09:6e:b9:95:8a:6c:dc:11:58:79:40:
         e8:1c:fa:e1:68:15:96:f2:c1:b0:1d:50:2c:25:3d:e0:6b:2b:
         63:dd:ed:ea:78:fa:bd:60:bb:12:34:37:39:ae:83:94:d5:bd:
         6c:58:17:eb:2a:fd:ea:78:9e:48:07:e9:65:c6:0d:be:96:ab:
         71:b5:2c:4d:66:93:06:e5:41:71:57:1e:63:db:d5:bf:ca:cb:
         5d:ad:56:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4uFcB3HsDIY7+r/duTNXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MDFmYzk5NWE1MjFhZjFmNTAyZDllYWYxMmQ2NjIxYTY0
Y2FmNGQwHhcNMjYwNDE3MTAwMDUzWhcNMjYwNDE4MTAwMDUzWjAzMTEwLwYDVQQD
Eyg0MzRlZmY4YWY5YWNjMDZhZjY5NGRhNTllOTc0MmVhMTdiOWQ0MTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVs5iir1gMgJ4Uzsx+n8GkHZe0Cz
DHvQh1bGPVowHdbEdz9jG0k9cZahkUCZ8pBmvy1OPnrZK9DDmwTreU9O0YMR+G2M
DhswjWMUdn/ppuv0QxPYTpSIYdh9aY9GYnQT1sECVxbZdW5K9kUcQqnq5kiCLCwW
Cvo3Nn7iQbh2u5cEm9qAJAyIyYCdwR80fwvlABnlUrF/IQ2gCtAprW36lLkzvtyr
2yJNezUry2Qktz7n3A29pzGpzyVEfFN2xG1taxsd3xYKsJ2a69shw5z8genHT8op
R12eSVW0vxbl3Sxi1IRM4kIQCvjlpjhgDQRD7KlfHXaL5lBEHG8CcdHvzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFENO/4r5rMBq9pTaWel0LqF7nUF8MB8GA1UdIwQY
MBaAFMgB/JlaUhrx9QLZ6vEtZiGmTK9NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9iMDQxYjgtNmIyNC00NGYzLWE3NDgt
NzJjMGQ1MDkzMzRkLzEveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9iMDQxYjgtNmIyNC00NGYzLWE3NDgtNzJjMGQ1MDkzMzRk
LzEveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASAaQcVbv
6VRlwOfUCQhZz/zRzTxeBQ3mt48jAwFtBGlicHxshWyU/L1AUuY8kbyMSc0BuwcR
IfonQt0+oSxwDsGDuLQ1qdLo3/Ztb2uNEdHSGsghGKSpuXt8lKxtreac2ZeEEcv8
xFqhc5wJMmNOtT3nwuKlzzLXBMAyTamLL7ggrpHLLJcm8+gqIU7U66Rqye51wOd5
VKOxGP5lanXKNYfI+xqr/O456QluuZWKbNwRWHlA6Bz64WgVlvLBsB1QLCU94Gsr
Y93t6nj6vWC7EjQ3Oa6DlNW9bFgX6yr96nieSAfpZcYNvparcbUsTWaTBuVBcVce
Y9vVv8rLXa1Wiw==
-----END CERTIFICATE-----