Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
File:                     FYi9izG5XpysnzgSjZW4UvA9V4Q.mft (raw, json)
Hash identifier:          NgLEuwiEP/W53tbTQ5//F4Xe+arpoNO4/fzEFVEd/8w=
Subject key identifier:   5A:54:37:3C:9D:11:01:B5:7D:2E:C4:96:C8:53:77:2D:16:FB:D0:55
Authority key identifier: 15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84
Certificate issuer:       /CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
Certificate serial:       019D9AE2EA730A900B967C1091F103A22292
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
Manifest number:          18BF
Signing time:             Fri 17 Apr 2026 10:00:55 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:55 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:55 +0000
Files and hashes:         1: FYi9izG5XpysnzgSjZW4UvA9V4Q.crl (hash: gSAIGgfoBnRYOPBc7AC83k2L5XO0HQLuJqx5nSA5YsA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:ea:73:0a:90:0b:96:7c:10:91:f1:03:a2:22:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
        Validity
            Not Before: Apr 17 10:00:55 2026 GMT
            Not After : Apr 18 10:00:55 2026 GMT
        Subject: CN=5a54373c9d1101b57d2ec496c853772d16fbd055
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:66:ac:ef:c5:56:59:0a:7a:bd:77:60:31:bf:
                    d6:c3:b4:6f:c5:3c:53:b2:f7:d8:ac:cf:71:88:cd:
                    8e:c6:f8:c4:29:06:92:fa:b5:30:84:e5:8b:06:a3:
                    ad:f6:27:03:c5:84:dc:2c:c0:df:a9:a1:b9:85:6c:
                    0a:55:b9:bb:0a:81:33:27:44:7f:5d:75:b3:8a:ba:
                    c3:78:e6:d5:56:4d:72:ef:d0:29:f3:0a:19:e5:0e:
                    a1:35:d6:34:0b:4e:34:d0:03:8d:93:77:63:9f:ce:
                    38:af:10:59:70:19:d2:19:17:23:8f:71:29:09:b8:
                    07:44:71:8b:d2:d4:64:84:ae:8d:c9:e8:54:1c:58:
                    e2:91:c2:d1:37:d8:69:23:f2:7a:70:54:26:8d:e3:
                    4d:ad:41:03:6f:51:21:ea:03:6b:5a:4e:0c:97:9f:
                    a6:cc:9d:0e:d8:4d:45:68:45:3e:8e:3c:fb:fd:f3:
                    48:09:bd:c7:40:43:32:70:62:7c:b2:1a:98:b8:6c:
                    5d:3f:fa:41:d4:ef:78:0a:54:f8:cb:0f:ef:d2:8d:
                    9e:80:42:b2:84:f8:e5:af:d4:17:4d:2d:4f:30:86:
                    a6:5d:dd:32:b1:ca:9b:07:41:7b:ef:63:76:7b:17:
                    3d:dd:cb:57:dc:9d:a1:7f:29:f2:42:37:ad:3d:3e:
                    61:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:54:37:3C:9D:11:01:B5:7D:2E:C4:96:C8:53:77:2D:16:FB:D0:55
            X509v3 Authority Key Identifier:
                keyid:15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:fa:3b:da:c2:dc:a9:6f:95:b3:64:39:d0:46:cc:7f:79:bc:
         88:86:97:e1:ae:f4:18:e4:73:05:d2:82:bf:00:a9:06:76:b1:
         1f:78:10:0c:14:e3:c5:f1:60:e0:1b:e5:91:db:86:7e:f8:b9:
         61:76:25:9c:d9:1b:01:26:90:10:37:0c:4b:15:34:fc:77:18:
         6f:dc:0f:63:54:70:10:9b:3d:00:0c:51:c7:98:5b:89:10:17:
         21:2f:2a:20:c8:44:b2:c8:67:c1:bd:77:f6:ed:ae:fb:15:41:
         d6:ab:13:b1:1a:cf:e8:b6:4f:b0:88:21:9c:1f:eb:41:a8:fe:
         c2:90:af:3b:0a:3a:f2:38:b3:fd:cf:ec:08:4f:09:64:de:56:
         f4:23:2b:52:6a:62:1f:56:3c:0d:38:fb:5d:5a:4a:10:cd:3a:
         cf:52:1f:56:c1:45:66:f6:cc:d0:3d:a9:b6:6e:8e:89:0d:a7:
         12:86:f5:3a:1c:d9:cd:1f:12:a5:24:5e:42:89:5f:43:86:e0:
         88:55:e3:3a:69:2c:6e:37:5b:bb:9a:e6:f8:40:d5:2e:4b:bf:
         93:6a:9c:8b:f3:ae:d5:52:63:66:35:83:6b:47:c2:7d:4c:6f:
         f1:0d:92:ac:7f:33:02:5e:27:ea:40:fe:45:2b:4d:1a:9f:a1:
         ef:ec:fd:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4upzCpALlnwQkfEDoiKSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ODhiZDhiMzFiOTVlOWNhYzlmMzgxMjhkOTViODUyZjAz
ZDU3ODQwHhcNMjYwNDE3MTAwMDU1WhcNMjYwNDE4MTAwMDU1WjAzMTEwLwYDVQQD
Eyg1YTU0MzczYzlkMTEwMWI1N2QyZWM0OTZjODUzNzcyZDE2ZmJkMDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWas78VWWQp6vXdgMb/Ww7RvxTxT
svfYrM9xiM2OxvjEKQaS+rUwhOWLBqOt9icDxYTcLMDfqaG5hWwKVbm7CoEzJ0R/
XXWzirrDeObVVk1y79Ap8woZ5Q6hNdY0C0400AONk3djn844rxBZcBnSGRcjj3Ep
CbgHRHGL0tRkhK6NyehUHFjikcLRN9hpI/J6cFQmjeNNrUEDb1Eh6gNrWk4Ml5+m
zJ0O2E1FaEU+jjz7/fNICb3HQEMycGJ8shqYuGxdP/pB1O94ClT4yw/v0o2egEKy
hPjlr9QXTS1PMIamXd0yscqbB0F772N2exc93ctX3J2hfynyQjetPT5hDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFpUNzydEQG1fS7ElshTdy0W+9BVMB8GA1UdIwQY
MBaAFBWIvYsxuV6crJ84Eo2VuFLwPVeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kMWFhMmUtYjgxOS00MjFjLTg0NTYt
YjVhZTgzOWYzMGUyLzEvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kMWFhMmUtYjgxOS00MjFjLTg0NTYtYjVhZTgzOWYzMGUy
LzEvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfPo72sLc
qW+Vs2Q50EbMf3m8iIaX4a70GORzBdKCvwCpBnaxH3gQDBTjxfFg4BvlkduGfvi5
YXYlnNkbASaQEDcMSxU0/HcYb9wPY1RwEJs9AAxRx5hbiRAXIS8qIMhEsshnwb13
9u2u+xVB1qsTsRrP6LZPsIghnB/rQaj+wpCvOwo68jiz/c/sCE8JZN5W9CMrUmpi
H1Y8DTj7XVpKEM06z1IfVsFFZvbM0D2ptm6OiQ2nEob1OhzZzR8SpSReQolfQ4bg
iFXjOmksbjdbu5rm+EDVLku/k2qci/Ou1VJjZjWDa0fCfUxv8Q2SrH8zAl4n6kD+
RStNGp+h7+z91Q==
-----END CERTIFICATE-----