Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
File:                     I1PVKkAkkfT5n-VHG90aXdb0K7w.mft (raw, json)
Hash identifier:          V2VVtKG2H/bCn/hgQb0c7Grs0h5BASHo2BZ4B9EsLJw=
Subject key identifier:   77:8C:E8:0E:39:90:73:FE:38:54:8D:4A:2F:07:EB:27:60:6A:A6:74
Authority key identifier: 23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC
Certificate issuer:       /CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc
Certificate serial:       019D9B507C7E6336AAA01D6C523A6D731919
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
Manifest number:          18BC
Signing time:             Fri 17 Apr 2026 12:00:36 +0000
Manifest this update:     Fri 17 Apr 2026 12:00:36 +0000
Manifest next update:     Sat 18 Apr 2026 12:00:36 +0000
Files and hashes:         1: I1PVKkAkkfT5n-VHG90aXdb0K7w.crl (hash: FnQOBkU6p0CTxnnJFaUJgG//Mu+14dl72Jjr3HcyX8E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:50:7c:7e:63:36:aa:a0:1d:6c:52:3a:6d:73:19:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc
        Validity
            Not Before: Apr 17 12:00:36 2026 GMT
            Not After : Apr 18 12:00:36 2026 GMT
        Subject: CN=778ce80e399073fe38548d4a2f07eb27606aa674
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:25:41:f5:7b:73:41:b5:2f:b5:01:6a:50:bb:
                    8d:63:8c:55:27:64:e6:20:30:8f:a0:35:b0:23:b2:
                    54:03:43:ee:e2:7f:46:1c:8c:30:fa:01:af:2d:e4:
                    af:a7:61:07:91:4c:cc:5d:2a:ec:3c:61:55:9a:d9:
                    af:82:01:51:6f:68:6b:05:4b:af:c9:61:92:3c:89:
                    71:bf:f7:18:85:4b:12:4d:3c:fb:1d:76:ec:69:02:
                    ae:c3:3d:5d:61:e2:6c:93:a1:d1:63:cb:58:c2:31:
                    16:b0:3a:0f:4b:30:10:fb:ca:ed:82:99:c0:73:a3:
                    a3:7d:09:a2:a2:dc:9e:7e:05:03:f7:ce:de:f7:37:
                    c7:fa:47:63:7e:c8:46:54:07:1d:e2:8d:a5:49:71:
                    c9:c1:52:01:d7:7e:96:9c:71:20:ed:ab:21:eb:96:
                    44:d7:bd:c0:5c:19:6a:08:9f:60:de:f5:15:d9:cc:
                    96:fd:dd:c5:a6:94:aa:cb:79:8b:40:eb:28:ff:03:
                    ce:b8:5c:3a:a3:b5:9e:82:fe:6c:fa:3d:9a:73:ff:
                    fe:f0:13:9a:59:7f:4c:43:b9:e2:8c:99:32:20:b0:
                    1b:a1:9f:f8:99:46:83:74:96:fe:04:10:b9:55:c6:
                    07:d9:08:0b:d0:72:31:1c:32:ef:61:8b:0f:8f:d9:
                    fc:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:8C:E8:0E:39:90:73:FE:38:54:8D:4A:2F:07:EB:27:60:6A:A6:74
            X509v3 Authority Key Identifier:
                keyid:23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:40:0b:d8:f9:b1:a5:79:68:15:60:14:33:03:7c:07:ef:6a:
         b8:9e:f5:bf:90:3c:71:ad:d2:b9:aa:4e:17:b9:52:36:a6:59:
         a9:19:3f:99:2b:76:43:6a:35:a4:b8:05:74:aa:e5:31:94:8b:
         70:bb:46:a7:7a:37:01:66:f3:db:24:f1:25:da:6a:14:a5:af:
         f4:32:71:7e:cc:f0:4b:e1:28:a1:f8:f0:73:32:7f:01:9e:1e:
         8b:91:a7:88:24:83:b5:89:14:71:7b:55:89:75:c3:9c:59:19:
         a8:97:4d:55:6a:30:0c:e5:9b:1a:90:8c:30:e9:83:28:e4:0e:
         42:42:fe:0d:0c:4f:51:6b:6a:cf:65:f5:0c:ac:3d:04:e6:b8:
         1c:36:75:24:2c:a9:1f:67:84:67:93:b3:46:f1:2b:e7:5d:b9:
         2d:2c:aa:10:3c:e5:20:dd:8d:56:fe:54:dd:68:fc:5c:65:d3:
         4e:1f:29:1d:39:0b:98:14:8c:1e:12:02:4c:bd:28:77:04:f5:
         3e:31:63:d3:a8:b7:e5:a3:a8:51:8b:d6:ce:c7:06:f0:0c:57:
         7f:b0:e7:b5:27:fe:d9:a4:cf:6d:d6:ff:49:c5:08:6e:d0:e7:
         35:08:b3:85:d7:df:53:23:61:a9:ab:a3:03:61:82:01:a2:e2:
         e4:39:a6:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUHx+YzaqoB1sUjptcxkZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNTNkNTJhNDAyNDkxZjRmOTlmZTU0NzFiZGQxYTVkZDZm
NDJiYmMwHhcNMjYwNDE3MTIwMDM2WhcNMjYwNDE4MTIwMDM2WjAzMTEwLwYDVQQD
Eyg3NzhjZTgwZTM5OTA3M2ZlMzg1NDhkNGEyZjA3ZWIyNzYwNmFhNjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriVB9XtzQbUvtQFqULuNY4xVJ2Tm
IDCPoDWwI7JUA0Pu4n9GHIww+gGvLeSvp2EHkUzMXSrsPGFVmtmvggFRb2hrBUuv
yWGSPIlxv/cYhUsSTTz7HXbsaQKuwz1dYeJsk6HRY8tYwjEWsDoPSzAQ+8rtgpnA
c6OjfQmiotyefgUD987e9zfH+kdjfshGVAcd4o2lSXHJwVIB136WnHEg7ash65ZE
173AXBlqCJ9g3vUV2cyW/d3FppSqy3mLQOso/wPOuFw6o7Wegv5s+j2ac//+8BOa
WX9MQ7nijJkyILAboZ/4mUaDdJb+BBC5VcYH2QgL0HIxHDLvYYsPj9n8tQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHeM6A45kHP+OFSNSi8H6ydgaqZ0MB8GA1UdIwQY
MBaAFCNT1SpAJJH0+Z/lRxvdGl3W9Cu8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xZjFhZjYtZGQxYi00MTE3LWFjMTct
ZGVhYjg1ODZmMmNlLzEvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xZjFhZjYtZGQxYi00MTE3LWFjMTctZGVhYjg1ODZmMmNl
LzEvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnEAL2Pmx
pXloFWAUMwN8B+9quJ71v5A8ca3SuapOF7lSNqZZqRk/mSt2Q2o1pLgFdKrlMZSL
cLtGp3o3AWbz2yTxJdpqFKWv9DJxfszwS+EoofjwczJ/AZ4ei5GniCSDtYkUcXtV
iXXDnFkZqJdNVWowDOWbGpCMMOmDKOQOQkL+DQxPUWtqz2X1DKw9BOa4HDZ1JCyp
H2eEZ5OzRvEr5125LSyqEDzlIN2NVv5U3Wj8XGXTTh8pHTkLmBSMHhICTL0odwT1
PjFj06i35aOoUYvWzscG8AxXf7DntSf+2aTPbdb/ScUIbtDnNQizhdffUyNhqauj
A2GCAaLi5Dmmgw==
-----END CERTIFICATE-----