Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e56fbc-18cf-4765-8a4c-cd70138e6383/1/G8qoP8mkEL2z4P0thIcgE0dxvs8.mft
File:                     G8qoP8mkEL2z4P0thIcgE0dxvs8.mft (raw, json)
Hash identifier:          iYPocp14x+eHWSn9+zStRWk1fOXcPO4Zk8R9KdEzUso=
Subject key identifier:   2C:B9:9D:D9:6B:53:06:C0:59:57:D0:1C:50:69:84:6B:8D:B9:47:14
Authority key identifier: 1B:CA:A8:3F:C9:A4:10:BD:B3:E0:FD:2D:84:87:20:13:47:71:BE:CF
Certificate issuer:       /CN=1bcaa83fc9a410bdb3e0fd2d848720134771becf
Certificate serial:       019DA378D1BE45AF98665E48B573E7B39F37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G8qoP8mkEL2z4P0thIcgE0dxvs8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/e56fbc-18cf-4765-8a4c-cd70138e6383/1/G8qoP8mkEL2z4P0thIcgE0dxvs8.mft
Manifest number:          1854
Signing time:             Sun 19 Apr 2026 02:01:37 +0000
Manifest this update:     Sun 19 Apr 2026 02:01:37 +0000
Manifest next update:     Mon 20 Apr 2026 02:01:37 +0000
Files and hashes:         1: G8qoP8mkEL2z4P0thIcgE0dxvs8.crl (hash: 7pgmn5JWraVeMR0GkU6+zdQhGkUVsOX1RE8c4SkvDpY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/e56fbc-18cf-4765-8a4c-cd70138e6383/1/G8qoP8mkEL2z4P0thIcgE0dxvs8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/e56fbc-18cf-4765-8a4c-cd70138e6383/1/G8qoP8mkEL2z4P0thIcgE0dxvs8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G8qoP8mkEL2z4P0thIcgE0dxvs8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:78:d1:be:45:af:98:66:5e:48:b5:73:e7:b3:9f:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bcaa83fc9a410bdb3e0fd2d848720134771becf
        Validity
            Not Before: Apr 19 02:01:37 2026 GMT
            Not After : Apr 20 02:01:37 2026 GMT
        Subject: CN=2cb99dd96b5306c05957d01c5069846b8db94714
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:82:96:b5:0e:13:34:b7:de:ce:bf:e8:6d:21:
                    05:a9:c5:17:2d:b4:f3:3b:05:58:fa:51:ab:ca:1a:
                    cc:05:e0:6c:f3:b2:90:48:14:ce:54:0e:bb:c4:5f:
                    c9:a9:8f:c5:4c:61:9f:d0:a9:bc:5f:42:b6:b9:f8:
                    af:c8:0c:a6:c9:51:25:46:73:60:d4:dc:ac:45:1c:
                    78:0f:09:73:a1:f1:19:5f:b3:6d:78:70:c0:d2:47:
                    66:99:1a:45:67:ed:a5:72:53:6f:df:6c:d1:8f:df:
                    8c:2e:ec:a7:15:c8:67:71:bb:40:b8:41:d4:95:c0:
                    72:02:f0:24:b7:1e:a5:6d:56:3c:df:ec:31:41:06:
                    d2:ce:07:89:f7:11:46:9d:58:d3:61:cd:5a:1b:1e:
                    ff:67:58:26:a8:d6:90:35:0e:30:48:85:f3:92:28:
                    57:1b:a2:95:df:46:85:b7:ab:c1:4f:6e:e9:79:10:
                    95:5d:9a:ec:b2:b2:72:e5:63:f9:52:4a:e9:5e:66:
                    2d:5e:ac:96:0a:bf:3b:f3:f8:0e:06:13:9c:1a:59:
                    a7:52:8b:46:9d:21:8d:82:d6:07:3e:68:e4:e4:e8:
                    a7:24:c3:75:63:c7:04:db:b2:1a:d4:cf:2f:70:7b:
                    dc:b3:7f:2e:0f:b7:67:63:fa:d7:d7:c7:4e:ba:7e:
                    11:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:B9:9D:D9:6B:53:06:C0:59:57:D0:1C:50:69:84:6B:8D:B9:47:14
            X509v3 Authority Key Identifier:
                keyid:1B:CA:A8:3F:C9:A4:10:BD:B3:E0:FD:2D:84:87:20:13:47:71:BE:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G8qoP8mkEL2z4P0thIcgE0dxvs8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e56fbc-18cf-4765-8a4c-cd70138e6383/1/G8qoP8mkEL2z4P0thIcgE0dxvs8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e56fbc-18cf-4765-8a4c-cd70138e6383/1/G8qoP8mkEL2z4P0thIcgE0dxvs8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:61:7c:37:ff:5a:56:0e:74:16:5a:40:55:e7:97:9c:61:c8:
         33:94:c1:d0:47:6c:9a:f7:43:00:a7:81:ce:c9:bf:cc:e6:8f:
         eb:ac:de:a0:b2:83:5c:6d:62:ba:db:97:76:93:f0:0d:9e:ec:
         69:c1:15:53:85:fe:6c:d7:db:b8:a0:c4:fd:5a:8b:6f:97:f1:
         c0:74:be:e6:30:01:29:66:eb:d0:de:ac:e3:5b:c7:39:58:4a:
         4c:1a:09:07:ed:b0:61:a3:a1:db:6a:05:1f:70:2e:41:b0:50:
         85:d2:eb:53:0a:98:e1:3f:6b:f9:d2:6b:3e:63:4e:39:83:88:
         39:41:fa:59:2c:24:5b:21:2d:1d:68:cb:d8:f6:db:cf:5c:95:
         d5:47:51:3a:70:64:d7:71:2b:48:b7:ee:7c:b7:93:16:cc:5b:
         07:65:64:e2:d8:18:81:15:11:23:8b:fc:d3:ec:ef:7c:ec:c5:
         fe:9f:21:b8:1e:f8:af:c0:03:54:a3:5b:1b:38:b5:8c:40:89:
         1a:93:6c:56:2e:bc:76:1e:43:a2:77:f6:85:d7:0a:a3:f0:c1:
         7e:82:46:20:a5:88:69:07:f8:ee:7c:49:f5:b8:ac:bc:2e:ac:
         5d:96:fe:94:77:e3:9b:47:e3:f6:b4:ce:5d:dc:b7:5c:df:84:
         38:72:7d:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jeNG+Ra+YZl5ItXPns583MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiY2FhODNmYzlhNDEwYmRiM2UwZmQyZDg0ODcyMDEzNDc3
MWJlY2YwHhcNMjYwNDE5MDIwMTM3WhcNMjYwNDIwMDIwMTM3WjAzMTEwLwYDVQQD
EygyY2I5OWRkOTZiNTMwNmMwNTk1N2QwMWM1MDY5ODQ2YjhkYjk0NzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYKWtQ4TNLfezr/obSEFqcUXLbTz
OwVY+lGryhrMBeBs87KQSBTOVA67xF/JqY/FTGGf0Km8X0K2ufivyAymyVElRnNg
1NysRRx4DwlzofEZX7NteHDA0kdmmRpFZ+2lclNv32zRj9+MLuynFchncbtAuEHU
lcByAvAktx6lbVY83+wxQQbSzgeJ9xFGnVjTYc1aGx7/Z1gmqNaQNQ4wSIXzkihX
G6KV30aFt6vBT27peRCVXZrssrJy5WP5UkrpXmYtXqyWCr878/gOBhOcGlmnUotG
nSGNgtYHPmjk5OinJMN1Y8cE27Ia1M8vcHvcs38uD7dnY/rX18dOun4RawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCy5ndlrUwbAWVfQHFBphGuNuUcUMB8GA1UdIwQY
MBaAFBvKqD/JpBC9s+D9LYSHIBNHcb7PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzhxb1A4bWtFTDJ6NFAwdGhJY2dFMGR4dnM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lNTZmYmMtMThjZi00NzY1LThhNGMt
Y2Q3MDEzOGU2MzgzLzEvRzhxb1A4bWtFTDJ6NFAwdGhJY2dFMGR4dnM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9lNTZmYmMtMThjZi00NzY1LThhNGMtY2Q3MDEzOGU2Mzgz
LzEvRzhxb1A4bWtFTDJ6NFAwdGhJY2dFMGR4dnM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbWF8N/9a
Vg50FlpAVeeXnGHIM5TB0EdsmvdDAKeBzsm/zOaP66zeoLKDXG1iutuXdpPwDZ7s
acEVU4X+bNfbuKDE/VqLb5fxwHS+5jABKWbr0N6s41vHOVhKTBoJB+2wYaOh22oF
H3AuQbBQhdLrUwqY4T9r+dJrPmNOOYOIOUH6WSwkWyEtHWjL2Pbbz1yV1UdROnBk
13ErSLfufLeTFsxbB2Vk4tgYgRURI4v80+zvfOzF/p8huB74r8ADVKNbGzi1jECJ
GpNsVi68dh5Donf2hdcKo/DBfoJGIKWIaQf47nxJ9bisvC6sXZb+lHfjm0fj9rTO
Xdy3XN+EOHJ9Rg==
-----END CERTIFICATE-----