Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
File:                     tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft (raw, json)
Hash identifier:          u5rl9eC4K1ryYKZOEo9esnZbjlqJ4/3lgk7/qoJU3Ec=
Subject key identifier:   91:F9:65:5A:6A:DD:F2:4B:BB:CA:E5:50:37:C8:B4:E7:8D:29:AA:DD
Authority key identifier: B7:3D:88:D7:46:8A:F6:01:AF:14:C5:E1:ED:90:3C:4F:36:CA:F5:FA
Certificate issuer:       /CN=b73d88d7468af601af14c5e1ed903c4f36caf5fa
Certificate serial:       019D9AE33CEE77C7DD5174703871DE2D26CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 10:01:16 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:16 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:16 +0000
Files and hashes:         1: tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl (hash: NkQp9RibN7tgQ3tZ7BD/lMbMLp6zPhwYNzpBbxEU8lA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:3c:ee:77:c7:dd:51:74:70:38:71:de:2d:26:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b73d88d7468af601af14c5e1ed903c4f36caf5fa
        Validity
            Not Before: Apr 17 10:01:16 2026 GMT
            Not After : Apr 18 10:01:16 2026 GMT
        Subject: CN=91f9655a6addf24bbbcae55037c8b4e78d29aadd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:ec:0e:3b:ec:52:e9:cf:8e:f2:74:78:9b:02:
                    fb:e9:45:e5:c3:ab:b4:67:4a:a8:09:ca:67:21:f6:
                    cd:8f:fa:55:f8:fa:3d:84:e7:ef:04:0d:fe:c9:dd:
                    1b:b0:4f:10:8c:f1:bb:b3:12:aa:2f:2f:f5:f2:dd:
                    d7:8a:c0:f7:38:c5:26:e6:e0:e9:88:24:6c:52:72:
                    44:fe:21:ec:cb:b5:9e:a7:3a:3f:30:36:98:84:e6:
                    0f:ec:5c:bb:53:c5:10:6b:cc:ea:57:71:7b:bb:c6:
                    32:5d:3b:14:0f:e4:cc:74:96:41:f5:a1:a4:aa:d4:
                    4d:88:82:e5:3a:80:14:14:4e:cc:19:5e:b3:c0:44:
                    17:6e:83:0c:fc:bd:8b:e1:dc:e3:f6:03:fc:00:62:
                    6e:f1:46:b1:d1:19:93:24:42:84:1f:18:7e:93:10:
                    de:f8:de:b4:d8:02:1e:e8:33:8d:bf:22:8f:d4:12:
                    bc:89:10:eb:6c:70:75:9d:6a:bf:ef:51:d3:f8:6d:
                    37:e2:d6:53:a8:b6:40:ff:f1:e1:eb:1b:c3:b1:87:
                    96:6e:98:45:2d:91:20:ca:a1:e6:76:3e:ae:9c:99:
                    11:69:b2:92:c3:85:8e:57:f1:52:fd:46:a4:5c:65:
                    85:08:14:11:7d:b7:56:75:e8:6d:3b:fa:f0:d7:93:
                    28:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:F9:65:5A:6A:DD:F2:4B:BB:CA:E5:50:37:C8:B4:E7:8D:29:AA:DD
            X509v3 Authority Key Identifier:
                keyid:B7:3D:88:D7:46:8A:F6:01:AF:14:C5:E1:ED:90:3C:4F:36:CA:F5:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:4e:e8:f7:a1:c8:fe:20:83:0e:3c:a8:0c:01:76:81:81:d2:
         6f:c7:18:d9:90:74:8c:69:5a:64:7b:71:3c:07:06:92:f5:27:
         27:4c:b0:40:05:68:f0:55:96:40:7d:74:07:cd:a0:a0:23:f7:
         af:a1:db:35:5a:12:17:18:39:76:ab:be:d2:8c:21:2b:8a:65:
         18:ae:70:19:78:87:5a:f9:7c:5f:bd:f9:0f:35:b8:07:c6:c9:
         e3:22:93:a5:65:09:fb:e1:3a:d0:67:6b:0f:22:2d:9d:f0:1f:
         fd:c3:9e:e7:aa:d2:f0:5a:3d:64:70:6a:06:59:58:5f:6a:bf:
         c4:61:60:41:5f:72:ff:1b:2b:7b:04:c1:60:3b:12:87:ea:e1:
         e0:23:64:d2:b1:b7:b7:54:dc:54:83:da:61:f4:14:ef:82:8d:
         78:65:9b:a5:e9:18:09:44:54:97:93:0a:cd:da:20:b8:7f:f1:
         e8:be:eb:1b:7e:f1:b5:02:83:18:a4:22:6b:a7:ae:c3:f7:92:
         c9:f4:87:4a:cf:92:bd:ff:47:c0:16:08:63:38:a6:32:d1:12:
         98:f9:9a:49:2f:c0:5a:40:27:0a:44:39:53:e3:14:14:81:fb:
         a9:d4:1f:d0:b1:62:e3:3d:08:dc:50:73:e0:9a:08:59:2b:8b:
         3b:f2:98:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4zzud8fdUXRwOHHeLSbPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3M2Q4OGQ3NDY4YWY2MDFhZjE0YzVlMWVkOTAzYzRmMzZj
YWY1ZmEwHhcNMjYwNDE3MTAwMTE2WhcNMjYwNDE4MTAwMTE2WjAzMTEwLwYDVQQD
Eyg5MWY5NjU1YTZhZGRmMjRiYmJjYWU1NTAzN2M4YjRlNzhkMjlhYWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1OwOO+xS6c+O8nR4mwL76UXlw6u0
Z0qoCcpnIfbNj/pV+Po9hOfvBA3+yd0bsE8QjPG7sxKqLy/18t3XisD3OMUm5uDp
iCRsUnJE/iHsy7Wepzo/MDaYhOYP7Fy7U8UQa8zqV3F7u8YyXTsUD+TMdJZB9aGk
qtRNiILlOoAUFE7MGV6zwEQXboMM/L2L4dzj9gP8AGJu8Uax0RmTJEKEHxh+kxDe
+N602AIe6DONvyKP1BK8iRDrbHB1nWq/71HT+G034tZTqLZA//Hh6xvDsYeWbphF
LZEgyqHmdj6unJkRabKSw4WOV/FS/UakXGWFCBQRfbdWdehtO/rw15MooQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJH5ZVpq3fJLu8rlUDfItOeNKardMB8GA1UdIwQY
MBaAFLc9iNdGivYBrxTF4e2QPE82yvX6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xOWM5M2ItYzlhMS00OTRiLTliYzAt
MGYyYjU0MGVjYTA4LzEvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xOWM5M2ItYzlhMS00OTRiLTliYzAtMGYyYjU0MGVjYTA4
LzEvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcU7o96HI
/iCDDjyoDAF2gYHSb8cY2ZB0jGlaZHtxPAcGkvUnJ0ywQAVo8FWWQH10B82goCP3
r6HbNVoSFxg5dqu+0owhK4plGK5wGXiHWvl8X735DzW4B8bJ4yKTpWUJ++E60Gdr
DyItnfAf/cOe56rS8Fo9ZHBqBllYX2q/xGFgQV9y/xsrewTBYDsSh+rh4CNk0rG3
t1TcVIPaYfQU74KNeGWbpekYCURUl5MKzdoguH/x6L7rG37xtQKDGKQia6euw/eS
yfSHSs+Svf9HwBYIYzimMtESmPmaSS/AWkAnCkQ5U+MUFIH7qdQf0LFi4z0I3FBz
4JoIWSuLO/KYKQ==
-----END CERTIFICATE-----