Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
File:                     MCbiQi-nIkVOYIMX0hhitmqjfTM.mft (raw, json)
Hash identifier:          h9IZQsRE1S33x6PyvDhMZJGDUaOE+cpaWtc/ojFZN6Y=
Subject key identifier:   5A:10:76:B6:AE:C9:EA:D0:E4:D2:63:5E:EF:CA:1E:4A:DA:61:B5:6D
Authority key identifier: 30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33
Certificate issuer:       /CN=3026e2422fa722454e608317d21862b66aa37d33
Certificate serial:       019DA29C4A8CA9B3820CA79A8840FC99061A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
Manifest number:          1816
Signing time:             Sat 18 Apr 2026 22:00:44 +0000
Manifest this update:     Sat 18 Apr 2026 22:00:44 +0000
Manifest next update:     Sun 19 Apr 2026 22:00:44 +0000
Files and hashes:         1: MCbiQi-nIkVOYIMX0hhitmqjfTM.crl (hash: Fd/QlNo0q284IEGcPm5waoMWFjE3STi62hqclLfY+uE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 19 Apr 2026 22:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a2:9c:4a:8c:a9:b3:82:0c:a7:9a:88:40:fc:99:06:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3026e2422fa722454e608317d21862b66aa37d33
        Validity
            Not Before: Apr 18 22:00:44 2026 GMT
            Not After : Apr 19 22:00:44 2026 GMT
        Subject: CN=5a1076b6aec9ead0e4d2635eefca1e4ada61b56d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:65:80:5c:d5:39:24:ec:4f:ac:9d:ee:5d:49:
                    30:21:7e:36:07:85:78:ea:69:c4:c7:33:90:ef:ef:
                    ae:0c:89:fc:01:60:58:7d:68:87:44:9b:78:8b:c7:
                    a9:57:d9:a6:77:31:f2:bb:7c:0f:55:1d:df:29:5f:
                    35:47:90:6c:3f:cf:07:81:73:a2:7f:34:77:57:d5:
                    ac:2c:d3:00:81:14:81:cb:cd:af:9e:fe:ee:85:c5:
                    e2:8f:4f:67:07:27:87:a1:91:f9:eb:a2:11:75:fb:
                    64:95:e7:0e:45:36:42:62:fd:ab:b2:5b:2f:0b:dc:
                    47:17:08:e4:42:65:20:24:13:5a:29:35:6d:21:98:
                    d9:39:07:e0:fa:f1:78:aa:98:c6:8c:1e:57:40:67:
                    fb:60:68:e3:2c:1f:2c:ec:14:c2:85:fa:7c:b8:ab:
                    67:a9:30:c2:a4:a9:b6:20:4b:5d:5f:2d:61:23:3a:
                    b7:a5:39:11:d5:b0:19:08:b3:bb:32:e2:58:04:93:
                    2d:46:a7:eb:ad:95:b8:c5:30:7a:e3:e0:22:89:56:
                    56:8c:24:ac:b5:cc:da:50:b4:28:13:45:bd:0f:21:
                    48:fd:d9:0f:ad:d0:ee:67:ae:30:0f:ef:ad:a0:6e:
                    a5:16:3a:11:c6:1c:83:c3:79:a4:46:04:1b:b3:9c:
                    20:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:10:76:B6:AE:C9:EA:D0:E4:D2:63:5E:EF:CA:1E:4A:DA:61:B5:6D
            X509v3 Authority Key Identifier:
                keyid:30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:7d:d5:11:8e:dc:30:9a:1b:b5:4b:cd:93:72:4d:bd:20:52:
         c6:5a:06:1b:b4:ae:cd:40:c2:31:1c:4e:9d:5f:c7:ad:cb:db:
         85:10:b7:11:50:aa:3c:11:a4:85:02:61:b3:c8:21:38:50:09:
         5b:43:77:75:62:36:5a:d2:5e:dc:72:ef:80:28:72:3f:14:37:
         33:2d:68:df:2b:23:f3:71:01:45:6b:7f:ca:57:33:85:7b:97:
         02:af:7a:eb:1f:6f:f7:9f:8b:9b:04:36:7c:b2:d3:df:36:23:
         ab:7f:22:cb:4c:c5:3e:88:6b:7f:62:00:0e:e2:af:af:ef:0e:
         a6:95:6f:70:15:7b:7b:d4:3e:19:f4:79:5d:6b:e9:c5:72:da:
         8f:51:07:92:9c:12:71:5e:8e:ec:55:dd:f2:7f:0a:1f:cc:66:
         ac:77:72:a3:1f:49:c5:83:bc:14:52:c2:6b:f8:71:b1:5e:e5:
         1a:e4:8f:7d:f9:54:c1:2c:66:b7:23:8b:23:f8:5a:be:2f:01:
         ca:43:a0:ef:c2:15:27:1e:4f:b9:e1:69:8e:90:03:0e:96:2a:
         a7:b4:b4:ad:9d:73:b7:24:67:77:50:3e:34:c5:cd:6a:97:6b:
         42:98:b1:b5:f7:e9:0f:af:f7:ba:f6:8e:f8:5f:dc:17:dd:66:
         ff:a0:be:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2inEqMqbOCDKeaiED8mQYaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjZlMjQyMmZhNzIyNDU0ZTYwODMxN2QyMTg2MmI2NmFh
MzdkMzMwHhcNMjYwNDE4MjIwMDQ0WhcNMjYwNDE5MjIwMDQ0WjAzMTEwLwYDVQQD
Eyg1YTEwNzZiNmFlYzllYWQwZTRkMjYzNWVlZmNhMWU0YWRhNjFiNTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGWAXNU5JOxPrJ3uXUkwIX42B4V4
6mnExzOQ7++uDIn8AWBYfWiHRJt4i8epV9mmdzHyu3wPVR3fKV81R5BsP88HgXOi
fzR3V9WsLNMAgRSBy82vnv7uhcXij09nByeHoZH566IRdftklecORTZCYv2rslsv
C9xHFwjkQmUgJBNaKTVtIZjZOQfg+vF4qpjGjB5XQGf7YGjjLB8s7BTChfp8uKtn
qTDCpKm2IEtdXy1hIzq3pTkR1bAZCLO7MuJYBJMtRqfrrZW4xTB64+AiiVZWjCSs
tczaULQoE0W9DyFI/dkPrdDuZ64wD++toG6lFjoRxhyDw3mkRgQbs5wgwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFoQdrauyerQ5NJjXu/KHkraYbVtMB8GA1UdIwQY
MBaAFDAm4kIvpyJFTmCDF9IYYrZqo30zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2Ut
YTFlZTQ0MGZmZTNlLzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2UtYTFlZTQ0MGZmZTNl
LzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj33VEY7c
MJobtUvNk3JNvSBSxloGG7SuzUDCMRxOnV/HrcvbhRC3EVCqPBGkhQJhs8ghOFAJ
W0N3dWI2WtJe3HLvgChyPxQ3My1o3ysj83EBRWt/ylczhXuXAq966x9v95+LmwQ2
fLLT3zYjq38iy0zFPohrf2IADuKvr+8OppVvcBV7e9Q+GfR5XWvpxXLaj1EHkpwS
cV6O7FXd8n8KH8xmrHdyox9JxYO8FFLCa/hxsV7lGuSPfflUwSxmtyOLI/havi8B
ykOg78IVJx5PueFpjpADDpYqp7S0rZ1ztyRnd1A+NMXNapdrQpixtffpD6/3uvaO
+F/cF91m/6C+qw==
-----END CERTIFICATE-----