Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
File:                     Gvq72Ih6kieJRewu74JDoSlq33g.mft (raw, json)
Hash identifier:          347RqZRjAtE1YQKNenn99r1u2EphHny9cMT38a01G1A=
Subject key identifier:   BA:32:F7:4F:73:3C:C9:B8:A3:A3:3D:E1:26:EB:99:CF:4E:02:0A:D7
Authority key identifier: 1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78
Certificate issuer:       /CN=1afabbd8887a92278945ec2eef8243a1296adf78
Certificate serial:       019D9AE351DEA5D70D0236A4E7807D50314F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
Manifest number:          18BF
Signing time:             Fri 17 Apr 2026 10:01:21 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:21 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:21 +0000
Files and hashes:         1: Gvq72Ih6kieJRewu74JDoSlq33g.crl (hash: c2adhlpamVa3mXztnWggoPrMXu5s/L9BjFE83yayJ+Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:51:de:a5:d7:0d:02:36:a4:e7:80:7d:50:31:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1afabbd8887a92278945ec2eef8243a1296adf78
        Validity
            Not Before: Apr 17 10:01:21 2026 GMT
            Not After : Apr 18 10:01:21 2026 GMT
        Subject: CN=ba32f74f733cc9b8a3a33de126eb99cf4e020ad7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:30:57:da:52:cd:93:84:ab:d1:d0:77:68:fc:
                    72:e7:34:e3:0c:91:48:42:ea:6d:c3:82:26:5d:5e:
                    60:2c:27:0d:6e:0c:e4:76:c9:ad:37:fb:d0:67:a8:
                    d8:2e:8f:66:be:ed:de:45:f7:9b:a7:84:5f:ea:c9:
                    9a:61:8a:78:04:c5:ac:5d:6a:b9:91:58:c3:f3:f4:
                    98:24:4c:ca:a0:fd:20:31:71:a4:0e:06:24:35:d6:
                    67:e2:5e:af:9b:c6:27:04:47:5d:50:e0:dc:a0:fe:
                    bb:8f:4b:c5:53:d2:12:3c:1a:4f:32:93:03:30:a2:
                    e4:81:94:64:b9:60:b0:7f:7d:21:e8:3f:85:ee:2b:
                    a7:4c:76:80:7d:be:f2:58:2c:db:99:56:83:7e:d6:
                    76:7e:d8:db:d2:07:9f:47:ac:db:b9:eb:b9:35:2b:
                    72:aa:e4:ea:fd:bd:c6:7d:e2:b1:5c:9c:9e:65:1b:
                    c6:21:4d:e7:77:79:a9:10:b8:a4:9e:17:3c:bc:7b:
                    5e:ff:ee:d8:ba:f5:67:4c:af:32:e7:d0:0c:37:20:
                    32:5c:ae:ad:74:53:a1:de:12:56:4f:eb:a8:7e:7d:
                    80:90:f8:91:65:2e:1a:51:f2:24:3b:27:e0:c1:78:
                    b2:78:d9:32:15:f3:51:85:08:7a:08:34:65:82:b8:
                    21:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:32:F7:4F:73:3C:C9:B8:A3:A3:3D:E1:26:EB:99:CF:4E:02:0A:D7
            X509v3 Authority Key Identifier:
                keyid:1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:fe:72:4c:79:eb:59:6d:64:5e:af:02:76:f3:59:4f:2c:f0:
         d5:27:54:5c:66:92:23:72:55:32:4f:5c:29:67:bb:3e:1d:0a:
         03:02:f7:e7:bf:32:e1:65:72:bc:f4:30:57:cf:80:89:ca:03:
         76:75:cc:96:5f:0a:57:d0:a8:3d:6d:ab:ef:f0:5d:63:0f:40:
         49:0e:1a:84:3e:70:f4:79:0e:9e:d2:7c:08:69:e2:d3:e7:28:
         9b:66:a6:48:39:58:19:0c:82:6d:3c:46:86:17:0d:d2:b4:cb:
         0e:18:dc:cf:1a:a6:3e:f5:a5:ef:c4:4a:19:32:30:d3:2f:75:
         1b:ee:75:f0:ca:3b:48:71:d5:81:c7:ea:60:62:03:d2:5b:f8:
         8c:1a:aa:2b:6e:d6:ee:82:d1:2d:3d:c3:bc:06:89:06:08:21:
         3e:32:55:f5:56:22:a5:be:87:9e:55:b3:27:05:f7:87:e9:87:
         d2:32:28:57:64:cf:ff:f3:a5:78:9d:94:be:a9:1a:5c:16:b8:
         ba:a0:29:28:6b:89:fd:24:03:36:03:2d:a3:db:58:9e:a6:9a:
         4a:3c:c1:bf:05:12:d2:1e:80:4d:50:53:22:ea:7e:c1:fe:04:
         a4:b4:98:c7:c9:87:b6:15:6a:4a:59:fe:3e:c1:a9:45:aa:94:
         dc:b3:ec:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a41HepdcNAjak54B9UDFPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZmFiYmQ4ODg3YTkyMjc4OTQ1ZWMyZWVmODI0M2ExMjk2
YWRmNzgwHhcNMjYwNDE3MTAwMTIxWhcNMjYwNDE4MTAwMTIxWjAzMTEwLwYDVQQD
EyhiYTMyZjc0ZjczM2NjOWI4YTNhMzNkZTEyNmViOTljZjRlMDIwYWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDBX2lLNk4Sr0dB3aPxy5zTjDJFI
Quptw4ImXV5gLCcNbgzkdsmtN/vQZ6jYLo9mvu3eRfebp4Rf6smaYYp4BMWsXWq5
kVjD8/SYJEzKoP0gMXGkDgYkNdZn4l6vm8YnBEddUODcoP67j0vFU9ISPBpPMpMD
MKLkgZRkuWCwf30h6D+F7iunTHaAfb7yWCzbmVaDftZ2ftjb0gefR6zbueu5NSty
quTq/b3GfeKxXJyeZRvGIU3nd3mpELiknhc8vHte/+7YuvVnTK8y59AMNyAyXK6t
dFOh3hJWT+uofn2AkPiRZS4aUfIkOyfgwXiyeNkyFfNRhQh6CDRlgrghqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLoy909zPMm4o6M94Sbrmc9OAgrXMB8GA1UdIwQY
MBaAFBr6u9iIepIniUXsLu+CQ6Epat94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUt
NTE2MDY1YjZjZmE1LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUtNTE2MDY1YjZjZmE1
LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASP5yTHnr
WW1kXq8CdvNZTyzw1SdUXGaSI3JVMk9cKWe7Ph0KAwL3578y4WVyvPQwV8+AicoD
dnXMll8KV9CoPW2r7/BdYw9ASQ4ahD5w9HkOntJ8CGni0+com2amSDlYGQyCbTxG
hhcN0rTLDhjczxqmPvWl78RKGTIw0y91G+518Mo7SHHVgcfqYGID0lv4jBqqK27W
7oLRLT3DvAaJBgghPjJV9VYipb6HnlWzJwX3h+mH0jIoV2TP//OleJ2UvqkaXBa4
uqApKGuJ/SQDNgMto9tYnqaaSjzBvwUS0h6ATVBTIup+wf4EpLSYx8mHthVqSln+
PsGpRaqU3LPs8Q==
-----END CERTIFICATE-----