Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
File:                     icKIUyrvyGlxuY1bTR2YGW2ey4U.mft (raw, json)
Hash identifier:          7PRhp9En0AMin9DTZ1cL/aEYYEVuD+qP5duNIY6cTig=
Subject key identifier:   23:3B:04:85:23:55:9E:21:B1:8A:35:BD:93:01:4C:40:56:20:2A:72
Authority key identifier: 89:C2:88:53:2A:EF:C8:69:71:B9:8D:5B:4D:1D:98:19:6D:9E:CB:85
Certificate issuer:       /CN=89c288532aefc86971b98d5b4d1d98196d9ecb85
Certificate serial:       019D98F42B293C5C3639D385237E44CC194C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
Manifest number:          0A31
Signing time:             Fri 17 Apr 2026 01:00:31 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:31 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:31 +0000
Files and hashes:         1: icKIUyrvyGlxuY1bTR2YGW2ey4U.crl (hash: vXKp4P9l+w7rSNd5wbdVmqjiFxlamq2kNwN9tnd+Qv4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:2b:29:3c:5c:36:39:d3:85:23:7e:44:cc:19:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89c288532aefc86971b98d5b4d1d98196d9ecb85
        Validity
            Not Before: Apr 17 01:00:31 2026 GMT
            Not After : Apr 18 01:00:31 2026 GMT
        Subject: CN=233b048523559e21b18a35bd93014c4056202a72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:85:da:98:52:e2:6d:f5:c3:49:67:12:77:1d:
                    69:57:34:98:87:39:e3:71:05:c4:e1:95:fd:f5:c2:
                    1d:eb:99:8c:24:4f:1a:ce:fa:be:5b:6f:36:a7:b2:
                    2a:95:08:e0:45:5a:66:ba:94:99:2b:d0:d5:eb:e5:
                    b7:43:2b:c2:22:99:35:af:d3:72:95:18:06:a6:50:
                    78:d8:ee:bd:3d:10:f0:d6:13:5b:6a:03:70:98:c6:
                    eb:69:33:62:da:b1:6a:e2:d0:4a:45:ec:ea:72:b1:
                    ba:fc:4f:e7:59:68:eb:cb:0f:88:e9:cc:69:02:04:
                    51:6c:00:bf:26:43:0b:58:5a:e1:82:2e:a0:db:13:
                    c7:62:62:a3:d1:89:c3:09:be:1b:ab:2e:1a:97:65:
                    7e:63:20:94:f7:1f:50:e8:f6:49:01:12:b1:34:cb:
                    6e:f5:3e:95:5a:c9:72:5f:94:64:7e:ab:04:a5:23:
                    ee:9f:3d:56:4b:bb:47:e5:76:62:34:68:4c:f5:db:
                    d5:15:fc:28:88:eb:1b:7f:41:65:26:55:f7:8b:e4:
                    2b:00:c2:4c:bb:15:62:76:4c:d1:1b:7e:75:39:4f:
                    4f:bf:ce:ef:3d:a0:33:be:d0:ba:ff:b0:40:15:03:
                    21:c7:77:f1:2c:9d:58:81:dd:37:d1:23:96:2e:f3:
                    89:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:3B:04:85:23:55:9E:21:B1:8A:35:BD:93:01:4C:40:56:20:2A:72
            X509v3 Authority Key Identifier:
                keyid:89:C2:88:53:2A:EF:C8:69:71:B9:8D:5B:4D:1D:98:19:6D:9E:CB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:1f:c8:c7:67:bf:a3:4a:20:d5:7d:53:b6:27:18:aa:66:ea:
         cd:cd:ac:61:26:45:5b:dc:e1:13:93:ce:5a:ea:c3:bc:d4:e8:
         e2:da:14:1e:96:81:af:5f:65:e2:7c:92:0f:f8:bd:d2:74:4b:
         07:6d:d4:fc:c4:68:9f:aa:8d:cb:f9:7e:28:5c:aa:15:70:87:
         05:09:20:61:ee:62:d3:6e:80:40:69:ed:e2:c7:23:af:1c:98:
         3b:18:38:3d:81:95:99:19:ab:26:f9:16:23:31:87:4e:1d:91:
         63:04:6b:3e:7e:dd:aa:6b:15:00:ad:0e:ad:f5:5d:b0:b2:36:
         eb:7a:44:7e:fc:1b:fe:56:af:39:18:5b:8a:17:b1:52:30:e4:
         01:33:bd:96:f9:3c:8d:dd:56:02:9e:fe:c8:4b:d5:fb:7a:10:
         f5:2b:e0:6d:59:52:dc:04:9d:d4:b0:00:dc:80:01:57:64:54:
         cb:8f:ce:dd:8a:65:dd:be:5a:9d:3f:4b:99:27:56:a9:10:99:
         1f:f8:41:fd:b6:e7:f7:ab:e2:ea:3a:77:f8:c9:b8:04:0e:f9:
         1f:e7:6f:25:08:e8:bd:74:b3:f7:b8:cd:2a:d4:64:cc:b5:85:
         82:ee:09:dd:e3:b9:76:8c:42:8f:0f:09:bc:d4:0c:fc:b2:d4:
         a0:a3:89:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9CspPFw2OdOFI35EzBlMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YzI4ODUzMmFlZmM4Njk3MWI5OGQ1YjRkMWQ5ODE5NmQ5
ZWNiODUwHhcNMjYwNDE3MDEwMDMxWhcNMjYwNDE4MDEwMDMxWjAzMTEwLwYDVQQD
EygyMzNiMDQ4NTIzNTU5ZTIxYjE4YTM1YmQ5MzAxNGM0MDU2MjAyYTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYXamFLibfXDSWcSdx1pVzSYhznj
cQXE4ZX99cId65mMJE8azvq+W282p7IqlQjgRVpmupSZK9DV6+W3QyvCIpk1r9Ny
lRgGplB42O69PRDw1hNbagNwmMbraTNi2rFq4tBKRezqcrG6/E/nWWjryw+I6cxp
AgRRbAC/JkMLWFrhgi6g2xPHYmKj0YnDCb4bqy4al2V+YyCU9x9Q6PZJARKxNMtu
9T6VWslyX5RkfqsEpSPunz1WS7tH5XZiNGhM9dvVFfwoiOsbf0FlJlX3i+QrAMJM
uxVidkzRG351OU9Pv87vPaAzvtC6/7BAFQMhx3fxLJ1Ygd030SOWLvOJzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCM7BIUjVZ4hsYo1vZMBTEBWICpyMB8GA1UdIwQY
MBaAFInCiFMq78hpcbmNW00dmBltnsuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xOGRkOGItYTAxMC00MmNhLWJjOTkt
MGY4NjdkOWZmNThlLzEvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xOGRkOGItYTAxMC00MmNhLWJjOTktMGY4NjdkOWZmNThl
LzEvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASh/Ix2e/
o0og1X1TticYqmbqzc2sYSZFW9zhE5POWurDvNTo4toUHpaBr19l4nySD/i90nRL
B23U/MRon6qNy/l+KFyqFXCHBQkgYe5i026AQGnt4scjrxyYOxg4PYGVmRmrJvkW
IzGHTh2RYwRrPn7dqmsVAK0OrfVdsLI263pEfvwb/lavORhbihexUjDkATO9lvk8
jd1WAp7+yEvV+3oQ9SvgbVlS3ASd1LAA3IABV2RUy4/O3Ypl3b5anT9LmSdWqRCZ
H/hB/bbn96vi6jp3+Mm4BA75H+dvJQjovXSz97jNKtRkzLWFgu4J3eO5doxCjw8J
vNQM/LLUoKOJWQ==
-----END CERTIFICATE-----