Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft
File:                     kyIxLx0huzs4bKOqlzrGzSVLcDk.mft (raw, json)
Hash identifier:          uaCsPxQEmJC2+XFbi0Z+CqBoYHnz7zphXQi5QZ5ga/k=
Subject key identifier:   EF:AA:B6:AA:4D:29:0C:9B:CC:17:1E:0C:DD:4A:79:DD:74:C4:8F:64
Authority key identifier: 93:22:31:2F:1D:21:BB:3B:38:6C:A3:AA:97:3A:C6:CD:25:4B:70:39
Certificate issuer:       /CN=9322312f1d21bb3b386ca3aa973ac6cd254b7039
Certificate serial:       019D9B876D3C0EE62170CD8407832A7B46C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kyIxLx0huzs4bKOqlzrGzSVLcDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 13:00:36 +0000
Manifest this update:     Fri 17 Apr 2026 13:00:36 +0000
Manifest next update:     Sat 18 Apr 2026 13:00:36 +0000
Files and hashes:         1: kyIxLx0huzs4bKOqlzrGzSVLcDk.crl (hash: x5Oh2eWaxCqTFURZXosER8+7mg9oVbZm/7aYP75PdM8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kyIxLx0huzs4bKOqlzrGzSVLcDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:87:6d:3c:0e:e6:21:70:cd:84:07:83:2a:7b:46:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9322312f1d21bb3b386ca3aa973ac6cd254b7039
        Validity
            Not Before: Apr 17 13:00:36 2026 GMT
            Not After : Apr 18 13:00:36 2026 GMT
        Subject: CN=efaab6aa4d290c9bcc171e0cdd4a79dd74c48f64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:fd:83:1d:6a:b0:18:5d:5b:6c:11:06:8d:5f:
                    b0:54:a7:e5:dd:62:7a:fe:dc:4d:3f:e2:ae:1b:a2:
                    e2:5c:4b:7d:40:3a:c0:bf:8e:04:3b:48:c2:d5:af:
                    cd:6f:63:28:fa:8a:4e:c5:48:44:24:96:13:eb:4c:
                    a2:a2:85:84:49:01:d8:02:84:63:04:bf:cb:36:75:
                    cc:59:ba:26:e2:de:e6:77:64:16:5e:52:56:3d:15:
                    78:74:06:ae:7f:ec:a3:b1:a4:85:b1:33:06:cd:47:
                    1b:71:bf:ef:7a:b5:bd:8e:3e:41:30:78:2c:46:63:
                    af:ed:4d:5c:dc:9a:c9:c8:bd:d6:3b:36:96:2a:8e:
                    30:48:1e:cf:a0:bb:83:ad:13:65:9a:25:08:01:37:
                    3a:cc:b2:4d:44:3b:ba:b9:17:27:f7:bb:c0:d2:45:
                    16:80:04:10:a6:1e:c8:28:49:15:f0:f9:3d:7a:15:
                    56:36:55:4b:e0:3b:0b:ee:df:99:7c:43:56:59:b3:
                    fd:8e:6f:c3:4a:a9:55:b5:3a:c0:26:a7:4a:21:75:
                    6b:5b:1e:c8:75:ea:75:df:10:18:33:92:16:23:44:
                    6b:57:fc:6c:c9:e3:65:aa:1c:85:2a:25:1a:fd:31:
                    2a:40:a5:7d:d6:23:cb:53:70:88:eb:64:0a:f4:53:
                    57:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:AA:B6:AA:4D:29:0C:9B:CC:17:1E:0C:DD:4A:79:DD:74:C4:8F:64
            X509v3 Authority Key Identifier:
                keyid:93:22:31:2F:1D:21:BB:3B:38:6C:A3:AA:97:3A:C6:CD:25:4B:70:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kyIxLx0huzs4bKOqlzrGzSVLcDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:9b:ea:a5:55:9a:31:58:7f:23:b1:63:22:e1:4a:3f:9a:2f:
         c5:e3:0e:6a:e9:4a:94:26:e6:72:c5:a5:fa:38:2c:48:64:14:
         bb:da:f2:51:9d:96:f3:47:65:6d:36:aa:ec:27:ba:56:69:57:
         2f:bd:7c:ee:d2:55:28:ce:25:ab:fe:9e:01:2c:e4:2d:a7:4a:
         2c:ab:d2:a0:e9:8d:cf:57:26:60:3c:04:31:18:ea:a1:1c:54:
         2a:44:ae:b7:56:de:5a:88:23:b1:49:df:a9:8d:ea:fd:be:b5:
         64:74:d3:97:aa:2f:4d:5b:41:c6:b8:f5:4c:e9:af:c9:1c:7d:
         46:f6:79:ec:b7:55:90:d2:a7:b7:51:fb:0b:5f:68:e5:4f:60:
         f9:00:9b:db:1e:24:51:e6:47:a6:b9:7c:d5:6b:f5:d1:33:31:
         36:a8:cd:45:e1:00:6b:c6:a7:0f:bd:33:8e:a4:b9:be:dc:13:
         34:64:7c:3f:cd:71:ab:d7:45:8f:41:81:71:b7:bb:b4:02:42:
         7f:24:e8:0a:86:87:b1:47:87:7c:98:11:71:56:31:18:bb:39:
         04:f6:3e:0b:34:ce:59:c6:c5:30:92:5d:db:3c:27:2e:c8:15:
         48:d3:50:08:0e:a0:f3:95:14:78:3f:cf:d7:b4:b6:52:fd:d8:
         0f:52:8f:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bh208DuYhcM2EB4Mqe0bIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMjIzMTJmMWQyMWJiM2IzODZjYTNhYTk3M2FjNmNkMjU0
YjcwMzkwHhcNMjYwNDE3MTMwMDM2WhcNMjYwNDE4MTMwMDM2WjAzMTEwLwYDVQQD
EyhlZmFhYjZhYTRkMjkwYzliY2MxNzFlMGNkZDRhNzlkZDc0YzQ4ZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuv2DHWqwGF1bbBEGjV+wVKfl3WJ6
/txNP+KuG6LiXEt9QDrAv44EO0jC1a/Nb2Mo+opOxUhEJJYT60yiooWESQHYAoRj
BL/LNnXMWbom4t7md2QWXlJWPRV4dAauf+yjsaSFsTMGzUcbcb/verW9jj5BMHgs
RmOv7U1c3JrJyL3WOzaWKo4wSB7PoLuDrRNlmiUIATc6zLJNRDu6uRcn97vA0kUW
gAQQph7IKEkV8Pk9ehVWNlVL4DsL7t+ZfENWWbP9jm/DSqlVtTrAJqdKIXVrWx7I
dep13xAYM5IWI0RrV/xsyeNlqhyFKiUa/TEqQKV91iPLU3CI62QK9FNX3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO+qtqpNKQybzBceDN1Ked10xI9kMB8GA1UdIwQY
MBaAFJMiMS8dIbs7OGyjqpc6xs0lS3A5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3lJeEx4MGh1enM0YktPcWx6ckd6U1ZMY0RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82OTVkNzEtYmJhMS00MjVkLWI5ZjMt
YzI2Nzc4MDliNGE3LzEva3lJeEx4MGh1enM0YktPcWx6ckd6U1ZMY0RrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82OTVkNzEtYmJhMS00MjVkLWI5ZjMtYzI2Nzc4MDliNGE3
LzEva3lJeEx4MGh1enM0YktPcWx6ckd6U1ZMY0RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKJvqpVWa
MVh/I7FjIuFKP5ovxeMOaulKlCbmcsWl+jgsSGQUu9ryUZ2W80dlbTaq7Ce6VmlX
L7187tJVKM4lq/6eASzkLadKLKvSoOmNz1cmYDwEMRjqoRxUKkSut1beWogjsUnf
qY3q/b61ZHTTl6ovTVtBxrj1TOmvyRx9RvZ57LdVkNKnt1H7C19o5U9g+QCb2x4k
UeZHprl81Wv10TMxNqjNReEAa8anD70zjqS5vtwTNGR8P81xq9dFj0GBcbe7tAJC
fyToCoaHsUeHfJgRcVYxGLs5BPY+CzTOWcbFMJJd2zwnLsgVSNNQCA6g85UUeD/P
17S2Uv3YD1KPMw==
-----END CERTIFICATE-----