Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft
File:                     ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft (raw, json)
Hash identifier:          mHChuvrRkonzdzKB+MIQ8CX8lFIelA5B5guoKzlT8cc=
Subject key identifier:   57:64:04:A8:2B:02:41:61:34:65:48:CE:DA:C6:36:DF:CE:33:4B:57
Authority key identifier: 8A:41:E2:F2:D1:45:2E:7C:4C:C0:7D:BF:A7:83:9D:58:DF:57:F2:18
Certificate issuer:       /CN=8a41e2f2d1452e7c4cc07dbfa7839d58df57f218
Certificate serial:       019D98F4EEF395D8867A1A9CD1C0DD7D5B17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ikHi8tFFLnxMwH2_p4OdWN9X8hg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft
Manifest number:          18BD
Signing time:             Fri 17 Apr 2026 01:01:21 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:21 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:21 +0000
Files and hashes:         1: ikHi8tFFLnxMwH2_p4OdWN9X8hg.crl (hash: sui1XhMkIv6Vgxmeh70oowgGZ28lVWXqsEEpoO8guF0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ikHi8tFFLnxMwH2_p4OdWN9X8hg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:ee:f3:95:d8:86:7a:1a:9c:d1:c0:dd:7d:5b:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a41e2f2d1452e7c4cc07dbfa7839d58df57f218
        Validity
            Not Before: Apr 17 01:01:21 2026 GMT
            Not After : Apr 18 01:01:21 2026 GMT
        Subject: CN=576404a82b024161346548cedac636dfce334b57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:9f:eb:5f:89:93:38:e1:96:e2:0a:6f:62:59:
                    d3:93:00:c5:20:a9:41:64:9c:42:36:a3:d6:50:b6:
                    d3:06:f4:5c:7f:79:4d:49:aa:00:71:e7:74:fa:b9:
                    3b:80:e0:b7:0e:9c:72:e3:0b:ec:dc:29:15:9d:6b:
                    7a:60:a4:43:73:43:a1:04:b2:c4:6f:02:68:31:5a:
                    86:91:e5:23:a2:69:da:fe:38:99:10:59:62:27:80:
                    6d:ba:87:9c:95:ab:88:62:c1:d3:55:e4:ee:1e:3c:
                    32:f8:09:1b:bb:4b:79:20:83:48:bd:c7:03:cd:e5:
                    7d:d0:c6:20:15:53:90:69:f4:15:50:fd:72:a8:32:
                    2d:65:85:85:5a:eb:b6:2e:6f:f1:9b:e3:a2:2a:35:
                    47:dc:b9:59:92:a0:54:e6:c6:fc:d1:f1:b2:ce:c1:
                    95:7a:27:f6:de:e8:10:bb:3b:d4:25:ea:5f:c9:f0:
                    93:0e:24:85:99:78:10:94:66:ef:19:ab:dc:09:a3:
                    6a:12:c3:5c:2d:92:d1:ec:0a:c4:b2:3e:ef:5c:15:
                    11:bb:55:d6:16:4b:d8:49:e4:36:a1:1b:5a:97:de:
                    7c:b4:4a:af:55:d4:d5:b2:38:8d:c0:16:80:35:9d:
                    e0:72:c5:f9:ea:ee:07:57:33:eb:85:c3:e7:23:d9:
                    e3:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:64:04:A8:2B:02:41:61:34:65:48:CE:DA:C6:36:DF:CE:33:4B:57
            X509v3 Authority Key Identifier:
                keyid:8A:41:E2:F2:D1:45:2E:7C:4C:C0:7D:BF:A7:83:9D:58:DF:57:F2:18

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ikHi8tFFLnxMwH2_p4OdWN9X8hg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:82:3c:01:18:af:14:00:bd:97:f9:86:49:f1:0b:b2:2f:99:
         8d:e6:60:5a:b3:30:f9:47:ea:f4:23:35:90:f7:b9:79:e7:46:
         c0:85:80:94:44:65:0b:19:7c:d6:ab:d3:dd:89:95:50:86:2c:
         cc:81:6b:0e:5d:58:ec:0c:32:a5:5b:e4:b5:9f:27:3d:31:53:
         c6:c6:c4:cf:e5:f1:da:80:e8:a9:84:55:35:40:55:45:36:bf:
         7a:08:ef:d2:0d:f2:7b:f7:5e:88:22:95:ee:70:8e:a6:32:c9:
         be:b5:72:ae:26:12:57:64:e3:72:d3:83:7b:33:be:ae:5e:85:
         29:e0:1e:5d:9c:87:61:73:45:5e:78:bc:56:5e:e3:77:21:45:
         45:3e:93:aa:ae:4e:89:b8:fd:93:b8:06:57:22:3a:a2:7f:d3:
         82:f5:24:68:22:ea:c1:95:fe:47:91:8d:2b:a3:ae:80:b6:0a:
         80:39:91:66:e3:21:48:65:8a:6c:42:45:23:88:2c:a1:49:a2:
         60:a1:28:01:20:a0:8f:e2:e0:fd:d9:0e:64:9e:ad:bf:e9:a7:
         0d:3b:0b:2c:c2:0a:76:af:dd:7c:d0:e7:ae:6b:39:d5:9a:b6:
         9f:2f:cc:0c:2c:2b:5d:6e:ba:e2:70:3c:8d:f3:db:58:fa:de:
         d4:51:1f:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9O7zldiGehqc0cDdfVsXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNDFlMmYyZDE0NTJlN2M0Y2MwN2RiZmE3ODM5ZDU4ZGY1
N2YyMTgwHhcNMjYwNDE3MDEwMTIxWhcNMjYwNDE4MDEwMTIxWjAzMTEwLwYDVQQD
Eyg1NzY0MDRhODJiMDI0MTYxMzQ2NTQ4Y2VkYWM2MzZkZmNlMzM0YjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAop/rX4mTOOGW4gpvYlnTkwDFIKlB
ZJxCNqPWULbTBvRcf3lNSaoAced0+rk7gOC3Dpxy4wvs3CkVnWt6YKRDc0OhBLLE
bwJoMVqGkeUjomna/jiZEFliJ4BtuoeclauIYsHTVeTuHjwy+Akbu0t5IINIvccD
zeV90MYgFVOQafQVUP1yqDItZYWFWuu2Lm/xm+OiKjVH3LlZkqBU5sb80fGyzsGV
eif23ugQuzvUJepfyfCTDiSFmXgQlGbvGavcCaNqEsNcLZLR7ArEsj7vXBURu1XW
FkvYSeQ2oRtal958tEqvVdTVsjiNwBaANZ3gcsX56u4HVzPrhcPnI9njKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFdkBKgrAkFhNGVIztrGNt/OM0tXMB8GA1UdIwQY
MBaAFIpB4vLRRS58TMB9v6eDnVjfV/IYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWtIaTh0RkZMbnhNd0gyX3A0T2RXTjlYOGhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iZjY5YzQtZDY0YS00MzQwLTliZjEt
MzY0ODU0Y2JjMGU4LzEvaWtIaTh0RkZMbnhNd0gyX3A0T2RXTjlYOGhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iZjY5YzQtZDY0YS00MzQwLTliZjEtMzY0ODU0Y2JjMGU4
LzEvaWtIaTh0RkZMbnhNd0gyX3A0T2RXTjlYOGhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm4I8ARiv
FAC9l/mGSfELsi+ZjeZgWrMw+Ufq9CM1kPe5eedGwIWAlERlCxl81qvT3YmVUIYs
zIFrDl1Y7AwypVvktZ8nPTFTxsbEz+Xx2oDoqYRVNUBVRTa/egjv0g3ye/deiCKV
7nCOpjLJvrVyriYSV2TjctODezO+rl6FKeAeXZyHYXNFXni8Vl7jdyFFRT6Tqq5O
ibj9k7gGVyI6on/TgvUkaCLqwZX+R5GNK6OugLYKgDmRZuMhSGWKbEJFI4gsoUmi
YKEoASCgj+Lg/dkOZJ6tv+mnDTsLLMIKdq/dfNDnrms51Zq2ny/MDCwrXW664nA8
jfPbWPre1FEfjg==
-----END CERTIFICATE-----