Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
File:                     shUnDjtZdrRPOt7OVwR9HgeHunU.mft (raw, json)
Hash identifier:          q7/Ei2YGZDEMlasbf5Vs5GdSWPSattEDXlz/L797CjU=
Subject key identifier:   1C:53:41:E5:06:06:B4:6E:29:28:B0:4C:C7:92:8B:CC:50:46:ED:69
Authority key identifier: B2:15:27:0E:3B:59:76:B4:4F:3A:DE:CE:57:04:7D:1E:07:87:BA:75
Certificate issuer:       /CN=b215270e3b5976b44f3adece57047d1e0787ba75
Certificate serial:       019D9850375D6CEE81286EF95E288326289E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
Manifest number:          18C0
Signing time:             Thu 16 Apr 2026 22:01:26 +0000
Manifest this update:     Thu 16 Apr 2026 22:01:26 +0000
Manifest next update:     Fri 17 Apr 2026 22:01:26 +0000
Files and hashes:         1: shUnDjtZdrRPOt7OVwR9HgeHunU.crl (hash: FAEkoaXe1fYH6N5mw3pb9HkXAAhMDtwbcQzlS0Nlu30=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:50:37:5d:6c:ee:81:28:6e:f9:5e:28:83:26:28:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b215270e3b5976b44f3adece57047d1e0787ba75
        Validity
            Not Before: Apr 16 22:01:26 2026 GMT
            Not After : Apr 17 22:01:26 2026 GMT
        Subject: CN=1c5341e50606b46e2928b04cc7928bcc5046ed69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:6c:41:c8:32:1a:48:a4:d8:72:3c:2d:39:85:
                    80:51:5d:64:8a:45:19:b6:82:09:58:62:37:79:e9:
                    8b:6e:80:b5:4f:2f:cb:cb:f5:9b:40:9c:17:54:87:
                    81:7d:2e:e0:55:27:ee:e1:98:47:7b:7a:7b:a2:32:
                    17:a7:40:58:d1:8f:8e:10:8d:3f:13:68:07:38:0e:
                    8e:71:11:66:7c:2f:04:57:d8:8d:ee:7a:7c:1f:4f:
                    38:e3:59:85:92:dc:0a:e7:d3:40:3d:08:09:aa:1d:
                    8f:c1:8d:23:42:62:f5:bf:e6:95:90:eb:2d:0b:fe:
                    9a:ad:0e:35:b2:a3:09:b9:27:79:e4:12:02:87:17:
                    ce:1a:8c:e6:d2:ad:a6:10:fb:d6:81:d1:cb:ce:db:
                    bb:e8:9e:03:03:58:f0:b3:b6:3b:08:7c:b3:ce:46:
                    35:95:4d:77:0b:c1:74:ed:a7:c5:7b:fd:26:40:e1:
                    48:c8:c8:99:32:93:27:93:6a:2d:05:74:f2:d7:31:
                    7d:66:f7:4f:ac:2c:81:a8:94:90:20:9f:19:48:af:
                    e8:59:6a:dc:d5:98:29:c9:0e:ca:0b:03:bd:27:d6:
                    41:38:41:b8:a4:d7:df:07:bc:b2:f2:f0:f7:5e:54:
                    8c:95:90:83:4f:c0:06:9f:f0:b8:e1:d7:eb:6d:67:
                    eb:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:53:41:E5:06:06:B4:6E:29:28:B0:4C:C7:92:8B:CC:50:46:ED:69
            X509v3 Authority Key Identifier:
                keyid:B2:15:27:0E:3B:59:76:B4:4F:3A:DE:CE:57:04:7D:1E:07:87:BA:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:dc:04:f3:4b:60:a0:75:4a:84:ed:76:17:a9:4c:ca:57:3f:
         79:b5:34:38:e2:54:28:1c:4b:38:ab:fc:9d:57:af:ba:04:ad:
         9a:0d:90:0e:fe:9f:dd:79:8c:96:58:00:3e:d9:3a:5f:e8:e1:
         c6:ae:81:c9:ea:b3:f8:8b:88:fc:a8:b4:9d:66:5c:be:d3:f0:
         21:a5:10:83:18:58:21:dc:88:3a:ea:a8:b0:7d:63:ca:77:56:
         69:c8:15:bc:1b:fc:7c:9e:ba:35:6d:4a:44:20:1e:d3:ca:91:
         98:83:e1:f1:c9:04:35:2a:5c:78:e7:75:0a:1c:dc:93:34:4e:
         c2:c0:ac:8e:73:be:94:65:c2:22:89:6e:39:7c:76:bd:cf:d9:
         19:5e:2f:8c:8e:08:da:42:4c:b9:99:a5:29:88:dc:80:a3:ae:
         b9:76:06:f9:d0:84:6c:01:09:cf:88:05:08:42:81:16:9d:ed:
         c3:0c:3d:44:38:fb:dd:90:63:45:ad:25:41:1c:f8:4a:82:2e:
         96:6b:ba:de:d9:8a:4b:b0:cc:cb:06:30:42:13:63:56:ef:b9:
         c4:4d:b7:43:3f:6b:29:94:a5:6f:3d:67:47:c1:76:a7:46:47:
         7d:12:c7:dd:9a:6e:07:9d:4c:75:33:d5:bf:f5:53:1b:c1:2f:
         9d:38:76:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YUDddbO6BKG75XiiDJiieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMTUyNzBlM2I1OTc2YjQ0ZjNhZGVjZTU3MDQ3ZDFlMDc4
N2JhNzUwHhcNMjYwNDE2MjIwMTI2WhcNMjYwNDE3MjIwMTI2WjAzMTEwLwYDVQQD
EygxYzUzNDFlNTA2MDZiNDZlMjkyOGIwNGNjNzkyOGJjYzUwNDZlZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumxByDIaSKTYcjwtOYWAUV1kikUZ
toIJWGI3eemLboC1Ty/Ly/WbQJwXVIeBfS7gVSfu4ZhHe3p7ojIXp0BY0Y+OEI0/
E2gHOA6OcRFmfC8EV9iN7np8H08441mFktwK59NAPQgJqh2PwY0jQmL1v+aVkOst
C/6arQ41sqMJuSd55BIChxfOGozm0q2mEPvWgdHLztu76J4DA1jws7Y7CHyzzkY1
lU13C8F07afFe/0mQOFIyMiZMpMnk2otBXTy1zF9ZvdPrCyBqJSQIJ8ZSK/oWWrc
1ZgpyQ7KCwO9J9ZBOEG4pNffB7yy8vD3XlSMlZCDT8AGn/C44dfrbWfrbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBxTQeUGBrRuKSiwTMeSi8xQRu1pMB8GA1UdIwQY
MBaAFLIVJw47WXa0TzrezlcEfR4Hh7p1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9iZDU5YWUtNWI3ZC00YzI2LThlMTQt
MjRiOWU4MjExODg1LzEvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9iZDU5YWUtNWI3ZC00YzI2LThlMTQtMjRiOWU4MjExODg1
LzEvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeNwE80tg
oHVKhO12F6lMylc/ebU0OOJUKBxLOKv8nVevugStmg2QDv6f3XmMllgAPtk6X+jh
xq6Byeqz+IuI/Ki0nWZcvtPwIaUQgxhYIdyIOuqosH1jyndWacgVvBv8fJ66NW1K
RCAe08qRmIPh8ckENSpceOd1ChzckzROwsCsjnO+lGXCIoluOXx2vc/ZGV4vjI4I
2kJMuZmlKYjcgKOuuXYG+dCEbAEJz4gFCEKBFp3twww9RDj73ZBjRa0lQRz4SoIu
lmu63tmKS7DMywYwQhNjVu+5xE23Qz9rKZSlbz1nR8F2p0ZHfRLH3ZpuB51MdTPV
v/VTG8EvnTh2lQ==
-----END CERTIFICATE-----