Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
File:                     Kf5mFpV0HYXP7c9v-890aZlZVp8.mft (raw, json)
Hash identifier:          dvb2PpYeTwY2UMX0UIwssdCyLRJIVTw+98VByIktc4o=
Subject key identifier:   4C:3E:AD:26:3F:BF:25:AB:23:93:B9:F1:02:39:9C:AC:88:A3:9C:74
Authority key identifier: 29:FE:66:16:95:74:1D:85:CF:ED:CF:6F:FB:CF:74:69:99:59:56:9F
Certificate issuer:       /CN=29fe661695741d85cfedcf6ffbcf74699959569f
Certificate serial:       019D98BD907DDC812F3B2B12CD3D635981BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
Manifest number:          18BF
Signing time:             Fri 17 Apr 2026 00:00:53 +0000
Manifest this update:     Fri 17 Apr 2026 00:00:53 +0000
Manifest next update:     Sat 18 Apr 2026 00:00:53 +0000
Files and hashes:         1: Kf5mFpV0HYXP7c9v-890aZlZVp8.crl (hash: WWV7+Wl74TOtdUagK55D2sAax3JGn2erwQNpvc1tmkc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 00:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:bd:90:7d:dc:81:2f:3b:2b:12:cd:3d:63:59:81:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29fe661695741d85cfedcf6ffbcf74699959569f
        Validity
            Not Before: Apr 17 00:00:53 2026 GMT
            Not After : Apr 18 00:00:53 2026 GMT
        Subject: CN=4c3ead263fbf25ab2393b9f102399cac88a39c74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:51:d8:d3:cd:11:e8:3b:d4:af:54:2b:0b:1d:
                    cc:54:0d:03:6b:ec:64:54:a8:45:dd:50:8b:78:6c:
                    4b:e6:0a:d8:da:44:e0:46:b0:0a:51:38:ab:00:a8:
                    ac:3c:12:aa:c5:7b:13:98:59:c9:3a:9e:d7:91:11:
                    11:d8:5b:72:e2:9f:ff:d2:c8:54:a0:f2:f9:d0:10:
                    05:b2:da:3c:cc:d6:b0:7d:1d:43:1a:78:ae:73:7e:
                    68:dd:1b:bd:1b:02:5f:b5:2d:d6:dc:49:26:0e:21:
                    4b:9f:ad:ab:fd:ad:85:4d:64:c3:d8:9c:89:19:8b:
                    1c:da:01:9c:7f:ab:60:6b:d3:80:3d:41:52:58:0a:
                    f4:2f:c5:dd:23:29:8f:34:77:67:d5:48:76:82:ec:
                    84:3f:7f:3b:8c:7b:e9:4e:72:f2:61:7d:83:22:8e:
                    34:1d:57:b3:76:54:02:6c:d7:43:b1:ea:2c:de:18:
                    c5:2c:eb:7f:ee:cb:93:9d:e7:f3:17:2a:a4:b2:6d:
                    df:ab:a1:49:e0:fb:b4:29:65:39:1b:c9:c8:f4:de:
                    b2:12:fe:c9:e2:4b:fe:5b:54:b1:38:6f:f4:3e:26:
                    ba:da:d3:d0:e4:c4:ec:5f:1d:e4:15:f7:c9:52:af:
                    79:88:2b:83:60:bd:0b:de:de:22:5e:e1:58:5b:ce:
                    f0:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:3E:AD:26:3F:BF:25:AB:23:93:B9:F1:02:39:9C:AC:88:A3:9C:74
            X509v3 Authority Key Identifier:
                keyid:29:FE:66:16:95:74:1D:85:CF:ED:CF:6F:FB:CF:74:69:99:59:56:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:81:a6:a3:ba:6c:72:69:2f:97:15:dd:a0:b8:db:72:d8:bf:
         7b:fd:70:d8:5b:4e:4b:da:5e:b1:f4:49:e1:29:dd:c4:e1:ec:
         3f:ce:78:0a:48:e5:db:03:9c:7a:ef:ce:d6:20:35:4b:2f:85:
         73:0a:aa:64:4c:a7:2f:0f:2f:0c:be:21:ad:1b:18:59:45:95:
         60:3a:26:1a:f7:7c:7e:c2:6d:6b:70:5b:99:c4:19:5d:d9:d5:
         d5:9a:2e:44:74:7a:62:48:39:10:e4:cb:be:d8:bf:7a:e2:0b:
         6f:65:04:d1:bc:59:71:25:a8:b0:cb:0c:79:54:c3:a5:cc:20:
         28:6d:f3:85:19:bb:be:bf:42:dc:a7:c1:0e:4f:3f:20:a9:c5:
         93:20:2e:c8:5e:c0:2a:55:ea:a8:cf:2a:27:9b:35:48:f9:64:
         2c:98:26:a6:e1:74:17:b8:88:7c:c2:a8:23:fd:74:e4:8a:ae:
         c4:3c:76:10:45:97:97:40:2b:4b:5e:db:82:a5:a3:10:d8:39:
         7f:b5:05:2a:ef:45:33:0b:5b:35:0c:86:a4:0e:24:0a:b2:ff:
         3f:4f:c7:2c:78:4a:25:a4:64:fb:bf:f1:30:75:f2:01:b3:88:
         b5:f8:d5:6e:2c:f9:ed:fb:74:c3:d7:a8:23:6f:22:ad:80:a6:
         13:78:c7:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YvZB93IEvOysSzT1jWYG9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZmU2NjE2OTU3NDFkODVjZmVkY2Y2ZmZiY2Y3NDY5OTk1
OTU2OWYwHhcNMjYwNDE3MDAwMDUzWhcNMjYwNDE4MDAwMDUzWjAzMTEwLwYDVQQD
Eyg0YzNlYWQyNjNmYmYyNWFiMjM5M2I5ZjEwMjM5OWNhYzg4YTM5Yzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FHY080R6DvUr1QrCx3MVA0Da+xk
VKhF3VCLeGxL5grY2kTgRrAKUTirAKisPBKqxXsTmFnJOp7XkRER2Fty4p//0shU
oPL50BAFsto8zNawfR1DGniuc35o3Ru9GwJftS3W3EkmDiFLn62r/a2FTWTD2JyJ
GYsc2gGcf6tga9OAPUFSWAr0L8XdIymPNHdn1Uh2guyEP387jHvpTnLyYX2DIo40
HVezdlQCbNdDseos3hjFLOt/7suTnefzFyqksm3fq6FJ4Pu0KWU5G8nI9N6yEv7J
4kv+W1SxOG/0Pia62tPQ5MTsXx3kFffJUq95iCuDYL0L3t4iXuFYW87wvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEw+rSY/vyWrI5O58QI5nKyIo5x0MB8GA1UdIwQY
MBaAFCn+ZhaVdB2Fz+3Pb/vPdGmZWVafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi81MWVjYzktNTY4MS00YjAyLTlkYjgt
MmU4ODBhN2E4MmNhLzEvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi81MWVjYzktNTY4MS00YjAyLTlkYjgtMmU4ODBhN2E4MmNh
LzEvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk4Gmo7ps
cmkvlxXdoLjbcti/e/1w2FtOS9pesfRJ4SndxOHsP854Ckjl2wOceu/O1iA1Sy+F
cwqqZEynLw8vDL4hrRsYWUWVYDomGvd8fsJta3BbmcQZXdnV1ZouRHR6Ykg5EOTL
vti/euILb2UE0bxZcSWosMsMeVTDpcwgKG3zhRm7vr9C3KfBDk8/IKnFkyAuyF7A
KlXqqM8qJ5s1SPlkLJgmpuF0F7iIfMKoI/105IquxDx2EEWXl0ArS17bgqWjENg5
f7UFKu9FMwtbNQyGpA4kCrL/P0/HLHhKJaRk+7/xMHXyAbOItfjVbiz57ft0w9eo
I28irYCmE3jHbw==
-----END CERTIFICATE-----