Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
File:                     bNmlABXpaTdlb8DKW21WXkWb02A.mft (raw, json)
Hash identifier:          5eSehIRVIfmVWRqsoWZ+cY+Pj8AdITAurznIFVwd0nc=
Subject key identifier:   56:17:D1:1C:A9:FC:49:22:73:F4:66:74:F6:B5:D0:10:F1:26:2C:7C
Authority key identifier: 6C:D9:A5:00:15:E9:69:37:65:6F:C0:CA:5B:6D:56:5E:45:9B:D3:60
Certificate issuer:       /CN=6cd9a50015e96937656fc0ca5b6d565e459bd360
Certificate serial:       019DA48B43FADBCBE95F5D3D8F781D263DB6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
Manifest number:          18C5
Signing time:             Sun 19 Apr 2026 07:01:23 +0000
Manifest this update:     Sun 19 Apr 2026 07:01:23 +0000
Manifest next update:     Mon 20 Apr 2026 07:01:23 +0000
Files and hashes:         1: bNmlABXpaTdlb8DKW21WXkWb02A.crl (hash: 6hyu28aH8fpJ920vyoe4NZpuo5yPKYsVuq1usWjrvgY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:8b:43:fa:db:cb:e9:5f:5d:3d:8f:78:1d:26:3d:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cd9a50015e96937656fc0ca5b6d565e459bd360
        Validity
            Not Before: Apr 19 07:01:23 2026 GMT
            Not After : Apr 20 07:01:23 2026 GMT
        Subject: CN=5617d11ca9fc492273f46674f6b5d010f1262c7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:6a:a1:e1:b7:f2:5a:7e:ab:ab:62:fb:8f:28:
                    16:c3:d8:6b:86:b4:17:19:33:f4:c3:b6:06:41:05:
                    96:89:d4:c3:52:c7:b5:60:0c:32:84:a1:7b:bc:29:
                    18:8f:24:cf:36:3c:d9:26:0f:78:80:0e:fc:db:5e:
                    e9:79:3f:c8:c5:36:62:31:a4:43:2a:5b:8a:08:94:
                    1d:01:07:5f:bf:a4:3e:9d:0e:17:b9:12:82:f9:44:
                    f2:1d:e9:f0:04:5d:98:19:d5:85:e8:63:c0:58:6e:
                    08:2f:e6:b6:e7:c5:01:c6:b8:08:7b:1c:9b:22:50:
                    44:76:30:1b:d8:fc:37:f8:ad:71:5d:fd:fd:42:a2:
                    5d:30:7a:6e:25:d0:56:78:01:b9:e9:11:15:a3:25:
                    2b:14:a6:51:af:cc:b7:61:bf:04:b8:8c:76:83:8f:
                    96:d4:b2:18:84:1b:b4:fa:58:b6:f1:1c:8c:ad:8a:
                    b1:28:d4:90:0e:64:82:8d:e6:6d:0f:8b:f8:11:0f:
                    e7:38:c2:5e:f0:87:bb:ac:93:71:5a:28:55:84:1f:
                    3b:2c:02:49:16:67:6d:eb:5c:44:43:f3:f9:05:53:
                    ea:5f:8a:9c:7b:3f:65:ce:41:22:4f:d1:98:44:42:
                    51:b4:8d:20:f6:1b:22:76:47:57:e7:62:32:d4:f5:
                    1d:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:17:D1:1C:A9:FC:49:22:73:F4:66:74:F6:B5:D0:10:F1:26:2C:7C
            X509v3 Authority Key Identifier:
                keyid:6C:D9:A5:00:15:E9:69:37:65:6F:C0:CA:5B:6D:56:5E:45:9B:D3:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bNmlABXpaTdlb8DKW21WXkWb02A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7dbd11-1b22-404c-94d3-2b9d437fe902/1/bNmlABXpaTdlb8DKW21WXkWb02A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:c3:dc:3b:8d:5e:c7:04:e2:25:5d:f0:a2:79:77:3c:eb:e9:
         9c:b0:11:55:4d:ab:59:df:08:6c:87:24:22:41:7f:1f:16:3e:
         54:16:60:7c:2c:23:e5:ca:e0:f4:84:1a:0f:50:19:10:a2:65:
         29:04:67:a1:10:0b:0f:5e:27:93:74:ac:1a:2b:78:4f:1a:51:
         e4:22:bc:07:d3:18:a9:12:43:c4:19:d7:d5:97:33:0e:aa:66:
         e5:a0:ef:4f:0e:7b:ed:12:38:45:e7:7d:50:3f:7d:b4:bc:0b:
         70:45:0c:9a:e3:e8:2e:0c:ef:08:e4:6a:6c:d1:1e:99:bd:a8:
         06:df:14:c7:00:d9:d5:25:5e:80:d2:77:3a:53:37:7e:3a:54:
         02:10:40:c5:1a:0b:da:32:3c:9d:3c:08:55:53:1d:b5:01:4e:
         68:c2:42:45:26:90:79:b6:dd:dc:19:aa:31:66:56:55:47:21:
         60:0c:5c:3d:15:fb:94:4b:80:44:6d:b4:d7:aa:72:f4:f8:15:
         53:51:bc:14:5c:d7:12:10:ba:d3:99:2c:d6:e3:a1:c1:ae:bb:
         99:75:9f:0d:e1:d3:64:77:96:e0:f9:69:c8:ca:74:d4:b6:3b:
         b4:77:23:1d:b9:02:cc:ef:27:79:09:6f:f0:e2:83:2f:cf:70:
         e8:ca:79:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ki0P628vpX109j3gdJj22MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZDlhNTAwMTVlOTY5Mzc2NTZmYzBjYTViNmQ1NjVlNDU5
YmQzNjAwHhcNMjYwNDE5MDcwMTIzWhcNMjYwNDIwMDcwMTIzWjAzMTEwLwYDVQQD
Eyg1NjE3ZDExY2E5ZmM0OTIyNzNmNDY2NzRmNmI1ZDAxMGYxMjYyYzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWqh4bfyWn6rq2L7jygWw9hrhrQX
GTP0w7YGQQWWidTDUse1YAwyhKF7vCkYjyTPNjzZJg94gA78217peT/IxTZiMaRD
KluKCJQdAQdfv6Q+nQ4XuRKC+UTyHenwBF2YGdWF6GPAWG4IL+a258UBxrgIexyb
IlBEdjAb2Pw3+K1xXf39QqJdMHpuJdBWeAG56REVoyUrFKZRr8y3Yb8EuIx2g4+W
1LIYhBu0+li28RyMrYqxKNSQDmSCjeZtD4v4EQ/nOMJe8Ie7rJNxWihVhB87LAJJ
Fmdt61xEQ/P5BVPqX4qcez9lzkEiT9GYREJRtI0g9hsidkdX52Iy1PUdOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFYX0Ryp/Ekic/RmdPa10BDxJix8MB8GA1UdIwQY
MBaAFGzZpQAV6Wk3ZW/AylttVl5Fm9NgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi83ZGJkMTEtMWIyMi00MDRjLTk0ZDMt
MmI5ZDQzN2ZlOTAyLzEvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi83ZGJkMTEtMWIyMi00MDRjLTk0ZDMtMmI5ZDQzN2ZlOTAy
LzEvYk5tbEFCWHBhVGRsYjhES1cyMVdYa1diMDJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY8PcO41e
xwTiJV3wonl3POvpnLARVU2rWd8IbIckIkF/HxY+VBZgfCwj5crg9IQaD1AZEKJl
KQRnoRALD14nk3SsGit4TxpR5CK8B9MYqRJDxBnX1ZczDqpm5aDvTw577RI4Red9
UD99tLwLcEUMmuPoLgzvCORqbNEemb2oBt8UxwDZ1SVegNJ3OlM3fjpUAhBAxRoL
2jI8nTwIVVMdtQFOaMJCRSaQebbd3BmqMWZWVUchYAxcPRX7lEuARG2016py9PgV
U1G8FFzXEhC605ks1uOhwa67mXWfDeHTZHeW4PlpyMp01LY7tHcjHbkCzO8neQlv
8OKDL89w6Mp5zw==
-----END CERTIFICATE-----