Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/4813f2-4c63-4aa0-9b22-37bc8e656eb1/1/sLuH0gzEIN9B4JDDO0xA78sN2Hg.mft
File:                     sLuH0gzEIN9B4JDDO0xA78sN2Hg.mft (raw, json)
Hash identifier:          cpKHilybC2Vf1F7FCwldtuKor2jMBbMjFxp2aZk9OOM=
Subject key identifier:   AF:F2:C8:02:A2:B6:41:EE:0D:94:F8:D6:AB:F8:03:BC:BC:7D:34:0F
Authority key identifier: B0:BB:87:D2:0C:C4:20:DF:41:E0:90:C3:3B:4C:40:EF:CB:0D:D8:78
Certificate issuer:       /CN=b0bb87d20cc420df41e090c33b4c40efcb0dd878
Certificate serial:       019D98F5225E79EFCFD55A121D5D645ABBAC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sLuH0gzEIN9B4JDDO0xA78sN2Hg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/4813f2-4c63-4aa0-9b22-37bc8e656eb1/1/sLuH0gzEIN9B4JDDO0xA78sN2Hg.mft
Manifest number:          18BF
Signing time:             Fri 17 Apr 2026 01:01:35 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:35 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:35 +0000
Files and hashes:         1: sLuH0gzEIN9B4JDDO0xA78sN2Hg.crl (hash: lwBUs7BGexlUm2ovhqLFvQ007LdWkR2aJKpe3zHgfn8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/4813f2-4c63-4aa0-9b22-37bc8e656eb1/1/sLuH0gzEIN9B4JDDO0xA78sN2Hg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/4813f2-4c63-4aa0-9b22-37bc8e656eb1/1/sLuH0gzEIN9B4JDDO0xA78sN2Hg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sLuH0gzEIN9B4JDDO0xA78sN2Hg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f5:22:5e:79:ef:cf:d5:5a:12:1d:5d:64:5a:bb:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0bb87d20cc420df41e090c33b4c40efcb0dd878
        Validity
            Not Before: Apr 17 01:01:35 2026 GMT
            Not After : Apr 18 01:01:35 2026 GMT
        Subject: CN=aff2c802a2b641ee0d94f8d6abf803bcbc7d340f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:53:a7:8a:77:42:e3:30:18:59:4a:42:15:31:
                    14:b7:dc:7d:c6:2a:80:89:28:a2:e6:88:d8:ad:46:
                    ed:4d:bf:1f:2d:33:64:c4:fe:a1:ec:a0:c3:70:0f:
                    07:c9:e2:40:b9:46:72:41:e4:60:0f:e9:27:df:ee:
                    7b:1a:ce:18:4f:bd:d8:34:f3:4d:e3:0e:e2:97:37:
                    99:35:fe:25:e6:27:d0:f3:ad:ee:b1:24:7e:16:cc:
                    84:97:55:ca:54:92:7a:69:90:37:9f:8d:0c:b6:4c:
                    16:06:ab:66:cf:15:e5:05:8a:3d:80:ef:81:4c:a5:
                    9c:57:b7:da:c6:f4:0b:8d:b7:ee:b3:5f:d4:de:18:
                    33:3c:9e:59:50:25:3c:9b:04:2a:10:5b:63:e0:05:
                    c1:f2:b1:71:2e:a5:12:ed:52:74:1a:0a:f4:83:67:
                    41:46:65:92:d4:77:54:b6:04:f5:87:0d:fd:ee:cf:
                    9c:68:4b:04:82:95:05:10:1c:f8:72:6d:7f:64:d8:
                    19:c8:91:52:c0:10:0a:7f:67:71:36:90:0f:25:a2:
                    44:96:f5:ea:dd:a2:db:6a:4d:bf:97:7b:39:83:68:
                    62:ab:73:4a:22:87:72:c9:57:70:4f:29:63:9f:be:
                    86:6c:01:11:11:72:a2:7d:9e:48:4b:85:5c:1a:5d:
                    a1:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:F2:C8:02:A2:B6:41:EE:0D:94:F8:D6:AB:F8:03:BC:BC:7D:34:0F
            X509v3 Authority Key Identifier:
                keyid:B0:BB:87:D2:0C:C4:20:DF:41:E0:90:C3:3B:4C:40:EF:CB:0D:D8:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sLuH0gzEIN9B4JDDO0xA78sN2Hg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/4813f2-4c63-4aa0-9b22-37bc8e656eb1/1/sLuH0gzEIN9B4JDDO0xA78sN2Hg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/4813f2-4c63-4aa0-9b22-37bc8e656eb1/1/sLuH0gzEIN9B4JDDO0xA78sN2Hg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:1f:46:13:2c:18:e7:d4:2b:18:62:a9:70:85:1f:ca:b5:fc:
         51:9b:9c:7c:a6:2f:01:e6:77:dd:e2:89:d0:9f:96:7d:2f:fb:
         fb:df:db:30:de:92:1c:13:24:ce:dc:d1:35:fb:24:0f:da:bf:
         fa:95:fd:b0:9c:0f:17:a5:99:31:aa:04:72:56:65:d6:04:20:
         5b:97:7b:91:4b:d8:13:a4:39:e1:84:79:9c:13:45:22:89:7f:
         35:c4:10:65:8a:fe:3a:26:11:a2:33:54:86:ec:1d:84:b4:89:
         55:dd:30:ad:39:d1:33:55:77:8f:c9:95:52:97:dd:4b:5f:b3:
         f2:c9:db:20:c0:b4:d6:03:ab:ac:44:61:a8:9c:5d:eb:e7:26:
         27:f8:0b:7a:b9:92:7f:a2:43:9a:69:7a:57:5d:d1:93:0e:2f:
         19:65:ec:96:5f:63:dd:22:13:4d:c0:68:56:c4:e0:41:27:9d:
         c2:9c:19:13:2d:c4:e9:48:4c:34:87:49:e3:73:87:90:1c:d2:
         0c:45:83:4e:ce:a3:2a:95:da:e7:08:c3:ab:43:4b:cc:f7:d9:
         b2:48:b1:cc:26:4b:0d:57:93:85:96:8f:c0:ce:8e:ae:77:b7:
         55:b9:98:6d:59:b5:ff:81:83:99:d6:20:f4:d8:79:81:9c:79:
         73:bc:ab:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9SJeee/P1VoSHV1kWrusMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYmI4N2QyMGNjNDIwZGY0MWUwOTBjMzNiNGM0MGVmY2Iw
ZGQ4NzgwHhcNMjYwNDE3MDEwMTM1WhcNMjYwNDE4MDEwMTM1WjAzMTEwLwYDVQQD
EyhhZmYyYzgwMmEyYjY0MWVlMGQ5NGY4ZDZhYmY4MDNiY2JjN2QzNDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7FOnindC4zAYWUpCFTEUt9x9xiqA
iSii5ojYrUbtTb8fLTNkxP6h7KDDcA8HyeJAuUZyQeRgD+kn3+57Gs4YT73YNPNN
4w7ilzeZNf4l5ifQ863usSR+FsyEl1XKVJJ6aZA3n40MtkwWBqtmzxXlBYo9gO+B
TKWcV7faxvQLjbfus1/U3hgzPJ5ZUCU8mwQqEFtj4AXB8rFxLqUS7VJ0Ggr0g2dB
RmWS1HdUtgT1hw397s+caEsEgpUFEBz4cm1/ZNgZyJFSwBAKf2dxNpAPJaJElvXq
3aLbak2/l3s5g2hiq3NKIodyyVdwTyljn76GbAEREXKifZ5IS4VcGl2h5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK/yyAKitkHuDZT41qv4A7y8fTQPMB8GA1UdIwQY
MBaAFLC7h9IMxCDfQeCQwztMQO/LDdh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0x1SDBnekVJTjlCNEpERE8weEE3OHNOMkhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi80ODEzZjItNGM2My00YWEwLTliMjIt
MzdiYzhlNjU2ZWIxLzEvc0x1SDBnekVJTjlCNEpERE8weEE3OHNOMkhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi80ODEzZjItNGM2My00YWEwLTliMjItMzdiYzhlNjU2ZWIx
LzEvc0x1SDBnekVJTjlCNEpERE8weEE3OHNOMkhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtx9GEywY
59QrGGKpcIUfyrX8UZucfKYvAeZ33eKJ0J+WfS/7+9/bMN6SHBMkztzRNfskD9q/
+pX9sJwPF6WZMaoEclZl1gQgW5d7kUvYE6Q54YR5nBNFIol/NcQQZYr+OiYRojNU
huwdhLSJVd0wrTnRM1V3j8mVUpfdS1+z8snbIMC01gOrrERhqJxd6+cmJ/gLermS
f6JDmml6V13Rkw4vGWXsll9j3SITTcBoVsTgQSedwpwZEy3E6UhMNIdJ43OHkBzS
DEWDTs6jKpXa5wjDq0NLzPfZskixzCZLDVeThZaPwM6Orne3VbmYbVm1/4GDmdYg
9Nh5gZx5c7yrQQ==
-----END CERTIFICATE-----