Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
File:                     xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft (raw, json)
Hash identifier:          XrA9IrUzkOAIQUTGiUjnlK2lidfXyyaFNUlc/OtEqj0=
Subject key identifier:   30:56:EC:40:4A:39:12:71:CA:E0:26:0D:E7:C7:B7:4D:12:B8:61:D1
Authority key identifier: C4:13:D7:A3:76:5F:F9:A2:2B:BC:22:99:E0:49:69:1E:29:40:CB:82
Certificate issuer:       /CN=c413d7a3765ff9a22bbc2299e049691e2940cb82
Certificate serial:       019DA4F870A4115718A1084A55D2491840CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
Manifest number:          1638
Signing time:             Sun 19 Apr 2026 09:00:38 +0000
Manifest this update:     Sun 19 Apr 2026 09:00:38 +0000
Manifest next update:     Mon 20 Apr 2026 09:00:38 +0000
Files and hashes:         1: xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl (hash: 9vxyfsT5HdLm8HJtc3bcXxCS7R10PguQo1Gs1C9NOME=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:f8:70:a4:11:57:18:a1:08:4a:55:d2:49:18:40:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c413d7a3765ff9a22bbc2299e049691e2940cb82
        Validity
            Not Before: Apr 19 09:00:38 2026 GMT
            Not After : Apr 20 09:00:38 2026 GMT
        Subject: CN=3056ec404a391271cae0260de7c7b74d12b861d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:95:97:b0:27:43:9d:ad:af:07:bb:89:86:29:
                    3c:b1:6f:94:75:71:d9:09:96:5e:ce:db:9a:c2:4d:
                    1d:e1:3d:c5:ee:24:33:b6:67:50:61:22:61:cc:6b:
                    2c:4e:17:f1:f9:da:41:8a:d3:03:43:d0:f2:69:0d:
                    be:3e:5e:22:37:73:a9:fa:47:07:69:2a:28:33:75:
                    af:0b:92:82:de:8b:fe:08:f0:a6:a5:03:e1:11:3e:
                    b0:45:d3:cd:a0:06:8a:77:bb:6c:ad:ca:ae:a2:42:
                    24:fd:dc:b7:10:29:66:03:5e:3d:79:8b:d0:dc:24:
                    41:b0:bc:8e:b9:81:23:ca:fb:a1:55:4d:21:27:5e:
                    65:89:eb:c8:ce:4f:f8:44:f0:8e:17:f8:02:f0:a7:
                    5d:c3:72:63:e2:1d:65:6f:98:e1:2c:8a:3b:cb:d7:
                    f4:3d:6a:33:a6:d7:d8:03:a4:40:c8:2c:d3:9a:45:
                    28:15:5c:de:87:8f:65:5e:16:c7:13:ef:9a:fa:ec:
                    c8:27:c0:6d:73:22:ee:33:57:7c:e3:26:f8:9a:f8:
                    a7:a2:2b:1c:5b:06:5f:95:40:ab:5e:bc:26:5c:2c:
                    19:27:49:f3:ad:8f:85:dc:b5:fd:74:c9:99:93:26:
                    69:10:df:87:82:ea:b2:a6:2f:82:b9:fb:6c:66:f6:
                    8e:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:56:EC:40:4A:39:12:71:CA:E0:26:0D:E7:C7:B7:4D:12:B8:61:D1
            X509v3 Authority Key Identifier:
                keyid:C4:13:D7:A3:76:5F:F9:A2:2B:BC:22:99:E0:49:69:1E:29:40:CB:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:0c:68:51:6a:12:70:00:26:00:2d:ea:d2:af:2c:ce:ac:77:
         1c:c0:f9:9e:d4:0f:fc:b6:2c:2c:ff:0e:e5:d6:a9:fd:e1:ec:
         0d:d5:d1:dc:db:b1:43:b7:7a:e0:6e:1c:b9:62:f9:95:cd:b2:
         c1:09:97:48:6c:82:80:70:72:26:16:78:68:66:61:bd:10:ba:
         f9:16:ca:aa:35:cb:f5:c2:85:14:b9:91:19:a3:91:4a:dc:7e:
         4a:f5:ce:74:79:61:62:83:64:ba:55:01:98:a4:4a:73:5d:60:
         1d:7d:18:c1:1f:8c:fc:7d:a2:70:7c:2e:61:68:08:bf:8a:18:
         21:5d:98:c0:e5:50:c6:6d:d2:9b:2f:b6:9c:b7:d3:e7:cf:14:
         3a:6a:cb:b1:dc:d4:8c:b8:d6:a0:3b:f7:1b:d8:82:f5:47:55:
         0b:30:92:e5:34:73:1e:b8:e5:8e:71:c7:40:9d:8a:28:04:79:
         59:fc:13:90:f7:33:13:5b:10:0e:ee:83:25:ff:37:73:b2:82:
         a9:be:ac:46:76:26:72:d7:35:cf:7e:b2:04:4b:14:a0:f1:d1:
         64:58:32:af:cf:14:9b:f9:27:0d:27:e7:ea:85:64:be:18:8b:
         b1:b6:8a:c2:46:4c:7d:7d:f4:7a:ba:86:d2:94:21:ea:cc:3f:
         1c:54:41:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2k+HCkEVcYoQhKVdJJGEDKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MTNkN2EzNzY1ZmY5YTIyYmJjMjI5OWUwNDk2OTFlMjk0
MGNiODIwHhcNMjYwNDE5MDkwMDM4WhcNMjYwNDIwMDkwMDM4WjAzMTEwLwYDVQQD
EygzMDU2ZWM0MDRhMzkxMjcxY2FlMDI2MGRlN2M3Yjc0ZDEyYjg2MWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6JWXsCdDna2vB7uJhik8sW+UdXHZ
CZZeztuawk0d4T3F7iQztmdQYSJhzGssThfx+dpBitMDQ9DyaQ2+Pl4iN3Op+kcH
aSooM3WvC5KC3ov+CPCmpQPhET6wRdPNoAaKd7tsrcquokIk/dy3EClmA149eYvQ
3CRBsLyOuYEjyvuhVU0hJ15lievIzk/4RPCOF/gC8Kddw3Jj4h1lb5jhLIo7y9f0
PWozptfYA6RAyCzTmkUoFVzeh49lXhbHE++a+uzIJ8BtcyLuM1d84yb4mvinoisc
WwZflUCrXrwmXCwZJ0nzrY+F3LX9dMmZkyZpEN+Hguqypi+CuftsZvaOCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDBW7EBKORJxyuAmDefHt00SuGHRMB8GA1UdIwQY
MBaAFMQT16N2X/miK7wimeBJaR4pQMuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hN2JjODYtMDk1NS00NjhiLTllYjUt
ZTg2MGJlN2U3YzU0LzEveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hN2JjODYtMDk1NS00NjhiLTllYjUtZTg2MGJlN2U3YzU0
LzEveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOAxoUWoS
cAAmAC3q0q8szqx3HMD5ntQP/LYsLP8O5dap/eHsDdXR3NuxQ7d64G4cuWL5lc2y
wQmXSGyCgHByJhZ4aGZhvRC6+RbKqjXL9cKFFLmRGaORStx+SvXOdHlhYoNkulUB
mKRKc11gHX0YwR+M/H2icHwuYWgIv4oYIV2YwOVQxm3Smy+2nLfT588UOmrLsdzU
jLjWoDv3G9iC9UdVCzCS5TRzHrjljnHHQJ2KKAR5WfwTkPczE1sQDu6DJf83c7KC
qb6sRnYmctc1z36yBEsUoPHRZFgyr88Um/knDSfn6oVkvhiLsbaKwkZMfX30erqG
0pQh6sw/HFRBHA==
-----END CERTIFICATE-----