Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
File:                     GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft (raw, json)
Hash identifier:          svt5JcPFKDxNo53svOhDdjE1DATUquhROauEs/2ddLU=
Subject key identifier:   31:7C:2D:45:02:DC:66:5B:DB:28:B2:9F:95:76:71:EC:65:21:FE:42
Authority key identifier: 18:77:B1:9D:48:47:FC:3F:49:5A:F9:36:C5:B1:A1:92:8C:91:27:48
Certificate issuer:       /CN=1877b19d4847fc3f495af936c5b1a1928c912748
Certificate serial:       019D99629C76213020F2D16CFE3A8A2B41FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 03:01:09 +0000
Manifest this update:     Fri 17 Apr 2026 03:01:09 +0000
Manifest next update:     Sat 18 Apr 2026 03:01:09 +0000
Files and hashes:         1: GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl (hash: fdGTbQsSsZe52/UFRJEJee9d7fBLNxv4yisgBCBOQMo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 03:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:9c:76:21:30:20:f2:d1:6c:fe:3a:8a:2b:41:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1877b19d4847fc3f495af936c5b1a1928c912748
        Validity
            Not Before: Apr 17 03:01:09 2026 GMT
            Not After : Apr 18 03:01:09 2026 GMT
        Subject: CN=317c2d4502dc665bdb28b29f957671ec6521fe42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:6a:15:61:e1:a8:46:fe:19:1a:8c:00:0e:41:
                    cb:dc:ad:cd:56:3f:6c:c6:b5:42:a0:e9:92:2f:aa:
                    4e:25:fc:05:09:f0:e3:64:35:e7:4e:f0:cf:12:25:
                    bc:61:b8:d3:6d:0f:27:a2:12:61:a2:f1:36:1f:10:
                    33:58:6c:77:7f:b5:d7:52:cb:71:79:6d:76:7e:e0:
                    43:d9:e1:dd:6d:95:bb:35:69:9a:57:2c:7e:f4:38:
                    1a:7e:48:05:c8:7b:10:0e:c6:28:33:7b:a5:23:86:
                    eb:b3:03:70:2c:08:54:da:63:94:04:6a:b7:89:b7:
                    b8:e3:3f:27:6f:8d:33:63:67:b0:5e:c8:f5:83:81:
                    ba:78:ae:89:0e:71:e5:29:3b:1e:b6:f6:f9:2d:d3:
                    ef:5d:1c:33:de:ef:75:e2:c4:0f:a5:be:a0:8d:76:
                    7e:50:9f:e4:78:9b:c6:47:e8:64:6d:7b:a3:17:54:
                    30:07:b3:8f:bc:dc:75:e3:c4:f5:ca:55:48:9b:89:
                    72:c3:9b:31:e0:ba:15:b0:e0:24:19:40:51:16:e9:
                    b4:b2:b7:a7:a2:95:fd:cd:00:f8:52:ac:39:26:4f:
                    95:1c:1e:6b:0e:ae:50:67:e0:97:37:0d:9a:13:c7:
                    65:c4:95:7e:bf:15:07:9e:f3:da:fe:5a:41:7e:9a:
                    a2:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:7C:2D:45:02:DC:66:5B:DB:28:B2:9F:95:76:71:EC:65:21:FE:42
            X509v3 Authority Key Identifier:
                keyid:18:77:B1:9D:48:47:FC:3F:49:5A:F9:36:C5:B1:A1:92:8C:91:27:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:f9:ac:b2:85:47:39:3c:77:44:4a:bf:8d:1b:ac:26:81:02:
         91:46:b2:d4:a4:ff:a5:35:74:f5:32:fb:d4:71:94:60:65:63:
         79:a0:a8:8c:08:53:75:b1:16:0e:84:5d:dd:88:0a:e3:ec:b0:
         be:18:bb:21:f0:e5:47:fc:7f:30:2e:b7:20:f4:13:33:a2:4e:
         29:10:fd:77:e1:aa:61:b5:33:bb:f2:b1:b5:a9:00:82:7b:30:
         13:04:a7:d6:fe:09:12:50:bd:cd:d4:d0:3a:45:3a:2f:a0:b1:
         12:ea:2e:16:bf:81:33:57:f7:70:96:8f:b7:0c:f3:f8:91:f5:
         c1:a1:06:71:fa:98:d5:b6:43:cb:b0:9b:79:43:2b:1f:d4:3a:
         d5:76:34:7d:64:b5:48:7a:eb:44:22:61:38:e0:99:c4:07:bb:
         16:47:cd:92:3d:13:59:e9:64:25:87:a6:12:76:e9:33:ca:ce:
         c5:2c:34:a4:aa:01:a2:2f:62:24:94:8f:3a:56:2f:34:b8:d3:
         e3:20:d2:96:d9:2e:e9:6b:d7:1f:5f:cd:d3:0d:25:19:a2:1a:
         2c:57:4b:42:63:24:dd:f4:42:55:3c:51:16:43:aa:de:9a:09:
         52:e8:48:cc:c8:02:59:1f:13:d3:78:6c:4e:df:f1:18:cd:69:
         8d:13:30:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYpx2ITAg8tFs/jqKK0H8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NzdiMTlkNDg0N2ZjM2Y0OTVhZjkzNmM1YjFhMTkyOGM5
MTI3NDgwHhcNMjYwNDE3MDMwMTA5WhcNMjYwNDE4MDMwMTA5WjAzMTEwLwYDVQQD
EygzMTdjMmQ0NTAyZGM2NjViZGIyOGIyOWY5NTc2NzFlYzY1MjFmZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2oVYeGoRv4ZGowADkHL3K3NVj9s
xrVCoOmSL6pOJfwFCfDjZDXnTvDPEiW8YbjTbQ8nohJhovE2HxAzWGx3f7XXUstx
eW12fuBD2eHdbZW7NWmaVyx+9DgafkgFyHsQDsYoM3ulI4brswNwLAhU2mOUBGq3
ibe44z8nb40zY2ewXsj1g4G6eK6JDnHlKTsetvb5LdPvXRwz3u914sQPpb6gjXZ+
UJ/keJvGR+hkbXujF1QwB7OPvNx148T1ylVIm4lyw5sx4LoVsOAkGUBRFum0sren
opX9zQD4Uqw5Jk+VHB5rDq5QZ+CXNw2aE8dlxJV+vxUHnvPa/lpBfpqiLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDF8LUUC3GZb2yiyn5V2cexlIf5CMB8GA1UdIwQY
MBaAFBh3sZ1IR/w/SVr5NsWxoZKMkSdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9jMTIyYTctNTcxMi00YmJkLWI2Mzgt
YWM5YTkzMTcxYWE1LzEvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9jMTIyYTctNTcxMi00YmJkLWI2MzgtYWM5YTkzMTcxYWE1
LzEvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa/mssoVH
OTx3REq/jRusJoECkUay1KT/pTV09TL71HGUYGVjeaCojAhTdbEWDoRd3YgK4+yw
vhi7IfDlR/x/MC63IPQTM6JOKRD9d+GqYbUzu/KxtakAgnswEwSn1v4JElC9zdTQ
OkU6L6CxEuouFr+BM1f3cJaPtwzz+JH1waEGcfqY1bZDy7CbeUMrH9Q61XY0fWS1
SHrrRCJhOOCZxAe7FkfNkj0TWelkJYemEnbpM8rOxSw0pKoBoi9iJJSPOlYvNLjT
4yDSltku6WvXH1/N0w0lGaIaLFdLQmMk3fRCVTxRFkOq3poJUuhIzMgCWR8T03hs
Tt/xGM1pjRMwfA==
-----END CERTIFICATE-----