Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.mft
File:                     ZatIWvkj0bRsWjIfx6P4VsBPtvw.mft (raw, json)
Hash identifier:          aoi7ZO1QFliwWOMQ77L3K3B4sMRvnY5Q755rIWSJorw=
Subject key identifier:   68:AC:8C:F4:6F:41:EF:A0:1A:3D:A3:66:F7:C8:FE:81:A8:0E:B8:77
Authority key identifier: 65:AB:48:5A:F9:23:D1:B4:6C:5A:32:1F:C7:A3:F8:56:C0:4F:B6:FC
Certificate issuer:       /CN=65ab485af923d1b46c5a321fc7a3f856c04fb6fc
Certificate serial:       019D9BBE56C0878650F183D2DFC9EF70EF56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZatIWvkj0bRsWjIfx6P4VsBPtvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.mft
Manifest number:          18C5
Signing time:             Fri 17 Apr 2026 14:00:35 +0000
Manifest this update:     Fri 17 Apr 2026 14:00:35 +0000
Manifest next update:     Sat 18 Apr 2026 14:00:35 +0000
Files and hashes:         1: ZatIWvkj0bRsWjIfx6P4VsBPtvw.crl (hash: 5t2OJtzWcmkBKNU6A4Vsm/v6QGJ3+Xov8L77UVK11AE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZatIWvkj0bRsWjIfx6P4VsBPtvw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 14:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:be:56:c0:87:86:50:f1:83:d2:df:c9:ef:70:ef:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65ab485af923d1b46c5a321fc7a3f856c04fb6fc
        Validity
            Not Before: Apr 17 14:00:35 2026 GMT
            Not After : Apr 18 14:00:35 2026 GMT
        Subject: CN=68ac8cf46f41efa01a3da366f7c8fe81a80eb877
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:e2:fc:77:ce:02:55:a4:f0:85:ec:08:00:41:
                    1c:15:61:2c:1a:74:f8:51:de:b7:bc:90:e0:d9:b9:
                    2c:88:1d:97:ed:ea:db:79:dd:17:fc:c5:63:dc:b7:
                    69:65:dd:ff:d3:3e:96:99:bf:a6:a2:f0:24:ae:8e:
                    51:be:01:a2:36:e2:a3:da:8c:1c:38:d4:53:76:28:
                    ff:0e:2d:d1:f9:12:9f:0e:3d:6c:4f:91:72:b6:7d:
                    86:93:7c:09:e9:9a:16:0a:69:fd:66:9e:ba:1e:e1:
                    24:f4:38:79:d7:b8:da:8f:87:c8:48:1f:f8:3a:30:
                    5e:3d:26:f6:7d:35:32:d6:e1:d4:f3:20:5b:ac:7f:
                    62:57:67:c4:07:82:5f:d8:07:df:8e:a4:6b:19:4d:
                    4f:c6:85:df:08:f4:7b:c4:81:2a:33:1b:a2:9e:a3:
                    f0:84:f7:06:2a:c3:ec:c5:1c:b1:54:cd:b1:8a:f8:
                    e6:fa:da:97:6f:ce:a4:1f:20:a7:87:c3:93:c1:a1:
                    1e:eb:68:7c:1e:c0:75:78:59:e9:7c:48:e9:0c:e9:
                    bd:1e:a2:80:d3:87:62:29:88:2e:7a:d8:0e:24:dd:
                    5e:b3:e2:f9:61:5d:95:e8:ea:db:f2:93:63:da:a6:
                    ac:ab:e0:19:4a:c9:2a:7c:a2:62:f0:b5:a8:30:1f:
                    2e:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:AC:8C:F4:6F:41:EF:A0:1A:3D:A3:66:F7:C8:FE:81:A8:0E:B8:77
            X509v3 Authority Key Identifier:
                keyid:65:AB:48:5A:F9:23:D1:B4:6C:5A:32:1F:C7:A3:F8:56:C0:4F:B6:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZatIWvkj0bRsWjIfx6P4VsBPtvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:4a:e2:7b:cf:b6:4d:b7:0f:ff:bb:9b:0b:9f:27:b9:cb:42:
         cd:4d:b6:aa:40:94:6b:6d:e9:ef:36:34:68:27:34:97:08:0e:
         f9:7e:3c:65:ab:25:11:57:22:ed:53:ab:08:ff:8d:cc:47:02:
         ed:c6:73:0f:84:65:42:16:c3:db:c3:e9:4f:43:a1:e1:2f:b6:
         d3:bd:db:29:c2:c4:7c:4d:79:e0:d9:23:64:45:9d:d9:06:1f:
         ae:96:1f:1a:e7:e0:c0:32:6e:35:6f:fa:5d:15:af:28:dd:4d:
         36:a9:2c:ca:11:33:af:e2:f9:6c:07:66:b3:18:58:8b:1a:90:
         32:b4:09:69:0e:14:24:4b:80:2d:b5:78:76:c7:15:0e:4d:29:
         b2:4a:eb:a3:33:c8:c6:18:d0:84:67:eb:2c:8f:94:01:4d:60:
         5d:78:c5:a6:a4:86:4e:f5:5a:5b:6a:f4:3d:c9:67:d9:91:33:
         94:47:4f:d2:23:1c:7c:98:26:c3:cc:ec:b6:af:51:85:0d:bc:
         d3:b9:c5:fc:8e:c8:1c:02:de:80:67:01:40:66:7a:f3:3d:31:
         bc:ea:30:ab:cb:35:2f:4f:3d:89:7b:13:01:b4:de:1b:f0:05:
         a2:bc:93:9d:55:6f:61:f7:79:03:e4:56:31:49:77:2f:d3:4c:
         15:ab:9f:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bvlbAh4ZQ8YPS38nvcO9WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YWI0ODVhZjkyM2QxYjQ2YzVhMzIxZmM3YTNmODU2YzA0
ZmI2ZmMwHhcNMjYwNDE3MTQwMDM1WhcNMjYwNDE4MTQwMDM1WjAzMTEwLwYDVQQD
Eyg2OGFjOGNmNDZmNDFlZmEwMWEzZGEzNjZmN2M4ZmU4MWE4MGViODc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+L8d84CVaTwhewIAEEcFWEsGnT4
Ud63vJDg2bksiB2X7erbed0X/MVj3LdpZd3/0z6Wmb+movAkro5RvgGiNuKj2owc
ONRTdij/Di3R+RKfDj1sT5Fytn2Gk3wJ6ZoWCmn9Zp66HuEk9Dh517jaj4fISB/4
OjBePSb2fTUy1uHU8yBbrH9iV2fEB4Jf2AffjqRrGU1PxoXfCPR7xIEqMxuinqPw
hPcGKsPsxRyxVM2xivjm+tqXb86kHyCnh8OTwaEe62h8HsB1eFnpfEjpDOm9HqKA
04diKYguetgOJN1es+L5YV2V6Orb8pNj2qasq+AZSskqfKJi8LWoMB8ujwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGisjPRvQe+gGj2jZvfI/oGoDrh3MB8GA1UdIwQY
MBaAFGWrSFr5I9G0bFoyH8ej+FbAT7b8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmF0SVd2a2owYlJzV2pJZng2UDRWc0JQdHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8xNjRkOGQtNDFhYy00NTIyLWJiMjUt
ODk4NjM0OTQyMjg1LzEvWmF0SVd2a2owYlJzV2pJZng2UDRWc0JQdHZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8xNjRkOGQtNDFhYy00NTIyLWJiMjUtODk4NjM0OTQyMjg1
LzEvWmF0SVd2a2owYlJzV2pJZng2UDRWc0JQdHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGErie8+2
TbcP/7ubC58nuctCzU22qkCUa23p7zY0aCc0lwgO+X48ZaslEVci7VOrCP+NzEcC
7cZzD4RlQhbD28PpT0Oh4S+2073bKcLEfE154NkjZEWd2QYfrpYfGufgwDJuNW/6
XRWvKN1NNqksyhEzr+L5bAdmsxhYixqQMrQJaQ4UJEuALbV4dscVDk0pskrrozPI
xhjQhGfrLI+UAU1gXXjFpqSGTvVaW2r0Pcln2ZEzlEdP0iMcfJgmw8zstq9RhQ28
07nF/I7IHALegGcBQGZ68z0xvOowq8s1L089iXsTAbTeG/AForyTnVVvYfd5A+RW
MUl3L9NMFaufMg==
-----END CERTIFICATE-----