Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft
File:                     MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft (raw, json)
Hash identifier:          VBLeB69PqM3i+IP3ve7RhGv+LGgT4g1SExFg3fppu8k=
Subject key identifier:   5A:8C:B4:EA:89:2F:EE:AD:0A:A5:F4:A6:92:35:A5:83:55:ED:29:68
Authority key identifier: 32:50:52:B7:A6:78:FA:A0:97:DC:BE:65:47:17:0C:91:52:B4:6C:F1
Certificate issuer:       /CN=325052b7a678faa097dcbe6547170c9152b46cf1
Certificate serial:       019D996306EBF00E5F96384CC909D19918E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft
Manifest number:          1850
Signing time:             Fri 17 Apr 2026 03:01:36 +0000
Manifest this update:     Fri 17 Apr 2026 03:01:36 +0000
Manifest next update:     Sat 18 Apr 2026 03:01:36 +0000
Files and hashes:         1: MlBSt6Z4-qCX3L5lRxcMkVK0bPE.crl (hash: vkS8fE6x/RxgKlJxDwwb+PuHtr0mvZ1dJV6Madv9CfY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 03:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:63:06:eb:f0:0e:5f:96:38:4c:c9:09:d1:99:18:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=325052b7a678faa097dcbe6547170c9152b46cf1
        Validity
            Not Before: Apr 17 03:01:36 2026 GMT
            Not After : Apr 18 03:01:36 2026 GMT
        Subject: CN=5a8cb4ea892feead0aa5f4a69235a58355ed2968
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:f8:23:0c:7f:b3:d2:62:b6:c3:7f:66:76:f7:
                    65:2b:01:13:19:4d:2c:ad:41:dc:13:e4:6d:44:ce:
                    1c:47:03:b0:f4:c2:6e:60:d2:87:83:a0:d9:55:48:
                    63:ba:2d:0b:1d:b3:7a:c4:cc:9f:9d:93:e7:eb:9f:
                    62:b5:e0:a3:14:42:e2:fe:f2:98:36:11:cc:a1:4a:
                    97:c4:64:fe:5f:4a:b5:40:2e:32:65:b2:70:92:f3:
                    be:35:a9:ec:34:e2:3f:87:dd:be:ec:7d:f5:ab:e5:
                    5d:e3:2b:21:a0:39:b4:4c:1a:eb:ec:d4:e9:21:7a:
                    85:7b:c8:1d:59:42:39:3c:a0:b7:26:d0:aa:24:a7:
                    52:28:f5:3d:28:0e:b1:94:46:94:86:fa:81:d2:a2:
                    24:a2:be:01:cb:b1:30:1a:ce:7c:68:1f:9a:36:bf:
                    0f:82:1e:bd:91:f5:35:2b:70:e7:c0:c9:34:27:17:
                    d9:65:8c:99:0d:b3:c2:eb:40:6b:01:5c:e9:15:5a:
                    6b:80:05:36:1c:4e:e3:31:29:70:69:14:59:66:1c:
                    46:f9:7b:e9:05:65:87:02:85:94:15:32:f4:88:ac:
                    9d:fa:4a:04:f0:9d:67:d3:b6:ee:a2:c8:85:bb:22:
                    6b:b5:d4:89:b3:fb:4e:fd:78:fc:43:32:4a:b4:7a:
                    c8:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:8C:B4:EA:89:2F:EE:AD:0A:A5:F4:A6:92:35:A5:83:55:ED:29:68
            X509v3 Authority Key Identifier:
                keyid:32:50:52:B7:A6:78:FA:A0:97:DC:BE:65:47:17:0C:91:52:B4:6C:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:f8:99:c2:b7:55:45:9b:9a:16:02:40:b1:d4:99:66:a4:39:
         36:a3:ce:27:09:bc:bf:8d:f2:a7:cb:81:4f:7d:c7:f5:b0:6d:
         f8:49:d0:40:40:3f:0a:2f:f8:93:fd:ac:d0:3a:88:7b:ff:d8:
         4e:c1:19:ce:90:27:f9:9e:5b:36:a1:89:32:86:a8:64:d0:12:
         e4:74:ad:18:19:af:1e:13:97:59:6c:9e:5f:69:67:4b:cd:95:
         3a:07:f5:e6:9c:50:99:2c:0b:8e:a7:5e:53:b3:c7:98:eb:fd:
         b3:c7:e9:77:56:06:5e:c9:97:48:b6:21:44:a1:10:f9:3d:27:
         98:da:e7:39:94:ed:c7:2b:fa:62:91:0b:c9:2e:d2:ab:f9:6b:
         5a:68:f8:f5:b4:43:d8:ec:30:9b:3e:ef:24:68:05:9b:a4:c0:
         a6:55:36:b4:d3:c0:65:17:4a:28:8d:fc:0b:21:34:22:d4:ee:
         98:e2:b0:13:27:26:a5:c0:d4:72:d0:74:1c:44:bf:85:bb:b5:
         c1:fe:fe:66:b4:95:9d:ea:b5:b5:58:1d:2a:2d:09:23:6a:80:
         bb:28:12:e9:79:f8:8d:62:3b:0f:5f:cc:93:b4:44:f6:22:44:
         f4:12:e2:fa:9b:e3:62:ea:c4:1c:1c:06:b6:8b:c7:26:d2:67:
         1b:a6:c6:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYwbr8A5fljhMyQnRmRjhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTA1MmI3YTY3OGZhYTA5N2RjYmU2NTQ3MTcwYzkxNTJi
NDZjZjEwHhcNMjYwNDE3MDMwMTM2WhcNMjYwNDE4MDMwMTM2WjAzMTEwLwYDVQQD
Eyg1YThjYjRlYTg5MmZlZWFkMGFhNWY0YTY5MjM1YTU4MzU1ZWQyOTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvgjDH+z0mK2w39mdvdlKwETGU0s
rUHcE+RtRM4cRwOw9MJuYNKHg6DZVUhjui0LHbN6xMyfnZPn659iteCjFELi/vKY
NhHMoUqXxGT+X0q1QC4yZbJwkvO+NansNOI/h92+7H31q+Vd4yshoDm0TBrr7NTp
IXqFe8gdWUI5PKC3JtCqJKdSKPU9KA6xlEaUhvqB0qIkor4By7EwGs58aB+aNr8P
gh69kfU1K3DnwMk0JxfZZYyZDbPC60BrAVzpFVprgAU2HE7jMSlwaRRZZhxG+Xvp
BWWHAoWUFTL0iKyd+koE8J1n07buosiFuyJrtdSJs/tO/Xj8QzJKtHrI3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFqMtOqJL+6tCqX0ppI1pYNV7SloMB8GA1UdIwQY
MBaAFDJQUremePqgl9y+ZUcXDJFStGzxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxCU3Q2WjQtcUNYM0w1bFJ4Y01rVkswYlBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yZmQwMjMtZTY0Ni00MDZhLTg0YTUt
YmI2OTQ1YTE2ZmU3LzEvTWxCU3Q2WjQtcUNYM0w1bFJ4Y01rVkswYlBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8yZmQwMjMtZTY0Ni00MDZhLTg0YTUtYmI2OTQ1YTE2ZmU3
LzEvTWxCU3Q2WjQtcUNYM0w1bFJ4Y01rVkswYlBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqfiZwrdV
RZuaFgJAsdSZZqQ5NqPOJwm8v43yp8uBT33H9bBt+EnQQEA/Ci/4k/2s0DqIe//Y
TsEZzpAn+Z5bNqGJMoaoZNAS5HStGBmvHhOXWWyeX2lnS82VOgf15pxQmSwLjqde
U7PHmOv9s8fpd1YGXsmXSLYhRKEQ+T0nmNrnOZTtxyv6YpELyS7Sq/lrWmj49bRD
2Owwmz7vJGgFm6TAplU2tNPAZRdKKI38CyE0ItTumOKwEycmpcDUctB0HES/hbu1
wf7+ZrSVneq1tVgdKi0JI2qAuygS6Xn4jWI7D1/Mk7RE9iJE9BLi+pvjYurEHBwG
tovHJtJnG6bGLw==
-----END CERTIFICATE-----