Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft
File:                     xwy87PJahmXDWnjIIdEes6ZCNiE.mft (raw, json)
Hash identifier:          xtz+QApM9t3idyeSkvHkPzFAgokogIIsxChSOgXkSSU=
Subject key identifier:   93:DF:38:A2:9D:01:D4:5F:42:20:1D:0F:69:E6:53:09:79:2C:0F:5D
Authority key identifier: C7:0C:BC:EC:F2:5A:86:65:C3:5A:78:C8:21:D1:1E:B3:A6:42:36:21
Certificate issuer:       /CN=c70cbcecf25a8665c35a78c821d11eb3a6423621
Certificate serial:       019DA3E5E7C43C873C41415DFF93F290E9F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xwy87PJahmXDWnjIIdEes6ZCNiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft
Manifest number:          18C4
Signing time:             Sun 19 Apr 2026 04:00:46 +0000
Manifest this update:     Sun 19 Apr 2026 04:00:46 +0000
Manifest next update:     Mon 20 Apr 2026 04:00:46 +0000
Files and hashes:         1: xwy87PJahmXDWnjIIdEes6ZCNiE.crl (hash: yn8u5ElAQ0SBLaXgJ7BtmuCRZKhwFaK4ets4b1Y2p5s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xwy87PJahmXDWnjIIdEes6ZCNiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:e5:e7:c4:3c:87:3c:41:41:5d:ff:93:f2:90:e9:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c70cbcecf25a8665c35a78c821d11eb3a6423621
        Validity
            Not Before: Apr 19 04:00:46 2026 GMT
            Not After : Apr 20 04:00:46 2026 GMT
        Subject: CN=93df38a29d01d45f42201d0f69e65309792c0f5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:23:b0:0d:2b:0a:9a:a8:c7:bc:74:cb:5e:e2:
                    c4:e7:74:79:24:93:73:20:89:3a:74:55:0a:dd:b9:
                    17:6b:19:7f:6f:d4:9d:3c:f1:a4:d1:1e:e0:e8:5f:
                    f4:89:9d:9e:b7:78:9a:79:3d:b3:32:38:ee:1f:c7:
                    33:0f:b9:2e:8e:ed:9b:58:15:ce:12:5a:d4:8d:8f:
                    f5:c9:cd:cc:1b:ba:38:67:d4:2f:ca:24:bc:ac:2d:
                    38:e7:df:e2:90:9b:5d:9b:7e:0d:42:59:0f:69:63:
                    55:34:01:a7:39:58:2a:f6:48:f2:c7:29:39:44:13:
                    45:f3:cd:82:81:76:de:6c:92:4e:ee:79:43:39:24:
                    89:90:0a:19:7c:09:bd:37:9e:94:24:af:4f:b8:96:
                    37:d7:b0:52:28:26:91:32:39:84:cf:59:ca:f7:78:
                    4e:d5:41:ff:7c:8f:4c:60:60:c8:0d:ed:53:f2:fe:
                    91:6d:df:7b:af:16:fc:47:b2:f0:b5:02:53:d5:da:
                    94:4a:48:aa:7d:fe:e3:13:e8:92:1e:ba:ec:96:74:
                    15:95:19:17:87:25:eb:ee:40:ee:8b:5d:54:b4:d1:
                    ac:fd:7d:28:73:ac:8e:80:89:47:57:32:70:93:4a:
                    f8:c2:97:b3:cf:1a:08:e8:d6:68:9f:7b:5d:00:a2:
                    e1:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:DF:38:A2:9D:01:D4:5F:42:20:1D:0F:69:E6:53:09:79:2C:0F:5D
            X509v3 Authority Key Identifier:
                keyid:C7:0C:BC:EC:F2:5A:86:65:C3:5A:78:C8:21:D1:1E:B3:A6:42:36:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xwy87PJahmXDWnjIIdEes6ZCNiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:bc:b5:55:3e:f3:35:8b:c5:55:ef:46:19:8d:98:0c:cc:b0:
         e3:c3:04:a3:f3:52:01:f1:03:56:5f:87:ec:23:bb:85:f2:5c:
         64:f3:98:7a:08:d9:2c:aa:79:4c:23:cb:e8:d7:2e:ec:65:de:
         d3:76:c7:cc:d2:b7:cc:91:b5:7d:bd:5d:e3:75:19:0e:cf:b0:
         64:73:60:39:e5:04:67:d9:ff:16:af:5b:29:7c:9e:74:09:94:
         78:91:25:6b:c0:06:3f:19:2d:77:f7:24:d3:2f:20:c8:1c:60:
         18:19:f6:00:ca:67:90:7f:80:65:8f:89:7a:8f:59:e9:c6:09:
         c0:22:51:13:01:b2:3f:8a:f4:33:23:67:97:ee:ba:54:53:e8:
         45:8c:45:d4:d9:da:7e:64:e8:dd:2b:7e:40:9b:0c:5e:46:9f:
         c8:26:73:c4:45:01:42:58:32:95:15:c0:60:8c:55:29:7d:63:
         17:0b:3c:d2:c0:10:6f:b5:c9:b9:4b:5f:ae:05:87:5c:55:25:
         5e:86:9e:66:8a:f4:b8:69:3b:1c:ab:f2:cb:3d:24:b3:00:55:
         ff:f7:ff:bc:17:b4:40:48:95:58:0a:62:c6:e7:1a:14:7e:3b:
         40:4a:5b:58:9d:00:7e:d5:a3:ee:ec:98:13:2f:5a:9a:a7:33:
         89:f4:da:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2j5efEPIc8QUFd/5PykOnxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MGNiY2VjZjI1YTg2NjVjMzVhNzhjODIxZDExZWIzYTY0
MjM2MjEwHhcNMjYwNDE5MDQwMDQ2WhcNMjYwNDIwMDQwMDQ2WjAzMTEwLwYDVQQD
Eyg5M2RmMzhhMjlkMDFkNDVmNDIyMDFkMGY2OWU2NTMwOTc5MmMwZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSOwDSsKmqjHvHTLXuLE53R5JJNz
IIk6dFUK3bkXaxl/b9SdPPGk0R7g6F/0iZ2et3iaeT2zMjjuH8czD7kuju2bWBXO
ElrUjY/1yc3MG7o4Z9QvyiS8rC0459/ikJtdm34NQlkPaWNVNAGnOVgq9kjyxyk5
RBNF882CgXbebJJO7nlDOSSJkAoZfAm9N56UJK9PuJY317BSKCaRMjmEz1nK93hO
1UH/fI9MYGDIDe1T8v6Rbd97rxb8R7LwtQJT1dqUSkiqff7jE+iSHrrslnQVlRkX
hyXr7kDui11UtNGs/X0oc6yOgIlHVzJwk0r4wpezzxoI6NZon3tdAKLhwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJPfOKKdAdRfQiAdD2nmUwl5LA9dMB8GA1UdIwQY
MBaAFMcMvOzyWoZlw1p4yCHRHrOmQjYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHd5ODdQSmFobVhEV25qSUlkRWVzNlpDTmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy82OGU2NTMtMThjNS00NDllLTk1ZDgt
ZTY5N2JiNTc2NGMzLzEveHd5ODdQSmFobVhEV25qSUlkRWVzNlpDTmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy82OGU2NTMtMThjNS00NDllLTk1ZDgtZTY5N2JiNTc2NGMz
LzEveHd5ODdQSmFobVhEV25qSUlkRWVzNlpDTmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr7y1VT7z
NYvFVe9GGY2YDMyw48MEo/NSAfEDVl+H7CO7hfJcZPOYegjZLKp5TCPL6Ncu7GXe
03bHzNK3zJG1fb1d43UZDs+wZHNgOeUEZ9n/Fq9bKXyedAmUeJEla8AGPxktd/ck
0y8gyBxgGBn2AMpnkH+AZY+Jeo9Z6cYJwCJREwGyP4r0MyNnl+66VFPoRYxF1Nna
fmTo3St+QJsMXkafyCZzxEUBQlgylRXAYIxVKX1jFws80sAQb7XJuUtfrgWHXFUl
XoaeZor0uGk7HKvyyz0kswBV//f/vBe0QEiVWApixucaFH47QEpbWJ0AftWj7uyY
Ey9amqczifTa4A==
-----END CERTIFICATE-----