Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft
File:                     l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft (raw, json)
Hash identifier:          DtzVHDQ5cnJX2iDkQPgzZx5i5XMoI0cbNSD+8iP/DcM=
Subject key identifier:   AD:08:4F:62:54:9D:D4:5F:BB:C0:53:28:52:22:2A:3E:85:56:DC:CE
Authority key identifier: 97:57:7F:84:18:8E:28:3F:DB:5D:7A:6F:CC:CC:48:56:C1:99:49:B8
Certificate issuer:       /CN=97577f84188e283fdb5d7a6fcccc4856c19949b8
Certificate serial:       019D9961DD9E7C54354027863F0CB7B67D72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft
Manifest number:          18BC
Signing time:             Fri 17 Apr 2026 03:00:20 +0000
Manifest this update:     Fri 17 Apr 2026 03:00:20 +0000
Manifest next update:     Sat 18 Apr 2026 03:00:20 +0000
Files and hashes:         1: l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl (hash: dpFjFFttZqrNFSL/7WJaf1TfG6lrSKMgxA9jfh+QwcY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:61:dd:9e:7c:54:35:40:27:86:3f:0c:b7:b6:7d:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97577f84188e283fdb5d7a6fcccc4856c19949b8
        Validity
            Not Before: Apr 17 03:00:20 2026 GMT
            Not After : Apr 18 03:00:20 2026 GMT
        Subject: CN=ad084f62549dd45fbbc0532852222a3e8556dcce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:c2:2a:5a:16:70:17:13:f0:0d:50:ca:83:d3:
                    fb:56:86:f7:4b:bf:3d:cd:33:57:f3:5b:b0:9f:4b:
                    d8:36:bc:3f:25:51:11:9f:dc:20:09:72:9e:04:02:
                    1b:96:c9:d0:bf:1c:b2:9d:46:90:c3:78:e7:88:d9:
                    a5:b7:52:5c:5e:af:16:f2:39:75:67:89:82:ea:36:
                    11:3b:a3:75:38:7d:43:85:ae:e2:3a:ce:e8:7b:c9:
                    25:59:a2:ec:7f:de:0f:a9:08:64:4e:c8:74:3f:cc:
                    6b:8f:a3:90:80:7b:ac:16:9f:35:9c:09:ec:51:cf:
                    08:12:f7:7f:68:ef:cb:ee:ee:5f:a3:87:e4:0d:3c:
                    8c:28:7a:bc:06:af:6e:15:23:f0:0a:38:43:f8:90:
                    16:fe:6f:0e:ba:d4:6b:08:dc:e3:d0:31:c7:4a:c3:
                    fb:81:d7:44:97:d0:6d:a7:f3:43:67:ce:6d:a0:95:
                    4f:a2:75:49:51:84:09:30:01:89:cb:3d:c4:a5:fb:
                    b8:7e:97:c1:dd:19:de:84:99:ba:e7:5d:20:d2:90:
                    49:f0:4f:93:cf:35:5a:fe:ad:d7:a0:6d:06:d6:91:
                    3d:2b:71:e9:e7:bc:2d:67:c3:d8:aa:e3:cf:08:97:
                    2c:4a:01:12:61:c6:14:ce:2e:38:ef:ca:d0:c0:ca:
                    fb:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:08:4F:62:54:9D:D4:5F:BB:C0:53:28:52:22:2A:3E:85:56:DC:CE
            X509v3 Authority Key Identifier:
                keyid:97:57:7F:84:18:8E:28:3F:DB:5D:7A:6F:CC:CC:48:56:C1:99:49:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:b4:aa:58:a7:8f:70:eb:33:54:65:70:b1:05:79:66:1e:5e:
         3a:3e:fc:fd:a9:e0:e1:ee:94:15:da:65:5f:ee:8c:1a:35:bb:
         a0:f8:54:b7:0e:fc:06:38:9f:77:69:9a:b1:1c:5b:cf:d5:51:
         e9:72:09:6b:4a:02:06:32:6d:b5:5b:79:cd:68:12:28:a5:3e:
         17:ab:dd:bd:89:57:f4:de:5e:80:94:47:a4:7e:12:41:e0:51:
         01:75:c0:0b:90:a8:ea:83:82:f2:d4:2e:55:ed:6a:50:c8:2b:
         f1:ba:be:1a:39:62:9c:de:0b:a1:c1:0b:44:e6:d5:66:6f:14:
         d4:76:c5:45:97:ff:1b:b6:a0:af:6e:7e:61:cb:f0:19:5c:79:
         12:23:0c:32:e4:38:e8:5c:86:2d:71:a9:a5:ff:3d:21:67:87:
         d3:50:06:2b:8b:64:d1:ec:1c:43:66:9b:03:9b:c8:0f:41:56:
         63:11:1c:0b:6b:d4:07:5e:8a:70:15:b0:af:25:c8:f3:5a:b4:
         0a:91:bd:47:d6:dc:6b:c5:bd:c0:97:38:92:57:dc:2d:86:28:
         84:9c:d0:04:07:92:a1:55:4a:68:7e:84:f7:12:94:96:f8:13:
         b7:ef:35:38:d1:51:3b:b1:01:cd:90:0a:64:51:0e:07:03:1d:
         1b:a5:66:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYd2efFQ1QCeGPwy3tn1yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NTc3Zjg0MTg4ZTI4M2ZkYjVkN2E2ZmNjY2M0ODU2YzE5
OTQ5YjgwHhcNMjYwNDE3MDMwMDIwWhcNMjYwNDE4MDMwMDIwWjAzMTEwLwYDVQQD
EyhhZDA4NGY2MjU0OWRkNDVmYmJjMDUzMjg1MjIyMmEzZTg1NTZkY2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsIqWhZwFxPwDVDKg9P7Vob3S789
zTNX81uwn0vYNrw/JVERn9wgCXKeBAIblsnQvxyynUaQw3jniNmlt1JcXq8W8jl1
Z4mC6jYRO6N1OH1Dha7iOs7oe8klWaLsf94PqQhkTsh0P8xrj6OQgHusFp81nAns
Uc8IEvd/aO/L7u5fo4fkDTyMKHq8Bq9uFSPwCjhD+JAW/m8OutRrCNzj0DHHSsP7
gddEl9Btp/NDZ85toJVPonVJUYQJMAGJyz3Epfu4fpfB3RnehJm6510g0pBJ8E+T
zzVa/q3XoG0G1pE9K3Hp57wtZ8PYquPPCJcsSgESYcYUzi4478rQwMr7EwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK0IT2JUndRfu8BTKFIiKj6FVtzOMB8GA1UdIwQY
MBaAFJdXf4QYjig/2116b8zMSFbBmUm4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9iMzg0YmEtNDBlYy00MmE0LTgzMzAt
YTFhNjRiNDlmYTUwLzEvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9iMzg0YmEtNDBlYy00MmE0LTgzMzAtYTFhNjRiNDlmYTUw
LzEvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY7SqWKeP
cOszVGVwsQV5Zh5eOj78/ang4e6UFdplX+6MGjW7oPhUtw78Bjifd2masRxbz9VR
6XIJa0oCBjJttVt5zWgSKKU+F6vdvYlX9N5egJRHpH4SQeBRAXXAC5Co6oOC8tQu
Ve1qUMgr8bq+GjlinN4LocELRObVZm8U1HbFRZf/G7agr25+YcvwGVx5EiMMMuQ4
6FyGLXGppf89IWeH01AGK4tk0ewcQ2abA5vID0FWYxEcC2vUB16KcBWwryXI81q0
CpG9R9bca8W9wJc4klfcLYYohJzQBAeSoVVKaH6E9xKUlvgTt+81ONFRO7EBzZAK
ZFEOBwMdG6VmKw==
-----END CERTIFICATE-----