Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/6658c0-5653-4a9f-a8e8-140aada54b61/1/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.mft
File:                     j0n0pM2Ck0RRn0UqOw4eZv6NPiU.mft (raw, json)
Hash identifier:          6h2s7DdkWlrg+KzLzJ6c7TFytdfLAbwIuKOT+J0KA5c=
Subject key identifier:   A0:33:BF:74:65:8D:C7:41:A5:EF:CB:03:70:6D:98:07:91:9B:A3:9D
Authority key identifier: 8F:49:F4:A4:CD:82:93:44:51:9F:45:2A:3B:0E:1E:66:FE:8D:3E:25
Certificate issuer:       /CN=8f49f4a4cd829344519f452a3b0e1e66fe8d3e25
Certificate serial:       019D99D08067113A7519F1FC231DC2623B9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/6658c0-5653-4a9f-a8e8-140aada54b61/1/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 05:01:11 +0000
Manifest this update:     Fri 17 Apr 2026 05:01:11 +0000
Manifest next update:     Sat 18 Apr 2026 05:01:11 +0000
Files and hashes:         1: j0n0pM2Ck0RRn0UqOw4eZv6NPiU.crl (hash: 74HjJsk8+2PvpefuBUBztYIVTrGYqjTNfm34sOt+2Uk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/6658c0-5653-4a9f-a8e8-140aada54b61/1/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/6658c0-5653-4a9f-a8e8-140aada54b61/1/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 05:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:d0:80:67:11:3a:75:19:f1:fc:23:1d:c2:62:3b:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f49f4a4cd829344519f452a3b0e1e66fe8d3e25
        Validity
            Not Before: Apr 17 05:01:11 2026 GMT
            Not After : Apr 18 05:01:11 2026 GMT
        Subject: CN=a033bf74658dc741a5efcb03706d9807919ba39d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:0f:a0:cb:b6:bd:87:42:08:87:73:40:f6:b2:
                    ec:74:da:7c:1f:bc:da:e8:93:9a:26:f9:77:5c:b2:
                    0a:63:6f:1f:e0:44:bc:c4:5e:a2:35:fe:c7:69:3c:
                    c3:93:89:5e:35:88:39:ac:45:8a:a6:a4:3a:f8:e8:
                    18:e9:3a:2d:39:7a:86:99:a6:af:04:f6:fe:9c:28:
                    34:cf:4a:e3:a7:2f:20:f8:72:fc:62:64:05:0e:0f:
                    ff:f1:b7:61:a0:47:d5:04:31:af:17:11:0e:b2:8e:
                    1b:c8:89:a0:a9:a6:49:25:cf:84:f6:6a:0b:a1:b3:
                    53:1f:89:2f:e8:a2:ec:c2:3d:a0:cc:08:c3:79:c3:
                    e6:cd:69:33:1e:bb:6b:fe:61:8d:30:a7:39:04:89:
                    28:59:f9:8b:e9:9f:9f:07:86:c5:f0:c6:06:b5:e4:
                    e4:6f:ae:36:f7:0e:0e:29:38:22:f7:fa:78:20:f1:
                    64:17:c7:46:c5:21:f3:36:c0:4e:4c:07:51:74:1b:
                    ed:e7:4c:3f:d8:3c:f7:12:97:75:93:f4:11:1d:5f:
                    ce:02:52:0e:f2:59:30:3c:be:09:c2:6c:b2:05:c1:
                    e4:33:f2:02:6c:7f:c5:4f:92:9d:1e:6c:d3:3a:0f:
                    64:2f:bd:8d:a3:03:9b:d6:4e:9d:0a:fb:84:8b:e2:
                    9d:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:33:BF:74:65:8D:C7:41:A5:EF:CB:03:70:6D:98:07:91:9B:A3:9D
            X509v3 Authority Key Identifier:
                keyid:8F:49:F4:A4:CD:82:93:44:51:9F:45:2A:3B:0E:1E:66:FE:8D:3E:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/6658c0-5653-4a9f-a8e8-140aada54b61/1/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/6658c0-5653-4a9f-a8e8-140aada54b61/1/j0n0pM2Ck0RRn0UqOw4eZv6NPiU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:95:30:4e:7a:7e:97:72:56:92:c7:91:3c:04:c5:ad:b7:b6:
         f7:73:86:68:60:9c:73:33:e5:6c:ce:41:54:78:d8:45:2a:d4:
         db:61:d3:9c:86:4b:7c:7c:a3:39:25:d1:48:46:b2:23:f7:54:
         10:2e:13:5e:9b:10:05:d0:5e:9c:c5:3c:26:0c:15:23:fd:7e:
         25:d6:b5:95:b0:4d:eb:4d:27:66:ed:7b:a1:03:44:cf:f0:54:
         e5:bd:ca:8f:7a:28:92:52:df:c2:be:68:49:a7:86:d2:fd:17:
         22:4f:e0:72:4d:24:a8:9d:51:03:c2:8f:28:4f:76:1b:22:4f:
         0b:d1:16:a4:d4:cd:4f:7a:c9:2c:43:c6:03:13:ce:76:4f:eb:
         1c:4e:79:03:9c:1e:d0:b3:0c:b2:ca:3d:6e:ab:38:f2:af:08:
         b8:fe:bf:c3:e1:39:c4:0e:14:e1:5f:8c:78:b6:f4:af:71:be:
         6c:59:a0:88:57:89:ca:1a:4c:64:ff:0f:6c:04:df:5c:63:1c:
         13:da:cb:fe:81:75:60:d4:b4:02:ac:93:7b:da:f1:77:13:8c:
         44:e5:5d:6f:b4:bf:e6:3e:74:59:0b:57:95:0a:c4:4c:a9:8c:
         fd:fb:8b:2b:50:54:1f:94:cf:91:91:85:fd:04:12:e7:d0:1b:
         f3:1f:3a:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Z0IBnETp1GfH8Ix3CYjueMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmNDlmNGE0Y2Q4MjkzNDQ1MTlmNDUyYTNiMGUxZTY2ZmU4
ZDNlMjUwHhcNMjYwNDE3MDUwMTExWhcNMjYwNDE4MDUwMTExWjAzMTEwLwYDVQQD
EyhhMDMzYmY3NDY1OGRjNzQxYTVlZmNiMDM3MDZkOTgwNzkxOWJhMzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Q+gy7a9h0IIh3NA9rLsdNp8H7za
6JOaJvl3XLIKY28f4ES8xF6iNf7HaTzDk4leNYg5rEWKpqQ6+OgY6TotOXqGmaav
BPb+nCg0z0rjpy8g+HL8YmQFDg//8bdhoEfVBDGvFxEOso4byImgqaZJJc+E9moL
obNTH4kv6KLswj2gzAjDecPmzWkzHrtr/mGNMKc5BIkoWfmL6Z+fB4bF8MYGteTk
b6429w4OKTgi9/p4IPFkF8dGxSHzNsBOTAdRdBvt50w/2Dz3Epd1k/QRHV/OAlIO
8lkwPL4JwmyyBcHkM/ICbH/FT5KdHmzTOg9kL72NowOb1k6dCvuEi+Kd8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKAzv3RljcdBpe/LA3BtmAeRm6OdMB8GA1UdIwQY
MBaAFI9J9KTNgpNEUZ9FKjsOHmb+jT4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajBuMHBNMkNrMFJSbjBVcU93NGVadjZOUGlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi82NjU4YzAtNTY1My00YTlmLWE4ZTgt
MTQwYWFkYTU0YjYxLzEvajBuMHBNMkNrMFJSbjBVcU93NGVadjZOUGlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi82NjU4YzAtNTY1My00YTlmLWE4ZTgtMTQwYWFkYTU0YjYx
LzEvajBuMHBNMkNrMFJSbjBVcU93NGVadjZOUGlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZZUwTnp+
l3JWkseRPATFrbe293OGaGCcczPlbM5BVHjYRSrU22HTnIZLfHyjOSXRSEayI/dU
EC4TXpsQBdBenMU8JgwVI/1+Jda1lbBN600nZu17oQNEz/BU5b3Kj3ooklLfwr5o
SaeG0v0XIk/gck0kqJ1RA8KPKE92GyJPC9EWpNTNT3rJLEPGAxPOdk/rHE55A5we
0LMMsso9bqs48q8IuP6/w+E5xA4U4V+MeLb0r3G+bFmgiFeJyhpMZP8PbATfXGMc
E9rL/oF1YNS0AqyTe9rxdxOMROVdb7S/5j50WQtXlQrETKmM/fuLK1BUH5TPkZGF
/QQS59Ab8x86Fg==
-----END CERTIFICATE-----