Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.mft
File:                     AhaSppUBf7XEv4wjgHjzA9j78Ic.mft (raw, json)
Hash identifier:          hStKHsQ3NHJm/psvyl3YvSKCyAFlMWb+0Txdq11PJBk=
Subject key identifier:   FA:D4:FE:1B:D9:6D:A6:CC:B1:5B:47:AC:63:1D:24:21:1E:6F:60:F6
Authority key identifier: 02:16:92:A6:95:01:7F:B5:C4:BF:8C:23:80:78:F3:03:D8:FB:F0:87
Certificate issuer:       /CN=021692a695017fb5c4bf8c238078f303d8fbf087
Certificate serial:       019D98F45137961CD676A463EBFC62D9DDFA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AhaSppUBf7XEv4wjgHjzA9j78Ic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.mft
Manifest number:          18BD
Signing time:             Fri 17 Apr 2026 01:00:41 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:41 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:41 +0000
Files and hashes:         1: AhaSppUBf7XEv4wjgHjzA9j78Ic.crl (hash: GQYqMieyfl3WmBjw0hGUsrXIXgqY0rw8vI6MqBXjRmM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AhaSppUBf7XEv4wjgHjzA9j78Ic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:51:37:96:1c:d6:76:a4:63:eb:fc:62:d9:dd:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=021692a695017fb5c4bf8c238078f303d8fbf087
        Validity
            Not Before: Apr 17 01:00:41 2026 GMT
            Not After : Apr 18 01:00:41 2026 GMT
        Subject: CN=fad4fe1bd96da6ccb15b47ac631d24211e6f60f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:bc:ba:5b:06:92:ff:10:1b:10:d6:bd:4d:8a:
                    15:4a:25:2d:03:6d:39:ef:20:19:67:ef:b5:d2:bb:
                    04:2f:e7:7a:ad:ff:a3:2b:d3:a4:11:f4:8c:d4:80:
                    c7:a3:80:a0:df:06:07:3a:e0:6e:3c:8e:b9:52:2c:
                    54:1e:1c:60:69:4d:c2:67:bd:74:c2:bf:3b:1d:e4:
                    eb:38:49:dd:60:96:95:38:1a:e2:92:0e:55:19:77:
                    bb:23:79:ff:01:4e:73:71:87:49:fb:fe:9b:69:a5:
                    e6:2e:97:55:21:33:39:11:b0:41:14:9a:fa:18:54:
                    17:d9:ce:4e:20:90:98:48:b0:92:9a:19:4f:c4:aa:
                    11:d1:ee:95:20:7b:0a:1d:87:cd:cb:dd:2e:4f:60:
                    23:29:68:a2:59:c0:da:1f:14:bb:f3:8a:34:fc:a2:
                    8a:e6:88:8e:68:2d:a9:19:f9:c0:bb:78:2b:93:e4:
                    a9:cc:16:78:f3:36:23:b4:83:4d:af:25:c4:61:12:
                    d5:25:42:87:ca:9f:d4:11:95:c1:d7:d9:db:5a:0a:
                    8f:18:8e:58:6c:e4:4c:b2:16:ae:bb:c8:70:0d:97:
                    1a:bf:11:8e:fb:f8:46:7c:18:b5:f5:1b:9e:8a:9c:
                    f1:a2:10:1b:60:69:6e:af:1d:be:49:42:e8:63:56:
                    1c:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:D4:FE:1B:D9:6D:A6:CC:B1:5B:47:AC:63:1D:24:21:1E:6F:60:F6
            X509v3 Authority Key Identifier:
                keyid:02:16:92:A6:95:01:7F:B5:C4:BF:8C:23:80:78:F3:03:D8:FB:F0:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AhaSppUBf7XEv4wjgHjzA9j78Ic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:2d:89:6f:c0:07:5a:63:71:06:21:f3:80:04:97:8d:69:fb:
         63:dc:f3:be:fc:3c:bf:92:d8:40:f0:c2:3f:e0:cb:ac:3e:b7:
         87:38:33:28:bf:c7:be:d2:57:e0:33:fe:a8:38:84:af:3a:51:
         46:8c:00:e3:ce:ba:d8:d7:cd:f0:0e:9a:c5:94:81:28:3b:41:
         ba:48:f2:2c:ff:92:16:0c:74:92:f2:eb:47:86:95:d2:ce:c4:
         57:30:3f:e8:5c:19:c5:79:19:45:d1:05:e7:f3:18:c2:bd:67:
         cf:26:fe:c3:8b:55:2f:e2:76:e6:df:28:f9:51:38:a4:0d:f1:
         5e:85:55:de:c2:e7:0e:1b:df:32:30:0f:84:50:45:3c:bb:3f:
         56:19:06:45:cf:2b:1e:e3:de:43:68:7f:c2:f1:5f:28:e5:c1:
         43:96:d7:6d:a4:62:eb:b3:fe:52:24:85:5f:23:e8:0b:40:bb:
         ab:44:19:20:85:10:54:ef:ce:82:42:ec:90:ca:42:af:7f:43:
         4f:8b:3b:2e:14:18:a3:d9:58:bf:a6:57:3c:af:2f:c0:b2:01:
         01:78:29:af:6f:0b:82:10:9b:66:90:6f:a3:23:d3:83:74:79:
         73:74:03:37:ea:99:5b:2a:38:02:74:6a:57:b5:f7:fd:ae:42:
         74:55:23:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9FE3lhzWdqRj6/xi2d36MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMTY5MmE2OTUwMTdmYjVjNGJmOGMyMzgwNzhmMzAzZDhm
YmYwODcwHhcNMjYwNDE3MDEwMDQxWhcNMjYwNDE4MDEwMDQxWjAzMTEwLwYDVQQD
EyhmYWQ0ZmUxYmQ5NmRhNmNjYjE1YjQ3YWM2MzFkMjQyMTFlNmY2MGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7y6WwaS/xAbENa9TYoVSiUtA205
7yAZZ++10rsEL+d6rf+jK9OkEfSM1IDHo4Cg3wYHOuBuPI65UixUHhxgaU3CZ710
wr87HeTrOEndYJaVOBrikg5VGXe7I3n/AU5zcYdJ+/6baaXmLpdVITM5EbBBFJr6
GFQX2c5OIJCYSLCSmhlPxKoR0e6VIHsKHYfNy90uT2AjKWiiWcDaHxS784o0/KKK
5oiOaC2pGfnAu3grk+SpzBZ48zYjtINNryXEYRLVJUKHyp/UEZXB19nbWgqPGI5Y
bORMshauu8hwDZcavxGO+/hGfBi19RueipzxohAbYGlurx2+SULoY1YceQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPrU/hvZbabMsVtHrGMdJCEeb2D2MB8GA1UdIwQY
MBaAFAIWkqaVAX+1xL+MI4B48wPY+/CHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWhhU3BwVUJmN1hFdjR3amdIanpBOWo3OEljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8xM2JlZDUtOGQzNC00ZDNkLThlMDUt
NDhkMjVjMGE0OTVmLzEvQWhhU3BwVUJmN1hFdjR3amdIanpBOWo3OEljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8xM2JlZDUtOGQzNC00ZDNkLThlMDUtNDhkMjVjMGE0OTVm
LzEvQWhhU3BwVUJmN1hFdjR3amdIanpBOWo3OEljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIS2Jb8AH
WmNxBiHzgASXjWn7Y9zzvvw8v5LYQPDCP+DLrD63hzgzKL/HvtJX4DP+qDiErzpR
RowA48662NfN8A6axZSBKDtBukjyLP+SFgx0kvLrR4aV0s7EVzA/6FwZxXkZRdEF
5/MYwr1nzyb+w4tVL+J25t8o+VE4pA3xXoVV3sLnDhvfMjAPhFBFPLs/VhkGRc8r
HuPeQ2h/wvFfKOXBQ5bXbaRi67P+UiSFXyPoC0C7q0QZIIUQVO/OgkLskMpCr39D
T4s7LhQYo9lYv6ZXPK8vwLIBAXgpr28LghCbZpBvoyPTg3R5c3QDN+qZWyo4AnRq
V7X3/a5CdFUjwQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:08:39 2026 by rpki-client