Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
File:                     mdXL9__sUlSnHvex7fem12x1liU.mft (raw, json)
Hash identifier:          3y2D4d/1fZ9q6ktHe3dLVzyIpSfoDoUP3GDWaFRxB7A=
Subject key identifier:   40:2D:28:AB:31:AD:22:87:7A:88:44:87:FF:E6:70:AD:0B:9D:78:6A
Authority key identifier: 99:D5:CB:F7:FF:EC:52:54:A7:1E:F7:B1:ED:F7:A6:D7:6C:75:96:25
Certificate issuer:       /CN=99d5cbf7ffec5254a71ef7b1edf7a6d76c759625
Certificate serial:       019D98F526B9E65D948C469F9268570BFF76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 01:01:35 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:35 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:35 +0000
Files and hashes:         1: mdXL9__sUlSnHvex7fem12x1liU.crl (hash: Ts9a7tDYLZhZcfDpaxF4Drdrx60cFeZ5+yupIh214Cs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f5:26:b9:e6:5d:94:8c:46:9f:92:68:57:0b:ff:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99d5cbf7ffec5254a71ef7b1edf7a6d76c759625
        Validity
            Not Before: Apr 17 01:01:35 2026 GMT
            Not After : Apr 18 01:01:35 2026 GMT
        Subject: CN=402d28ab31ad22877a884487ffe670ad0b9d786a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:0b:14:0d:ab:91:a3:23:29:8d:46:65:66:f3:
                    88:5e:37:7c:e7:16:41:f4:2d:60:96:1a:df:72:70:
                    ff:77:a3:5d:a8:a6:36:23:fe:c0:c7:ce:8f:19:50:
                    e9:6f:55:9a:0f:93:e0:13:03:61:f9:67:b2:38:f6:
                    29:f4:45:f1:80:0e:61:dd:ca:55:57:4f:6f:95:8c:
                    75:dc:5d:9c:e7:58:28:a4:61:4b:6f:22:1e:e6:71:
                    1e:5c:85:16:16:e2:41:5f:89:3f:e0:ff:e5:6c:81:
                    3c:7c:81:4a:da:b4:b1:59:07:93:1b:ef:e9:cd:2a:
                    44:2e:72:01:48:01:47:30:0a:73:f0:9a:03:00:d4:
                    cc:b1:b9:6d:24:38:7f:dd:36:ed:90:ab:d2:5e:c3:
                    af:51:57:f6:31:4e:f7:44:15:b5:ca:2c:0a:58:92:
                    4f:6c:7c:7d:ce:89:f1:cd:4e:df:a7:3c:58:38:55:
                    8c:06:7a:14:09:a3:98:b1:c4:94:c9:89:1b:d1:a6:
                    ba:e2:28:fc:0d:bb:af:93:6b:69:46:ec:3e:fc:bf:
                    c1:a3:4a:7f:64:59:5b:87:63:d2:f2:78:70:62:30:
                    3a:6f:6d:9a:74:4c:03:e0:82:01:01:16:9c:c2:ca:
                    8b:dd:e5:7e:a3:a3:c5:20:62:42:3d:ff:da:bc:0c:
                    83:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:2D:28:AB:31:AD:22:87:7A:88:44:87:FF:E6:70:AD:0B:9D:78:6A
            X509v3 Authority Key Identifier:
                keyid:99:D5:CB:F7:FF:EC:52:54:A7:1E:F7:B1:ED:F7:A6:D7:6C:75:96:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdXL9__sUlSnHvex7fem12x1liU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/5236e9-ff5a-4019-94d4-aeae6e3593a7/1/mdXL9__sUlSnHvex7fem12x1liU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:7d:a7:50:f3:54:c2:f8:20:89:c1:68:16:f3:3d:71:cb:1a:
         03:7b:ee:34:04:9a:76:b3:23:10:ad:7c:91:c0:b4:2e:c3:e8:
         f6:8c:cc:d6:9a:58:58:d3:50:b8:51:70:6f:16:58:c0:f8:00:
         78:e5:8e:d1:a1:1e:aa:fe:50:55:bd:10:7c:0c:da:99:25:f3:
         3d:81:88:93:00:ff:ca:e2:af:b5:55:61:60:bb:79:5f:8a:a3:
         8f:04:d2:e3:19:d3:62:b8:01:c0:e0:11:99:52:0f:ae:22:64:
         3a:69:62:98:34:65:4b:45:83:86:52:11:1f:8d:9a:8b:5c:b5:
         33:e8:86:61:af:e8:4f:05:7a:3f:91:53:2d:d1:a0:2b:f9:67:
         2b:71:91:93:fc:fa:49:36:09:7c:3d:33:7c:2b:ee:70:e2:ed:
         5b:16:0f:47:21:dd:70:9c:d8:ce:78:4a:e3:2d:2d:89:43:bd:
         4f:32:6d:f3:77:36:30:35:52:57:71:9f:a1:45:73:f2:a8:33:
         c3:c9:c2:04:79:96:62:6f:24:41:b1:8d:7b:e3:35:41:df:f1:
         68:dc:38:86:00:4c:9b:97:9d:fd:55:f2:52:80:1d:81:f7:b6:
         33:e8:d6:b1:09:7b:d2:cd:1f:05:0f:e7:24:d8:78:74:47:40:
         eb:61:98:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9Sa55l2UjEafkmhXC/92MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDVjYmY3ZmZlYzUyNTRhNzFlZjdiMWVkZjdhNmQ3NmM3
NTk2MjUwHhcNMjYwNDE3MDEwMTM1WhcNMjYwNDE4MDEwMTM1WjAzMTEwLwYDVQQD
Eyg0MDJkMjhhYjMxYWQyMjg3N2E4ODQ0ODdmZmU2NzBhZDBiOWQ3ODZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQsUDauRoyMpjUZlZvOIXjd85xZB
9C1glhrfcnD/d6NdqKY2I/7Ax86PGVDpb1WaD5PgEwNh+WeyOPYp9EXxgA5h3cpV
V09vlYx13F2c51gopGFLbyIe5nEeXIUWFuJBX4k/4P/lbIE8fIFK2rSxWQeTG+/p
zSpELnIBSAFHMApz8JoDANTMsbltJDh/3TbtkKvSXsOvUVf2MU73RBW1yiwKWJJP
bHx9zonxzU7fpzxYOFWMBnoUCaOYscSUyYkb0aa64ij8Dbuvk2tpRuw+/L/Bo0p/
ZFlbh2PS8nhwYjA6b22adEwD4IIBARacwsqL3eV+o6PFIGJCPf/avAyDPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEAtKKsxrSKHeohEh//mcK0LnXhqMB8GA1UdIwQY
MBaAFJnVy/f/7FJUpx73se33ptdsdZYlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi81MjM2ZTktZmY1YS00MDE5LTk0ZDQt
YWVhZTZlMzU5M2E3LzEvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi81MjM2ZTktZmY1YS00MDE5LTk0ZDQtYWVhZTZlMzU5M2E3
LzEvbWRYTDlfX3NVbFNuSHZleDdmZW0xMngxbGlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtX2nUPNU
wvggicFoFvM9ccsaA3vuNASadrMjEK18kcC0LsPo9ozM1ppYWNNQuFFwbxZYwPgA
eOWO0aEeqv5QVb0QfAzamSXzPYGIkwD/yuKvtVVhYLt5X4qjjwTS4xnTYrgBwOAR
mVIPriJkOmlimDRlS0WDhlIRH42ai1y1M+iGYa/oTwV6P5FTLdGgK/lnK3GRk/z6
STYJfD0zfCvucOLtWxYPRyHdcJzYznhK4y0tiUO9TzJt83c2MDVSV3GfoUVz8qgz
w8nCBHmWYm8kQbGNe+M1Qd/xaNw4hgBMm5ed/VXyUoAdgfe2M+jWsQl70s0fBQ/n
JNh4dEdA62GYTQ==
-----END CERTIFICATE-----