Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
File:                     AVgEEYI7SHN2g27WavP4qrsgEZw.mft (raw, json)
Hash identifier:          JelAJyHEEKl/cvVQ/zh6Y8davNaZYc6GvCJJim1aPEc=
Subject key identifier:   47:58:04:35:F6:0C:E4:61:69:22:56:6E:C1:EC:14:F5:AE:E6:F6:C6
Authority key identifier: 01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C
Certificate issuer:       /CN=01580411823b487376836ed66af3f8aabb20119c
Certificate serial:       019D98F4219E81EA5E3FDA31BBEA78C3D9D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 01:00:29 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:29 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:29 +0000
Files and hashes:         1: AVgEEYI7SHN2g27WavP4qrsgEZw.crl (hash: lBRFfLTyuDhzq/Xrlenv94RQlxa8YFaoMoMkEo7901w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:21:9e:81:ea:5e:3f:da:31:bb:ea:78:c3:d9:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01580411823b487376836ed66af3f8aabb20119c
        Validity
            Not Before: Apr 17 01:00:29 2026 GMT
            Not After : Apr 18 01:00:29 2026 GMT
        Subject: CN=47580435f60ce4616922566ec1ec14f5aee6f6c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:e6:e5:34:2f:8c:bc:85:68:50:89:66:bb:4f:
                    01:3c:ec:70:09:28:27:dd:dd:4f:e8:e6:4a:dc:c5:
                    43:39:6d:2c:02:f0:5e:c1:5c:c7:3b:9d:25:40:5a:
                    e5:fa:49:7d:b0:6d:59:9d:40:1d:ea:9c:df:6e:4d:
                    ec:4a:b3:14:49:73:b3:a1:c6:5d:d3:29:52:f6:d6:
                    0b:85:d8:3b:10:cf:24:1f:1d:65:50:37:1d:8a:7a:
                    c6:79:8b:0a:6d:25:46:cb:ac:a4:39:f9:5b:97:7d:
                    82:57:37:80:e9:20:c2:85:4f:49:a7:ad:7f:d1:c8:
                    94:ce:e5:4c:87:d4:62:8b:47:85:01:b9:1d:08:92:
                    f1:8b:ed:f8:65:e1:fd:82:f1:b3:48:da:68:12:f2:
                    b3:e7:02:17:fc:0c:47:48:a8:c9:c2:8f:52:36:50:
                    c6:a3:17:57:60:4d:2c:04:e0:91:96:66:7a:ee:d2:
                    fb:53:ea:63:ea:18:66:a2:6b:b3:a8:20:3b:23:72:
                    1b:f1:6e:ed:15:7f:94:0b:d2:6c:04:48:00:22:09:
                    cf:e0:bc:bc:f9:ac:59:c9:50:c3:7b:d3:c8:d7:43:
                    78:37:63:49:73:6d:57:04:8d:9a:19:82:03:26:8f:
                    b6:b1:b1:b0:d5:b9:9f:47:c5:a2:67:53:30:42:0f:
                    f0:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:58:04:35:F6:0C:E4:61:69:22:56:6E:C1:EC:14:F5:AE:E6:F6:C6
            X509v3 Authority Key Identifier:
                keyid:01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:15:fb:06:fc:63:71:84:f8:fb:81:49:cb:9d:a7:87:ba:4e:
         36:d3:17:28:da:e0:99:35:02:59:2b:4d:d4:01:e3:f6:d5:54:
         c5:bb:89:d0:fa:29:aa:a3:40:33:2d:0f:0c:8b:ac:c3:a4:49:
         86:df:7b:8c:a4:52:0a:5a:c7:9c:d3:d1:61:ac:35:e7:44:ac:
         3a:b1:04:94:38:ac:2a:90:64:d1:dc:98:79:b5:04:af:a2:92:
         ac:db:d1:ca:e3:8c:cd:2a:84:7b:94:f7:4e:8c:18:9c:16:d1:
         59:22:c1:8e:f9:1c:2c:38:f9:19:18:0a:90:0e:fa:de:82:8c:
         d1:04:75:98:6f:4d:1a:e2:98:c9:c5:de:b2:ca:29:fb:8f:0c:
         b0:4d:27:ce:45:b1:72:41:a8:b2:42:08:7a:e3:68:bc:f2:34:
         11:f6:d3:a8:5f:7a:6a:69:c8:26:35:63:f1:be:ff:86:0b:7b:
         da:c7:fd:1d:e9:3c:5a:e4:52:fe:e4:62:f6:7e:8b:76:bd:63:
         ef:81:c6:d6:99:64:05:21:a0:29:0e:97:20:b7:44:a4:f9:4d:
         8e:21:ce:0b:aa:e3:e8:1f:f0:d9:96:37:f5:df:dc:c5:26:b6:
         21:6b:85:51:75:14:a0:f4:8a:ac:48:7f:a0:49:00:91:6d:4b:
         fd:bf:96:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9CGegepeP9oxu+p4w9nUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNTgwNDExODIzYjQ4NzM3NjgzNmVkNjZhZjNmOGFhYmIy
MDExOWMwHhcNMjYwNDE3MDEwMDI5WhcNMjYwNDE4MDEwMDI5WjAzMTEwLwYDVQQD
Eyg0NzU4MDQzNWY2MGNlNDYxNjkyMjU2NmVjMWVjMTRmNWFlZTZmNmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOblNC+MvIVoUIlmu08BPOxwCSgn
3d1P6OZK3MVDOW0sAvBewVzHO50lQFrl+kl9sG1ZnUAd6pzfbk3sSrMUSXOzocZd
0ylS9tYLhdg7EM8kHx1lUDcdinrGeYsKbSVGy6ykOflbl32CVzeA6SDChU9Jp61/
0ciUzuVMh9Rii0eFAbkdCJLxi+34ZeH9gvGzSNpoEvKz5wIX/AxHSKjJwo9SNlDG
oxdXYE0sBOCRlmZ67tL7U+pj6hhmomuzqCA7I3Ib8W7tFX+UC9JsBEgAIgnP4Ly8
+axZyVDDe9PI10N4N2NJc21XBI2aGYIDJo+2sbGw1bmfR8WiZ1MwQg/wRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEdYBDX2DORhaSJWbsHsFPWu5vbGMB8GA1UdIwQY
MBaAFAFYBBGCO0hzdoNu1mrz+Kq7IBGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYt
YzE4YWJlY2RkNTI0LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYtYzE4YWJlY2RkNTI0
LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASRX7Bvxj
cYT4+4FJy52nh7pONtMXKNrgmTUCWStN1AHj9tVUxbuJ0PopqqNAMy0PDIusw6RJ
ht97jKRSClrHnNPRYaw150SsOrEElDisKpBk0dyYebUEr6KSrNvRyuOMzSqEe5T3
TowYnBbRWSLBjvkcLDj5GRgKkA763oKM0QR1mG9NGuKYycXessop+48MsE0nzkWx
ckGoskIIeuNovPI0EfbTqF96amnIJjVj8b7/hgt72sf9Hek8WuRS/uRi9n6Ldr1j
74HG1plkBSGgKQ6XILdEpPlNjiHOC6rj6B/w2ZY39d/cxSa2IWuFUXUUoPSKrEh/
oEkAkW1L/b+Wfg==
-----END CERTIFICATE-----