Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft
File:                     jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft (raw, json)
Hash identifier:          5n3cXNCO507tdUA3VOWFBAkd0PahESe+hwqi3P3bTzI=
Subject key identifier:   F7:03:BA:B5:1F:A5:BF:13:C6:78:8A:22:1A:0D:36:A3:47:14:6A:5A
Authority key identifier: 8C:50:02:F6:39:E8:19:58:D0:F9:B3:58:5A:ED:76:70:7D:26:25:DE
Certificate issuer:       /CN=8c5002f639e81958d0f9b3585aed76707d2625de
Certificate serial:       019D9A3EB7FF57C965961D200A2EDA54779B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jFAC9jnoGVjQ-bNYWu12cH0mJd4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft
Manifest number:          18BD
Signing time:             Fri 17 Apr 2026 07:01:34 +0000
Manifest this update:     Fri 17 Apr 2026 07:01:34 +0000
Manifest next update:     Sat 18 Apr 2026 07:01:34 +0000
Files and hashes:         1: jFAC9jnoGVjQ-bNYWu12cH0mJd4.crl (hash: dOBORktE8VegJVUXH10ZbOmvza0efVaziexTqsv91m0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jFAC9jnoGVjQ-bNYWu12cH0mJd4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:3e:b7:ff:57:c9:65:96:1d:20:0a:2e:da:54:77:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c5002f639e81958d0f9b3585aed76707d2625de
        Validity
            Not Before: Apr 17 07:01:34 2026 GMT
            Not After : Apr 18 07:01:34 2026 GMT
        Subject: CN=f703bab51fa5bf13c6788a221a0d36a347146a5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:4a:ec:28:f4:d4:71:00:97:3f:7f:d4:29:ea:
                    f0:33:d3:d4:cd:4b:80:9c:7d:56:70:85:b1:a5:a7:
                    f1:2e:cc:ed:7e:fe:ec:e6:54:b1:20:36:d0:be:55:
                    ff:c4:6b:d2:e5:ee:34:c5:ab:e7:bb:6e:2b:04:60:
                    ba:bd:ab:49:d1:1b:d6:f7:42:9d:91:77:11:70:ec:
                    1a:18:06:00:8e:91:30:64:e5:78:b9:9c:e9:bf:cb:
                    f8:33:11:5b:3e:ee:98:da:f4:9e:12:ca:2b:fd:7d:
                    da:55:25:c1:04:28:f2:6c:74:21:19:ff:da:76:ee:
                    76:37:b7:74:37:ea:d8:a8:81:8d:bc:25:4b:d1:4b:
                    c8:24:e9:bb:30:fe:c0:e4:44:19:63:c0:0b:56:b1:
                    89:32:fc:be:06:dd:6e:94:f1:12:d0:dc:55:b8:51:
                    99:c2:ca:73:c1:6a:f4:59:ae:45:76:45:62:68:b9:
                    76:77:48:db:80:e5:69:af:94:87:91:e3:82:1c:86:
                    d4:10:93:8a:10:12:7a:96:d2:52:97:f4:20:15:2a:
                    af:34:25:0b:27:cc:8c:f2:e7:19:8f:10:e1:b8:74:
                    92:83:ef:5d:a2:e8:38:5a:ac:ab:ff:72:2d:bf:9f:
                    97:ea:71:5a:9a:2a:3d:2c:fd:2b:80:2c:2c:0d:3c:
                    a5:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:03:BA:B5:1F:A5:BF:13:C6:78:8A:22:1A:0D:36:A3:47:14:6A:5A
            X509v3 Authority Key Identifier:
                keyid:8C:50:02:F6:39:E8:19:58:D0:F9:B3:58:5A:ED:76:70:7D:26:25:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jFAC9jnoGVjQ-bNYWu12cH0mJd4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:59:2f:01:29:4b:02:dc:5e:83:90:6a:df:c9:a5:aa:f0:14:
         b9:9f:23:ed:41:ae:3d:fb:7e:74:c1:3e:6f:62:bd:a7:5a:d0:
         b8:33:d1:7a:46:8f:4a:f2:16:a7:89:a1:3f:79:e7:54:be:c3:
         44:1c:32:59:b3:bd:8d:2b:af:1c:41:8f:a3:9e:df:19:85:4c:
         9d:91:5e:7d:98:32:b0:95:3d:e4:c0:23:2b:da:ed:2b:57:af:
         6a:0d:dc:74:47:bb:c3:f5:b0:33:a2:be:9b:8e:12:16:ca:5c:
         45:44:59:3f:07:95:26:20:08:ea:e3:3e:a1:f2:62:f5:4b:77:
         29:f1:73:82:69:19:a8:ac:a8:e3:d6:30:45:c9:03:1b:74:be:
         9e:96:84:5f:2f:1b:d9:73:5b:77:8e:45:a8:13:48:6b:ab:6d:
         7f:35:78:c5:48:41:02:5c:c0:06:09:f6:99:58:9f:12:43:ca:
         ec:1d:96:e9:90:8c:5c:53:ea:93:84:bc:7f:13:15:d0:89:40:
         eb:93:3a:12:25:37:60:13:b7:96:ba:4d:88:81:8a:a4:76:dc:
         ab:c7:73:b2:31:61:f1:44:ce:99:5b:80:47:ed:a5:ec:76:ca:
         78:7e:ce:d4:58:4f:28:99:2c:9d:cc:9c:b2:2a:75:9d:f7:73:
         7e:97:4b:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPrf/V8lllh0gCi7aVHebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNTAwMmY2MzllODE5NThkMGY5YjM1ODVhZWQ3NjcwN2Qy
NjI1ZGUwHhcNMjYwNDE3MDcwMTM0WhcNMjYwNDE4MDcwMTM0WjAzMTEwLwYDVQQD
EyhmNzAzYmFiNTFmYTViZjEzYzY3ODhhMjIxYTBkMzZhMzQ3MTQ2YTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUrsKPTUcQCXP3/UKerwM9PUzUuA
nH1WcIWxpafxLsztfv7s5lSxIDbQvlX/xGvS5e40xavnu24rBGC6vatJ0RvW90Kd
kXcRcOwaGAYAjpEwZOV4uZzpv8v4MxFbPu6Y2vSeEsor/X3aVSXBBCjybHQhGf/a
du52N7d0N+rYqIGNvCVL0UvIJOm7MP7A5EQZY8ALVrGJMvy+Bt1ulPES0NxVuFGZ
wspzwWr0Wa5FdkViaLl2d0jbgOVpr5SHkeOCHIbUEJOKEBJ6ltJSl/QgFSqvNCUL
J8yM8ucZjxDhuHSSg+9doug4Wqyr/3Itv5+X6nFamio9LP0rgCwsDTyloQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPcDurUfpb8TxniKIhoNNqNHFGpaMB8GA1UdIwQY
MBaAFIxQAvY56BlY0PmzWFrtdnB9JiXeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakZBQzlqbm9HVmpRLWJOWVd1MTJjSDBtSmQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8zYTYxMjgtYmYwMy00Y2E1LWE3NjYt
NmYwNjE5MTQ0NGFjLzEvakZBQzlqbm9HVmpRLWJOWVd1MTJjSDBtSmQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8zYTYxMjgtYmYwMy00Y2E1LWE3NjYtNmYwNjE5MTQ0NGFj
LzEvakZBQzlqbm9HVmpRLWJOWVd1MTJjSDBtSmQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW1kvASlL
Atxeg5Bq38mlqvAUuZ8j7UGuPft+dME+b2K9p1rQuDPRekaPSvIWp4mhP3nnVL7D
RBwyWbO9jSuvHEGPo57fGYVMnZFefZgysJU95MAjK9rtK1evag3cdEe7w/WwM6K+
m44SFspcRURZPweVJiAI6uM+ofJi9Ut3KfFzgmkZqKyo49YwRckDG3S+npaEXy8b
2XNbd45FqBNIa6ttfzV4xUhBAlzABgn2mVifEkPK7B2W6ZCMXFPqk4S8fxMV0IlA
65M6EiU3YBO3lrpNiIGKpHbcq8dzsjFh8UTOmVuAR+2l7HbKeH7O1FhPKJksncyc
sip1nfdzfpdL8A==
-----END CERTIFICATE-----