Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d528d3-2a93-460c-926d-40d15f36ea43/1/skFYMFfyBWPJOCuJTx_OrKVfvaM.mft
File:                     skFYMFfyBWPJOCuJTx_OrKVfvaM.mft (raw, json)
Hash identifier:          2xGuc9pcXH5yjiWj7iJJ83wsUdnieyrhtsntM4O62qM=
Subject key identifier:   03:18:74:47:6C:16:E0:B1:6E:39:DF:DC:02:49:A6:02:79:34:95:03
Authority key identifier: B2:41:58:30:57:F2:05:63:C9:38:2B:89:4F:1F:CE:AC:A5:5F:BD:A3
Certificate issuer:       /CN=b241583057f20563c9382b894f1fceaca55fbda3
Certificate serial:       019D9850AD2064DCC165775661D745B25FFF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/skFYMFfyBWPJOCuJTx_OrKVfvaM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/d528d3-2a93-460c-926d-40d15f36ea43/1/skFYMFfyBWPJOCuJTx_OrKVfvaM.mft
Manifest number:          18BD
Signing time:             Thu 16 Apr 2026 22:01:57 +0000
Manifest this update:     Thu 16 Apr 2026 22:01:57 +0000
Manifest next update:     Fri 17 Apr 2026 22:01:57 +0000
Files and hashes:         1: skFYMFfyBWPJOCuJTx_OrKVfvaM.crl (hash: lNtfVBVsvHgLuB/wGMzoJ2Hj9dLei/SFdpe27dVZBQc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/d528d3-2a93-460c-926d-40d15f36ea43/1/skFYMFfyBWPJOCuJTx_OrKVfvaM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/d528d3-2a93-460c-926d-40d15f36ea43/1/skFYMFfyBWPJOCuJTx_OrKVfvaM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/skFYMFfyBWPJOCuJTx_OrKVfvaM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:50:ad:20:64:dc:c1:65:77:56:61:d7:45:b2:5f:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b241583057f20563c9382b894f1fceaca55fbda3
        Validity
            Not Before: Apr 16 22:01:57 2026 GMT
            Not After : Apr 17 22:01:57 2026 GMT
        Subject: CN=031874476c16e0b16e39dfdc0249a60279349503
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:7c:03:e6:48:f5:20:c7:27:c8:e1:95:ab:4b:
                    27:91:84:b6:bd:80:11:d2:3e:01:05:63:e3:54:e7:
                    4c:85:99:af:20:2a:f3:9e:92:34:31:56:7e:88:3d:
                    31:2b:4f:2f:08:83:3e:6d:3a:87:ec:68:96:d7:33:
                    8d:18:9d:ad:15:83:77:93:c9:29:f0:c3:03:03:f3:
                    60:0e:dd:33:20:56:71:dc:ed:6f:3f:ec:52:14:5c:
                    71:2e:cd:ac:49:c6:49:69:ab:26:5c:2c:3a:4a:c2:
                    11:d7:f8:af:0c:15:ff:01:70:1e:c2:10:65:10:9e:
                    b0:a3:51:c6:02:7c:c4:fc:be:75:72:60:44:89:7d:
                    8e:40:92:0a:12:8b:17:08:5f:2f:7a:2a:93:1d:63:
                    9e:a6:16:8b:a8:e0:25:96:82:91:9d:a1:9f:ca:1d:
                    4c:ba:36:2e:b8:b3:94:f0:c1:fe:20:27:26:11:e9:
                    ef:73:ab:09:4e:c3:63:80:fd:48:be:ce:04:d3:34:
                    56:6f:5e:e6:aa:1d:f4:af:e9:e3:ac:52:da:aa:03:
                    ea:80:c3:c8:04:89:63:f8:5f:c5:15:eb:3e:15:96:
                    d9:31:e7:33:23:d1:35:06:a5:8e:ce:b8:51:f4:df:
                    8e:7a:97:1b:af:f7:b5:ce:03:83:72:f1:24:e1:ec:
                    79:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:18:74:47:6C:16:E0:B1:6E:39:DF:DC:02:49:A6:02:79:34:95:03
            X509v3 Authority Key Identifier:
                keyid:B2:41:58:30:57:F2:05:63:C9:38:2B:89:4F:1F:CE:AC:A5:5F:BD:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/skFYMFfyBWPJOCuJTx_OrKVfvaM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d528d3-2a93-460c-926d-40d15f36ea43/1/skFYMFfyBWPJOCuJTx_OrKVfvaM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d528d3-2a93-460c-926d-40d15f36ea43/1/skFYMFfyBWPJOCuJTx_OrKVfvaM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:33:2e:ce:e8:03:75:6d:9b:e0:b0:0c:5c:bd:f9:ff:b1:7d:
         04:8b:a9:56:0f:bd:43:f1:90:a0:a6:9c:a1:16:fb:30:ff:25:
         e4:27:bc:bd:71:27:d3:c8:e2:bb:d4:21:03:18:bd:00:d0:5b:
         91:17:30:eb:1b:04:71:d2:77:95:7b:3f:b2:2a:f9:48:e0:ce:
         5c:50:98:83:7e:9d:6c:41:c1:3b:19:87:c1:a0:4e:d9:1c:57:
         6f:c8:46:77:86:91:82:1f:c5:61:62:80:c8:22:90:c2:04:ce:
         6d:7b:42:bc:41:2b:cb:b0:45:65:89:f1:fd:4a:41:b8:f3:23:
         c8:66:fd:9e:e9:cd:e4:bb:9f:7e:da:8a:99:d1:9d:b0:23:75:
         97:a9:bd:ee:6e:2d:87:57:bf:1d:fb:0c:e2:97:f0:d6:33:4a:
         ce:bf:16:74:19:a0:45:aa:70:e0:0d:b4:0a:af:e1:06:f2:5e:
         ec:26:b3:bc:46:64:c5:cb:2d:75:76:28:a6:93:ab:0c:27:b3:
         d9:04:f2:74:af:10:2a:bc:4b:62:30:bc:22:79:6b:18:8b:46:
         a7:34:40:c5:ae:60:7e:d7:b9:58:40:ef:d3:a3:d2:2a:8a:d6:
         ad:8b:0f:72:04:fb:0d:d0:dd:e9:1f:1e:92:b2:62:63:44:ef:
         13:b3:5c:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YUK0gZNzBZXdWYddFsl//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNDE1ODMwNTdmMjA1NjNjOTM4MmI4OTRmMWZjZWFjYTU1
ZmJkYTMwHhcNMjYwNDE2MjIwMTU3WhcNMjYwNDE3MjIwMTU3WjAzMTEwLwYDVQQD
EygwMzE4NzQ0NzZjMTZlMGIxNmUzOWRmZGMwMjQ5YTYwMjc5MzQ5NTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnwD5kj1IMcnyOGVq0snkYS2vYAR
0j4BBWPjVOdMhZmvICrznpI0MVZ+iD0xK08vCIM+bTqH7GiW1zONGJ2tFYN3k8kp
8MMDA/NgDt0zIFZx3O1vP+xSFFxxLs2sScZJaasmXCw6SsIR1/ivDBX/AXAewhBl
EJ6wo1HGAnzE/L51cmBEiX2OQJIKEosXCF8veiqTHWOephaLqOAlloKRnaGfyh1M
ujYuuLOU8MH+ICcmEenvc6sJTsNjgP1Ivs4E0zRWb17mqh30r+njrFLaqgPqgMPI
BIlj+F/FFes+FZbZMeczI9E1BqWOzrhR9N+Oepcbr/e1zgODcvEk4ex5HwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAMYdEdsFuCxbjnf3AJJpgJ5NJUDMB8GA1UdIwQY
MBaAFLJBWDBX8gVjyTgriU8fzqylX72jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2tGWU1GZnlCV1BKT0N1SlR4X09yS1ZmdmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kNTI4ZDMtMmE5My00NjBjLTkyNmQt
NDBkMTVmMzZlYTQzLzEvc2tGWU1GZnlCV1BKT0N1SlR4X09yS1ZmdmFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9kNTI4ZDMtMmE5My00NjBjLTkyNmQtNDBkMTVmMzZlYTQz
LzEvc2tGWU1GZnlCV1BKT0N1SlR4X09yS1ZmdmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAozMuzugD
dW2b4LAMXL35/7F9BIupVg+9Q/GQoKacoRb7MP8l5Ce8vXEn08jiu9QhAxi9ANBb
kRcw6xsEcdJ3lXs/sir5SODOXFCYg36dbEHBOxmHwaBO2RxXb8hGd4aRgh/FYWKA
yCKQwgTObXtCvEEry7BFZYnx/UpBuPMjyGb9nunN5LufftqKmdGdsCN1l6m97m4t
h1e/HfsM4pfw1jNKzr8WdBmgRapw4A20Cq/hBvJe7CazvEZkxcstdXYoppOrDCez
2QTydK8QKrxLYjC8InlrGItGpzRAxa5gfte5WEDv06PSKorWrYsPcgT7DdDd6R8e
krJiY0TvE7Nc4w==
-----END CERTIFICATE-----