Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
File:                     xLxp1Co7FePOy5HHcrpkM8URvpk.mft (raw, json)
Hash identifier:          hhD9EzgmuRDs8qw9Ws9vFsZaXjsT0kyUisxTVSIpVLQ=
Subject key identifier:   17:91:8B:D0:1D:1C:61:6E:5A:18:D6:05:BE:D6:74:95:34:CC:48:01
Authority key identifier: C4:BC:69:D4:2A:3B:15:E3:CE:CB:91:C7:72:BA:64:33:C5:11:BE:99
Certificate issuer:       /CN=c4bc69d42a3b15e3cecb91c772ba6433c511be99
Certificate serial:       019DA3AF249F79D0C5B8B886A10B09E9F7C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
Manifest number:          18C2
Signing time:             Sun 19 Apr 2026 03:00:57 +0000
Manifest this update:     Sun 19 Apr 2026 03:00:57 +0000
Manifest next update:     Mon 20 Apr 2026 03:00:57 +0000
Files and hashes:         1: xLxp1Co7FePOy5HHcrpkM8URvpk.crl (hash: zrWXknDRS3CXQNqeMSq0szaoUPjqnZ58weT73fuTM7o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 03:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:af:24:9f:79:d0:c5:b8:b8:86:a1:0b:09:e9:f7:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4bc69d42a3b15e3cecb91c772ba6433c511be99
        Validity
            Not Before: Apr 19 03:00:57 2026 GMT
            Not After : Apr 20 03:00:57 2026 GMT
        Subject: CN=17918bd01d1c616e5a18d605bed6749534cc4801
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:9c:a9:2e:74:5f:96:05:5e:2d:ed:11:c5:87:
                    c4:db:d8:8e:1d:c7:12:67:fa:6a:d8:33:13:98:92:
                    e1:59:0a:8b:7c:a3:15:56:14:0b:ff:b4:b7:97:6d:
                    2b:7b:41:5e:05:c1:c8:05:06:6b:63:09:02:2b:87:
                    95:0c:3e:6e:ac:c4:9d:2e:fc:c7:89:9e:8f:f9:0d:
                    2d:e6:c3:e9:06:23:b2:f6:27:87:15:84:af:ae:1a:
                    51:40:ce:39:0d:0f:1a:72:17:d3:be:0d:2b:2b:e4:
                    6e:5d:66:05:50:71:68:d1:32:c9:a4:47:7f:41:eb:
                    83:6c:c7:56:8f:e6:9a:8d:83:33:8c:4c:86:4d:e2:
                    db:7c:74:e4:96:41:30:08:7e:c6:a8:93:8f:44:5b:
                    da:de:30:07:3f:cd:bc:8d:2c:e2:30:d7:f4:76:8e:
                    0e:7a:e5:58:7d:21:9c:ee:3e:b9:f3:0e:34:02:49:
                    05:b2:cf:78:ec:8f:d5:79:dc:21:96:83:10:93:60:
                    bd:6c:5a:1f:2c:e8:97:9f:30:98:40:31:5d:78:7e:
                    8f:60:26:77:79:cb:04:a1:cc:17:c5:b0:3b:4d:53:
                    b3:1f:56:95:4c:bb:b7:cc:31:21:4a:6c:74:42:98:
                    b6:63:10:50:78:89:90:99:e7:5c:b1:72:d4:bb:44:
                    cf:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:91:8B:D0:1D:1C:61:6E:5A:18:D6:05:BE:D6:74:95:34:CC:48:01
            X509v3 Authority Key Identifier:
                keyid:C4:BC:69:D4:2A:3B:15:E3:CE:CB:91:C7:72:BA:64:33:C5:11:BE:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:7a:16:fe:da:a3:5d:78:67:45:33:ad:ad:fb:ed:7a:5c:4f:
         ab:4c:db:04:6b:72:0c:2c:97:46:14:a3:76:d6:7e:78:55:06:
         13:7b:dd:15:00:ff:12:3d:ba:c8:66:5e:70:cd:0f:4f:90:7d:
         1b:25:7f:fa:e8:73:fb:1c:44:0e:e1:7d:c6:83:d0:ae:be:81:
         ac:2d:ff:d4:0d:81:cc:67:6b:ec:f3:0e:c5:b8:cf:21:0f:8a:
         d6:36:d3:c9:f9:c3:a6:77:3a:36:05:f5:19:8b:a4:97:8e:bb:
         9e:38:97:16:9e:31:c1:70:d4:94:3f:43:60:7e:81:68:34:27:
         58:67:67:ca:7b:18:9f:93:9f:ef:74:8f:f5:4e:5d:e2:56:58:
         97:0a:53:d5:2a:f1:14:6b:b2:27:d6:cb:c6:ab:30:14:c1:72:
         ae:f4:e9:8b:95:ba:19:be:f2:42:46:c1:e6:b1:4b:18:7d:ec:
         b7:e4:b2:f7:33:26:83:0e:08:fe:ac:bb:28:b4:c8:d5:f2:b5:
         bf:c6:f3:70:2c:0c:f4:72:06:cd:e0:13:0f:a0:db:da:8b:f2:
         89:4c:2f:cf:fa:6b:41:ae:77:17:09:93:60:49:29:1e:e1:75:
         57:4f:08:e9:24:c0:2b:c7:4e:f3:26:a1:31:4b:c5:4e:9f:e6:
         2b:fe:68:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jrySfedDFuLiGoQsJ6ffGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YmM2OWQ0MmEzYjE1ZTNjZWNiOTFjNzcyYmE2NDMzYzUx
MWJlOTkwHhcNMjYwNDE5MDMwMDU3WhcNMjYwNDIwMDMwMDU3WjAzMTEwLwYDVQQD
EygxNzkxOGJkMDFkMWM2MTZlNWExOGQ2MDViZWQ2NzQ5NTM0Y2M0ODAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JypLnRflgVeLe0RxYfE29iOHccS
Z/pq2DMTmJLhWQqLfKMVVhQL/7S3l20re0FeBcHIBQZrYwkCK4eVDD5urMSdLvzH
iZ6P+Q0t5sPpBiOy9ieHFYSvrhpRQM45DQ8achfTvg0rK+RuXWYFUHFo0TLJpEd/
QeuDbMdWj+aajYMzjEyGTeLbfHTklkEwCH7GqJOPRFva3jAHP828jSziMNf0do4O
euVYfSGc7j658w40AkkFss947I/VedwhloMQk2C9bFofLOiXnzCYQDFdeH6PYCZ3
ecsEocwXxbA7TVOzH1aVTLu3zDEhSmx0Qpi2YxBQeImQmedcsXLUu0TPMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBeRi9AdHGFuWhjWBb7WdJU0zEgBMB8GA1UdIwQY
MBaAFMS8adQqOxXjzsuRx3K6ZDPFEb6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9kOGMyMWItZmUzNi00YTJlLWFjMmUt
ZDE3Zjk4MTE0MDcwLzEveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9kOGMyMWItZmUzNi00YTJlLWFjMmUtZDE3Zjk4MTE0MDcw
LzEveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjnoW/tqj
XXhnRTOtrfvtelxPq0zbBGtyDCyXRhSjdtZ+eFUGE3vdFQD/Ej26yGZecM0PT5B9
GyV/+uhz+xxEDuF9xoPQrr6BrC3/1A2BzGdr7PMOxbjPIQ+K1jbTyfnDpnc6NgX1
GYukl467njiXFp4xwXDUlD9DYH6BaDQnWGdnynsYn5Of73SP9U5d4lZYlwpT1Srx
FGuyJ9bLxqswFMFyrvTpi5W6Gb7yQkbB5rFLGH3st+Sy9zMmgw4I/qy7KLTI1fK1
v8bzcCwM9HIGzeATD6Db2ovyiUwvz/prQa53FwmTYEkpHuF1V08I6STAK8dO8yah
MUvFTp/mK/5oeg==
-----END CERTIFICATE-----