Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
File:                     XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft (raw, json)
Hash identifier:          GLz8bfIRCFpoC7AHoV8R7qfS1hY018Ap6CM3Mg3BzsY=
Subject key identifier:   34:7C:9A:13:FE:3B:A9:FB:28:E8:6F:2E:28:2B:B6:1E:80:C8:E8:C0
Authority key identifier: 5C:34:4A:1A:C0:CB:FC:40:C7:5A:0C:FC:7B:EC:96:C7:C3:5B:D2:7B
Certificate issuer:       /CN=5c344a1ac0cbfc40c75a0cfc7bec96c7c35bd27b
Certificate serial:       019D98F4333662BBEBE58673DDC6DE4E0832
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
Manifest number:          18BF
Signing time:             Fri 17 Apr 2026 01:00:33 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:33 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:33 +0000
Files and hashes:         1: XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl (hash: 30CMACmWnMve4VkhNI2OsXY5CyXQ49RORehGhlfhTG4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:33:36:62:bb:eb:e5:86:73:dd:c6:de:4e:08:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c344a1ac0cbfc40c75a0cfc7bec96c7c35bd27b
        Validity
            Not Before: Apr 17 01:00:33 2026 GMT
            Not After : Apr 18 01:00:33 2026 GMT
        Subject: CN=347c9a13fe3ba9fb28e86f2e282bb61e80c8e8c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:86:fa:08:5a:67:82:fe:2a:5d:8a:b9:c9:47:
                    73:e4:ea:25:bb:07:96:cc:8d:fe:bc:91:42:aa:56:
                    a3:26:6e:fc:24:39:6b:85:a7:e2:c7:bd:8e:e7:b6:
                    fd:7b:e2:2c:8f:bf:34:25:27:18:29:55:cc:c2:50:
                    79:f9:54:18:0c:0f:39:d3:10:c8:49:ec:8a:32:19:
                    3e:20:8a:2d:a7:ef:4c:fb:f4:ac:ea:9f:8a:23:25:
                    e9:a3:6a:ae:89:5f:bd:48:8b:2f:5c:2c:67:83:1e:
                    c1:75:92:14:1a:92:ae:14:19:5a:42:a8:58:d9:d6:
                    67:ea:3a:dc:3e:1c:1a:2e:c8:ec:67:df:8a:b9:a5:
                    83:82:e6:ca:65:7e:0d:a0:d1:50:e6:36:12:b1:92:
                    d4:21:57:a3:97:82:bf:82:e3:a3:96:37:34:8e:ec:
                    3f:c3:ed:5a:9b:53:38:65:31:0b:82:97:73:e3:53:
                    c7:c3:6c:c5:f9:3b:44:7f:3a:61:bd:da:14:28:29:
                    c5:d0:84:de:fd:f8:f9:7f:55:e5:2d:fa:e7:4d:c0:
                    b5:d2:e5:94:ae:c2:22:6e:97:b3:55:0f:7c:2b:cb:
                    b1:fd:ad:f4:8a:d8:73:69:74:04:b8:9e:75:83:6e:
                    6d:d6:89:e1:22:79:86:5b:02:0e:81:dd:05:39:66:
                    23:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:7C:9A:13:FE:3B:A9:FB:28:E8:6F:2E:28:2B:B6:1E:80:C8:E8:C0
            X509v3 Authority Key Identifier:
                keyid:5C:34:4A:1A:C0:CB:FC:40:C7:5A:0C:FC:7B:EC:96:C7:C3:5B:D2:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:c6:e9:47:10:8e:c6:d5:ac:0d:e6:fa:eb:57:b3:48:e5:b7:
         e8:5a:40:cf:56:65:8f:88:2d:c2:16:41:e2:bc:cf:05:22:10:
         e1:00:82:78:d7:b8:75:72:fd:90:47:4e:1c:e8:bd:8c:39:aa:
         34:9d:e3:d6:bf:17:87:56:c0:ac:5e:d7:e8:c9:7a:ad:1d:7c:
         40:6c:44:c4:f3:33:a6:16:04:4c:0b:77:e4:60:a2:55:e2:c3:
         c1:22:dd:93:7f:90:ad:c1:d9:a0:1b:20:8b:ca:57:f0:10:a2:
         4f:49:d8:13:a4:82:fa:94:8f:0a:16:45:66:5b:cf:44:94:b1:
         f0:70:82:a0:e4:f6:61:75:30:c0:24:19:65:b7:f1:dd:3e:0c:
         28:c8:b9:9f:68:52:db:15:ee:97:1e:6f:86:12:be:0a:de:91:
         06:47:cc:88:49:a3:0a:e2:f9:8e:64:da:54:8f:22:da:b8:9a:
         3e:62:af:7e:7d:4c:ed:c3:99:c1:e2:20:79:aa:f9:7c:e8:a3:
         28:37:42:bd:9b:bb:5a:1e:2d:1b:29:aa:c1:b6:fb:ba:cc:3e:
         d3:92:e5:95:aa:20:e9:b5:ce:a8:11:26:81:36:fe:87:f3:f5:
         0a:2b:07:8c:23:94:21:cb:6c:40:69:24:9b:ca:7a:37:5b:48:
         80:81:07:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9DM2Yrvr5YZz3cbeTggyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjMzQ0YTFhYzBjYmZjNDBjNzVhMGNmYzdiZWM5NmM3YzM1
YmQyN2IwHhcNMjYwNDE3MDEwMDMzWhcNMjYwNDE4MDEwMDMzWjAzMTEwLwYDVQQD
EygzNDdjOWExM2ZlM2JhOWZiMjhlODZmMmUyODJiYjYxZTgwYzhlOGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIb6CFpngv4qXYq5yUdz5OoluweW
zI3+vJFCqlajJm78JDlrhafix72O57b9e+Isj780JScYKVXMwlB5+VQYDA850xDI
SeyKMhk+IIotp+9M+/Ss6p+KIyXpo2quiV+9SIsvXCxngx7BdZIUGpKuFBlaQqhY
2dZn6jrcPhwaLsjsZ9+KuaWDgubKZX4NoNFQ5jYSsZLUIVejl4K/guOjljc0juw/
w+1am1M4ZTELgpdz41PHw2zF+TtEfzphvdoUKCnF0ITe/fj5f1XlLfrnTcC10uWU
rsIibpezVQ98K8ux/a30ithzaXQEuJ51g25t1onhInmGWwIOgd0FOWYj9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDR8mhP+O6n7KOhvLigrth6AyOjAMB8GA1UdIwQY
MBaAFFw0ShrAy/xAx1oM/HvslsfDW9J7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zMjlhYjgtYjFkOS00ZjlmLWE5Yzgt
Y2QxODUxMGVkY2RmLzEvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zMjlhYjgtYjFkOS00ZjlmLWE5YzgtY2QxODUxMGVkY2Rm
LzEvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYcbpRxCO
xtWsDeb661ezSOW36FpAz1Zlj4gtwhZB4rzPBSIQ4QCCeNe4dXL9kEdOHOi9jDmq
NJ3j1r8Xh1bArF7X6Ml6rR18QGxExPMzphYETAt35GCiVeLDwSLdk3+QrcHZoBsg
i8pX8BCiT0nYE6SC+pSPChZFZlvPRJSx8HCCoOT2YXUwwCQZZbfx3T4MKMi5n2hS
2xXulx5vhhK+Ct6RBkfMiEmjCuL5jmTaVI8i2riaPmKvfn1M7cOZweIgear5fOij
KDdCvZu7Wh4tGymqwbb7usw+05Lllaog6bXOqBEmgTb+h/P1CisHjCOUIctsQGkk
m8p6N1tIgIEHQg==
-----END CERTIFICATE-----