Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
File:                     XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft (raw, json)
Hash identifier:          I/DxAvUqiitz8/VOEP2XLMuOwFnC8mV1wzR7P+Hxo0U=
Subject key identifier:   72:5D:54:97:42:B5:CC:23:B0:81:DF:CD:60:28:C4:60:71:DC:A4:A0
Authority key identifier: 5C:34:4A:1A:C0:CB:FC:40:C7:5A:0C:FC:7B:EC:96:C7:C3:5B:D2:7B
Certificate issuer:       /CN=5c344a1ac0cbfc40c75a0cfc7bec96c7c35bd27b
Certificate serial:       019D9AE2705DE37D0706792037BF77EB553D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
Manifest number:          18C0
Signing time:             Fri 17 Apr 2026 10:00:24 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:24 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:24 +0000
Files and hashes:         1: XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl (hash: kq4ldawaYRugMxr9C+AaSj9FGl4NsSo37HfYi4ekVkQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:70:5d:e3:7d:07:06:79:20:37:bf:77:eb:55:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c344a1ac0cbfc40c75a0cfc7bec96c7c35bd27b
        Validity
            Not Before: Apr 17 10:00:24 2026 GMT
            Not After : Apr 18 10:00:24 2026 GMT
        Subject: CN=725d549742b5cc23b081dfcd6028c46071dca4a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:66:eb:62:d7:e3:af:a2:c3:fc:bf:20:36:1d:
                    e7:3f:41:67:31:36:2f:14:7c:7b:b2:7d:fe:f9:7c:
                    01:b3:23:84:e4:b3:c8:e1:99:7d:3d:ec:02:07:3d:
                    cd:fc:c3:59:8f:b2:a2:8d:d9:74:12:ba:09:4c:99:
                    27:7b:eb:31:da:a4:bb:99:95:8c:67:72:4f:9b:55:
                    19:02:bf:9a:73:77:97:0d:0c:16:9f:23:0d:ce:e0:
                    c9:93:04:2b:d6:4e:d2:f6:83:df:b6:95:f5:b7:cf:
                    0b:b1:d1:08:f7:f2:3f:95:94:90:8d:4b:e1:f6:b4:
                    d6:cb:52:76:ae:09:3a:18:c6:85:00:73:c0:b3:d0:
                    a1:8c:9e:b6:a3:7e:83:de:e4:d7:e2:95:12:fa:8c:
                    68:79:6d:fc:a7:ef:41:1e:c2:be:6c:3e:00:44:e6:
                    91:00:f7:cf:bf:b4:93:d5:12:f4:1d:d1:22:79:c0:
                    c7:31:25:77:c0:76:05:ae:9e:13:39:91:8d:41:a3:
                    25:26:5c:2e:13:83:7f:53:ea:33:ba:ae:0a:87:c5:
                    f9:5c:78:b8:67:4d:e9:2a:e4:78:17:2b:04:4a:9a:
                    f7:1a:08:6a:46:a7:78:49:c3:9f:f2:8a:20:f0:25:
                    9e:a7:5d:ef:78:b3:1f:bc:08:10:83:01:a1:5f:b3:
                    f5:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:5D:54:97:42:B5:CC:23:B0:81:DF:CD:60:28:C4:60:71:DC:A4:A0
            X509v3 Authority Key Identifier:
                keyid:5C:34:4A:1A:C0:CB:FC:40:C7:5A:0C:FC:7B:EC:96:C7:C3:5B:D2:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:2f:ac:0d:33:e8:25:8a:22:16:26:d1:d9:8d:5e:6a:f0:64:
         af:18:a8:6e:e2:e6:ee:ed:f9:4e:ad:08:c9:49:7d:36:21:b2:
         30:e3:aa:e3:ba:34:f2:40:a1:f6:0e:f6:b6:47:8a:7f:35:bd:
         73:ef:a7:85:1a:2e:41:1d:24:a0:94:fe:89:45:50:dc:ec:ba:
         b4:12:a8:ed:cf:f1:9f:78:51:68:b3:bd:df:18:94:aa:2d:81:
         66:f4:4d:fd:e4:ac:4f:16:a6:7c:99:74:a4:e4:24:39:78:91:
         47:29:1f:c2:7a:72:3e:25:5c:93:bf:4e:c2:32:30:c9:de:87:
         2f:85:7d:cf:96:a0:b8:a8:3d:1c:20:47:f4:4c:30:33:c3:dd:
         68:39:f0:b5:6c:ad:6d:80:0e:44:d3:64:82:1a:0d:2d:17:1e:
         9d:fd:4f:6e:9b:4a:8a:fa:74:5b:53:ef:13:7b:6f:f1:15:75:
         bf:3a:7e:e4:68:04:ca:12:86:17:e1:f7:70:65:5d:24:bd:4b:
         07:98:f7:04:04:28:73:dc:8a:5c:c6:93:a1:26:2a:b9:66:d6:
         49:2d:8e:20:1a:7c:9d:ad:95:b4:06:39:8f:ac:b2:2f:ca:a1:
         c5:e1:ea:66:ab:1e:1c:72:c6:0b:b0:d8:a8:2e:56:4d:84:4f:
         ea:00:78:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4nBd430HBnkgN79361U9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjMzQ0YTFhYzBjYmZjNDBjNzVhMGNmYzdiZWM5NmM3YzM1
YmQyN2IwHhcNMjYwNDE3MTAwMDI0WhcNMjYwNDE4MTAwMDI0WjAzMTEwLwYDVQQD
Eyg3MjVkNTQ5NzQyYjVjYzIzYjA4MWRmY2Q2MDI4YzQ2MDcxZGNhNGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWbrYtfjr6LD/L8gNh3nP0FnMTYv
FHx7sn3++XwBsyOE5LPI4Zl9PewCBz3N/MNZj7Kijdl0EroJTJkne+sx2qS7mZWM
Z3JPm1UZAr+ac3eXDQwWnyMNzuDJkwQr1k7S9oPftpX1t88LsdEI9/I/lZSQjUvh
9rTWy1J2rgk6GMaFAHPAs9ChjJ62o36D3uTX4pUS+oxoeW38p+9BHsK+bD4AROaR
APfPv7ST1RL0HdEiecDHMSV3wHYFrp4TOZGNQaMlJlwuE4N/U+ozuq4Kh8X5XHi4
Z03pKuR4FysESpr3GghqRqd4ScOf8oog8CWep13veLMfvAgQgwGhX7P1IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHJdVJdCtcwjsIHfzWAoxGBx3KSgMB8GA1UdIwQY
MBaAFFw0ShrAy/xAx1oM/HvslsfDW9J7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zMjlhYjgtYjFkOS00ZjlmLWE5Yzgt
Y2QxODUxMGVkY2RmLzEvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zMjlhYjgtYjFkOS00ZjlmLWE5YzgtY2QxODUxMGVkY2Rm
LzEvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATy+sDTPo
JYoiFibR2Y1eavBkrxiobuLm7u35Tq0IyUl9NiGyMOOq47o08kCh9g72tkeKfzW9
c++nhRouQR0koJT+iUVQ3Oy6tBKo7c/xn3hRaLO93xiUqi2BZvRN/eSsTxamfJl0
pOQkOXiRRykfwnpyPiVck79OwjIwyd6HL4V9z5aguKg9HCBH9EwwM8PdaDnwtWyt
bYAORNNkghoNLRcenf1PbptKivp0W1PvE3tv8RV1vzp+5GgEyhKGF+H3cGVdJL1L
B5j3BAQoc9yKXMaToSYquWbWSS2OIBp8na2VtAY5j6yyL8qhxeHqZqseHHLGC7DY
qC5WTYRP6gB4MQ==
-----END CERTIFICATE-----