Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
File:                     OneLgrqpeIoayvLsNothmB71HfI.mft (raw, json)
Hash identifier:          S1KgBI55fUJih7oFjZSr+x/G2O921Clvb698cTju6D0=
Subject key identifier:   77:CC:7C:D8:FD:24:C7:E1:FE:F3:AA:3F:EC:C5:EB:54:EC:D9:86:C3
Authority key identifier: 3A:77:8B:82:BA:A9:78:8A:1A:CA:F2:EC:36:8B:61:98:1E:F5:1D:F2
Certificate issuer:       /CN=3a778b82baa9788a1acaf2ec368b61981ef51df2
Certificate serial:       019D9998D732F6148F818BE816B9A4CA274E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
Manifest number:          18C7
Signing time:             Fri 17 Apr 2026 04:00:23 +0000
Manifest this update:     Fri 17 Apr 2026 04:00:23 +0000
Manifest next update:     Sat 18 Apr 2026 04:00:23 +0000
Files and hashes:         1: OneLgrqpeIoayvLsNothmB71HfI.crl (hash: DSicEEUx7APT2WpaMcHy+NenTwQBGlmeaSEmhY/w3Cg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:98:d7:32:f6:14:8f:81:8b:e8:16:b9:a4:ca:27:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a778b82baa9788a1acaf2ec368b61981ef51df2
        Validity
            Not Before: Apr 17 04:00:23 2026 GMT
            Not After : Apr 18 04:00:23 2026 GMT
        Subject: CN=77cc7cd8fd24c7e1fef3aa3fecc5eb54ecd986c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:c1:00:a7:77:a6:49:74:8d:c3:71:aa:68:cc:
                    28:e3:17:f2:9e:a0:62:b0:50:16:d6:d3:00:53:fb:
                    d1:5a:94:14:79:74:95:f4:20:02:2e:c5:70:28:4e:
                    f5:42:cc:73:72:a7:d3:be:ef:39:00:57:3a:25:d2:
                    ae:1a:06:59:8e:a4:b6:c9:01:a1:2b:52:09:4e:f3:
                    22:b6:61:f6:71:b8:98:b2:32:a0:8a:fa:6e:77:78:
                    18:49:0c:2e:ef:48:2a:e7:9e:68:b8:b7:71:38:d3:
                    7c:99:2b:c7:d0:a6:bb:87:09:60:73:90:45:9b:9b:
                    41:a0:2d:a3:fb:e5:6d:90:a5:70:b1:c8:e7:66:5c:
                    6c:d0:0d:b0:81:92:f7:76:ef:3b:c2:a4:db:fc:54:
                    9f:06:84:01:73:04:89:ce:5e:1f:0c:9b:5a:11:4a:
                    9c:f8:ec:ea:64:c5:33:58:54:8f:c5:76:a9:bc:21:
                    50:1c:39:ff:be:e2:23:7b:81:09:3b:5b:c8:e1:f0:
                    8e:03:e9:2e:63:e0:ff:1e:f7:56:9a:17:01:88:9a:
                    f8:aa:66:ac:1c:41:3c:d4:a0:ed:93:7d:4b:09:30:
                    24:bd:54:89:d5:31:f3:45:04:38:b1:27:39:e5:9c:
                    aa:dc:c7:7e:48:46:7d:9b:f7:66:4f:58:f1:ae:ae:
                    ce:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:CC:7C:D8:FD:24:C7:E1:FE:F3:AA:3F:EC:C5:EB:54:EC:D9:86:C3
            X509v3 Authority Key Identifier:
                keyid:3A:77:8B:82:BA:A9:78:8A:1A:CA:F2:EC:36:8B:61:98:1E:F5:1D:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:60:c4:55:cc:c7:a0:23:b3:f4:3a:20:66:a9:50:0a:da:89:
         04:12:15:7e:73:f3:4d:9a:db:cd:c6:cd:15:dd:79:88:a2:43:
         b4:de:7b:ee:d2:ac:32:30:2d:6e:a7:6b:13:a9:60:8a:e4:6c:
         64:70:3d:19:82:87:ec:06:5c:77:06:de:b0:a0:85:f5:6c:f6:
         d6:9e:b8:cd:09:54:2b:4b:f0:e4:af:46:c3:36:92:a5:2f:48:
         87:07:fb:45:f5:95:98:fd:d6:38:a1:3a:b5:48:7b:a4:1a:8c:
         de:2a:c0:44:a6:64:db:31:fa:6c:6b:68:93:ed:09:37:94:92:
         e1:75:8b:6b:49:44:9d:6c:21:af:44:1e:70:fd:63:b1:c6:60:
         84:3e:02:8c:67:d0:93:23:69:21:63:f4:f3:2d:88:8d:dc:fa:
         5f:96:54:b7:5d:b7:29:31:54:55:e1:57:de:c8:69:0b:ce:43:
         a5:1e:83:de:86:eb:76:55:ec:9e:a8:47:d0:60:c9:80:c5:2b:
         c9:5e:38:76:d9:f8:34:2c:27:04:4d:62:cc:3b:4e:7f:a9:fc:
         07:32:5a:91:ad:e6:4c:09:b3:64:a1:ca:d2:40:6d:8a:97:9c:
         2e:10:51:f0:90:a3:73:90:bb:be:cd:b3:27:32:20:88:31:b9:
         50:51:f1:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmNcy9hSPgYvoFrmkyidOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzc4YjgyYmFhOTc4OGExYWNhZjJlYzM2OGI2MTk4MWVm
NTFkZjIwHhcNMjYwNDE3MDQwMDIzWhcNMjYwNDE4MDQwMDIzWjAzMTEwLwYDVQQD
Eyg3N2NjN2NkOGZkMjRjN2UxZmVmM2FhM2ZlY2M1ZWI1NGVjZDk4NmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MEAp3emSXSNw3GqaMwo4xfynqBi
sFAW1tMAU/vRWpQUeXSV9CACLsVwKE71QsxzcqfTvu85AFc6JdKuGgZZjqS2yQGh
K1IJTvMitmH2cbiYsjKgivpud3gYSQwu70gq555ouLdxONN8mSvH0Ka7hwlgc5BF
m5tBoC2j++VtkKVwscjnZlxs0A2wgZL3du87wqTb/FSfBoQBcwSJzl4fDJtaEUqc
+OzqZMUzWFSPxXapvCFQHDn/vuIje4EJO1vI4fCOA+kuY+D/HvdWmhcBiJr4qmas
HEE81KDtk31LCTAkvVSJ1THzRQQ4sSc55Zyq3Md+SEZ9m/dmT1jxrq7O4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHfMfNj9JMfh/vOqP+zF61Ts2YbDMB8GA1UdIwQY
MBaAFDp3i4K6qXiKGsry7DaLYZge9R3yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC80MDRjMDQtYTdmNS00Y2RmLThlOTct
MThkMzNiZWI3YzMxLzEvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC80MDRjMDQtYTdmNS00Y2RmLThlOTctMThkMzNiZWI3YzMx
LzEvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWGDEVczH
oCOz9DogZqlQCtqJBBIVfnPzTZrbzcbNFd15iKJDtN577tKsMjAtbqdrE6lgiuRs
ZHA9GYKH7AZcdwbesKCF9Wz21p64zQlUK0vw5K9GwzaSpS9Ihwf7RfWVmP3WOKE6
tUh7pBqM3irARKZk2zH6bGtok+0JN5SS4XWLa0lEnWwhr0QecP1jscZghD4CjGfQ
kyNpIWP08y2Ijdz6X5ZUt123KTFUVeFX3shpC85DpR6D3obrdlXsnqhH0GDJgMUr
yV44dtn4NCwnBE1izDtOf6n8BzJaka3mTAmzZKHK0kBtipecLhBR8JCjc5C7vs2z
JzIgiDG5UFHxfQ==
-----END CERTIFICATE-----