Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
File:                     XtGkql_QUBs-ptafQzwvFkIRYIk.mft (raw, json)
Hash identifier:          +TZw8JXXlGco6C1eYFWmz7yuc0ZGKkL4yC+b64e/O2w=
Subject key identifier:   34:07:53:72:63:A2:E2:82:3D:E7:29:61:12:CF:AE:16:31:F6:AB:3C
Authority key identifier: 5E:D1:A4:AA:5F:D0:50:1B:3E:A6:D6:9F:43:3C:2F:16:42:11:60:89
Certificate issuer:       /CN=5ed1a4aa5fd0501b3ea6d69f433c2f1642116089
Certificate serial:       019DA30A371F6D0D2BEE494EEF7E497063E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
Manifest number:          18C1
Signing time:             Sun 19 Apr 2026 00:00:48 +0000
Manifest this update:     Sun 19 Apr 2026 00:00:48 +0000
Manifest next update:     Mon 20 Apr 2026 00:00:48 +0000
Files and hashes:         1: XtGkql_QUBs-ptafQzwvFkIRYIk.crl (hash: DnUEhf5pobUVqkVaAADadkBtGOOIRicN9Tmt6Y7zn6w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 00:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:0a:37:1f:6d:0d:2b:ee:49:4e:ef:7e:49:70:63:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ed1a4aa5fd0501b3ea6d69f433c2f1642116089
        Validity
            Not Before: Apr 19 00:00:48 2026 GMT
            Not After : Apr 20 00:00:48 2026 GMT
        Subject: CN=3407537263a2e2823de7296112cfae1631f6ab3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:f0:df:d3:23:62:af:8f:17:e7:db:5b:d3:b5:
                    6d:97:b8:9f:47:05:da:e1:52:41:99:54:4e:5b:c6:
                    d6:59:f2:fd:f4:6a:ae:ce:54:85:cb:b4:52:d3:4e:
                    9c:df:1f:de:8e:b0:e5:50:b3:ab:3b:45:dc:9b:4f:
                    24:bd:3b:d0:ed:b6:3f:25:d8:fb:0b:ca:39:f9:bc:
                    d8:5d:a7:45:31:88:6c:b1:36:9a:d0:ea:a0:93:2c:
                    21:d8:fe:3c:6d:94:1b:a2:2f:1e:1a:9c:5c:b7:95:
                    8b:fa:89:39:0e:49:7d:03:9e:32:08:5d:8c:43:10:
                    6e:6c:97:d8:8b:83:87:48:ee:5e:b9:2f:55:26:af:
                    7b:27:27:bc:2e:d1:76:2c:6d:4f:6c:14:db:43:b3:
                    63:b1:23:0b:18:56:59:42:0f:4b:01:e9:85:42:6f:
                    41:3e:a4:46:55:4d:76:d9:96:99:a0:ca:5d:dd:7c:
                    7e:8f:94:97:a0:f0:8d:59:e7:78:45:2b:d6:8f:d1:
                    eb:24:ec:84:f6:95:c5:f9:90:d8:d1:28:b2:65:35:
                    84:18:58:2e:99:a1:6d:41:6b:05:00:06:e1:f0:fd:
                    34:08:33:80:f5:3a:2c:31:7a:a2:7b:42:79:51:8d:
                    55:c3:a5:8c:71:44:98:0d:96:0f:44:1f:b6:42:d8:
                    b9:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:07:53:72:63:A2:E2:82:3D:E7:29:61:12:CF:AE:16:31:F6:AB:3C
            X509v3 Authority Key Identifier:
                keyid:5E:D1:A4:AA:5F:D0:50:1B:3E:A6:D6:9F:43:3C:2F:16:42:11:60:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:50:ec:65:19:8e:6c:66:5c:0b:66:13:62:f2:ad:4a:48:25:
         05:b5:ae:ce:9f:a7:a6:bf:6d:6e:42:41:72:18:fc:b4:4f:66:
         5a:45:4d:4a:0e:c8:78:77:03:02:ca:4a:04:d8:0e:33:f9:16:
         fd:88:c9:05:4c:f8:08:9c:df:22:ae:88:ed:e5:6e:d0:88:c3:
         13:07:9c:9e:ef:d2:ac:14:82:cf:b7:67:92:cb:2a:9c:30:eb:
         a1:8f:ed:6c:59:fb:82:5b:5c:34:90:0f:22:cd:74:61:4c:a3:
         96:25:ef:4a:ba:a9:9d:f5:78:e8:c9:58:a3:a8:76:54:4f:69:
         d9:aa:d0:b9:30:6d:b9:e7:c8:53:57:a3:a1:55:f3:c7:3e:94:
         99:fe:0f:5f:7d:47:e9:d9:d0:d6:83:8d:98:4f:fc:43:c5:8e:
         0e:32:74:33:88:87:85:7f:09:ef:4e:78:f3:86:9e:d3:69:26:
         8b:7b:00:a7:7c:0f:5a:51:47:79:01:54:b4:82:f6:5e:13:69:
         02:fc:e1:71:e9:6a:28:b3:bd:7d:e7:0a:54:bd:5d:1c:8f:50:
         3a:f8:96:3f:ff:a8:f1:e5:8a:9f:a3:d4:db:ab:ce:04:78:c2:
         95:5c:92:55:5f:e7:92:da:61:7d:82:88:b1:7b:40:bb:7a:30:
         11:65:e1:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jCjcfbQ0r7klO735JcGPiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDFhNGFhNWZkMDUwMWIzZWE2ZDY5ZjQzM2MyZjE2NDIx
MTYwODkwHhcNMjYwNDE5MDAwMDQ4WhcNMjYwNDIwMDAwMDQ4WjAzMTEwLwYDVQQD
EygzNDA3NTM3MjYzYTJlMjgyM2RlNzI5NjExMmNmYWUxNjMxZjZhYjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvDf0yNir48X59tb07Vtl7ifRwXa
4VJBmVROW8bWWfL99GquzlSFy7RS006c3x/ejrDlULOrO0Xcm08kvTvQ7bY/Jdj7
C8o5+bzYXadFMYhssTaa0Oqgkywh2P48bZQboi8eGpxct5WL+ok5Dkl9A54yCF2M
QxBubJfYi4OHSO5euS9VJq97Jye8LtF2LG1PbBTbQ7NjsSMLGFZZQg9LAemFQm9B
PqRGVU122ZaZoMpd3Xx+j5SXoPCNWed4RSvWj9HrJOyE9pXF+ZDY0SiyZTWEGFgu
maFtQWsFAAbh8P00CDOA9TosMXqie0J5UY1Vw6WMcUSYDZYPRB+2Qti5+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDQHU3JjouKCPecpYRLPrhYx9qs8MB8GA1UdIwQY
MBaAFF7RpKpf0FAbPqbWn0M8LxZCEWCJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85Yzc3MDMtOGQxNC00YmMwLTg4YTkt
YjlhODZhYzNlOGJlLzEvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85Yzc3MDMtOGQxNC00YmMwLTg4YTktYjlhODZhYzNlOGJl
LzEvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs1DsZRmO
bGZcC2YTYvKtSkglBbWuzp+npr9tbkJBchj8tE9mWkVNSg7IeHcDAspKBNgOM/kW
/YjJBUz4CJzfIq6I7eVu0IjDEwecnu/SrBSCz7dnkssqnDDroY/tbFn7gltcNJAP
Is10YUyjliXvSrqpnfV46MlYo6h2VE9p2arQuTBtuefIU1ejoVXzxz6Umf4PX31H
6dnQ1oONmE/8Q8WODjJ0M4iHhX8J705484ae02kmi3sAp3wPWlFHeQFUtIL2XhNp
AvzhcelqKLO9fecKVL1dHI9QOviWP/+o8eWKn6PU26vOBHjClVySVV/nktphfYKI
sXtAu3owEWXhpw==
-----END CERTIFICATE-----