Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
File:                     bn-6EaMdOqkN48e7i1bTzQbmvnU.mft (raw, json)
Hash identifier:          mEXz2gDiaMma9LX2cf8aqVnhM5YzFx5ixHU2lFCz4/Y=
Subject key identifier:   DE:23:60:DE:AB:90:40:B2:E6:6A:69:7E:B8:C7:16:CB:79:45:F9:4A
Authority key identifier: 6E:7F:BA:11:A3:1D:3A:A9:0D:E3:C7:BB:8B:56:D3:CD:06:E6:BE:75
Certificate issuer:       /CN=6e7fba11a31d3aa90de3c7bb8b56d3cd06e6be75
Certificate serial:       019D9AE29E0EF2BF090EEEC647214B94892C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
Manifest number:          18A8
Signing time:             Fri 17 Apr 2026 10:00:35 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:35 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:35 +0000
Files and hashes:         1: bn-6EaMdOqkN48e7i1bTzQbmvnU.crl (hash: IBkW002BPgjlaQl6atawO0139XHrF2T8xhGAasUF/6Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 10:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:9e:0e:f2:bf:09:0e:ee:c6:47:21:4b:94:89:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e7fba11a31d3aa90de3c7bb8b56d3cd06e6be75
        Validity
            Not Before: Apr 17 10:00:35 2026 GMT
            Not After : Apr 18 10:00:35 2026 GMT
        Subject: CN=de2360deab9040b2e66a697eb8c716cb7945f94a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:00:d7:84:9a:21:d5:28:63:0d:a5:ad:04:04:
                    58:5b:28:db:dc:e0:e2:80:ca:85:81:4c:f8:b1:e7:
                    60:0c:52:45:74:a5:0b:28:50:da:55:f9:57:07:03:
                    bd:47:dc:85:8c:bf:1b:11:23:e0:95:12:9d:87:ed:
                    86:7f:8d:a9:6a:37:2f:2a:00:12:54:7b:d3:ea:bc:
                    70:81:2b:51:1a:df:e7:86:3a:8e:88:2a:60:54:f5:
                    3b:d7:fb:71:20:27:af:2c:8a:a6:48:e2:2e:d0:03:
                    94:81:5d:5e:5a:4c:37:c0:36:bc:d2:d8:d0:b0:05:
                    65:3e:b5:b2:ea:92:c3:78:65:f2:15:18:d1:ad:51:
                    3a:05:08:ac:ec:9c:02:24:69:f9:56:bf:33:ac:7d:
                    ec:d4:58:d3:1d:01:99:9c:d4:95:4a:2a:0e:a9:40:
                    9a:59:b2:c9:c3:7c:74:61:57:2a:9f:c5:26:0f:27:
                    18:19:f0:d1:96:ed:ca:02:db:5d:75:99:71:f9:97:
                    a1:15:a4:d1:4a:31:48:9c:fb:be:d0:21:62:6f:84:
                    45:16:68:17:5e:2d:0a:64:65:96:bb:fe:06:f5:60:
                    73:1d:aa:5f:b2:93:65:05:1b:c7:a5:3e:b5:12:c9:
                    9a:7b:4e:ce:16:04:e7:be:df:34:45:15:e5:50:a1:
                    95:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:23:60:DE:AB:90:40:B2:E6:6A:69:7E:B8:C7:16:CB:79:45:F9:4A
            X509v3 Authority Key Identifier:
                keyid:6E:7F:BA:11:A3:1D:3A:A9:0D:E3:C7:BB:8B:56:D3:CD:06:E6:BE:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bn-6EaMdOqkN48e7i1bTzQbmvnU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/52ef7c-9a36-4362-8e7f-6394214a122c/1/bn-6EaMdOqkN48e7i1bTzQbmvnU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:e5:51:40:1f:2e:98:a2:5f:bb:61:82:d0:7c:02:a1:6c:33:
         e7:1f:a7:1b:64:7b:2f:7a:7f:f0:36:75:d9:ad:13:aa:bb:d3:
         26:c3:9c:31:1a:88:1d:5a:e7:cf:56:e0:4d:06:de:89:2f:c1:
         21:67:fb:bc:25:3e:d5:8c:fb:68:a9:73:fd:ee:db:9f:12:c7:
         e9:cd:45:74:97:89:b8:82:4c:79:07:f2:f7:a8:d1:33:8c:2d:
         c3:c7:d6:7b:e8:aa:d5:61:8b:fe:38:72:88:c3:e0:0a:0a:aa:
         e3:c7:73:29:4a:cd:0b:ac:09:55:86:a8:f5:2a:80:19:61:82:
         a9:fd:38:40:81:87:7f:09:54:fc:70:e8:c3:ab:66:37:44:6c:
         26:69:5e:8b:ef:5c:c0:20:19:ac:f4:ba:c2:08:15:a5:89:27:
         b3:67:64:73:20:8a:b2:24:16:db:ca:90:da:ce:50:6d:ad:8a:
         f4:40:90:8c:7d:b7:fc:57:b3:45:ce:20:b2:55:a3:c1:e3:fc:
         8a:65:4d:6a:ed:94:56:56:7f:06:3c:02:42:8f:00:4e:60:c7:
         fe:a8:3b:18:05:ec:2a:6a:ee:a2:47:c9:ee:31:28:0f:af:7e:
         12:e5:d6:e9:f6:8d:40:64:bf:44:f7:e5:ed:b8:ec:cf:99:86:
         c7:89:06:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4p4O8r8JDu7GRyFLlIksMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlN2ZiYTExYTMxZDNhYTkwZGUzYzdiYjhiNTZkM2NkMDZl
NmJlNzUwHhcNMjYwNDE3MTAwMDM1WhcNMjYwNDE4MTAwMDM1WjAzMTEwLwYDVQQD
EyhkZTIzNjBkZWFiOTA0MGIyZTY2YTY5N2ViOGM3MTZjYjc5NDVmOTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQDXhJoh1ShjDaWtBARYWyjb3ODi
gMqFgUz4sedgDFJFdKULKFDaVflXBwO9R9yFjL8bESPglRKdh+2Gf42pajcvKgAS
VHvT6rxwgStRGt/nhjqOiCpgVPU71/txICevLIqmSOIu0AOUgV1eWkw3wDa80tjQ
sAVlPrWy6pLDeGXyFRjRrVE6BQis7JwCJGn5Vr8zrH3s1FjTHQGZnNSVSioOqUCa
WbLJw3x0YVcqn8UmDycYGfDRlu3KAttddZlx+ZehFaTRSjFInPu+0CFib4RFFmgX
Xi0KZGWWu/4G9WBzHapfspNlBRvHpT61Esmae07OFgTnvt80RRXlUKGVbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN4jYN6rkECy5mppfrjHFst5RflKMB8GA1UdIwQY
MBaAFG5/uhGjHTqpDePHu4tW080G5r51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi81MmVmN2MtOWEzNi00MzYyLThlN2Yt
NjM5NDIxNGExMjJjLzEvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi81MmVmN2MtOWEzNi00MzYyLThlN2YtNjM5NDIxNGExMjJj
LzEvYm4tNkVhTWRPcWtONDhlN2kxYlR6UWJtdm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoeVRQB8u
mKJfu2GC0HwCoWwz5x+nG2R7L3p/8DZ12a0TqrvTJsOcMRqIHVrnz1bgTQbeiS/B
IWf7vCU+1Yz7aKlz/e7bnxLH6c1FdJeJuIJMeQfy96jRM4wtw8fWe+iq1WGL/jhy
iMPgCgqq48dzKUrNC6wJVYao9SqAGWGCqf04QIGHfwlU/HDow6tmN0RsJmlei+9c
wCAZrPS6wggVpYkns2dkcyCKsiQW28qQ2s5Qba2K9ECQjH23/FezRc4gslWjweP8
imVNau2UVlZ/BjwCQo8ATmDH/qg7GAXsKmruokfJ7jEoD69+EuXW6faNQGS/RPfl
7bjsz5mGx4kG2Q==
-----END CERTIFICATE-----