Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/407213-b264-4853-9343-ee5585ae13b7/1/oLNzv45HcndefI_F-9Mpze5Eoyw.mft
File:                     oLNzv45HcndefI_F-9Mpze5Eoyw.mft (raw, json)
Hash identifier:          vZ+wzbV4boMQZOpT5w9VMMiyYubG01+F73F59i/7wHc=
Subject key identifier:   B3:C2:A0:CA:A7:E7:94:BD:24:5B:79:D9:AB:7A:A6:E5:12:81:C3:1F
Authority key identifier: A0:B3:73:BF:8E:47:72:77:5E:7C:8F:C5:FB:D3:29:CD:EE:44:A3:2C
Certificate issuer:       /CN=a0b373bf8e4772775e7c8fc5fbd329cdee44a32c
Certificate serial:       019D9B8788A79D63F1DA5374E6CADEBD233E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oLNzv45HcndefI_F-9Mpze5Eoyw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/407213-b264-4853-9343-ee5585ae13b7/1/oLNzv45HcndefI_F-9Mpze5Eoyw.mft
Manifest number:          18BF
Signing time:             Fri 17 Apr 2026 13:00:43 +0000
Manifest this update:     Fri 17 Apr 2026 13:00:43 +0000
Manifest next update:     Sat 18 Apr 2026 13:00:43 +0000
Files and hashes:         1: oLNzv45HcndefI_F-9Mpze5Eoyw.crl (hash: oL0Mo3XC6tV4k4OOsYr8dNk1C3WqTk9IGiT/Q2MjksI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/407213-b264-4853-9343-ee5585ae13b7/1/oLNzv45HcndefI_F-9Mpze5Eoyw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/407213-b264-4853-9343-ee5585ae13b7/1/oLNzv45HcndefI_F-9Mpze5Eoyw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oLNzv45HcndefI_F-9Mpze5Eoyw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:87:88:a7:9d:63:f1:da:53:74:e6:ca:de:bd:23:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0b373bf8e4772775e7c8fc5fbd329cdee44a32c
        Validity
            Not Before: Apr 17 13:00:43 2026 GMT
            Not After : Apr 18 13:00:43 2026 GMT
        Subject: CN=b3c2a0caa7e794bd245b79d9ab7aa6e51281c31f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:8f:94:f9:fb:ef:ba:e3:4a:cc:9b:25:5e:1a:
                    ff:48:4a:66:8a:bd:b4:58:59:1a:a3:63:e2:ff:7e:
                    0c:ad:98:e4:6e:a4:d6:af:54:90:f1:5b:44:00:ad:
                    45:84:92:4a:d7:d4:2a:19:91:2a:df:a1:e2:71:d6:
                    d6:a0:5b:fc:ba:89:6f:f2:a8:a5:a5:57:c3:25:7b:
                    d7:55:d2:d7:dd:c6:81:0a:07:59:0e:fa:1d:84:67:
                    f4:20:ac:93:3b:ac:f0:12:fa:30:d9:93:af:c8:3d:
                    ee:40:23:ab:95:b9:03:c7:30:92:69:ce:c5:0f:d2:
                    7b:47:90:86:0b:47:89:89:3f:b6:c9:ca:bd:00:63:
                    91:b6:69:63:be:4f:3d:1d:2c:22:b6:69:3a:26:eb:
                    78:85:e1:44:0a:c2:bf:2e:0b:27:75:cc:5c:77:4b:
                    64:bb:46:e6:77:76:b7:7d:a2:66:36:27:38:53:c0:
                    8e:43:e7:d0:7e:36:9c:1e:5b:8b:e2:43:3c:d4:99:
                    44:71:6c:77:69:20:d1:93:a1:21:da:da:43:b9:9d:
                    0f:3b:6f:4f:42:b6:76:69:04:85:fd:cc:42:81:9c:
                    32:ec:c4:6f:00:45:ea:7d:ff:20:37:4b:c7:18:f1:
                    44:e4:b3:b0:89:e9:0d:64:15:3f:48:87:6d:35:fe:
                    5e:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:C2:A0:CA:A7:E7:94:BD:24:5B:79:D9:AB:7A:A6:E5:12:81:C3:1F
            X509v3 Authority Key Identifier:
                keyid:A0:B3:73:BF:8E:47:72:77:5E:7C:8F:C5:FB:D3:29:CD:EE:44:A3:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oLNzv45HcndefI_F-9Mpze5Eoyw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/407213-b264-4853-9343-ee5585ae13b7/1/oLNzv45HcndefI_F-9Mpze5Eoyw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/407213-b264-4853-9343-ee5585ae13b7/1/oLNzv45HcndefI_F-9Mpze5Eoyw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:ae:24:ac:df:8c:9e:e3:09:86:62:d0:ec:c6:6d:e1:b6:c9:
         b3:58:cd:f4:f2:60:bb:74:31:a6:a6:e1:cb:9d:2c:ac:33:ab:
         0c:5a:a7:6c:46:ba:06:b9:d0:f3:50:54:97:5d:dd:f5:97:bc:
         cc:57:17:1c:57:e9:eb:0a:81:4e:67:b4:0e:a6:4b:d9:64:e0:
         c4:b6:37:20:c8:3f:14:2f:53:dd:06:e7:03:0b:52:3c:51:b2:
         47:da:f8:e8:39:ce:21:0c:aa:23:8a:3c:2d:7a:e6:27:63:69:
         7d:ea:3f:52:05:df:6c:d7:40:a7:ea:70:7b:51:a7:60:5d:a0:
         0c:72:1e:3e:59:63:a5:66:1f:b7:35:5d:e1:dd:3f:43:1d:7e:
         c0:4c:ef:cc:7f:ac:d2:ac:4c:c2:28:24:6c:71:10:d6:17:15:
         a5:fb:08:5a:7d:07:5a:98:da:de:d4:3d:02:33:d4:a2:06:d3:
         6f:74:16:c2:c6:75:44:cc:a6:2e:33:cb:19:a8:0d:9d:00:03:
         24:6b:81:c5:32:60:89:fd:15:24:d6:b9:15:2d:50:7b:f6:31:
         90:bd:0b:ec:9e:f7:38:44:f2:ce:8c:1f:8c:04:97:64:46:f6:
         98:fd:ea:c6:18:4d:b4:01:a3:91:d6:1b:3e:9a:b6:10:aa:8e:
         a8:bb:ee:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bh4innWPx2lN05srevSM+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYjM3M2JmOGU0NzcyNzc1ZTdjOGZjNWZiZDMyOWNkZWU0
NGEzMmMwHhcNMjYwNDE3MTMwMDQzWhcNMjYwNDE4MTMwMDQzWjAzMTEwLwYDVQQD
EyhiM2MyYTBjYWE3ZTc5NGJkMjQ1Yjc5ZDlhYjdhYTZlNTEyODFjMzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4+U+fvvuuNKzJslXhr/SEpmir20
WFkao2Pi/34MrZjkbqTWr1SQ8VtEAK1FhJJK19QqGZEq36HicdbWoFv8uolv8qil
pVfDJXvXVdLX3caBCgdZDvodhGf0IKyTO6zwEvow2ZOvyD3uQCOrlbkDxzCSac7F
D9J7R5CGC0eJiT+2ycq9AGORtmljvk89HSwitmk6Jut4heFECsK/Lgsndcxcd0tk
u0bmd3a3faJmNic4U8COQ+fQfjacHluL4kM81JlEcWx3aSDRk6Eh2tpDuZ0PO29P
QrZ2aQSF/cxCgZwy7MRvAEXqff8gN0vHGPFE5LOwiekNZBU/SIdtNf5ewwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLPCoMqn55S9JFt52at6puUSgcMfMB8GA1UdIwQY
MBaAFKCzc7+OR3J3XnyPxfvTKc3uRKMsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0xOenY0NUhjbmRlZklfRi05TXB6ZTVFb3l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi80MDcyMTMtYjI2NC00ODUzLTkzNDMt
ZWU1NTg1YWUxM2I3LzEvb0xOenY0NUhjbmRlZklfRi05TXB6ZTVFb3l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi80MDcyMTMtYjI2NC00ODUzLTkzNDMtZWU1NTg1YWUxM2I3
LzEvb0xOenY0NUhjbmRlZklfRi05TXB6ZTVFb3l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk64krN+M
nuMJhmLQ7MZt4bbJs1jN9PJgu3Qxpqbhy50srDOrDFqnbEa6BrnQ81BUl13d9Ze8
zFcXHFfp6wqBTme0DqZL2WTgxLY3IMg/FC9T3QbnAwtSPFGyR9r46DnOIQyqI4o8
LXrmJ2Npfeo/UgXfbNdAp+pwe1GnYF2gDHIePlljpWYftzVd4d0/Qx1+wEzvzH+s
0qxMwigkbHEQ1hcVpfsIWn0HWpja3tQ9AjPUogbTb3QWwsZ1RMymLjPLGagNnQAD
JGuBxTJgif0VJNa5FS1Qe/YxkL0L7J73OETyzowfjASXZEb2mP3qxhhNtAGjkdYb
Ppq2EKqOqLvuKw==
-----END CERTIFICATE-----