Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
File:                     hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft (raw, json)
Hash identifier:          mmCHzBzYvR64CVCqeMQDENzQgDqhkyDfO5ySE4TqffM=
Subject key identifier:   39:39:7A:19:79:3E:D0:2D:84:BD:05:94:E6:F6:E3:A6:FF:1F:48:45
Authority key identifier: 85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04
Certificate issuer:       /CN=85512d19d37946cd4c236f890469635751f5d904
Certificate serial:       019D99629023D0E5A1AB407BC5189A473000
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
Manifest number:          18BC
Signing time:             Fri 17 Apr 2026 03:01:06 +0000
Manifest this update:     Fri 17 Apr 2026 03:01:06 +0000
Manifest next update:     Sat 18 Apr 2026 03:01:06 +0000
Files and hashes:         1: hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl (hash: pqd1tqjWRFYzepCXP7An28rCkJ234GHgX70mnJxa3JI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:90:23:d0:e5:a1:ab:40:7b:c5:18:9a:47:30:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85512d19d37946cd4c236f890469635751f5d904
        Validity
            Not Before: Apr 17 03:01:06 2026 GMT
            Not After : Apr 18 03:01:06 2026 GMT
        Subject: CN=39397a19793ed02d84bd0594e6f6e3a6ff1f4845
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:85:3d:5d:cd:42:04:7c:93:26:87:b7:81:70:
                    b1:97:71:42:47:e2:8d:ad:83:7b:d0:1b:31:30:a1:
                    95:66:77:d5:aa:a1:ca:d4:e0:12:8e:85:98:ec:0e:
                    4d:d9:00:f4:6f:1c:b8:5d:c4:1d:4d:aa:a7:fb:6a:
                    22:f5:52:84:d6:28:a5:d1:8a:93:aa:e0:a0:6f:81:
                    d4:d9:17:a4:59:29:22:e6:07:db:91:c8:b9:fe:1c:
                    54:7f:c4:07:3a:da:05:8e:c4:45:bd:b6:36:81:ee:
                    02:f0:3f:c6:9d:e4:a2:77:94:c3:75:12:8e:a3:62:
                    78:95:88:81:e8:cb:10:0a:af:39:2d:0e:ad:61:a1:
                    bf:07:42:95:18:07:fb:04:d1:82:03:8f:ff:2e:cc:
                    ee:c6:3e:78:03:08:8a:ee:53:89:53:49:52:bc:17:
                    64:bf:93:f6:bd:2b:ca:63:77:ed:d4:b5:97:01:a2:
                    71:65:dd:4c:51:00:e6:dd:ee:da:57:8f:84:9e:37:
                    b2:5e:96:5d:8c:54:d8:da:20:28:60:9d:f6:52:cf:
                    0e:23:5f:2c:8a:4e:91:17:57:93:e1:f9:d1:38:e6:
                    1c:df:13:52:70:24:d8:6d:97:f4:ec:34:6b:24:bc:
                    c9:ff:57:16:87:ea:63:6f:90:6f:83:92:0c:5c:1c:
                    1a:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:39:7A:19:79:3E:D0:2D:84:BD:05:94:E6:F6:E3:A6:FF:1F:48:45
            X509v3 Authority Key Identifier:
                keyid:85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:58:69:bc:7f:17:e4:5e:4b:5d:09:33:94:ce:72:7e:fb:ad:
         a6:89:6c:9d:6d:d9:08:38:1e:a2:a0:c5:60:c7:ce:dc:5e:69:
         75:f8:bc:16:68:8a:c9:7e:c9:db:bb:c0:24:86:1f:88:36:23:
         5b:19:3b:1c:be:ea:77:c9:c1:6e:a8:fc:df:a8:36:18:1a:3c:
         2c:4f:97:0c:77:f5:90:53:99:e0:1d:dc:9d:1e:7e:da:29:31:
         63:78:d8:c9:c2:9f:ff:2e:a1:42:1c:d9:f6:c7:26:83:79:46:
         9b:1a:79:9d:e3:29:79:b4:47:18:50:70:eb:6b:7f:e1:37:c1:
         fe:b5:f5:29:a6:77:14:cf:4c:e7:6b:4e:39:7b:64:c9:f8:8f:
         4b:f2:2b:8e:16:3b:3e:c0:2b:a6:bd:43:66:62:a9:5e:f7:67:
         38:98:f6:09:e5:57:6b:01:26:d6:94:7d:8e:c0:c2:73:19:57:
         1c:23:ff:69:48:1c:5c:f3:24:66:89:f8:3b:5e:6c:7f:da:36:
         b3:b7:e5:01:f2:aa:31:4a:7c:d6:1b:ba:7f:9f:1a:fb:e3:86:
         16:a0:d1:ce:b4:c9:2b:2a:51:88:33:e9:57:c5:66:c8:de:14:
         1f:b7:3b:91:e6:b3:ba:3b:1c:3f:ff:b5:06:bc:64:47:03:c2:
         57:86:9a:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYpAj0OWhq0B7xRiaRzAAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NTEyZDE5ZDM3OTQ2Y2Q0YzIzNmY4OTA0Njk2MzU3NTFm
NWQ5MDQwHhcNMjYwNDE3MDMwMTA2WhcNMjYwNDE4MDMwMTA2WjAzMTEwLwYDVQQD
EygzOTM5N2ExOTc5M2VkMDJkODRiZDA1OTRlNmY2ZTNhNmZmMWY0ODQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4U9Xc1CBHyTJoe3gXCxl3FCR+KN
rYN70BsxMKGVZnfVqqHK1OASjoWY7A5N2QD0bxy4XcQdTaqn+2oi9VKE1iil0YqT
quCgb4HU2RekWSki5gfbkci5/hxUf8QHOtoFjsRFvbY2ge4C8D/GneSid5TDdRKO
o2J4lYiB6MsQCq85LQ6tYaG/B0KVGAf7BNGCA4//Lszuxj54AwiK7lOJU0lSvBdk
v5P2vSvKY3ft1LWXAaJxZd1MUQDm3e7aV4+EnjeyXpZdjFTY2iAoYJ32Us8OI18s
ik6RF1eT4fnROOYc3xNScCTYbZf07DRrJLzJ/1cWh+pjb5Bvg5IMXBwaIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDk5ehl5PtAthL0FlOb246b/H0hFMB8GA1UdIwQY
MBaAFIVRLRnTeUbNTCNviQRpY1dR9dkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMt
OGZmZmQ4ZjVlYmZiLzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMtOGZmZmQ4ZjVlYmZi
LzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfFhpvH8X
5F5LXQkzlM5yfvutpolsnW3ZCDgeoqDFYMfO3F5pdfi8FmiKyX7J27vAJIYfiDYj
Wxk7HL7qd8nBbqj836g2GBo8LE+XDHf1kFOZ4B3cnR5+2ikxY3jYycKf/y6hQhzZ
9scmg3lGmxp5neMpebRHGFBw62t/4TfB/rX1KaZ3FM9M52tOOXtkyfiPS/IrjhY7
PsArpr1DZmKpXvdnOJj2CeVXawEm1pR9jsDCcxlXHCP/aUgcXPMkZon4O15sf9o2
s7flAfKqMUp81hu6f58a++OGFqDRzrTJKypRiDPpV8VmyN4UH7c7keazujscP/+1
BrxkRwPCV4aakg==
-----END CERTIFICATE-----