Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
File:                     U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft (raw, json)
Hash identifier:          DE5iQotZ8B5h7OTYhaP39ZgcNUv1P2nfNAvASZuenZ8=
Subject key identifier:   29:28:C7:04:31:89:A0:CF:D8:95:88:25:DC:23:BE:11:AA:D2:84:1E
Authority key identifier: 53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E
Certificate issuer:       /CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
Certificate serial:       019D98F4C9C1084CFBF200159F733458D4E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 01:01:12 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:12 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:12 +0000
Files and hashes:         1: U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl (hash: UrmNgd+thgxKqkY8x9y6o1VpB6SofxaQEKYbnEUHNl8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:c9:c1:08:4c:fb:f2:00:15:9f:73:34:58:d4:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
        Validity
            Not Before: Apr 17 01:01:12 2026 GMT
            Not After : Apr 18 01:01:12 2026 GMT
        Subject: CN=2928c7043189a0cfd8958825dc23be11aad2841e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:0c:14:74:2e:db:03:9d:ea:ad:a0:58:75:89:
                    17:ab:e8:6e:74:c3:1b:87:e4:48:dc:1c:cc:ff:40:
                    f1:dd:54:68:5b:35:fb:76:b0:b2:85:d1:1e:ef:ce:
                    2d:5b:de:ae:6a:8b:2b:a3:18:ba:8e:9e:ce:97:e9:
                    25:b0:e6:ae:68:de:b4:e5:f9:00:83:0d:ea:0d:34:
                    60:62:80:e5:62:7f:07:66:f6:82:f1:c8:ad:c2:2e:
                    31:f5:19:a6:4f:12:3a:42:ec:49:f2:24:57:cb:fd:
                    eb:05:95:94:64:33:d4:48:63:db:af:be:5c:f8:eb:
                    3e:b0:5d:66:2d:71:46:a1:45:e0:a4:8b:24:d9:da:
                    3f:24:b0:88:4f:fa:f9:fc:67:ca:05:e4:e8:cd:ac:
                    d4:9b:19:fa:3d:1b:e7:2b:b7:02:ad:13:61:01:7b:
                    5b:dd:4a:6d:08:54:82:c7:01:61:c3:3d:17:f3:37:
                    12:5e:06:93:65:bc:60:f4:49:68:16:77:92:94:55:
                    37:3f:26:fe:3c:b6:75:3a:f7:f1:ef:2e:a5:dc:c3:
                    0a:d7:73:04:a6:ba:1f:2f:46:82:b3:f7:fd:09:fc:
                    b8:c8:5a:f9:06:ca:1c:c0:65:14:f6:50:a5:36:b0:
                    33:13:a8:ee:12:05:08:fc:2e:c1:97:f6:b0:ca:f6:
                    c8:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:28:C7:04:31:89:A0:CF:D8:95:88:25:DC:23:BE:11:AA:D2:84:1E
            X509v3 Authority Key Identifier:
                keyid:53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:e8:37:d1:db:20:28:e7:1c:88:d5:05:0f:01:91:7f:e2:2b:
         8c:db:c5:db:b9:46:a7:18:20:94:66:e4:a1:88:f0:2b:78:1d:
         a2:1e:19:e2:73:7c:f0:3f:90:a7:2e:9d:39:e7:41:28:18:98:
         29:aa:4b:53:24:0d:70:b9:7f:04:61:b5:4e:01:9d:c3:e0:6e:
         70:3c:d3:7e:02:38:46:cc:7d:87:f7:58:b0:9a:20:64:2c:5f:
         72:52:68:18:c6:23:aa:d0:e8:9f:ba:9a:89:b3:a5:61:ea:52:
         20:65:c1:dd:c9:1b:16:5b:1e:cd:a5:f3:0a:3b:3a:15:12:f1:
         fe:96:2c:b3:87:60:85:96:69:c2:4b:84:83:e5:e4:9a:68:bb:
         3a:5d:58:a8:5e:9c:03:e6:47:84:21:0b:e4:b2:df:e2:ec:22:
         33:0f:d3:4c:32:58:75:9b:7d:3e:50:a2:24:2d:3c:60:f7:19:
         30:a1:90:3f:6f:4e:b4:4e:68:ff:5d:ce:5f:c2:6b:ab:f3:16:
         6b:05:02:00:a5:91:66:7b:dc:4c:61:c2:57:f1:1d:13:bf:f3:
         2c:31:dd:cb:de:eb:49:48:06:b0:e9:ec:0b:df:80:cb:08:ef:
         0f:12:d1:3b:74:68:67:25:b0:55:cb:cd:90:c2:f0:76:67:79:
         22:af:5b:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9MnBCEz78gAVn3M0WNThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOGIwNjJjYjU0MjZmMDBlNjUzNzNlZWY0ZTRjZDhhMWMy
N2Y2OGUwHhcNMjYwNDE3MDEwMTEyWhcNMjYwNDE4MDEwMTEyWjAzMTEwLwYDVQQD
EygyOTI4YzcwNDMxODlhMGNmZDg5NTg4MjVkYzIzYmUxMWFhZDI4NDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7gwUdC7bA53qraBYdYkXq+hudMMb
h+RI3BzM/0Dx3VRoWzX7drCyhdEe784tW96uaosroxi6jp7Ol+klsOauaN605fkA
gw3qDTRgYoDlYn8HZvaC8citwi4x9RmmTxI6QuxJ8iRXy/3rBZWUZDPUSGPbr75c
+Os+sF1mLXFGoUXgpIsk2do/JLCIT/r5/GfKBeTozazUmxn6PRvnK7cCrRNhAXtb
3UptCFSCxwFhwz0X8zcSXgaTZbxg9EloFneSlFU3Pyb+PLZ1Ovfx7y6l3MMK13ME
profL0aCs/f9Cfy4yFr5BsocwGUU9lClNrAzE6juEgUI/C7Bl/awyvbIOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCkoxwQxiaDP2JWIJdwjvhGq0oQeMB8GA1UdIwQY
MBaAFFOLBiy1Qm8A5lNz7vTkzYocJ/aOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUt
MjBjOGFiOTI2OTZmLzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUtMjBjOGFiOTI2OTZm
LzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV+g30dsg
KOcciNUFDwGRf+IrjNvF27lGpxgglGbkoYjwK3gdoh4Z4nN88D+Qpy6dOedBKBiY
KapLUyQNcLl/BGG1TgGdw+BucDzTfgI4Rsx9h/dYsJogZCxfclJoGMYjqtDon7qa
ibOlYepSIGXB3ckbFlsezaXzCjs6FRLx/pYss4dghZZpwkuEg+Xkmmi7Ol1YqF6c
A+ZHhCEL5LLf4uwiMw/TTDJYdZt9PlCiJC08YPcZMKGQP29OtE5o/13OX8Jrq/MW
awUCAKWRZnvcTGHCV/EdE7/zLDHdy97rSUgGsOnsC9+AywjvDxLRO3RoZyWwVcvN
kMLwdmd5Iq9bdQ==
-----END CERTIFICATE-----