Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
File:                     qCYCgPNU92LV7fNMisgW4cIHG1k.mft (raw, json)
Hash identifier:          3YNMBetwDm0uyaBxip/DXNH7UVoKb4XqcP7+jmPSZXE=
Subject key identifier:   B8:88:F0:CD:B8:5B:DD:C3:50:88:DB:77:14:3B:16:32:00:A6:EC:78
Authority key identifier: A8:26:02:80:F3:54:F7:62:D5:ED:F3:4C:8A:C8:16:E1:C2:07:1B:59
Certificate issuer:       /CN=a8260280f354f762d5edf34c8ac816e1c2071b59
Certificate serial:       019DCFE31CBABB53B790A4674940D17E6A63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
Manifest number:          18DB
Signing time:             Mon 27 Apr 2026 17:01:00 +0000
Manifest this update:     Mon 27 Apr 2026 17:01:00 +0000
Manifest next update:     Tue 28 Apr 2026 17:01:00 +0000
Files and hashes:         1: qCYCgPNU92LV7fNMisgW4cIHG1k.crl (hash: v08dZgIp28cYnI+Zhbhtpd5e5jROMq5jgyB/1VRibig=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 28 Apr 2026 17:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:cf:e3:1c:ba:bb:53:b7:90:a4:67:49:40:d1:7e:6a:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8260280f354f762d5edf34c8ac816e1c2071b59
        Validity
            Not Before: Apr 27 17:01:00 2026 GMT
            Not After : Apr 28 17:01:00 2026 GMT
        Subject: CN=b888f0cdb85bddc35088db77143b163200a6ec78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:c1:cc:99:0e:58:89:94:0a:20:19:6d:99:b1:
                    a1:d2:57:01:73:9f:da:72:6d:b8:8b:5e:53:d4:bd:
                    a9:58:93:fc:01:a2:8e:64:8e:61:36:28:b6:bf:5f:
                    9c:e8:18:ca:93:dd:b5:30:96:e9:22:32:08:22:a4:
                    e4:64:78:be:8b:54:53:a9:47:7e:6e:66:72:08:8b:
                    68:fb:f7:8d:51:0a:f6:49:17:5e:f9:1b:ec:bd:4d:
                    ad:54:1f:fc:3e:5d:2d:a0:80:a0:87:0e:42:eb:44:
                    15:d0:56:92:d9:b8:dc:1c:b1:3b:3b:b2:bc:e7:41:
                    6c:1d:3c:da:ab:6a:64:32:17:e1:7b:01:12:fc:75:
                    26:7d:c4:7e:e0:54:67:58:80:76:7d:ef:d4:70:3b:
                    e7:0b:44:d9:39:1f:b1:15:62:9e:6c:42:54:4d:b4:
                    ca:4c:97:9b:d0:7d:59:d9:b0:c2:4e:5e:98:54:70:
                    4e:bb:46:7e:7c:fe:ca:1a:d9:41:a9:5c:8f:a3:0e:
                    80:5d:97:34:44:f4:ba:2c:05:ed:86:2a:fe:5b:53:
                    7c:6a:7f:44:22:a0:7b:fe:59:5a:1b:60:fc:73:60:
                    9c:35:9e:dc:44:e4:a6:1a:fc:c1:72:ac:b7:1a:07:
                    bc:dc:bf:21:a7:70:9c:58:f8:4f:20:ee:5c:27:2d:
                    4e:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:88:F0:CD:B8:5B:DD:C3:50:88:DB:77:14:3B:16:32:00:A6:EC:78
            X509v3 Authority Key Identifier:
                keyid:A8:26:02:80:F3:54:F7:62:D5:ED:F3:4C:8A:C8:16:E1:C2:07:1B:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:70:47:9f:5e:1c:0d:7b:d2:d6:69:dc:9d:18:77:34:25:48:
         4d:e7:85:e1:29:5f:52:51:4c:24:52:bd:09:aa:87:f4:4e:d7:
         9c:67:bb:6e:60:c1:fe:9e:ea:34:05:ca:6d:15:d2:02:08:06:
         8e:98:c6:01:65:22:72:86:1d:a3:9d:76:01:2d:73:e9:bc:93:
         37:15:84:0b:68:0c:44:c1:c9:3f:ed:f7:aa:b9:73:75:eb:a1:
         83:ac:b1:80:11:8a:47:63:20:c1:7c:dd:f2:8a:de:98:92:55:
         98:59:1c:e8:a1:dc:c0:91:e3:6c:4f:3a:a9:89:c1:c9:98:47:
         3d:b0:57:a2:9f:a5:bf:fc:17:4e:63:d8:df:67:5b:06:ae:20:
         eb:ac:d4:3f:6c:30:af:e6:d5:a1:73:3a:81:a1:e6:2d:2f:8e:
         f5:13:b5:6e:6a:7f:ed:c3:a8:9d:5f:6e:23:fd:57:37:b2:34:
         5d:b6:8e:27:73:9a:a8:12:9c:42:31:64:85:df:13:a6:f2:72:
         42:f6:b3:93:1c:fc:3c:17:17:66:2a:a7:41:d9:3b:c4:7c:63:
         55:fc:7b:55:b9:84:a2:bc:06:61:8f:eb:d2:38:89:6e:34:de:
         39:12:52:46:41:27:c5:e3:f1:66:0b:84:0e:11:bc:35:4f:36:
         26:b8:e1:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3P4xy6u1O3kKRnSUDRfmpjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MjYwMjgwZjM1NGY3NjJkNWVkZjM0YzhhYzgxNmUxYzIw
NzFiNTkwHhcNMjYwNDI3MTcwMTAwWhcNMjYwNDI4MTcwMTAwWjAzMTEwLwYDVQQD
EyhiODg4ZjBjZGI4NWJkZGMzNTA4OGRiNzcxNDNiMTYzMjAwYTZlYzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcHMmQ5YiZQKIBltmbGh0lcBc5/a
cm24i15T1L2pWJP8AaKOZI5hNii2v1+c6BjKk921MJbpIjIIIqTkZHi+i1RTqUd+
bmZyCIto+/eNUQr2SRde+RvsvU2tVB/8Pl0toICghw5C60QV0FaS2bjcHLE7O7K8
50FsHTzaq2pkMhfhewES/HUmfcR+4FRnWIB2fe/UcDvnC0TZOR+xFWKebEJUTbTK
TJeb0H1Z2bDCTl6YVHBOu0Z+fP7KGtlBqVyPow6AXZc0RPS6LAXthir+W1N8an9E
IqB7/llaG2D8c2CcNZ7cROSmGvzBcqy3Gge83L8hp3CcWPhPIO5cJy1ONQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLiI8M24W93DUIjbdxQ7FjIApux4MB8GA1UdIwQY
MBaAFKgmAoDzVPdi1e3zTIrIFuHCBxtZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hMzAzZmQtMzZhNi00MzhkLTk2ZGEt
MTgzYTQ3YTQ1YjJhLzEvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9hMzAzZmQtMzZhNi00MzhkLTk2ZGEtMTgzYTQ3YTQ1YjJh
LzEvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWHBHn14c
DXvS1mncnRh3NCVITeeF4SlfUlFMJFK9CaqH9E7XnGe7bmDB/p7qNAXKbRXSAggG
jpjGAWUicoYdo512AS1z6byTNxWEC2gMRMHJP+33qrlzdeuhg6yxgBGKR2MgwXzd
8oremJJVmFkc6KHcwJHjbE86qYnByZhHPbBXop+lv/wXTmPY32dbBq4g66zUP2ww
r+bVoXM6gaHmLS+O9RO1bmp/7cOonV9uI/1XN7I0XbaOJ3OaqBKcQjFkhd8TpvJy
Qvazkxz8PBcXZiqnQdk7xHxjVfx7VbmEorwGYY/r0jiJbjTeORJSRkEnxePxZguE
DhG8NU82JrjhJQ==
-----END CERTIFICATE-----