Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/28b730-f5bb-4606-8365-08e10638225e/1/Mya5UKRaLGusFQX80E2UDMCWj5Y.mft
File:                     Mya5UKRaLGusFQX80E2UDMCWj5Y.mft (raw, json)
Hash identifier:          3Cf55MWLNnx5buX/qn1pLFB49Zz29Przp40hOBAoAk4=
Subject key identifier:   40:1E:C2:D8:68:D7:5E:70:9A:D3:DB:0D:A8:60:D0:D9:EC:34:12:1A
Authority key identifier: 33:26:B9:50:A4:5A:2C:6B:AC:15:05:FC:D0:4D:94:0C:C0:96:8F:96
Certificate issuer:       /CN=3326b950a45a2c6bac1505fcd04d940cc0968f96
Certificate serial:       019D38D2FA1C4AB2DA22297DD2495C103794
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mya5UKRaLGusFQX80E2UDMCWj5Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/28b730-f5bb-4606-8365-08e10638225e/1/Mya5UKRaLGusFQX80E2UDMCWj5Y.mft
Manifest number:          0778
Signing time:             Sun 29 Mar 2026 09:00:43 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:43 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:43 +0000
Files and hashes:         1: Mya5UKRaLGusFQX80E2UDMCWj5Y.crl (hash: iK4gDStspA6b5C3mr4M+A7NwUHGHpVjZ5bhQltfjmFk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/28b730-f5bb-4606-8365-08e10638225e/1/Mya5UKRaLGusFQX80E2UDMCWj5Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/28b730-f5bb-4606-8365-08e10638225e/1/Mya5UKRaLGusFQX80E2UDMCWj5Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mya5UKRaLGusFQX80E2UDMCWj5Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:fa:1c:4a:b2:da:22:29:7d:d2:49:5c:10:37:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3326b950a45a2c6bac1505fcd04d940cc0968f96
        Validity
            Not Before: Mar 29 09:00:43 2026 GMT
            Not After : Mar 30 09:00:43 2026 GMT
        Subject: CN=401ec2d868d75e709ad3db0da860d0d9ec34121a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:f1:4b:69:63:bb:cf:14:85:43:1c:74:16:0e:
                    da:25:59:42:18:8c:a5:84:83:87:91:dd:40:56:c9:
                    4c:c9:d5:d7:a9:bd:c8:31:94:52:b6:2e:0e:30:d3:
                    8f:0d:61:b1:96:64:82:c6:7a:9c:79:83:af:ac:b3:
                    0f:b8:a3:73:97:9a:5a:79:95:aa:b4:16:39:3d:0b:
                    14:22:fd:26:75:27:e2:31:54:42:05:42:e8:98:f0:
                    2c:43:18:d9:51:de:db:88:aa:fe:95:be:95:28:05:
                    44:e4:10:06:55:b0:19:c3:c5:ad:b8:07:e1:52:ed:
                    07:06:5b:aa:f9:5e:b4:87:0a:29:e7:cb:b6:62:cc:
                    f5:08:34:d4:c7:af:da:6d:f3:36:2c:46:35:da:09:
                    cd:0e:87:e3:c7:03:bd:5f:6f:65:a8:0d:5b:59:29:
                    d4:b4:78:1e:be:8a:14:5d:d4:51:26:01:b8:1f:65:
                    0a:2d:5f:7b:29:70:ad:fb:1e:1e:a7:28:44:85:7e:
                    a2:6b:7b:70:cc:c2:3b:6a:f6:4f:11:e3:bc:65:ac:
                    db:bf:c4:1e:71:c5:23:97:54:48:b2:d6:d4:05:89:
                    78:8a:c9:25:c0:3d:00:66:49:8f:a7:a0:bf:f7:8c:
                    f6:d3:68:7e:39:1d:4d:c5:12:b9:10:c0:46:73:37:
                    e2:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:1E:C2:D8:68:D7:5E:70:9A:D3:DB:0D:A8:60:D0:D9:EC:34:12:1A
            X509v3 Authority Key Identifier:
                keyid:33:26:B9:50:A4:5A:2C:6B:AC:15:05:FC:D0:4D:94:0C:C0:96:8F:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mya5UKRaLGusFQX80E2UDMCWj5Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/28b730-f5bb-4606-8365-08e10638225e/1/Mya5UKRaLGusFQX80E2UDMCWj5Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/28b730-f5bb-4606-8365-08e10638225e/1/Mya5UKRaLGusFQX80E2UDMCWj5Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:06:ba:73:06:5c:ac:ad:e1:a0:56:a9:ea:8a:59:76:ff:07:
         8c:d8:e3:13:65:a8:0d:a2:43:dc:e3:62:77:ec:03:69:b9:7f:
         67:7b:d7:bb:69:25:63:70:5f:9e:59:be:a1:5d:26:63:9e:67:
         d6:41:98:29:f0:ed:66:b1:0e:f0:8f:bf:aa:6e:cf:60:52:30:
         a3:7a:70:7e:3d:59:0b:14:aa:41:e4:19:0c:0b:0e:9d:4b:ad:
         f9:d5:9a:34:fd:cd:e9:8d:d1:0d:51:59:ea:7d:4b:35:98:81:
         15:0f:2e:32:8d:7c:a9:17:88:d5:e7:f6:92:39:93:d5:f3:22:
         e1:79:63:8b:5f:0f:ed:1a:ba:70:d0:56:6f:dd:6d:8d:ac:49:
         0c:75:8d:78:3e:15:91:5e:77:dc:f3:a2:e4:93:99:3c:53:36:
         a1:bb:97:cf:f9:3b:50:31:86:a7:ec:62:33:ac:97:53:ce:40:
         98:a1:cf:e6:21:40:07:d1:3c:02:a5:47:bb:2e:61:86:75:47:
         ed:48:5c:c8:e8:fe:f9:cf:51:f3:c9:57:6f:a2:cf:f6:49:90:
         74:7a:62:11:f7:6c:34:e6:0b:b0:bf:43:06:63:09:6e:ad:22:
         0a:90:b4:34:f2:08:e9:5f:4a:22:6a:ca:84:c8:a4:a2:8b:5f:
         78:bc:2f:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040vocSrLaIil90klcEDeUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMjZiOTUwYTQ1YTJjNmJhYzE1MDVmY2QwNGQ5NDBjYzA5
NjhmOTYwHhcNMjYwMzI5MDkwMDQzWhcNMjYwMzMwMDkwMDQzWjAzMTEwLwYDVQQD
Eyg0MDFlYzJkODY4ZDc1ZTcwOWFkM2RiMGRhODYwZDBkOWVjMzQxMjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/FLaWO7zxSFQxx0Fg7aJVlCGIyl
hIOHkd1AVslMydXXqb3IMZRSti4OMNOPDWGxlmSCxnqceYOvrLMPuKNzl5paeZWq
tBY5PQsUIv0mdSfiMVRCBULomPAsQxjZUd7biKr+lb6VKAVE5BAGVbAZw8WtuAfh
Uu0HBluq+V60hwop58u2Ysz1CDTUx6/abfM2LEY12gnNDofjxwO9X29lqA1bWSnU
tHgevooUXdRRJgG4H2UKLV97KXCt+x4epyhEhX6ia3twzMI7avZPEeO8Zazbv8Qe
ccUjl1RIstbUBYl4isklwD0AZkmPp6C/94z202h+OR1NxRK5EMBGczfinQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEAewtho115wmtPbDahg0NnsNBIaMB8GA1UdIwQY
MBaAFDMmuVCkWixrrBUF/NBNlAzAlo+WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXlhNVVLUmFMR3VzRlFYODBFMlVETUNXajVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yOGI3MzAtZjViYi00NjA2LTgzNjUt
MDhlMTA2MzgyMjVlLzEvTXlhNVVLUmFMR3VzRlFYODBFMlVETUNXajVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yOGI3MzAtZjViYi00NjA2LTgzNjUtMDhlMTA2MzgyMjVl
LzEvTXlhNVVLUmFMR3VzRlFYODBFMlVETUNXajVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIwa6cwZc
rK3hoFap6opZdv8HjNjjE2WoDaJD3ONid+wDabl/Z3vXu2klY3Bfnlm+oV0mY55n
1kGYKfDtZrEO8I+/qm7PYFIwo3pwfj1ZCxSqQeQZDAsOnUut+dWaNP3N6Y3RDVFZ
6n1LNZiBFQ8uMo18qReI1ef2kjmT1fMi4Xlji18P7Rq6cNBWb91tjaxJDHWNeD4V
kV533POi5JOZPFM2obuXz/k7UDGGp+xiM6yXU85AmKHP5iFAB9E8AqVHuy5hhnVH
7UhcyOj++c9R88lXb6LP9kmQdHpiEfdsNOYLsL9DBmMJbq0iCpC0NPII6V9KImrK
hMikootfeLwvRQ==
-----END CERTIFICATE-----