Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft
File:                     Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft (raw, json)
Hash identifier:          q3YVGBMEH5eii4S/+Ap/B6m1gnW2PPNYW3GleCse1QA=
Subject key identifier:   D8:E5:FB:A4:46:7B:BB:40:D5:99:EC:05:A7:B3:CA:46:74:F1:C5:66
Authority key identifier: 23:28:72:F4:31:AD:A9:B6:82:6C:5F:08:97:EC:4E:53:42:09:2E:98
Certificate issuer:       /CN=232872f431ada9b6826c5f0897ec4e5342092e98
Certificate serial:       019D37F70FB97075E4D960EF41773B5C3D05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft
Manifest number:          05EF
Signing time:             Sun 29 Mar 2026 05:00:31 +0000
Manifest this update:     Sun 29 Mar 2026 05:00:31 +0000
Manifest next update:     Mon 30 Mar 2026 05:00:31 +0000
Files and hashes:         1: Iyhy9DGtqbaCbF8Il-xOU0IJLpg.crl (hash: U0GtsgBKK3p4MQB3HrHgX4Mh7sP8Eo8cc7Vrx/k+KZs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 05:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:f7:0f:b9:70:75:e4:d9:60:ef:41:77:3b:5c:3d:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=232872f431ada9b6826c5f0897ec4e5342092e98
        Validity
            Not Before: Mar 29 05:00:31 2026 GMT
            Not After : Mar 30 05:00:31 2026 GMT
        Subject: CN=d8e5fba4467bbb40d599ec05a7b3ca4674f1c566
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:55:b7:24:f0:59:4b:bc:6c:e7:63:79:aa:a6:
                    14:19:f8:21:f9:2e:14:50:df:8f:f9:07:4c:72:da:
                    c5:63:9f:1d:d3:fd:9d:f3:8c:aa:06:56:f0:a1:d6:
                    cf:52:da:e0:76:b8:2b:39:c1:fd:7f:ee:13:04:fc:
                    c6:91:c0:f9:ff:4c:30:3b:7d:38:f4:ca:99:5c:a0:
                    39:dc:65:a3:01:2e:8b:10:4f:f1:3e:04:bd:c9:aa:
                    82:46:8f:68:ab:68:7d:e7:6f:fc:e6:25:05:ea:75:
                    e9:e8:bd:12:68:dc:95:68:bc:c2:d2:ec:57:67:2b:
                    73:38:fc:c6:91:37:f5:bb:f5:a1:03:a7:1c:81:3c:
                    36:1a:27:c2:e3:ac:79:63:f9:f5:fb:94:2d:b5:ff:
                    3f:7e:e5:da:5b:71:50:93:45:b1:a2:27:71:6d:c8:
                    41:14:17:76:a3:5c:6b:4f:c1:5a:ab:49:51:44:43:
                    95:da:79:86:f7:08:6c:07:b6:e2:6d:49:02:8b:7b:
                    77:a3:7d:c4:7e:c1:43:10:fe:ad:e0:71:8e:19:64:
                    b5:9d:c0:1b:7a:b3:c5:37:77:86:6e:7a:7c:8c:37:
                    d5:3c:a7:35:ba:51:ca:8f:69:c6:46:fd:c8:a5:c9:
                    cf:60:84:0b:4d:42:c6:4f:55:39:73:27:29:1b:fa:
                    c8:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:E5:FB:A4:46:7B:BB:40:D5:99:EC:05:A7:B3:CA:46:74:F1:C5:66
            X509v3 Authority Key Identifier:
                keyid:23:28:72:F4:31:AD:A9:B6:82:6C:5F:08:97:EC:4E:53:42:09:2E:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:cd:a7:09:5c:30:27:ba:4e:ad:97:a0:d0:ed:5f:26:34:e0:
         46:51:e7:6f:16:ac:a2:bc:fb:aa:a9:28:f2:b3:37:7a:1f:6f:
         8b:f4:83:75:04:3f:c1:df:c4:4c:6f:de:d7:37:a9:dc:0d:4d:
         4f:46:87:e4:6c:df:c3:0c:32:c6:c5:f2:57:4d:b6:a2:a3:ef:
         6d:f6:d9:42:99:01:8e:22:df:93:da:8c:11:1b:89:35:2b:b8:
         61:01:a0:28:19:d5:42:39:47:ca:96:71:ab:57:cb:2e:84:54:
         99:03:7b:92:6e:ae:4a:de:fe:1d:78:0e:7c:49:a0:bd:21:ac:
         19:7f:85:71:e8:a4:f9:12:35:c4:47:26:d2:ac:43:b8:b9:34:
         a8:af:e5:6a:64:7a:2d:fb:2e:0e:5e:eb:97:da:8b:ed:3a:0b:
         d0:89:e8:61:0d:fc:a4:1f:67:f3:ba:91:c6:e5:5e:de:1d:d7:
         df:be:79:7f:ad:8f:72:c0:16:0c:7d:3a:9c:0b:d9:5f:65:55:
         54:99:6e:ab:2c:01:91:83:ff:c6:67:e1:75:13:e4:10:5c:64:
         9d:89:69:6e:81:78:6d:bf:b2:18:1a:f2:db:a2:f9:31:32:42:
         62:38:27:fd:ba:17:aa:50:36:cb:4b:1c:ab:99:21:51:be:e5:
         c1:ed:26:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ039w+5cHXk2WDvQXc7XD0FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMjg3MmY0MzFhZGE5YjY4MjZjNWYwODk3ZWM0ZTUzNDIw
OTJlOTgwHhcNMjYwMzI5MDUwMDMxWhcNMjYwMzMwMDUwMDMxWjAzMTEwLwYDVQQD
EyhkOGU1ZmJhNDQ2N2JiYjQwZDU5OWVjMDVhN2IzY2E0Njc0ZjFjNTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVW3JPBZS7xs52N5qqYUGfgh+S4U
UN+P+QdMctrFY58d0/2d84yqBlbwodbPUtrgdrgrOcH9f+4TBPzGkcD5/0wwO304
9MqZXKA53GWjAS6LEE/xPgS9yaqCRo9oq2h952/85iUF6nXp6L0SaNyVaLzC0uxX
ZytzOPzGkTf1u/WhA6ccgTw2GifC46x5Y/n1+5Qttf8/fuXaW3FQk0WxoidxbchB
FBd2o1xrT8Faq0lRREOV2nmG9whsB7bibUkCi3t3o33EfsFDEP6t4HGOGWS1ncAb
erPFN3eGbnp8jDfVPKc1ulHKj2nGRv3IpcnPYIQLTULGT1U5cycpG/rIMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNjl+6RGe7tA1ZnsBaezykZ08cVmMB8GA1UdIwQY
MBaAFCMocvQxram2gmxfCJfsTlNCCS6YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXloeTlER3RxYmFDYkY4SWwteE9VMElKTHBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi83NDcyZjktYjQwMy00MmUwLWIzMDYt
NzFhYTYzMTI1MTI4LzEvSXloeTlER3RxYmFDYkY4SWwteE9VMElKTHBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi83NDcyZjktYjQwMy00MmUwLWIzMDYtNzFhYTYzMTI1MTI4
LzEvSXloeTlER3RxYmFDYkY4SWwteE9VMElKTHBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAls2nCVww
J7pOrZeg0O1fJjTgRlHnbxasorz7qqko8rM3eh9vi/SDdQQ/wd/ETG/e1zep3A1N
T0aH5GzfwwwyxsXyV022oqPvbfbZQpkBjiLfk9qMERuJNSu4YQGgKBnVQjlHypZx
q1fLLoRUmQN7km6uSt7+HXgOfEmgvSGsGX+Fceik+RI1xEcm0qxDuLk0qK/lamR6
LfsuDl7rl9qL7ToL0InoYQ38pB9n87qRxuVe3h3X3755f62PcsAWDH06nAvZX2VV
VJluqywBkYP/xmfhdRPkEFxknYlpboF4bb+yGBry26L5MTJCYjgn/boXqlA2y0sc
q5khUb7lwe0mmw==
-----END CERTIFICATE-----