Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
File:                     pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft (raw, json)
Hash identifier:          EyIaHYnZQMJ6tgOKRdmuJ2T2eQDVRetJoojt32OFDsg=
Subject key identifier:   E2:01:56:EB:C5:88:20:4B:63:DC:4C:AA:93:AB:98:2D:54:FD:65:A3
Authority key identifier: A5:8E:FD:10:8D:4C:5B:0F:4F:9A:88:AE:53:BB:7F:EC:9D:59:4B:92
Certificate issuer:       /CN=a58efd108d4c5b0f4f9a88ae53bb7fec9d594b92
Certificate serial:       019D3865A75821902E11047ABC19F4630565
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
Manifest number:          138C
Signing time:             Sun 29 Mar 2026 07:01:19 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:19 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:19 +0000
Files and hashes:         1: pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl (hash: /2Ejx7as7mgCCoAKbTs0EKl7d+EVBJA4SZnozzfQkTc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:a7:58:21:90:2e:11:04:7a:bc:19:f4:63:05:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a58efd108d4c5b0f4f9a88ae53bb7fec9d594b92
        Validity
            Not Before: Mar 29 07:01:19 2026 GMT
            Not After : Mar 30 07:01:19 2026 GMT
        Subject: CN=e20156ebc588204b63dc4caa93ab982d54fd65a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:61:ef:58:5a:08:ad:9a:92:43:80:1b:8d:81:
                    dc:fb:bf:87:e4:17:a6:46:2d:8c:65:52:da:69:6e:
                    6f:c6:e8:98:0b:61:67:fb:a7:d5:96:b5:a5:44:3e:
                    4f:66:19:a0:5b:d6:ed:40:99:5f:59:17:6a:e0:5d:
                    12:46:95:52:a6:87:f7:28:bf:00:06:1c:b9:59:c2:
                    68:fb:dd:2f:d4:04:0f:69:af:f7:cb:01:21:61:a1:
                    63:2d:17:48:82:87:7c:a7:dd:c3:be:62:23:a8:2f:
                    e9:94:aa:88:74:6f:73:6c:25:a1:84:19:5a:e7:d9:
                    1c:f9:8f:fd:e8:62:f6:5e:08:59:cb:89:27:81:c2:
                    d6:57:51:e9:d1:3e:1a:8a:bc:9f:5a:b4:bc:7c:57:
                    6c:7f:bc:32:5d:66:dc:4f:2f:95:61:db:df:ee:2c:
                    3f:c1:0c:a1:4d:70:58:6f:46:8a:06:85:f2:78:81:
                    08:bb:a8:13:a8:7c:0b:14:0c:5b:a1:6c:1c:f0:0c:
                    39:fa:99:f0:d2:f4:d3:68:59:db:dd:d7:90:96:59:
                    6d:07:a4:31:07:bf:a0:c9:80:da:fa:b9:8c:64:4c:
                    67:46:e4:63:48:9e:d9:49:0d:25:6b:06:dd:3f:37:
                    a8:a0:c9:c6:a0:77:ba:8a:d1:8b:e3:65:9d:b7:c0:
                    9a:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:01:56:EB:C5:88:20:4B:63:DC:4C:AA:93:AB:98:2D:54:FD:65:A3
            X509v3 Authority Key Identifier:
                keyid:A5:8E:FD:10:8D:4C:5B:0F:4F:9A:88:AE:53:BB:7F:EC:9D:59:4B:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:d5:b9:b9:b0:47:7d:f5:76:e3:3b:69:df:70:37:42:73:b4:
         83:ff:a4:d8:89:b9:4c:e0:55:67:5f:df:aa:a1:e1:44:01:b2:
         3e:08:be:20:66:21:83:8f:c1:f3:c3:d6:51:12:b3:4e:51:97:
         e0:3d:9a:5d:2e:41:af:a2:a0:a5:de:4d:8b:1e:64:5c:95:b8:
         80:eb:2c:45:92:b0:62:2c:c1:de:f4:58:0b:0d:59:6a:7b:fb:
         a5:4f:7a:26:8b:d4:96:c2:1d:ed:a0:e4:ae:4a:c8:ba:90:f1:
         f2:cd:be:83:a1:17:06:b0:d1:5c:73:19:c2:3e:95:85:6d:25:
         5f:e4:b5:ff:e2:03:42:95:57:8e:86:3f:a1:9f:bf:73:d0:c2:
         62:4a:48:3f:ec:d2:b0:ce:d2:4e:79:3c:1a:68:33:2f:6e:08:
         40:5c:46:dd:00:66:4c:df:9d:e9:fe:54:d1:73:75:73:d1:04:
         e4:35:03:bb:88:a8:c5:15:ae:84:c0:4c:92:46:61:d2:84:18:
         e2:b9:23:70:62:0f:15:da:ec:14:5f:a0:33:87:ec:32:68:a9:
         71:05:63:5c:4c:a3:21:64:f0:9f:89:0b:d6:88:1f:fd:b6:fe:
         84:fa:a0:1e:1d:44:5a:f0:3d:d0:6d:cd:d0:7a:c5:1d:e2:25:
         03:99:d4:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZadYIZAuEQR6vBn0YwVlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OGVmZDEwOGQ0YzViMGY0ZjlhODhhZTUzYmI3ZmVjOWQ1
OTRiOTIwHhcNMjYwMzI5MDcwMTE5WhcNMjYwMzMwMDcwMTE5WjAzMTEwLwYDVQQD
EyhlMjAxNTZlYmM1ODgyMDRiNjNkYzRjYWE5M2FiOTgyZDU0ZmQ2NWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmHvWFoIrZqSQ4AbjYHc+7+H5Bem
Ri2MZVLaaW5vxuiYC2Fn+6fVlrWlRD5PZhmgW9btQJlfWRdq4F0SRpVSpof3KL8A
Bhy5WcJo+90v1AQPaa/3ywEhYaFjLRdIgod8p93DvmIjqC/plKqIdG9zbCWhhBla
59kc+Y/96GL2XghZy4kngcLWV1Hp0T4airyfWrS8fFdsf7wyXWbcTy+VYdvf7iw/
wQyhTXBYb0aKBoXyeIEIu6gTqHwLFAxboWwc8Aw5+pnw0vTTaFnb3deQllltB6Qx
B7+gyYDa+rmMZExnRuRjSJ7ZSQ0lawbdPzeooMnGoHe6itGL42Wdt8CaRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOIBVuvFiCBLY9xMqpOrmC1U/WWjMB8GA1UdIwQY
MBaAFKWO/RCNTFsPT5qIrlO7f+ydWUuSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hM2I1YjItNjYzOC00YTRiLTliODUt
MTVjYzVkYTA3ODI2LzEvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hM2I1YjItNjYzOC00YTRiLTliODUtMTVjYzVkYTA3ODI2
LzEvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAptW5ubBH
ffV24ztp33A3QnO0g/+k2Im5TOBVZ1/fqqHhRAGyPgi+IGYhg4/B88PWURKzTlGX
4D2aXS5Br6Kgpd5Nix5kXJW4gOssRZKwYizB3vRYCw1Zanv7pU96JovUlsId7aDk
rkrIupDx8s2+g6EXBrDRXHMZwj6VhW0lX+S1/+IDQpVXjoY/oZ+/c9DCYkpIP+zS
sM7STnk8GmgzL24IQFxG3QBmTN+d6f5U0XN1c9EE5DUDu4ioxRWuhMBMkkZh0oQY
4rkjcGIPFdrsFF+gM4fsMmipcQVjXEyjIWTwn4kL1ogf/bb+hPqgHh1EWvA90G3N
0HrFHeIlA5nUKg==
-----END CERTIFICATE-----