Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
File:                     1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft (raw, json)
Hash identifier:          7SvfK/+ha5EP8DOMO8k63sdIjvn9klX+pn0xAZfJHVw=
Subject key identifier:   9A:AE:45:F0:16:7C:A8:DA:D1:93:D5:93:52:6F:C2:64:48:67:D5:8F
Authority key identifier: D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5
Certificate issuer:       /CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
Certificate serial:       019E30731E02F38E299161E5F305FB253571
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
Manifest number:          0627
Signing time:             Sat 16 May 2026 11:01:51 +0000
Manifest this update:     Sat 16 May 2026 11:01:51 +0000
Manifest next update:     Sun 17 May 2026 11:01:51 +0000
Files and hashes:         1: 1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl (hash: TQqTpDcuUMjy3xD2ytUe7mRFiGKL5WeQWND518SpeLo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 11:01:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:73:1e:02:f3:8e:29:91:61:e5:f3:05:fb:25:35:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
        Validity
            Not Before: May 16 11:01:51 2026 GMT
            Not After : May 17 11:01:51 2026 GMT
        Subject: CN=9aae45f0167ca8dad193d593526fc2644867d58f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:77:a4:f5:69:07:52:e8:bd:6b:ad:1b:96:75:
                    ec:e4:cb:9c:e9:41:f6:93:f7:d3:0e:65:f0:b0:30:
                    ee:0a:38:f3:d8:d1:99:29:7d:ba:d8:67:fd:b4:b0:
                    cc:71:7a:a8:2b:d8:50:21:a4:e0:c6:a6:bd:d5:7c:
                    62:28:e3:31:c5:ad:d5:20:5c:43:75:e5:79:18:72:
                    79:b8:ff:e2:33:8f:a9:db:ce:6c:49:0b:6e:a7:c1:
                    b1:d0:6a:25:ab:f6:85:de:bb:a5:91:f2:14:0f:a4:
                    0d:b1:91:5e:bc:74:64:54:16:f9:11:16:66:5a:30:
                    32:d9:d1:1f:3a:b2:6e:ea:78:0a:df:62:c5:6b:23:
                    cd:a2:69:49:8a:a4:0c:35:67:34:04:ca:33:42:7a:
                    74:05:1b:f7:3b:4f:01:e3:ea:34:b6:44:39:70:b1:
                    a2:8a:7c:49:aa:a9:1c:07:04:f2:00:2e:4f:f7:8a:
                    d6:3b:40:ba:9f:52:d9:22:ed:d4:10:c0:fb:84:8a:
                    a9:99:4a:d9:80:e6:0d:12:06:58:c2:e6:e4:b5:45:
                    e4:6b:39:1e:ce:ba:a9:b1:53:f7:24:32:52:d5:52:
                    43:1d:cc:ac:35:0b:19:c6:78:cb:8e:0f:1e:e5:46:
                    f6:80:70:88:78:d7:8a:87:47:8d:dd:1d:37:5b:b5:
                    04:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:AE:45:F0:16:7C:A8:DA:D1:93:D5:93:52:6F:C2:64:48:67:D5:8F
            X509v3 Authority Key Identifier:
                keyid:D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:78:a4:f2:54:8f:f5:1a:60:ac:c7:f5:e8:d4:a0:9c:75:a5:
         57:91:cf:54:57:36:ad:4d:44:8b:04:ed:d1:0f:93:43:b0:6b:
         7d:6c:82:42:68:bd:fd:f0:5c:28:03:7d:35:26:41:7a:fc:c7:
         c3:b9:6b:17:1b:c4:c9:7a:83:00:67:7c:b1:07:2d:fe:da:09:
         ba:99:87:4d:50:ba:ad:88:c8:49:34:bf:94:16:7b:f6:be:ac:
         a8:2e:a1:b0:f7:6b:b0:be:83:b4:59:52:e6:ad:05:0b:63:f1:
         76:ed:6d:a5:47:59:81:3b:b5:33:ad:76:94:dc:99:63:81:42:
         4a:48:b0:13:62:58:b8:bd:2b:4e:a5:6e:b9:b6:9b:31:44:e9:
         2e:20:9a:92:b7:1d:86:89:cf:a4:ed:12:8b:24:53:92:50:3d:
         c4:e6:a7:fc:ad:86:14:c1:fa:0c:38:d7:a0:ef:a9:e3:15:d2:
         ff:c5:7b:43:b2:fd:6d:5e:9f:9e:f6:02:09:ab:e8:87:cf:3d:
         c4:01:ff:60:76:5a:8c:6d:01:fc:66:f1:4e:57:cb:02:92:8c:
         7e:4e:51:c6:04:b1:71:1c:9b:6c:30:70:8b:00:cc:13:6a:1c:
         2d:f8:03:c3:b0:ad:10:be:37:01:7f:21:2d:f8:b3:5c:4c:ef:
         59:a8:27:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wcx4C844pkWHl8wX7JTVxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZjYyM2RhNGNkMmVlZGRjMmM4N2M1MTVjNjI1MThjNDMx
ZDNmYjUwHhcNMjYwNTE2MTEwMTUxWhcNMjYwNTE3MTEwMTUxWjAzMTEwLwYDVQQD
Eyg5YWFlNDVmMDE2N2NhOGRhZDE5M2Q1OTM1MjZmYzI2NDQ4NjdkNThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonek9WkHUui9a60blnXs5Muc6UH2
k/fTDmXwsDDuCjjz2NGZKX262Gf9tLDMcXqoK9hQIaTgxqa91XxiKOMxxa3VIFxD
deV5GHJ5uP/iM4+p285sSQtup8Gx0Golq/aF3rulkfIUD6QNsZFevHRkVBb5ERZm
WjAy2dEfOrJu6ngK32LFayPNomlJiqQMNWc0BMozQnp0BRv3O08B4+o0tkQ5cLGi
inxJqqkcBwTyAC5P94rWO0C6n1LZIu3UEMD7hIqpmUrZgOYNEgZYwubktUXkazke
zrqpsVP3JDJS1VJDHcysNQsZxnjLjg8e5Ub2gHCIeNeKh0eN3R03W7UEAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJquRfAWfKja0ZPVk1JvwmRIZ9WPMB8GA1UdIwQY
MBaAFNX2I9pM0u7dwsh8UVxiUYxDHT+1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3Mzkt
MDRmMWRjZWMzMjBlLzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3MzktMDRmMWRjZWMzMjBl
LzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhHik8lSP
9RpgrMf16NSgnHWlV5HPVFc2rU1EiwTt0Q+TQ7BrfWyCQmi9/fBcKAN9NSZBevzH
w7lrFxvEyXqDAGd8sQct/toJupmHTVC6rYjISTS/lBZ79r6sqC6hsPdrsL6DtFlS
5q0FC2Pxdu1tpUdZgTu1M612lNyZY4FCSkiwE2JYuL0rTqVuubabMUTpLiCakrcd
honPpO0SiyRTklA9xOan/K2GFMH6DDjXoO+p4xXS/8V7Q7L9bV6fnvYCCavoh889
xAH/YHZajG0B/GbxTlfLApKMfk5RxgSxcRybbDBwiwDME2ocLfgDw7CtEL43AX8h
LfizXEzvWagndA==
-----END CERTIFICATE-----