Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
File:                     orLY2dCvlBb6vW8gNfpyiO-XyME.mft (raw, json)
Hash identifier:          b+QPmqteqZ/HDylCteJLviRd3xryvGdSyNQMBccrI9E=
Subject key identifier:   C7:DC:1B:9F:54:EB:80:22:A1:83:F2:7F:7F:D7:A6:50:A6:D1:1E:2A
Authority key identifier: A2:B2:D8:D9:D0:AF:94:16:FA:BD:6F:20:35:FA:72:88:EF:97:C8:C1
Certificate issuer:       /CN=a2b2d8d9d0af9416fabd6f2035fa7288ef97c8c1
Certificate serial:       019D38D3256DB8C1019CEFE378C8F912B2A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
Manifest number:          08D5
Signing time:             Sun 29 Mar 2026 09:00:54 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:54 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:54 +0000
Files and hashes:         1: orLY2dCvlBb6vW8gNfpyiO-XyME.crl (hash: k703LdoNN9lyHxV9mG+aV1/vhk5Vvls7YzYxFO/yStM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:25:6d:b8:c1:01:9c:ef:e3:78:c8:f9:12:b2:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2b2d8d9d0af9416fabd6f2035fa7288ef97c8c1
        Validity
            Not Before: Mar 29 09:00:54 2026 GMT
            Not After : Mar 30 09:00:54 2026 GMT
        Subject: CN=c7dc1b9f54eb8022a183f27f7fd7a650a6d11e2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:de:52:49:fd:bc:15:6a:3a:26:00:a6:67:b4:
                    22:35:81:1b:3e:23:0c:6b:68:b1:92:c6:b4:21:46:
                    9b:4b:4b:c0:36:71:7e:5c:64:64:05:88:9a:11:52:
                    79:43:9c:88:a9:32:02:01:b2:43:02:d7:22:3d:fe:
                    2b:18:9c:61:d5:de:73:77:ab:97:47:3a:35:3e:7b:
                    a4:39:77:a2:90:78:c8:68:66:10:7c:41:80:f4:bf:
                    46:ba:ea:2b:f6:f8:42:ed:90:c5:0a:33:e4:bb:16:
                    11:3a:c2:b3:0d:86:5d:79:d1:9b:4e:ce:03:4c:60:
                    ed:51:93:c0:bb:d7:ea:d3:97:55:4f:35:81:31:f2:
                    c7:e1:5f:7e:f1:81:45:b2:d4:26:8a:39:86:df:95:
                    d5:9d:a4:d5:85:80:17:41:99:ae:8f:f9:2d:12:e4:
                    0c:fa:e4:3b:08:4a:ab:f7:9c:fb:8d:33:a5:bf:e6:
                    7a:41:30:c8:9f:79:dd:44:b2:e6:f8:7b:ab:22:93:
                    0d:01:21:c1:c0:fe:4f:0f:d3:54:91:1b:8a:a4:31:
                    2a:aa:f7:2e:35:59:ae:dd:99:7c:57:07:f7:56:19:
                    b4:89:47:f1:a6:a2:0b:9a:76:c1:7e:24:ee:51:34:
                    91:9f:33:05:0d:59:fc:54:23:5a:1d:6d:ab:33:9d:
                    a6:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:DC:1B:9F:54:EB:80:22:A1:83:F2:7F:7F:D7:A6:50:A6:D1:1E:2A
            X509v3 Authority Key Identifier:
                keyid:A2:B2:D8:D9:D0:AF:94:16:FA:BD:6F:20:35:FA:72:88:EF:97:C8:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:57:80:df:3d:82:49:1b:e0:1e:31:e1:13:d5:38:77:1f:d1:
         7e:30:4e:1f:5f:b0:1e:d5:e1:82:3b:d2:dc:5b:26:aa:a3:06:
         1c:c1:9e:bb:26:19:7f:c7:32:fc:d5:15:99:23:84:41:d2:e4:
         35:f3:69:4f:dd:6f:14:2a:ca:0a:da:ca:35:6a:a1:90:8a:5f:
         41:9b:4e:2f:df:65:93:8d:96:6a:4b:ce:e5:1c:3f:72:2e:fe:
         41:57:5b:56:2f:09:d9:4e:6f:e2:e8:e0:21:54:f2:66:4c:a9:
         c9:9b:bb:ef:7e:30:02:d6:62:78:37:ab:ab:0b:27:9c:35:07:
         65:b5:8b:bd:e6:2c:32:26:a8:fe:8e:2b:83:d7:fd:8f:82:f1:
         26:25:3f:42:bc:b1:c7:54:12:fb:5b:61:9d:ee:e4:8f:98:b9:
         f5:24:0e:f0:23:20:b7:11:f3:b5:5b:7d:c0:04:62:16:a4:9f:
         ba:34:56:3b:9c:6d:29:9c:77:2a:95:6e:dd:0b:b6:38:a8:53:
         da:2a:66:19:f5:c4:d2:f4:c5:d3:0c:cb:ea:8d:a2:2f:f2:44:
         0e:09:f8:ed:f8:1c:a5:e8:e5:c2:f0:6e:fa:54:d2:c6:2a:48:
         8c:d2:39:81:51:33:d2:57:14:32:8e:e7:72:f1:ca:54:80:46:
         2f:9f:78:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040yVtuMEBnO/jeMj5ErKoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjJkOGQ5ZDBhZjk0MTZmYWJkNmYyMDM1ZmE3Mjg4ZWY5
N2M4YzEwHhcNMjYwMzI5MDkwMDU0WhcNMjYwMzMwMDkwMDU0WjAzMTEwLwYDVQQD
EyhjN2RjMWI5ZjU0ZWI4MDIyYTE4M2YyN2Y3ZmQ3YTY1MGE2ZDExZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoN5SSf28FWo6JgCmZ7QiNYEbPiMM
a2ixksa0IUabS0vANnF+XGRkBYiaEVJ5Q5yIqTICAbJDAtciPf4rGJxh1d5zd6uX
Rzo1PnukOXeikHjIaGYQfEGA9L9Guuor9vhC7ZDFCjPkuxYROsKzDYZdedGbTs4D
TGDtUZPAu9fq05dVTzWBMfLH4V9+8YFFstQmijmG35XVnaTVhYAXQZmuj/ktEuQM
+uQ7CEqr95z7jTOlv+Z6QTDIn3ndRLLm+HurIpMNASHBwP5PD9NUkRuKpDEqqvcu
NVmu3Zl8Vwf3Vhm0iUfxpqILmnbBfiTuUTSRnzMFDVn8VCNaHW2rM52mzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMfcG59U64AioYPyf3/XplCm0R4qMB8GA1UdIwQY
MBaAFKKy2NnQr5QW+r1vIDX6cojvl8jBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8zYTI4ZTMtODU0NC00OGM2LThiOGUt
YmFmN2JhMGM0MTc3LzEvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8zYTI4ZTMtODU0NC00OGM2LThiOGUtYmFmN2JhMGM0MTc3
LzEvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXVeA3z2C
SRvgHjHhE9U4dx/RfjBOH1+wHtXhgjvS3FsmqqMGHMGeuyYZf8cy/NUVmSOEQdLk
NfNpT91vFCrKCtrKNWqhkIpfQZtOL99lk42WakvO5Rw/ci7+QVdbVi8J2U5v4ujg
IVTyZkypyZu7734wAtZieDerqwsnnDUHZbWLveYsMiao/o4rg9f9j4LxJiU/Qryx
x1QS+1thne7kj5i59SQO8CMgtxHztVt9wARiFqSfujRWO5xtKZx3KpVu3Qu2OKhT
2ipmGfXE0vTF0wzL6o2iL/JEDgn47fgcpejlwvBu+lTSxipIjNI5gVEz0lcUMo7n
cvHKVIBGL5949w==
-----END CERTIFICATE-----