Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
File:                     Ay1SsyOaHOPN00MxNIzngN3xZMA.mft (raw, json)
Hash identifier:          6wSoMd1qAvYUKhr0BaDgcrKQrMjwGVcTlngi1YPQkn4=
Subject key identifier:   78:5C:3B:64:CF:29:20:55:70:5C:5F:69:33:89:40:9A:68:54:09:F7
Authority key identifier: 03:2D:52:B3:23:9A:1C:E3:CD:D3:43:31:34:8C:E7:80:DD:F1:64:C0
Certificate issuer:       /CN=032d52b3239a1ce3cdd34331348ce780ddf164c0
Certificate serial:       019D386551DB415909B1DE94EDA823A106C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
Manifest number:          0940
Signing time:             Sun 29 Mar 2026 07:00:57 +0000
Manifest this update:     Sun 29 Mar 2026 07:00:57 +0000
Manifest next update:     Mon 30 Mar 2026 07:00:57 +0000
Files and hashes:         1: Ay1SsyOaHOPN00MxNIzngN3xZMA.crl (hash: K8etEx6+rLTqDfVxsBwecHDRryaqsCXWyeIhodGikCo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:51:db:41:59:09:b1:de:94:ed:a8:23:a1:06:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=032d52b3239a1ce3cdd34331348ce780ddf164c0
        Validity
            Not Before: Mar 29 07:00:57 2026 GMT
            Not After : Mar 30 07:00:57 2026 GMT
        Subject: CN=785c3b64cf292055705c5f693389409a685409f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:85:8b:16:89:1e:00:d5:c2:a0:82:0e:fe:98:
                    77:64:53:d3:3a:99:71:4b:c4:0f:27:13:cd:1b:74:
                    85:21:8d:83:70:76:f1:63:5c:8f:c8:0b:9d:95:2b:
                    99:e2:21:ee:d0:db:79:ab:61:69:d6:46:36:17:b9:
                    a7:83:07:69:fe:74:6e:32:a9:35:73:0c:ea:3a:44:
                    d5:ae:55:e3:e2:4d:e5:a5:38:8a:55:32:9c:86:9d:
                    3b:c9:32:a9:1a:1e:a7:20:b3:98:1b:e8:43:2d:2a:
                    60:cd:80:aa:e6:b0:a7:36:89:ed:9e:67:7f:a8:3c:
                    c8:40:fe:15:18:d9:42:59:69:d9:30:0c:d9:ef:5f:
                    88:bb:04:92:be:72:16:79:df:e1:40:ca:9f:43:f6:
                    0c:fa:42:16:58:8b:6f:df:b5:89:cf:b6:15:6c:7c:
                    06:4e:15:0a:84:d9:4d:dc:cd:4a:75:a9:2b:25:04:
                    8f:d7:6f:75:bf:8a:42:e7:a4:48:b9:ad:56:7f:6c:
                    1e:1f:5e:4f:d4:5f:86:33:2f:e7:73:1d:cc:8b:a4:
                    f7:7b:70:8f:21:c7:fa:cf:8c:a2:bb:c2:b5:19:a7:
                    b4:90:1b:5d:ef:10:47:85:33:4b:46:e1:6a:35:46:
                    de:96:dd:0b:5a:3a:8f:43:51:a3:11:47:41:47:ce:
                    ff:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:5C:3B:64:CF:29:20:55:70:5C:5F:69:33:89:40:9A:68:54:09:F7
            X509v3 Authority Key Identifier:
                keyid:03:2D:52:B3:23:9A:1C:E3:CD:D3:43:31:34:8C:E7:80:DD:F1:64:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:b2:01:cb:e0:3d:52:b7:ec:b6:a4:38:22:94:d7:e7:c8:60:
         34:d2:f3:2d:07:e2:0c:55:39:9f:e8:6f:45:76:cf:80:18:ff:
         25:3e:90:c1:00:4b:5b:81:c8:0d:fe:dd:80:10:4f:79:43:00:
         3d:88:d4:8f:85:d3:10:0d:d1:06:cb:ab:df:3f:f4:fc:a3:4f:
         92:b7:61:14:30:10:97:fa:e3:6c:67:d7:d0:fc:da:a7:e9:ad:
         fd:a2:73:e7:ca:28:1d:cd:66:27:b5:9d:94:55:df:56:71:98:
         eb:1b:32:b3:90:71:39:e3:26:76:2e:c7:93:6b:1b:45:0f:93:
         96:b7:88:56:08:82:13:6f:f9:ac:bd:ff:29:de:29:f2:d4:e2:
         17:18:14:16:56:6d:7a:d6:bf:e8:14:9f:99:1c:fe:6c:4a:c2:
         eb:86:a8:6e:7d:d6:52:65:03:81:9a:07:9a:ac:b4:60:11:b3:
         e8:0a:8f:34:b4:01:e8:f5:4c:28:62:2e:dd:a7:59:10:8a:bb:
         9e:96:03:2a:44:94:97:2b:c1:67:f7:42:25:63:8b:c7:92:4c:
         1f:3f:81:3a:f2:5a:ee:e0:83:96:81:37:1a:dc:fc:75:12:3d:
         01:ec:73:6b:68:d7:a6:2f:37:30:73:41:aa:f2:93:9d:03:89:
         86:7f:a5:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZVHbQVkJsd6U7agjoQbBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMmQ1MmIzMjM5YTFjZTNjZGQzNDMzMTM0OGNlNzgwZGRm
MTY0YzAwHhcNMjYwMzI5MDcwMDU3WhcNMjYwMzMwMDcwMDU3WjAzMTEwLwYDVQQD
Eyg3ODVjM2I2NGNmMjkyMDU1NzA1YzVmNjkzMzg5NDA5YTY4NTQwOWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIWLFokeANXCoIIO/ph3ZFPTOplx
S8QPJxPNG3SFIY2DcHbxY1yPyAudlSuZ4iHu0Nt5q2Fp1kY2F7mngwdp/nRuMqk1
cwzqOkTVrlXj4k3lpTiKVTKchp07yTKpGh6nILOYG+hDLSpgzYCq5rCnNontnmd/
qDzIQP4VGNlCWWnZMAzZ71+IuwSSvnIWed/hQMqfQ/YM+kIWWItv37WJz7YVbHwG
ThUKhNlN3M1KdakrJQSP1291v4pC56RIua1Wf2weH15P1F+GMy/ncx3Mi6T3e3CP
Icf6z4yiu8K1Gae0kBtd7xBHhTNLRuFqNUbelt0LWjqPQ1GjEUdBR87/9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHhcO2TPKSBVcFxfaTOJQJpoVAn3MB8GA1UdIwQY
MBaAFAMtUrMjmhzjzdNDMTSM54Dd8WTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iYzVmMTUtNThhZS00ZGYwLTljNmQt
ZTdhZDczYmJjYzg5LzEvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iYzVmMTUtNThhZS00ZGYwLTljNmQtZTdhZDczYmJjYzg5
LzEvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi7IBy+A9
UrfstqQ4IpTX58hgNNLzLQfiDFU5n+hvRXbPgBj/JT6QwQBLW4HIDf7dgBBPeUMA
PYjUj4XTEA3RBsur3z/0/KNPkrdhFDAQl/rjbGfX0Pzap+mt/aJz58ooHc1mJ7Wd
lFXfVnGY6xsys5BxOeMmdi7Hk2sbRQ+TlreIVgiCE2/5rL3/Kd4p8tTiFxgUFlZt
eta/6BSfmRz+bErC64aobn3WUmUDgZoHmqy0YBGz6AqPNLQB6PVMKGIu3adZEIq7
npYDKkSUlyvBZ/dCJWOLx5JMHz+BOvJa7uCDloE3Gtz8dRI9Aexza2jXpi83MHNB
qvKTnQOJhn+luw==
-----END CERTIFICATE-----