Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
File:                     Ay1SsyOaHOPN00MxNIzngN3xZMA.mft (raw, json)
Hash identifier:          5XvPnH+JGi+Ha7iqM6q40hbGHpvJl/yBe+z2/vXRhVI=
Subject key identifier:   6E:A2:FC:8E:04:AB:28:E7:B9:55:E4:32:E4:74:C5:3A:90:AC:52:95
Authority key identifier: 03:2D:52:B3:23:9A:1C:E3:CD:D3:43:31:34:8C:E7:80:DD:F1:64:C0
Certificate issuer:       /CN=032d52b3239a1ce3cdd34331348ce780ddf164c0
Certificate serial:       019E2F96570DFD8A85EBAE53D91B362607B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
Manifest number:          09C0
Signing time:             Sat 16 May 2026 07:00:42 +0000
Manifest this update:     Sat 16 May 2026 07:00:42 +0000
Manifest next update:     Sun 17 May 2026 07:00:42 +0000
Files and hashes:         1: Ay1SsyOaHOPN00MxNIzngN3xZMA.crl (hash: vpFTWyBFTiWCAmvukvn9GfuhXwPnLrESa1OqI+UGCJM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 05:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:96:57:0d:fd:8a:85:eb:ae:53:d9:1b:36:26:07:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=032d52b3239a1ce3cdd34331348ce780ddf164c0
        Validity
            Not Before: May 16 07:00:42 2026 GMT
            Not After : May 17 07:00:42 2026 GMT
        Subject: CN=6ea2fc8e04ab28e7b955e432e474c53a90ac5295
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:36:77:1f:b1:af:d5:dd:9f:ff:94:02:98:b8:
                    91:fa:a0:29:63:ae:d3:04:87:f5:17:99:c7:e1:aa:
                    1a:e4:cb:b5:a4:0b:02:e8:fc:c5:64:d1:6e:8e:b0:
                    0d:19:c5:9e:c8:c8:ea:16:7b:0d:07:c4:4a:30:20:
                    9f:1a:6c:5d:47:72:9a:94:6e:05:27:a9:5a:9c:5b:
                    7f:62:21:d8:a1:e8:7f:6b:51:51:ae:a5:4e:17:00:
                    09:2a:42:cf:28:60:15:9f:05:96:ec:e3:1b:d4:69:
                    b3:00:f9:37:53:b4:29:7b:8d:24:2a:88:d6:12:9c:
                    f8:d7:32:e1:ab:19:07:d3:c0:58:ce:81:e8:32:e1:
                    c6:bc:61:fe:16:52:b0:91:d7:58:d2:14:45:50:fd:
                    e4:90:5b:17:fe:a7:cd:be:d7:fd:4f:31:c0:f0:8c:
                    7d:52:d2:e4:f6:40:3b:72:40:c2:40:63:a2:f6:99:
                    a3:6c:1c:68:32:e0:c7:28:c3:d7:af:08:d8:f0:98:
                    a6:e4:db:ed:6e:79:65:91:30:91:47:b1:e9:e1:57:
                    49:0e:e8:c8:83:ed:b7:eb:9b:19:c0:68:e6:8f:c8:
                    5d:2a:34:a9:fc:1b:37:6e:47:44:87:3e:22:fe:51:
                    e7:88:b9:f5:9c:b6:fa:97:92:8d:ec:55:ba:92:b6:
                    18:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:A2:FC:8E:04:AB:28:E7:B9:55:E4:32:E4:74:C5:3A:90:AC:52:95
            X509v3 Authority Key Identifier:
                keyid:03:2D:52:B3:23:9A:1C:E3:CD:D3:43:31:34:8C:E7:80:DD:F1:64:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:60:c6:6f:6f:be:9b:ca:21:01:ba:e6:c3:e2:e1:50:33:e2:
         f1:f1:07:3f:85:ed:54:a3:b0:36:93:32:63:be:cc:12:7d:42:
         cc:0e:9d:ab:72:d5:f7:4a:b8:ea:83:15:15:1d:f7:1e:cc:ad:
         1d:df:4e:77:af:36:18:51:c7:ef:49:1d:95:8a:c3:a8:43:38:
         be:95:71:4f:18:a9:17:ef:fe:c5:32:95:f7:63:8b:7d:4c:15:
         12:94:30:00:dc:fa:2f:f0:a4:34:69:09:10:a0:98:2e:9e:4d:
         a4:59:40:04:b5:2b:06:71:c5:79:9b:ed:22:b8:87:52:a2:ee:
         a3:08:b3:93:00:e1:f7:fd:b7:8e:7f:4e:7b:45:62:b8:d9:06:
         b5:22:b9:2e:49:d6:5b:d6:ad:d8:0b:25:1b:d6:3a:a3:4a:a4:
         41:25:81:01:40:d7:25:45:0b:a1:0b:d8:b4:73:24:c3:47:59:
         a5:c5:56:61:9e:be:08:c9:a9:4d:97:99:44:6d:1c:11:a4:9d:
         51:86:f4:c7:8d:50:92:e9:03:04:57:52:20:0f:b8:5c:25:62:
         c0:8a:af:d3:e7:ea:22:d9:ba:62:4b:19:f6:d5:ec:05:c0:5d:
         31:6e:9d:60:84:f8:59:7c:a5:f3:ae:c5:07:6e:0d:8d:18:1e:
         be:e9:71:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vllcN/YqF665T2Rs2Jge3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMmQ1MmIzMjM5YTFjZTNjZGQzNDMzMTM0OGNlNzgwZGRm
MTY0YzAwHhcNMjYwNTE2MDcwMDQyWhcNMjYwNTE3MDcwMDQyWjAzMTEwLwYDVQQD
Eyg2ZWEyZmM4ZTA0YWIyOGU3Yjk1NWU0MzJlNDc0YzUzYTkwYWM1Mjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jZ3H7Gv1d2f/5QCmLiR+qApY67T
BIf1F5nH4aoa5Mu1pAsC6PzFZNFujrANGcWeyMjqFnsNB8RKMCCfGmxdR3KalG4F
J6lanFt/YiHYoeh/a1FRrqVOFwAJKkLPKGAVnwWW7OMb1GmzAPk3U7Qpe40kKojW
Epz41zLhqxkH08BYzoHoMuHGvGH+FlKwkddY0hRFUP3kkFsX/qfNvtf9TzHA8Ix9
UtLk9kA7ckDCQGOi9pmjbBxoMuDHKMPXrwjY8Jim5NvtbnllkTCRR7Hp4VdJDujI
g+2365sZwGjmj8hdKjSp/Bs3bkdEhz4i/lHniLn1nLb6l5KN7FW6krYYBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG6i/I4EqyjnuVXkMuR0xTqQrFKVMB8GA1UdIwQY
MBaAFAMtUrMjmhzjzdNDMTSM54Dd8WTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iYzVmMTUtNThhZS00ZGYwLTljNmQt
ZTdhZDczYmJjYzg5LzEvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iYzVmMTUtNThhZS00ZGYwLTljNmQtZTdhZDczYmJjYzg5
LzEvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArWDGb2++
m8ohAbrmw+LhUDPi8fEHP4XtVKOwNpMyY77MEn1CzA6dq3LV90q46oMVFR33Hsyt
Hd9Od682GFHH70kdlYrDqEM4vpVxTxipF+/+xTKV92OLfUwVEpQwANz6L/CkNGkJ
EKCYLp5NpFlABLUrBnHFeZvtIriHUqLuowizkwDh9/23jn9Oe0ViuNkGtSK5LknW
W9at2AslG9Y6o0qkQSWBAUDXJUULoQvYtHMkw0dZpcVWYZ6+CMmpTZeZRG0cEaSd
UYb0x41QkukDBFdSIA+4XCViwIqv0+fqItm6YksZ9tXsBcBdMW6dYIT4WXyl867F
B24NjRgevulxEw==
-----END CERTIFICATE-----