Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft
File:                     HY-s3UFcS7p4J3uj57D-I9Klobg.mft (raw, json)
Hash identifier:          Cs7ZJM8j5nd64wTIzzlPVHqui3WX6JCzL9Xea6McWqA=
Subject key identifier:   EF:05:CA:13:8A:D3:7B:31:2C:B8:0C:6C:E4:4B:E7:CB:55:64:71:13
Authority key identifier: 1D:8F:AC:DD:41:5C:4B:BA:78:27:7B:A3:E7:B0:FE:23:D2:A5:A1:B8
Certificate issuer:       /CN=1d8facdd415c4bba78277ba3e7b0fe23d2a5a1b8
Certificate serial:       019D375290877C93600FDF8B42926B4C2AF5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HY-s3UFcS7p4J3uj57D-I9Klobg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft
Manifest number:          042D
Signing time:             Sun 29 Mar 2026 02:00:50 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:50 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:50 +0000
Files and hashes:         1: HY-s3UFcS7p4J3uj57D-I9Klobg.crl (hash: i6IEib2lddYs23D0Z355frEs3zb3iZMbvvkV0hoFibY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HY-s3UFcS7p4J3uj57D-I9Klobg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:90:87:7c:93:60:0f:df:8b:42:92:6b:4c:2a:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d8facdd415c4bba78277ba3e7b0fe23d2a5a1b8
        Validity
            Not Before: Mar 29 02:00:50 2026 GMT
            Not After : Mar 30 02:00:50 2026 GMT
        Subject: CN=ef05ca138ad37b312cb80c6ce44be7cb55647113
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:30:65:6c:50:98:87:8a:3b:bb:70:d7:61:e2:
                    d4:0c:ef:70:c9:34:3b:22:a2:3e:39:87:f3:98:7d:
                    cc:d5:ef:a2:e7:eb:9c:55:dc:fd:48:e2:03:d7:94:
                    4b:b6:cd:87:f5:a6:e1:c3:47:17:13:13:9a:03:61:
                    6c:9c:76:97:8d:9f:70:62:cd:ee:ef:51:5f:2f:70:
                    db:c9:58:b3:67:74:ca:8d:7d:99:c1:b1:06:7d:80:
                    53:16:6d:6c:8d:08:a3:43:00:71:26:ff:7f:f8:06:
                    99:76:d0:2c:3f:e8:06:91:61:03:2c:ad:dd:0d:78:
                    bc:5d:13:9e:70:da:8b:ad:21:05:45:7f:4a:96:98:
                    90:86:34:69:7c:77:b3:77:85:61:5a:d5:dc:48:c5:
                    4b:af:2e:b8:25:a2:2c:a6:fa:a5:c8:2a:16:13:f2:
                    3b:48:cd:eb:82:f2:19:16:bb:8f:22:1a:9b:49:28:
                    6a:d3:dd:25:b2:06:4f:10:79:94:47:00:95:89:1e:
                    c5:e0:d1:f9:9c:9d:12:ac:9c:9e:b6:0c:ce:e6:1c:
                    1f:be:9d:5b:2e:cc:96:e8:2c:7f:a7:e2:b5:15:fd:
                    ab:bd:7c:f5:28:b8:09:ea:7c:b4:9b:11:c2:eb:60:
                    6c:8d:20:94:34:11:18:94:ab:7c:4b:e9:0a:22:29:
                    20:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:05:CA:13:8A:D3:7B:31:2C:B8:0C:6C:E4:4B:E7:CB:55:64:71:13
            X509v3 Authority Key Identifier:
                keyid:1D:8F:AC:DD:41:5C:4B:BA:78:27:7B:A3:E7:B0:FE:23:D2:A5:A1:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HY-s3UFcS7p4J3uj57D-I9Klobg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9da7c4-d96d-401f-a7fe-21cfc83aeec6/1/HY-s3UFcS7p4J3uj57D-I9Klobg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:fb:a5:a3:8b:f2:02:9c:aa:55:00:61:7b:7f:d6:55:54:b8:
         97:fa:6c:1a:ca:d7:68:e4:20:4e:84:13:75:5b:99:90:c0:7d:
         98:74:21:d3:f7:28:b1:84:9a:1f:11:a1:b7:a8:24:10:3f:ae:
         df:bc:d7:4a:b6:5b:ea:63:2d:84:71:5d:b1:6c:cd:11:0b:b0:
         82:5a:99:35:7c:cd:13:0a:72:d1:a6:4e:6d:3a:f9:58:66:a2:
         bc:b6:8e:4c:b1:f5:ca:98:b4:7a:c8:20:f1:8c:40:27:3e:a0:
         97:c7:e7:7d:96:f0:6a:2a:29:ff:4d:58:24:ba:d4:d5:b7:b6:
         b4:ba:7f:a5:b7:ee:31:83:8c:84:28:a3:de:b0:9e:cd:9a:38:
         56:92:a6:fe:87:d5:4f:08:e0:01:81:a2:f8:ef:3f:07:55:a9:
         57:89:2b:d9:3d:55:f1:57:e7:05:9e:6a:04:7c:33:89:74:42:
         49:84:f2:40:cf:2f:50:6c:43:c3:3e:7c:17:42:b0:67:5d:25:
         f1:55:5b:54:8d:07:7a:e4:c2:9a:c8:f3:c2:32:fd:52:9d:7f:
         5b:af:80:26:3b:75:34:cd:95:9f:ef:91:21:4a:96:23:39:c2:
         bd:9f:4e:98:c3:3f:ec:32:f6:c4:f1:6f:f6:92:60:11:42:cd:
         78:fd:19:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UpCHfJNgD9+LQpJrTCr1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkOGZhY2RkNDE1YzRiYmE3ODI3N2JhM2U3YjBmZTIzZDJh
NWExYjgwHhcNMjYwMzI5MDIwMDUwWhcNMjYwMzMwMDIwMDUwWjAzMTEwLwYDVQQD
EyhlZjA1Y2ExMzhhZDM3YjMxMmNiODBjNmNlNDRiZTdjYjU1NjQ3MTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszBlbFCYh4o7u3DXYeLUDO9wyTQ7
IqI+OYfzmH3M1e+i5+ucVdz9SOID15RLts2H9abhw0cXExOaA2FsnHaXjZ9wYs3u
71FfL3DbyVizZ3TKjX2ZwbEGfYBTFm1sjQijQwBxJv9/+AaZdtAsP+gGkWEDLK3d
DXi8XROecNqLrSEFRX9KlpiQhjRpfHezd4VhWtXcSMVLry64JaIspvqlyCoWE/I7
SM3rgvIZFruPIhqbSShq090lsgZPEHmURwCViR7F4NH5nJ0SrJyetgzO5hwfvp1b
LsyW6Cx/p+K1Ff2rvXz1KLgJ6ny0mxHC62BsjSCUNBEYlKt8S+kKIikgPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO8FyhOK03sxLLgMbORL58tVZHETMB8GA1UdIwQY
MBaAFB2PrN1BXEu6eCd7o+ew/iPSpaG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFktczNVRmNTN3A0SjN1ajU3RC1JOUtsb2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85ZGE3YzQtZDk2ZC00MDFmLWE3ZmUt
MjFjZmM4M2FlZWM2LzEvSFktczNVRmNTN3A0SjN1ajU3RC1JOUtsb2JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85ZGE3YzQtZDk2ZC00MDFmLWE3ZmUtMjFjZmM4M2FlZWM2
LzEvSFktczNVRmNTN3A0SjN1ajU3RC1JOUtsb2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg/ulo4vy
ApyqVQBhe3/WVVS4l/psGsrXaOQgToQTdVuZkMB9mHQh0/cosYSaHxGht6gkED+u
37zXSrZb6mMthHFdsWzNEQuwglqZNXzNEwpy0aZObTr5WGaivLaOTLH1ypi0esgg
8YxAJz6gl8fnfZbwaiop/01YJLrU1be2tLp/pbfuMYOMhCij3rCezZo4VpKm/ofV
TwjgAYGi+O8/B1WpV4kr2T1V8VfnBZ5qBHwziXRCSYTyQM8vUGxDwz58F0KwZ10l
8VVbVI0HeuTCmsjzwjL9Up1/W6+AJjt1NM2Vn++RIUqWIznCvZ9OmMM/7DL2xPFv
9pJgEULNeP0ZTA==
-----END CERTIFICATE-----