Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft
File:                     iDyv-AezKVLWjHGq8BuRmErR6gg.mft (raw, json)
Hash identifier:          24rMXKTTCmka4NW+1IgfqV8T3uX2eQEsZrka4iEZ+tc=
Subject key identifier:   D0:5D:97:37:FC:67:F7:0D:14:26:06:07:14:18:41:F7:05:A5:36:5C
Authority key identifier: 88:3C:AF:F8:07:B3:29:52:D6:8C:71:AA:F0:1B:91:98:4A:D1:EA:08
Certificate issuer:       /CN=883caff807b32952d68c71aaf01b91984ad1ea08
Certificate serial:       019D38665342980B6275503089D763B123F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iDyv-AezKVLWjHGq8BuRmErR6gg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft
Manifest number:          0678
Signing time:             Sun 29 Mar 2026 07:02:03 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:03 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:03 +0000
Files and hashes:         1: iDyv-AezKVLWjHGq8BuRmErR6gg.crl (hash: vFeuHQ5EbDgJw9f8WamKnHHfCp2KMl0ZQ9gkrWxZISs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iDyv-AezKVLWjHGq8BuRmErR6gg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:53:42:98:0b:62:75:50:30:89:d7:63:b1:23:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=883caff807b32952d68c71aaf01b91984ad1ea08
        Validity
            Not Before: Mar 29 07:02:03 2026 GMT
            Not After : Mar 30 07:02:03 2026 GMT
        Subject: CN=d05d9737fc67f70d14260607141841f705a5365c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:24:23:b4:00:d3:e2:55:a8:78:65:29:4b:f8:
                    e3:dc:94:20:18:e3:f6:0c:d9:60:ea:a9:f4:05:15:
                    c3:65:2b:cb:42:a4:69:10:d4:8c:30:6b:db:8d:0e:
                    d8:43:81:66:c1:51:3c:a5:d5:ad:de:28:83:f9:9a:
                    c7:d4:f7:86:af:1b:ce:1b:36:24:b7:83:f4:4c:2e:
                    ce:d1:49:f9:01:3d:b7:8c:2e:d5:4a:b2:d5:d4:1d:
                    d6:21:d8:f9:80:69:35:74:85:ff:e9:40:07:d5:24:
                    0a:98:86:5c:57:b8:53:42:75:11:2d:53:04:2a:99:
                    ba:9f:7c:31:11:81:2c:e8:65:c1:d5:56:7b:c6:78:
                    1e:ac:17:e4:d2:85:de:56:3b:b7:14:70:81:fe:25:
                    93:c6:9a:22:66:89:b1:86:4b:78:0f:02:8f:8a:1d:
                    a8:d3:0b:0d:77:78:c9:9a:7d:f7:b3:e9:95:f0:be:
                    31:ba:8c:3a:8e:94:99:f6:ee:fb:e1:81:7d:c3:79:
                    9b:a4:48:92:a5:c6:62:fe:63:e8:5d:2d:3e:45:ed:
                    5b:fd:71:b4:38:4c:74:d2:2f:b8:8c:30:49:17:97:
                    fb:42:c9:18:a5:96:bc:3c:37:bc:f8:f5:76:4d:fc:
                    3c:cb:7f:a6:45:25:43:90:0e:2d:67:7c:c4:92:4c:
                    f9:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:5D:97:37:FC:67:F7:0D:14:26:06:07:14:18:41:F7:05:A5:36:5C
            X509v3 Authority Key Identifier:
                keyid:88:3C:AF:F8:07:B3:29:52:D6:8C:71:AA:F0:1B:91:98:4A:D1:EA:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iDyv-AezKVLWjHGq8BuRmErR6gg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:5d:99:58:c2:9d:da:f0:fe:47:c7:70:bd:5c:78:87:eb:67:
         51:8e:e3:20:f3:94:48:ef:85:07:41:44:fb:1f:80:bb:9f:51:
         72:89:f3:03:16:96:64:8c:05:4b:85:d6:d1:c2:1f:7d:65:f0:
         96:ad:78:e5:31:a5:3c:79:81:47:6c:82:f8:eb:8a:ce:cd:3e:
         b1:93:62:c2:b6:e5:b6:23:c1:c2:1e:91:f0:16:fa:91:08:5c:
         1e:e5:10:1a:8e:8a:b2:2c:d3:8c:e9:c6:4c:f8:fa:6e:12:92:
         5a:7c:37:a0:b5:2d:7d:e6:f4:7f:ea:fa:eb:36:e4:97:b2:60:
         9f:81:86:02:d0:a9:d1:ac:65:7c:8a:b0:08:bb:d2:fd:9a:f3:
         38:f5:2c:9e:61:11:8f:6d:1d:bc:66:0e:d1:7e:55:1c:5e:92:
         54:4d:c2:e3:20:88:1e:99:14:bd:7a:fc:8e:88:b5:96:61:7d:
         de:27:aa:a4:d8:2e:a0:f7:7b:00:f8:d8:9a:63:c4:dd:f7:d6:
         82:9e:95:23:9a:54:19:a7:d8:c2:c9:2c:3e:ea:35:58:7f:1e:
         97:8d:67:e2:2b:9d:10:81:3c:0c:2e:3f:22:ef:6d:72:99:e1:
         31:a4:39:7e:36:9f:5d:7b:6f:4a:82:b2:42:bf:cb:b6:ac:46:
         7b:6e:a8:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZlNCmAtidVAwiddjsSPyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4M2NhZmY4MDdiMzI5NTJkNjhjNzFhYWYwMWI5MTk4NGFk
MWVhMDgwHhcNMjYwMzI5MDcwMjAzWhcNMjYwMzMwMDcwMjAzWjAzMTEwLwYDVQQD
EyhkMDVkOTczN2ZjNjdmNzBkMTQyNjA2MDcxNDE4NDFmNzA1YTUzNjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7yQjtADT4lWoeGUpS/jj3JQgGOP2
DNlg6qn0BRXDZSvLQqRpENSMMGvbjQ7YQ4FmwVE8pdWt3iiD+ZrH1PeGrxvOGzYk
t4P0TC7O0Un5AT23jC7VSrLV1B3WIdj5gGk1dIX/6UAH1SQKmIZcV7hTQnURLVME
Kpm6n3wxEYEs6GXB1VZ7xngerBfk0oXeVju3FHCB/iWTxpoiZomxhkt4DwKPih2o
0wsNd3jJmn33s+mV8L4xuow6jpSZ9u774YF9w3mbpEiSpcZi/mPoXS0+Re1b/XG0
OEx00i+4jDBJF5f7QskYpZa8PDe8+PV2Tfw8y3+mRSVDkA4tZ3zEkkz5ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNBdlzf8Z/cNFCYGBxQYQfcFpTZcMB8GA1UdIwQY
MBaAFIg8r/gHsylS1oxxqvAbkZhK0eoIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUR5di1BZXpLVkxXakhHcThCdVJtRXJSNmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9hOGIzYzItY2FkNS00NWEzLWFmYWEt
OWNlZDVlNWVmZjBmLzEvaUR5di1BZXpLVkxXakhHcThCdVJtRXJSNmdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9hOGIzYzItY2FkNS00NWEzLWFmYWEtOWNlZDVlNWVmZjBm
LzEvaUR5di1BZXpLVkxXakhHcThCdVJtRXJSNmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoF2ZWMKd
2vD+R8dwvVx4h+tnUY7jIPOUSO+FB0FE+x+Au59RconzAxaWZIwFS4XW0cIffWXw
lq145TGlPHmBR2yC+OuKzs0+sZNiwrbltiPBwh6R8Bb6kQhcHuUQGo6KsizTjOnG
TPj6bhKSWnw3oLUtfeb0f+r66zbkl7Jgn4GGAtCp0axlfIqwCLvS/ZrzOPUsnmER
j20dvGYO0X5VHF6SVE3C4yCIHpkUvXr8joi1lmF93ieqpNguoPd7APjYmmPE3ffW
gp6VI5pUGafYwsksPuo1WH8el41n4iudEIE8DC4/Iu9tcpnhMaQ5fjafXXtvSoKy
Qr/LtqxGe26oNA==
-----END CERTIFICATE-----