Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
File:                     ny8WbQXql29prtWORqQfflBSRHU.mft (raw, json)
Hash identifier:          wi9Bk5SeqCB7/Q9jitg5npdzAk7TcUqLS6AgdANj6no=
Subject key identifier:   EC:21:26:C0:A0:94:46:F9:8A:E3:45:7E:7F:37:FB:3A:21:4B:17:AF
Authority key identifier: 9F:2F:16:6D:05:EA:97:6F:69:AE:D5:8E:46:A4:1F:7E:50:52:44:75
Certificate issuer:       /CN=9f2f166d05ea976f69aed58e46a41f7e50524475
Certificate serial:       019D37533EA9C4379310D87E298AE21280E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
Manifest number:          1605
Signing time:             Sun 29 Mar 2026 02:01:35 +0000
Manifest this update:     Sun 29 Mar 2026 02:01:35 +0000
Manifest next update:     Mon 30 Mar 2026 02:01:35 +0000
Files and hashes:         1: ny8WbQXql29prtWORqQfflBSRHU.crl (hash: SW9pNMn4vZCeyOddZhOscL1ryPgvZGeQbGYaii/HBCY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:53:3e:a9:c4:37:93:10:d8:7e:29:8a:e2:12:80:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f2f166d05ea976f69aed58e46a41f7e50524475
        Validity
            Not Before: Mar 29 02:01:35 2026 GMT
            Not After : Mar 30 02:01:35 2026 GMT
        Subject: CN=ec2126c0a09446f98ae3457e7f37fb3a214b17af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:65:62:cb:1d:11:02:00:16:4a:1c:33:5d:cc:
                    24:27:3c:6a:62:4f:a3:10:5d:fa:59:65:85:61:46:
                    cc:ef:69:d4:a1:4c:98:47:d2:41:93:c0:9c:3f:44:
                    23:44:b3:09:87:e3:e3:2a:00:b9:37:7f:3c:b1:d2:
                    5a:e4:13:c4:c4:9b:ab:db:9f:a8:2d:2e:45:4e:e2:
                    fd:83:d1:e5:ed:41:9f:d6:71:c8:7b:d3:10:5d:99:
                    94:51:cd:27:34:bf:6c:be:b9:57:df:3a:7e:c7:89:
                    35:0a:da:f0:f0:19:e4:2c:85:4a:45:dc:a3:39:bb:
                    ea:6d:5a:44:2d:7a:71:a4:b2:32:a8:26:9f:6f:46:
                    a4:83:b1:89:e1:d3:4a:ca:36:a5:b5:6c:87:47:01:
                    ec:15:e9:4a:8f:46:7e:f3:e9:2b:10:6c:09:ae:8a:
                    43:e6:45:56:95:ed:bb:1b:cc:65:81:9a:91:88:cf:
                    8d:45:78:de:a3:76:5d:29:59:a2:f4:e4:94:9a:a9:
                    04:06:84:02:d2:98:7c:71:5f:c8:3d:0c:84:c1:aa:
                    42:cd:13:ee:0f:d5:05:23:b5:4a:7a:09:6b:fa:40:
                    00:9e:db:79:f4:f6:20:16:75:3a:b2:ac:d5:17:e4:
                    ab:80:02:f2:84:6d:b4:82:93:22:2e:5b:de:b5:53:
                    04:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:21:26:C0:A0:94:46:F9:8A:E3:45:7E:7F:37:FB:3A:21:4B:17:AF
            X509v3 Authority Key Identifier:
                keyid:9F:2F:16:6D:05:EA:97:6F:69:AE:D5:8E:46:A4:1F:7E:50:52:44:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:65:18:77:84:14:e1:14:74:24:dc:4c:76:98:c3:f8:2b:81:
         fb:71:88:c2:3f:a5:16:8c:61:f3:5f:ca:c3:29:33:b1:65:81:
         4b:cf:d7:d7:d3:85:3e:f9:04:2c:32:87:d5:53:b6:a9:d7:9e:
         be:d8:63:df:51:60:6d:c1:d0:60:24:66:83:66:44:97:6e:c7:
         f4:dd:e0:ca:e2:c0:1d:43:75:71:c6:e6:ab:47:56:80:e5:20:
         8d:9f:94:a8:82:3b:be:88:95:cd:68:fc:4e:46:b5:10:47:b9:
         0a:c3:1f:0f:00:44:70:1a:69:d8:ce:c4:58:8e:e4:fd:16:dd:
         f3:8a:3d:c1:8f:48:f9:13:5a:8c:4b:f2:c4:d6:71:f8:ef:d4:
         1d:97:dd:8b:a4:a5:43:23:e5:76:d3:e1:1b:53:ef:41:de:64:
         cb:a9:ee:18:6f:d0:3d:19:48:e1:26:12:44:6f:e6:d2:b3:70:
         b9:9c:1f:25:4b:92:93:0c:22:c5:03:63:8d:bb:c8:41:b4:20:
         a3:20:06:a3:07:3b:c0:4e:c3:1e:f3:ae:a3:1f:37:3e:37:a2:
         75:ed:2f:07:c6:c6:7a:bd:17:d7:01:29:96:35:7d:16:1a:8d:
         75:44:6a:ec:f6:a5:2b:9e:2f:d9:03:7e:a4:6f:05:9d:4e:fa:
         05:9b:a3:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Uz6pxDeTENh+KYriEoDgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMmYxNjZkMDVlYTk3NmY2OWFlZDU4ZTQ2YTQxZjdlNTA1
MjQ0NzUwHhcNMjYwMzI5MDIwMTM1WhcNMjYwMzMwMDIwMTM1WjAzMTEwLwYDVQQD
EyhlYzIxMjZjMGEwOTQ0NmY5OGFlMzQ1N2U3ZjM3ZmIzYTIxNGIxN2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGViyx0RAgAWShwzXcwkJzxqYk+j
EF36WWWFYUbM72nUoUyYR9JBk8CcP0QjRLMJh+PjKgC5N388sdJa5BPExJur25+o
LS5FTuL9g9Hl7UGf1nHIe9MQXZmUUc0nNL9svrlX3zp+x4k1Ctrw8BnkLIVKRdyj
ObvqbVpELXpxpLIyqCafb0akg7GJ4dNKyjaltWyHRwHsFelKj0Z+8+krEGwJropD
5kVWle27G8xlgZqRiM+NRXjeo3ZdKVmi9OSUmqkEBoQC0ph8cV/IPQyEwapCzRPu
D9UFI7VKeglr+kAAntt59PYgFnU6sqzVF+SrgALyhG20gpMiLlvetVMEmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOwhJsCglEb5iuNFfn83+zohSxevMB8GA1UdIwQY
MBaAFJ8vFm0F6pdvaa7VjkakH35QUkR1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yMmVmYmItMzY1OS00YTNkLWJlYTQt
OTYyZDRmMGMyOWIwLzEvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yMmVmYmItMzY1OS00YTNkLWJlYTQtOTYyZDRmMGMyOWIw
LzEvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjGUYd4QU
4RR0JNxMdpjD+CuB+3GIwj+lFoxh81/KwykzsWWBS8/X19OFPvkELDKH1VO2qdee
vthj31FgbcHQYCRmg2ZEl27H9N3gyuLAHUN1ccbmq0dWgOUgjZ+UqII7voiVzWj8
Tka1EEe5CsMfDwBEcBpp2M7EWI7k/Rbd84o9wY9I+RNajEvyxNZx+O/UHZfdi6Sl
QyPldtPhG1PvQd5ky6nuGG/QPRlI4SYSRG/m0rNwuZwfJUuSkwwixQNjjbvIQbQg
oyAGowc7wE7DHvOuox83Pjeide0vB8bGer0X1wEpljV9FhqNdURq7PalK54v2QN+
pG8FnU76BZuj5A==
-----END CERTIFICATE-----