Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/b2990d-4c52-42fa-b6b7-e0a4a4f9cabc/1/AlY31IiO4AWN6a06cMQtxGmWmpk.mft
File:                     AlY31IiO4AWN6a06cMQtxGmWmpk.mft (raw, json)
Hash identifier:          eXLUfVt/ygAuQxwPPiQt3otMWl07zeFSoni4ZMeOJRI=
Subject key identifier:   D8:9F:5E:55:F2:88:4E:81:E2:7D:1F:86:E1:2E:2B:1C:9D:D1:57:7F
Authority key identifier: 02:56:37:D4:88:8E:E0:05:8D:E9:AD:3A:70:C4:2D:C4:69:96:9A:99
Certificate issuer:       /CN=025637d4888ee0058de9ad3a70c42dc469969a99
Certificate serial:       019D38D2EC1093668CF59DF0A1AF6EBE83BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AlY31IiO4AWN6a06cMQtxGmWmpk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/b2990d-4c52-42fa-b6b7-e0a4a4f9cabc/1/AlY31IiO4AWN6a06cMQtxGmWmpk.mft
Manifest number:          0D05
Signing time:             Sun 29 Mar 2026 09:00:40 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:40 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:40 +0000
Files and hashes:         1: AlY31IiO4AWN6a06cMQtxGmWmpk.crl (hash: DXS0hUiF8QqVNMXLVXHtmuhTW130OoXyxw4v/nW2Yo4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/b2990d-4c52-42fa-b6b7-e0a4a4f9cabc/1/AlY31IiO4AWN6a06cMQtxGmWmpk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/b2990d-4c52-42fa-b6b7-e0a4a4f9cabc/1/AlY31IiO4AWN6a06cMQtxGmWmpk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AlY31IiO4AWN6a06cMQtxGmWmpk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:ec:10:93:66:8c:f5:9d:f0:a1:af:6e:be:83:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=025637d4888ee0058de9ad3a70c42dc469969a99
        Validity
            Not Before: Mar 29 09:00:40 2026 GMT
            Not After : Mar 30 09:00:40 2026 GMT
        Subject: CN=d89f5e55f2884e81e27d1f86e12e2b1c9dd1577f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:8e:e5:0a:5f:bd:82:f9:6c:a5:07:16:66:ac:
                    74:5b:34:17:cf:6f:1e:c6:5f:3d:5b:d9:37:f7:a5:
                    0c:e6:8f:35:fd:bd:56:4c:71:f9:66:69:20:13:65:
                    79:94:a6:86:e2:76:b6:b8:63:5f:34:ac:ef:bf:f9:
                    82:87:f0:b7:1d:74:eb:fa:94:d2:8d:91:dd:6e:68:
                    94:2d:64:11:ce:9b:33:33:3d:0b:c4:52:ab:f7:cd:
                    c4:31:dc:95:ba:a5:67:39:a7:dc:8c:55:32:7c:3b:
                    67:85:a0:05:85:9f:bb:3e:16:0f:a4:97:1f:3f:9f:
                    63:2f:55:3a:13:7e:b7:57:b8:26:61:56:3d:2e:d4:
                    16:89:f6:e6:da:af:5b:36:0f:f2:15:9e:36:cc:b0:
                    da:44:e2:7f:40:8f:35:cb:ad:98:d3:0d:98:8d:4a:
                    9f:7f:d4:79:4e:da:bc:1a:02:af:9f:9e:f4:55:07:
                    fb:e3:b7:35:23:d1:dd:5d:0f:8b:1f:eb:8a:b1:57:
                    6a:6a:b2:dd:e1:e2:93:6e:d1:84:7f:8c:e6:4f:7b:
                    b3:34:36:ec:3b:8e:dc:d6:6b:07:40:8d:31:14:c5:
                    30:8f:cd:68:9a:48:15:0c:a7:8f:2f:b9:df:46:ad:
                    dc:2f:1d:01:77:79:ce:c3:46:22:bc:ac:77:39:dd:
                    41:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:9F:5E:55:F2:88:4E:81:E2:7D:1F:86:E1:2E:2B:1C:9D:D1:57:7F
            X509v3 Authority Key Identifier:
                keyid:02:56:37:D4:88:8E:E0:05:8D:E9:AD:3A:70:C4:2D:C4:69:96:9A:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AlY31IiO4AWN6a06cMQtxGmWmpk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/b2990d-4c52-42fa-b6b7-e0a4a4f9cabc/1/AlY31IiO4AWN6a06cMQtxGmWmpk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/b2990d-4c52-42fa-b6b7-e0a4a4f9cabc/1/AlY31IiO4AWN6a06cMQtxGmWmpk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b9:b6:c5:f1:26:3d:a5:48:be:41:19:7c:19:46:ce:8b:e3:94:
         07:fb:d7:2d:53:0e:80:be:f6:1d:46:2d:eb:fa:50:8a:d5:99:
         02:f4:fa:3b:b0:d4:ee:e0:33:61:9f:97:65:ab:a6:57:50:64:
         3b:09:bc:af:89:e5:5b:db:db:20:c4:6d:4a:e8:f6:ca:7b:69:
         aa:5b:90:a3:5c:13:98:1a:23:ae:03:13:4d:2c:62:6b:99:1e:
         45:31:6d:11:e3:e1:5e:0a:e0:9e:ed:ce:a6:8c:35:25:a0:61:
         8d:0b:ab:94:77:da:58:1a:03:53:82:c6:db:fe:85:73:ed:e4:
         28:7d:97:df:01:63:30:ef:4b:5b:ec:a5:3f:cc:74:f6:6a:6b:
         b7:38:f1:5d:8f:b0:d4:10:06:86:9e:62:8a:39:e1:42:db:ed:
         f8:af:e0:b0:5f:2e:da:f4:5f:87:da:bd:36:11:ac:f4:3c:a8:
         4a:1a:b6:27:ca:e1:51:1e:96:e7:e1:43:b4:9d:9d:98:40:e3:
         a7:44:56:75:b5:52:73:99:a7:b6:f2:65:a1:38:11:f3:61:65:
         dd:e0:66:51:ff:02:3f:79:9a:b5:a1:86:9c:1b:dd:f9:ec:67:
         eb:85:07:89:9b:ae:3e:92:29:f1:d2:52:d0:3c:0d:60:f5:7c:
         1a:48:a4:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040uwQk2aM9Z3woa9uvoO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNTYzN2Q0ODg4ZWUwMDU4ZGU5YWQzYTcwYzQyZGM0Njk5
NjlhOTkwHhcNMjYwMzI5MDkwMDQwWhcNMjYwMzMwMDkwMDQwWjAzMTEwLwYDVQQD
EyhkODlmNWU1NWYyODg0ZTgxZTI3ZDFmODZlMTJlMmIxYzlkZDE1NzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoY7lCl+9gvlspQcWZqx0WzQXz28e
xl89W9k396UM5o81/b1WTHH5ZmkgE2V5lKaG4na2uGNfNKzvv/mCh/C3HXTr+pTS
jZHdbmiULWQRzpszMz0LxFKr983EMdyVuqVnOafcjFUyfDtnhaAFhZ+7PhYPpJcf
P59jL1U6E363V7gmYVY9LtQWifbm2q9bNg/yFZ42zLDaROJ/QI81y62Y0w2YjUqf
f9R5Ttq8GgKvn570VQf747c1I9HdXQ+LH+uKsVdqarLd4eKTbtGEf4zmT3uzNDbs
O47c1msHQI0xFMUwj81omkgVDKePL7nfRq3cLx0Bd3nOw0YivKx3Od1BawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNifXlXyiE6B4n0fhuEuKxyd0Vd/MB8GA1UdIwQY
MBaAFAJWN9SIjuAFjemtOnDELcRplpqZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWxZMzFJaU80QVdONmEwNmNNUXR4R21XbXBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9iMjk5MGQtNGM1Mi00MmZhLWI2Yjct
ZTBhNGE0ZjljYWJjLzEvQWxZMzFJaU80QVdONmEwNmNNUXR4R21XbXBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9iMjk5MGQtNGM1Mi00MmZhLWI2YjctZTBhNGE0ZjljYWJj
LzEvQWxZMzFJaU80QVdONmEwNmNNUXR4R21XbXBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAubbF8SY9
pUi+QRl8GUbOi+OUB/vXLVMOgL72HUYt6/pQitWZAvT6O7DU7uAzYZ+XZaumV1Bk
Owm8r4nlW9vbIMRtSuj2yntpqluQo1wTmBojrgMTTSxia5keRTFtEePhXgrgnu3O
pow1JaBhjQurlHfaWBoDU4LG2/6Fc+3kKH2X3wFjMO9LW+ylP8x09mprtzjxXY+w
1BAGhp5iijnhQtvt+K/gsF8u2vRfh9q9NhGs9DyoShq2J8rhUR6W5+FDtJ2dmEDj
p0RWdbVSc5mntvJloTgR82Fl3eBmUf8CP3mataGGnBvd+exn64UHiZuuPpIp8dJS
0DwNYPV8Gkikgw==
-----END CERTIFICATE-----