Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
File:                     tY6n73bYACz8pmxSD3ybYIo5XZU.mft (raw, json)
Hash identifier:          h0hxoTaRqxuBYjfJZwsXdgQrdYzFeQ4dp3xwnmulUOs=
Subject key identifier:   B8:FE:A0:7C:9C:A4:87:57:75:F1:04:6B:7B:96:9D:BA:68:93:3B:CC
Authority key identifier: B5:8E:A7:EF:76:D8:00:2C:FC:A6:6C:52:0F:7C:9B:60:8A:39:5D:95
Certificate issuer:       /CN=b58ea7ef76d8002cfca66c520f7c9b608a395d95
Certificate serial:       019D39AE8AA2C359A6CED2905AEC61BB022C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
Manifest number:          0820
Signing time:             Sun 29 Mar 2026 13:00:33 +0000
Manifest this update:     Sun 29 Mar 2026 13:00:33 +0000
Manifest next update:     Mon 30 Mar 2026 13:00:33 +0000
Files and hashes:         1: tY6n73bYACz8pmxSD3ybYIo5XZU.crl (hash: sKAKIVXlVzvbMkltMa58DypzvcNk/+pwcYFIWo4ZOWQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:ae:8a:a2:c3:59:a6:ce:d2:90:5a:ec:61:bb:02:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b58ea7ef76d8002cfca66c520f7c9b608a395d95
        Validity
            Not Before: Mar 29 13:00:33 2026 GMT
            Not After : Mar 30 13:00:33 2026 GMT
        Subject: CN=b8fea07c9ca4875775f1046b7b969dba68933bcc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:16:cf:c1:39:a7:83:86:eb:b0:8e:c7:92:0b:
                    8b:5c:a6:e7:1a:9b:b0:89:b0:a3:43:de:6f:78:92:
                    f0:3a:e7:f8:ef:37:57:cd:9e:6e:e0:a6:e9:ba:7f:
                    7b:16:1a:62:81:33:83:5f:f9:94:c6:64:d8:66:f8:
                    04:da:c3:87:00:e8:97:6c:be:06:9e:0d:19:2f:77:
                    97:98:4a:0f:1c:cb:bf:62:24:65:2f:8b:92:86:aa:
                    00:ec:24:da:77:c4:db:23:72:ea:03:7e:47:6f:47:
                    8a:22:76:cf:7a:94:ab:aa:ec:c0:7f:20:87:67:70:
                    a2:b1:a6:a7:29:53:78:17:da:69:1c:f4:d3:95:d2:
                    2e:5c:c4:a1:1e:52:9b:71:b3:83:d0:18:40:12:05:
                    1e:cb:9f:de:1a:46:b9:70:52:bf:48:71:4d:e6:9e:
                    f8:10:ab:3a:71:42:c3:c4:79:7e:2c:3f:1a:91:22:
                    e7:6b:94:01:df:c6:42:52:47:42:c9:42:82:fd:f1:
                    a6:e8:c8:93:cb:7d:42:de:0e:fc:f2:7a:04:d9:be:
                    d6:e5:1c:fc:47:14:d2:1b:df:63:c7:45:b0:09:2d:
                    ee:eb:20:e4:0f:d0:46:8d:ca:e3:08:60:c8:07:5f:
                    e3:4d:5c:36:3f:c3:bd:7b:1a:d5:34:fc:b8:0d:74:
                    c5:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:FE:A0:7C:9C:A4:87:57:75:F1:04:6B:7B:96:9D:BA:68:93:3B:CC
            X509v3 Authority Key Identifier:
                keyid:B5:8E:A7:EF:76:D8:00:2C:FC:A6:6C:52:0F:7C:9B:60:8A:39:5D:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:c5:1c:19:89:0d:44:43:11:37:43:a3:21:e2:9e:76:cd:dd:
         b2:53:8c:92:a6:a9:fa:36:2d:c5:84:61:11:f7:9d:b7:a9:3e:
         89:f5:16:1f:6f:91:84:43:bb:94:51:56:8c:5b:40:65:71:91:
         84:f4:e3:a7:8e:bb:2a:34:a8:64:de:98:ed:a1:0d:7d:c8:da:
         52:eb:01:4f:c5:75:60:fd:25:dc:f6:70:56:e5:f9:19:50:3b:
         36:50:c3:5f:78:e2:21:61:a0:71:a1:09:ee:d1:59:0b:ad:a9:
         c8:a6:ba:6f:31:d9:ce:87:53:e4:54:24:67:fc:2f:65:ec:9f:
         01:5b:69:e1:b8:13:8e:68:fd:ba:ed:cb:f7:f7:6d:76:7f:d7:
         d9:d2:fb:d3:42:3d:21:9f:ff:3e:cd:3f:56:d7:bf:3f:66:2e:
         94:41:8f:a1:18:5c:71:54:b5:4f:f3:da:79:36:d3:2e:85:90:
         c0:36:45:f7:33:24:3a:9a:52:d6:e1:fe:ff:29:85:4b:c5:b2:
         ce:38:5e:58:f5:d9:6a:09:80:9f:94:b7:0c:69:0a:23:70:c8:
         54:87:60:0b:a5:98:09:e6:55:18:d8:5f:b7:5e:e3:a9:d7:98:
         16:46:41:3c:cb:a2:ee:6b:e4:ea:6d:a0:b5:4a:17:3f:34:27:
         1b:48:87:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05roqiw1mmztKQWuxhuwIsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OGVhN2VmNzZkODAwMmNmY2E2NmM1MjBmN2M5YjYwOGEz
OTVkOTUwHhcNMjYwMzI5MTMwMDMzWhcNMjYwMzMwMTMwMDMzWjAzMTEwLwYDVQQD
EyhiOGZlYTA3YzljYTQ4NzU3NzVmMTA0NmI3Yjk2OWRiYTY4OTMzYmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4xbPwTmng4brsI7HkguLXKbnGpuw
ibCjQ95veJLwOuf47zdXzZ5u4Kbpun97FhpigTODX/mUxmTYZvgE2sOHAOiXbL4G
ng0ZL3eXmEoPHMu/YiRlL4uShqoA7CTad8TbI3LqA35Hb0eKInbPepSrquzAfyCH
Z3CisaanKVN4F9ppHPTTldIuXMShHlKbcbOD0BhAEgUey5/eGka5cFK/SHFN5p74
EKs6cULDxHl+LD8akSLna5QB38ZCUkdCyUKC/fGm6MiTy31C3g788noE2b7W5Rz8
RxTSG99jx0WwCS3u6yDkD9BGjcrjCGDIB1/jTVw2P8O9exrVNPy4DXTF4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLj+oHycpIdXdfEEa3uWnbpokzvMMB8GA1UdIwQY
MBaAFLWOp+922AAs/KZsUg98m2CKOV2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80ZDk1YmEtOTlmYy00OTNlLWE1YzQt
NmI5ZmYyY2ZhMDdmLzEvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80ZDk1YmEtOTlmYy00OTNlLWE1YzQtNmI5ZmYyY2ZhMDdm
LzEvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo8UcGYkN
REMRN0OjIeKeds3dslOMkqap+jYtxYRhEfedt6k+ifUWH2+RhEO7lFFWjFtAZXGR
hPTjp467KjSoZN6Y7aENfcjaUusBT8V1YP0l3PZwVuX5GVA7NlDDX3jiIWGgcaEJ
7tFZC62pyKa6bzHZzodT5FQkZ/wvZeyfAVtp4bgTjmj9uu3L9/dtdn/X2dL700I9
IZ//Ps0/Vte/P2YulEGPoRhccVS1T/PaeTbTLoWQwDZF9zMkOppS1uH+/ymFS8Wy
zjheWPXZagmAn5S3DGkKI3DIVIdgC6WYCeZVGNhft17jqdeYFkZBPMui7mvk6m2g
tUoXPzQnG0iHtw==
-----END CERTIFICATE-----