Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft
File:                     Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft (raw, json)
Hash identifier:          rKJPbVSnNG6+Kf5gTjWeRVDVHepeeEaFboqhtnmPxqc=
Subject key identifier:   FB:78:46:24:C3:E1:F5:F7:F7:2E:E1:96:D6:40:60:DA:4B:83:29:10
Authority key identifier: 23:28:72:F4:31:AD:A9:B6:82:6C:5F:08:97:EC:4E:53:42:09:2E:98
Certificate issuer:       /CN=232872f431ada9b6826c5f0897ec4e5342092e98
Certificate serial:       019D9886B16A7EDA35CF38B819D65B75BF0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft
Manifest number:          0621
Signing time:             Thu 16 Apr 2026 23:00:57 +0000
Manifest this update:     Thu 16 Apr 2026 23:00:57 +0000
Manifest next update:     Fri 17 Apr 2026 23:00:57 +0000
Files and hashes:         1: Iyhy9DGtqbaCbF8Il-xOU0IJLpg.crl (hash: T/d7n2GcOPsCbfRB4MVmfJKqf0eUsmRErKqkSr6IHcg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:86:b1:6a:7e:da:35:cf:38:b8:19:d6:5b:75:bf:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=232872f431ada9b6826c5f0897ec4e5342092e98
        Validity
            Not Before: Apr 16 23:00:57 2026 GMT
            Not After : Apr 17 23:00:57 2026 GMT
        Subject: CN=fb784624c3e1f5f7f72ee196d64060da4b832910
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:9f:db:54:1b:73:59:d8:7d:36:91:f5:25:3c:
                    9e:58:5c:e8:75:11:33:8a:f9:d5:cd:52:82:fc:09:
                    fa:29:87:3d:2d:f0:9e:58:6a:0a:b1:df:4a:1c:bb:
                    6c:b0:ed:9c:66:e5:36:36:e4:57:ad:92:83:4f:c8:
                    9e:16:99:c4:95:54:ef:5a:62:80:60:97:cc:60:bd:
                    e6:b6:12:78:4e:41:fa:1f:5a:ad:b8:c6:22:1c:84:
                    51:c9:66:3f:24:94:d0:76:f1:37:36:3a:17:e0:41:
                    c3:5d:68:0e:8c:d5:13:65:ed:e3:9d:04:08:c1:89:
                    4b:04:cd:d4:4c:ac:50:f0:8e:99:0f:d9:f6:e3:f3:
                    d8:0b:d3:c5:31:e3:b7:6d:b0:51:67:6c:16:68:bf:
                    59:cb:c0:33:e6:58:50:31:30:9f:b8:03:8b:0a:bd:
                    ee:e4:82:7d:fa:05:09:9d:11:ae:14:b1:97:e3:95:
                    33:15:63:9f:f8:2c:42:24:7a:c2:40:06:b8:70:8c:
                    00:6d:c8:84:bc:6b:37:ce:0a:34:a1:6d:f2:2a:88:
                    ad:46:a7:ae:43:c4:5a:ba:26:b9:39:2f:84:24:b2:
                    cf:10:09:a3:13:7b:fc:99:3e:9a:8b:2e:dc:fa:4f:
                    52:94:20:dc:c4:9a:1c:b6:8c:eb:35:20:10:a7:57:
                    1f:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:78:46:24:C3:E1:F5:F7:F7:2E:E1:96:D6:40:60:DA:4B:83:29:10
            X509v3 Authority Key Identifier:
                keyid:23:28:72:F4:31:AD:A9:B6:82:6C:5F:08:97:EC:4E:53:42:09:2E:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:6b:c9:2b:62:b4:92:a0:5e:8c:bd:b1:b3:e0:25:53:f9:63:
         f0:cc:1b:1a:5f:1a:50:d5:94:7e:b4:d5:06:ce:03:d0:dd:cf:
         90:f9:c2:1c:d0:14:3a:eb:02:ba:1b:22:63:4d:dd:36:38:b0:
         d4:9e:71:c9:3e:2a:57:2f:29:c5:58:0d:b6:5f:3d:da:3e:9c:
         b8:26:6e:b7:ea:32:d1:23:91:c9:f6:80:eb:9c:56:82:8c:74:
         5c:2d:81:29:01:db:34:cc:db:ae:a3:b0:a5:37:96:61:fd:b5:
         f8:7a:0b:d9:1d:48:fe:be:62:00:d9:6b:13:17:92:a6:62:d5:
         d0:23:d0:9c:2a:e2:71:8a:61:6f:8e:e7:e3:e6:a9:11:30:bd:
         2a:30:66:53:75:f4:25:35:66:0a:91:31:e4:1e:e3:e8:e6:b5:
         43:7b:d9:2b:9e:5d:fe:69:f0:37:c9:2a:12:1f:47:c9:6b:74:
         58:61:f1:f0:71:74:c6:76:46:27:74:57:21:a0:a1:cf:f5:9d:
         3f:df:7f:f5:fc:29:b0:1c:87:5a:e5:11:6c:89:d1:43:30:b6:
         a1:a7:c1:2a:0c:0c:02:45:e1:3b:98:2a:0b:68:bf:62:3f:ba:
         74:4f:e9:3e:da:6f:93:33:6b:3d:58:c1:ed:f0:3c:f7:cf:12:
         df:fc:c0:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YhrFqfto1zzi4GdZbdb8LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMjg3MmY0MzFhZGE5YjY4MjZjNWYwODk3ZWM0ZTUzNDIw
OTJlOTgwHhcNMjYwNDE2MjMwMDU3WhcNMjYwNDE3MjMwMDU3WjAzMTEwLwYDVQQD
EyhmYjc4NDYyNGMzZTFmNWY3ZjcyZWUxOTZkNjQwNjBkYTRiODMyOTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJ/bVBtzWdh9NpH1JTyeWFzodREz
ivnVzVKC/An6KYc9LfCeWGoKsd9KHLtssO2cZuU2NuRXrZKDT8ieFpnElVTvWmKA
YJfMYL3mthJ4TkH6H1qtuMYiHIRRyWY/JJTQdvE3NjoX4EHDXWgOjNUTZe3jnQQI
wYlLBM3UTKxQ8I6ZD9n24/PYC9PFMeO3bbBRZ2wWaL9Zy8Az5lhQMTCfuAOLCr3u
5IJ9+gUJnRGuFLGX45UzFWOf+CxCJHrCQAa4cIwAbciEvGs3zgo0oW3yKoitRqeu
Q8Rauia5OS+EJLLPEAmjE3v8mT6aiy7c+k9SlCDcxJoctozrNSAQp1cf0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPt4RiTD4fX39y7hltZAYNpLgykQMB8GA1UdIwQY
MBaAFCMocvQxram2gmxfCJfsTlNCCS6YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXloeTlER3RxYmFDYkY4SWwteE9VMElKTHBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi83NDcyZjktYjQwMy00MmUwLWIzMDYt
NzFhYTYzMTI1MTI4LzEvSXloeTlER3RxYmFDYkY4SWwteE9VMElKTHBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi83NDcyZjktYjQwMy00MmUwLWIzMDYtNzFhYTYzMTI1MTI4
LzEvSXloeTlER3RxYmFDYkY4SWwteE9VMElKTHBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArGvJK2K0
kqBejL2xs+AlU/lj8MwbGl8aUNWUfrTVBs4D0N3PkPnCHNAUOusCuhsiY03dNjiw
1J5xyT4qVy8pxVgNtl892j6cuCZut+oy0SORyfaA65xWgox0XC2BKQHbNMzbrqOw
pTeWYf21+HoL2R1I/r5iANlrExeSpmLV0CPQnCricYphb47n4+apETC9KjBmU3X0
JTVmCpEx5B7j6Oa1Q3vZK55d/mnwN8kqEh9HyWt0WGHx8HF0xnZGJ3RXIaChz/Wd
P99/9fwpsByHWuURbInRQzC2oafBKgwMAkXhO5gqC2i/Yj+6dE/pPtpvkzNrPVjB
7fA8988S3/zABw==
-----END CERTIFICATE-----