Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft
File:                     Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft (raw, json)
Hash identifier:          A+UOMYnNaS4K2EIacgeMgd8smxwBGZRVtNgOFt8TbP0=
Subject key identifier:   E4:47:D6:26:25:A4:26:36:2A:D8:DD:8E:9F:6E:A7:0A:30:84:25:EF
Authority key identifier: 23:28:72:F4:31:AD:A9:B6:82:6C:5F:08:97:EC:4E:53:42:09:2E:98
Certificate issuer:       /CN=232872f431ada9b6826c5f0897ec4e5342092e98
Certificate serial:       019CAAFD53BCF5AE7F8009ACA66BC467BD95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft
Manifest number:          05A6
Signing time:             Sun 01 Mar 2026 20:00:54 +0000
Manifest this update:     Sun 01 Mar 2026 20:00:54 +0000
Manifest next update:     Mon 02 Mar 2026 20:00:54 +0000
Files and hashes:         1: Iyhy9DGtqbaCbF8Il-xOU0IJLpg.crl (hash: lcNIRFZ4hhusnQAakV6OlbOst+DtWm0XiYc/xIIAyKY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:fd:53:bc:f5:ae:7f:80:09:ac:a6:6b:c4:67:bd:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=232872f431ada9b6826c5f0897ec4e5342092e98
        Validity
            Not Before: Mar  1 20:00:54 2026 GMT
            Not After : Mar  2 20:00:54 2026 GMT
        Subject: CN=e447d62625a426362ad8dd8e9f6ea70a308425ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:19:04:a8:1c:f7:af:49:ef:1f:02:68:4c:8b:
                    58:3c:3d:88:ff:01:88:57:c8:37:1d:d5:c8:96:b0:
                    91:4f:f8:da:2a:02:5f:68:ea:5e:cc:0c:20:42:11:
                    d2:e9:23:ba:41:f7:d5:e6:f0:39:8a:14:fd:b6:5c:
                    25:b3:af:ca:95:26:75:be:4c:a6:b9:55:5b:ba:96:
                    09:b8:30:b1:4f:f0:ad:23:f4:c0:27:96:84:7f:b6:
                    60:f5:e6:0c:90:c9:8f:77:b4:09:ad:07:2a:31:c4:
                    01:6e:3d:30:28:31:88:ed:dd:ee:ce:3d:26:11:f5:
                    f9:d8:8a:c3:c5:90:6f:b1:a1:8d:88:cd:f0:d5:bb:
                    55:27:a1:dd:90:7d:87:50:b1:8f:a7:15:6d:5e:df:
                    fb:cb:a2:d9:04:dd:8b:41:ca:f7:51:d7:b5:79:5b:
                    13:28:ab:5a:3f:e4:2a:dd:ea:35:f2:0c:eb:44:a3:
                    42:e7:e9:2a:ee:42:62:63:2a:de:01:54:27:af:ae:
                    27:07:e3:7a:41:a3:7c:1e:3b:7b:44:db:60:5a:ab:
                    07:19:56:be:64:22:a7:33:a8:29:e0:e6:a0:ce:b1:
                    ad:19:0d:26:31:26:ae:61:01:bd:82:23:43:40:8d:
                    5b:8b:d2:fa:f1:e6:1c:07:f0:08:65:b1:12:4b:05:
                    6e:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:47:D6:26:25:A4:26:36:2A:D8:DD:8E:9F:6E:A7:0A:30:84:25:EF
            X509v3 Authority Key Identifier:
                keyid:23:28:72:F4:31:AD:A9:B6:82:6C:5F:08:97:EC:4E:53:42:09:2E:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/7472f9-b403-42e0-b306-71aa63125128/1/Iyhy9DGtqbaCbF8Il-xOU0IJLpg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:40:8e:5b:18:43:30:0c:ea:bb:d0:bd:fd:b3:4f:c9:a9:f4:
         51:42:3c:87:f6:ae:7d:d2:aa:d8:0c:1f:a0:ef:a0:1d:74:e8:
         41:a4:db:00:87:0d:50:8e:2f:54:5d:d5:ea:91:52:48:3f:a9:
         15:30:86:91:4f:e4:26:c1:5b:89:50:32:c2:14:3a:bf:43:e7:
         f3:fb:85:dc:08:88:41:f2:69:fc:03:ec:36:78:01:15:bd:97:
         54:e9:21:c9:b4:92:ad:d0:6a:f8:07:49:a2:ee:e7:92:8d:4f:
         17:1f:34:db:54:b8:00:32:fc:6d:c5:9d:9a:f7:5d:31:db:99:
         fb:24:5b:fc:72:78:c0:cc:ea:8c:df:03:c1:32:81:0a:31:0a:
         14:1c:48:4e:61:a5:78:6c:58:6e:00:38:c7:f4:d0:f7:d5:0c:
         f3:a2:26:d5:de:a2:3b:41:b4:e5:3e:71:6d:ea:25:6d:66:1b:
         cd:bc:f0:3e:f5:b3:e9:10:eb:16:55:2a:33:8d:25:02:37:4b:
         95:5f:94:40:ee:2d:b6:ef:ec:35:1a:73:a9:5d:60:89:60:0e:
         9a:99:ce:65:d7:f0:2b:2c:1a:7e:6e:b0:cf:87:de:19:49:89:
         d8:40:ff:87:0e:e0:6b:00:99:2c:05:65:cb:2c:d0:8a:ea:7c:
         a6:42:26:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyq/VO89a5/gAmspmvEZ72VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMjg3MmY0MzFhZGE5YjY4MjZjNWYwODk3ZWM0ZTUzNDIw
OTJlOTgwHhcNMjYwMzAxMjAwMDU0WhcNMjYwMzAyMjAwMDU0WjAzMTEwLwYDVQQD
EyhlNDQ3ZDYyNjI1YTQyNjM2MmFkOGRkOGU5ZjZlYTcwYTMwODQyNWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhkEqBz3r0nvHwJoTItYPD2I/wGI
V8g3HdXIlrCRT/jaKgJfaOpezAwgQhHS6SO6QffV5vA5ihT9tlwls6/KlSZ1vkym
uVVbupYJuDCxT/CtI/TAJ5aEf7Zg9eYMkMmPd7QJrQcqMcQBbj0wKDGI7d3uzj0m
EfX52IrDxZBvsaGNiM3w1btVJ6HdkH2HULGPpxVtXt/7y6LZBN2LQcr3Ude1eVsT
KKtaP+Qq3eo18gzrRKNC5+kq7kJiYyreAVQnr64nB+N6QaN8Hjt7RNtgWqsHGVa+
ZCKnM6gp4OagzrGtGQ0mMSauYQG9giNDQI1bi9L68eYcB/AIZbESSwVuJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFORH1iYlpCY2Ktjdjp9upwowhCXvMB8GA1UdIwQY
MBaAFCMocvQxram2gmxfCJfsTlNCCS6YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXloeTlER3RxYmFDYkY4SWwteE9VMElKTHBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi83NDcyZjktYjQwMy00MmUwLWIzMDYt
NzFhYTYzMTI1MTI4LzEvSXloeTlER3RxYmFDYkY4SWwteE9VMElKTHBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi83NDcyZjktYjQwMy00MmUwLWIzMDYtNzFhYTYzMTI1MTI4
LzEvSXloeTlER3RxYmFDYkY4SWwteE9VMElKTHBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqUCOWxhD
MAzqu9C9/bNPyan0UUI8h/aufdKq2AwfoO+gHXToQaTbAIcNUI4vVF3V6pFSSD+p
FTCGkU/kJsFbiVAywhQ6v0Pn8/uF3AiIQfJp/APsNngBFb2XVOkhybSSrdBq+AdJ
ou7nko1PFx8021S4ADL8bcWdmvddMduZ+yRb/HJ4wMzqjN8DwTKBCjEKFBxITmGl
eGxYbgA4x/TQ99UM86Im1d6iO0G05T5xbeolbWYbzbzwPvWz6RDrFlUqM40lAjdL
lV+UQO4ttu/sNRpzqV1giWAOmpnOZdfwKywafm6wz4feGUmJ2ED/hw7gawCZLAVl
yyzQiup8pkImkg==
-----END CERTIFICATE-----