Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft
File:                     hyyq6fD7ed7GhEvqzowiHO9NMsk.mft (raw, json)
Hash identifier:          lU2sAXr8vGVR9pQWKqWWFS0PsSBlczxUONPYA446VMM=
Subject key identifier:   46:83:27:52:1C:06:9D:2F:FE:59:BF:73:AB:34:EF:F5:99:5D:6A:93
Authority key identifier: 87:2C:AA:E9:F0:FB:79:DE:C6:84:4B:EA:CE:8C:22:1C:EF:4D:32:C9
Certificate issuer:       /CN=872caae9f0fb79dec6844beace8c221cef4d32c9
Certificate serial:       019D98F52D67F596C421F695542FF5DDF34F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hyyq6fD7ed7GhEvqzowiHO9NMsk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft
Manifest number:          1349
Signing time:             Fri 17 Apr 2026 01:01:37 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:37 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:37 +0000
Files and hashes:         1: hyyq6fD7ed7GhEvqzowiHO9NMsk.crl (hash: 5dZ5prKa3CqI2OQ+YSXGny1yprMwhegVT1dxIe3tojw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hyyq6fD7ed7GhEvqzowiHO9NMsk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f5:2d:67:f5:96:c4:21:f6:95:54:2f:f5:dd:f3:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=872caae9f0fb79dec6844beace8c221cef4d32c9
        Validity
            Not Before: Apr 17 01:01:37 2026 GMT
            Not After : Apr 18 01:01:37 2026 GMT
        Subject: CN=468327521c069d2ffe59bf73ab34eff5995d6a93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:58:f0:a2:60:fd:02:96:4e:f0:12:78:3b:a9:
                    da:22:5e:7b:35:4b:44:67:e6:95:39:4d:7b:04:17:
                    42:16:39:31:48:67:33:bb:66:5b:bb:d4:c3:68:6a:
                    1f:a4:b8:7e:50:f5:db:2e:61:32:8d:53:18:21:a4:
                    f2:47:6f:3a:7c:35:95:6d:d1:4f:67:ac:0b:db:5b:
                    4d:7f:8c:01:06:0b:bc:ad:d9:62:db:f4:c5:12:12:
                    2d:6f:4d:54:2e:80:f8:d8:ab:83:26:98:1a:79:8b:
                    29:7b:78:0b:56:05:2b:56:a2:14:e5:77:f3:df:62:
                    f5:30:f9:82:1a:eb:b3:7d:7a:d0:03:68:97:cd:c3:
                    c6:72:6b:e8:73:58:f5:e3:6a:01:8f:61:7a:b6:51:
                    8a:9e:58:13:f9:17:c7:ef:f0:40:90:a3:99:ac:8d:
                    19:39:52:6e:28:05:dc:f3:28:d5:f0:a4:43:84:19:
                    16:04:05:0e:05:49:3f:21:99:f4:5a:7f:64:40:eb:
                    18:ed:b4:fe:9a:9c:f6:a4:dc:13:53:6a:85:3c:6f:
                    3e:1e:51:f7:4d:d4:32:46:1a:b1:ea:fc:0f:c6:4b:
                    24:bc:29:13:f5:29:ff:63:8e:8e:ee:cb:27:bf:e9:
                    8f:51:ff:85:e9:75:fd:48:31:56:14:55:5e:96:ea:
                    00:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:83:27:52:1C:06:9D:2F:FE:59:BF:73:AB:34:EF:F5:99:5D:6A:93
            X509v3 Authority Key Identifier:
                keyid:87:2C:AA:E9:F0:FB:79:DE:C6:84:4B:EA:CE:8C:22:1C:EF:4D:32:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyyq6fD7ed7GhEvqzowiHO9NMsk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:da:36:d3:4c:33:ea:0d:17:ec:94:06:91:9c:1e:47:bd:b5:
         70:f1:44:1b:08:c0:c1:da:0a:0d:8b:20:f3:21:f8:50:68:dd:
         bd:ed:ca:7c:d5:9e:d0:93:35:a3:97:26:b5:e9:ee:92:d4:7f:
         5a:51:37:d2:4d:42:c5:03:08:d2:36:c4:0c:be:c0:5f:7c:66:
         91:e5:f9:10:08:a3:7b:4c:38:78:84:d3:85:d2:0a:f9:83:dc:
         29:23:4e:12:ac:e9:5d:95:de:a2:e2:a4:9b:f5:b2:4c:e9:af:
         a4:11:1f:20:a1:c1:25:8a:06:dd:ed:c4:98:85:64:f0:a2:ed:
         09:58:d5:52:7f:53:e5:99:21:48:67:3e:89:c6:88:1a:d3:30:
         ce:cf:68:99:53:b3:bf:f3:8d:91:b1:1a:c8:4d:c9:ca:ba:92:
         a5:37:8d:90:eb:e3:e7:3f:76:51:84:b6:11:37:f9:b0:9b:7e:
         56:e2:84:29:f7:8b:41:5f:b2:cd:ef:cb:0e:df:cc:fc:94:ab:
         34:ea:1d:5e:a3:91:15:78:d6:26:5f:9e:78:3d:5b:b3:95:28:
         2a:6f:03:7c:50:76:34:68:03:da:33:cc:23:3f:c7:e9:51:18:
         9e:08:db:b8:db:8c:28:ff:f9:eb:47:2b:b1:bd:be:7c:ec:8c:
         f9:4c:6d:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9S1n9ZbEIfaVVC/13fNPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MmNhYWU5ZjBmYjc5ZGVjNjg0NGJlYWNlOGMyMjFjZWY0
ZDMyYzkwHhcNMjYwNDE3MDEwMTM3WhcNMjYwNDE4MDEwMTM3WjAzMTEwLwYDVQQD
Eyg0NjgzMjc1MjFjMDY5ZDJmZmU1OWJmNzNhYjM0ZWZmNTk5NWQ2YTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2VjwomD9ApZO8BJ4O6naIl57NUtE
Z+aVOU17BBdCFjkxSGczu2Zbu9TDaGofpLh+UPXbLmEyjVMYIaTyR286fDWVbdFP
Z6wL21tNf4wBBgu8rdli2/TFEhItb01ULoD42KuDJpgaeYspe3gLVgUrVqIU5Xfz
32L1MPmCGuuzfXrQA2iXzcPGcmvoc1j142oBj2F6tlGKnlgT+RfH7/BAkKOZrI0Z
OVJuKAXc8yjV8KRDhBkWBAUOBUk/IZn0Wn9kQOsY7bT+mpz2pNwTU2qFPG8+HlH3
TdQyRhqx6vwPxkskvCkT9Sn/Y46O7ssnv+mPUf+F6XX9SDFWFFVeluoASwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEaDJ1IcBp0v/lm/c6s07/WZXWqTMB8GA1UdIwQY
MBaAFIcsqunw+3nexoRL6s6MIhzvTTLJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHl5cTZmRDdlZDdHaEV2cXpvd2lITzlOTXNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC82Yzc5MWYtYmE4NS00YzAzLWI3OTEt
ZTViMTY3MmQ0YjE3LzEvaHl5cTZmRDdlZDdHaEV2cXpvd2lITzlOTXNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC82Yzc5MWYtYmE4NS00YzAzLWI3OTEtZTViMTY3MmQ0YjE3
LzEvaHl5cTZmRDdlZDdHaEV2cXpvd2lITzlOTXNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYto200wz
6g0X7JQGkZweR721cPFEGwjAwdoKDYsg8yH4UGjdve3KfNWe0JM1o5cmtenuktR/
WlE30k1CxQMI0jbEDL7AX3xmkeX5EAije0w4eITThdIK+YPcKSNOEqzpXZXeouKk
m/WyTOmvpBEfIKHBJYoG3e3EmIVk8KLtCVjVUn9T5ZkhSGc+icaIGtMwzs9omVOz
v/ONkbEayE3JyrqSpTeNkOvj5z92UYS2ETf5sJt+VuKEKfeLQV+yze/LDt/M/JSr
NOodXqORFXjWJl+eeD1bs5UoKm8DfFB2NGgD2jPMIz/H6VEYngjbuNuMKP/560cr
sb2+fOyM+UxtHA==
-----END CERTIFICATE-----