Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft
File:                     hyyq6fD7ed7GhEvqzowiHO9NMsk.mft (raw, json)
Hash identifier:          GIYgKQ0wIkIzRPHM9Dd7tZrZInYw1pC0CgIPEbUjILM=
Subject key identifier:   BA:FD:C9:40:FB:F9:90:9E:27:E1:C5:74:AF:57:D7:26:80:E2:AD:E2
Authority key identifier: 87:2C:AA:E9:F0:FB:79:DE:C6:84:4B:EA:CE:8C:22:1C:EF:4D:32:C9
Certificate issuer:       /CN=872caae9f0fb79dec6844beace8c221cef4d32c9
Certificate serial:       019CAB6B9C887549BD5466B877C475C6B112
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hyyq6fD7ed7GhEvqzowiHO9NMsk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft
Manifest number:          12CE
Signing time:             Sun 01 Mar 2026 22:01:22 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:22 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:22 +0000
Files and hashes:         1: hyyq6fD7ed7GhEvqzowiHO9NMsk.crl (hash: AV7Q6gL6lESIkNNgGE0rW+nR8Fij9FsXO8PVAtcCBmI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hyyq6fD7ed7GhEvqzowiHO9NMsk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:9c:88:75:49:bd:54:66:b8:77:c4:75:c6:b1:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=872caae9f0fb79dec6844beace8c221cef4d32c9
        Validity
            Not Before: Mar  1 22:01:22 2026 GMT
            Not After : Mar  2 22:01:22 2026 GMT
        Subject: CN=bafdc940fbf9909e27e1c574af57d72680e2ade2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:fd:1e:c2:9b:de:c8:2c:9e:6c:88:0c:a8:6f:
                    89:05:56:60:6d:21:de:57:86:a4:fe:97:6f:5b:88:
                    35:bc:56:b0:6d:ad:0e:7f:5e:33:75:fe:59:5e:cd:
                    26:f0:cc:31:60:bd:a6:44:f6:6f:a8:87:80:3e:e7:
                    81:14:78:de:7d:e6:3a:7a:5f:33:1b:2a:3e:6e:7f:
                    a3:9c:3e:c6:05:7b:fc:d9:a0:c2:31:ca:3b:bd:c7:
                    6c:33:02:a8:af:04:f0:91:12:05:0b:bd:e7:24:8e:
                    b0:d5:85:c0:7e:71:38:49:f0:68:61:9c:7d:21:03:
                    3b:3f:1b:38:a1:5c:b9:c0:bd:7f:c6:30:a2:c4:d8:
                    98:05:f9:77:ad:99:c1:3f:c0:89:cb:87:3e:3a:24:
                    cd:55:2a:7d:26:02:ec:23:33:f0:c4:5f:f5:49:42:
                    38:75:4a:d1:e4:4c:2c:bf:67:53:b2:eb:41:9e:b6:
                    5f:a4:c3:d6:a7:31:c9:39:64:86:02:01:d0:37:b4:
                    61:b1:39:6e:ef:7e:ac:ee:32:b1:d2:33:45:ab:64:
                    ff:1e:30:c3:fb:cd:5b:11:ca:bb:a1:89:7d:43:67:
                    b6:91:b1:af:c2:aa:a2:5d:94:fd:eb:ce:3f:18:1a:
                    28:3c:1a:8e:03:74:c4:32:81:23:f5:56:5b:cf:dc:
                    be:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:FD:C9:40:FB:F9:90:9E:27:E1:C5:74:AF:57:D7:26:80:E2:AD:E2
            X509v3 Authority Key Identifier:
                keyid:87:2C:AA:E9:F0:FB:79:DE:C6:84:4B:EA:CE:8C:22:1C:EF:4D:32:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyyq6fD7ed7GhEvqzowiHO9NMsk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6c791f-ba85-4c03-b791-e5b1672d4b17/1/hyyq6fD7ed7GhEvqzowiHO9NMsk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:13:3d:89:f7:ad:ae:b7:be:72:98:83:37:ac:43:fc:9e:3a:
         36:c7:0d:52:2b:9a:59:cf:c2:12:76:ab:e8:61:3a:bb:42:ca:
         aa:0e:96:e9:68:cd:c7:43:fa:bb:c4:44:56:12:13:50:6a:87:
         3c:bc:e1:58:ed:63:cf:04:5f:ab:28:b0:36:ac:f8:71:b3:c2:
         76:e2:08:db:80:92:94:b2:f4:47:94:aa:21:18:56:7b:98:2a:
         05:95:e4:52:cf:af:17:71:ff:f0:1d:ac:e9:e1:64:2e:60:58:
         1f:a8:1f:8e:38:2f:16:44:5d:fc:4c:dc:09:35:78:0a:96:31:
         56:a4:c9:0d:2b:5a:ea:45:42:32:ed:22:0f:99:24:27:91:5c:
         6a:f9:6c:24:7f:aa:7c:34:a1:25:c4:cd:e6:83:e2:64:d1:fc:
         e3:ed:2b:6c:7f:41:98:90:d9:0c:fe:71:90:5c:48:59:b4:89:
         7b:ac:3b:fd:4f:0a:9f:61:37:09:2d:a9:96:4b:d7:3b:c0:5a:
         6a:2c:1a:11:7b:6c:17:ed:44:ef:bd:79:cb:b0:d2:14:ed:72:
         c5:28:74:75:4e:0e:31:cc:3b:39:6c:50:42:7d:eb:96:48:1b:
         4d:fe:8e:e4:e6:a6:13:d4:96:a7:f9:4c:96:37:40:57:18:26:
         1e:35:d7:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra5yIdUm9VGa4d8R1xrESMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MmNhYWU5ZjBmYjc5ZGVjNjg0NGJlYWNlOGMyMjFjZWY0
ZDMyYzkwHhcNMjYwMzAxMjIwMTIyWhcNMjYwMzAyMjIwMTIyWjAzMTEwLwYDVQQD
EyhiYWZkYzk0MGZiZjk5MDllMjdlMWM1NzRhZjU3ZDcyNjgwZTJhZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuf0ewpveyCyebIgMqG+JBVZgbSHe
V4ak/pdvW4g1vFawba0Of14zdf5ZXs0m8MwxYL2mRPZvqIeAPueBFHjefeY6el8z
Gyo+bn+jnD7GBXv82aDCMco7vcdsMwKorwTwkRIFC73nJI6w1YXAfnE4SfBoYZx9
IQM7Pxs4oVy5wL1/xjCixNiYBfl3rZnBP8CJy4c+OiTNVSp9JgLsIzPwxF/1SUI4
dUrR5Ewsv2dTsutBnrZfpMPWpzHJOWSGAgHQN7RhsTlu736s7jKx0jNFq2T/HjDD
+81bEcq7oYl9Q2e2kbGvwqqiXZT9684/GBooPBqOA3TEMoEj9VZbz9y+jwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLr9yUD7+ZCeJ+HFdK9X1yaA4q3iMB8GA1UdIwQY
MBaAFIcsqunw+3nexoRL6s6MIhzvTTLJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHl5cTZmRDdlZDdHaEV2cXpvd2lITzlOTXNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC82Yzc5MWYtYmE4NS00YzAzLWI3OTEt
ZTViMTY3MmQ0YjE3LzEvaHl5cTZmRDdlZDdHaEV2cXpvd2lITzlOTXNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC82Yzc5MWYtYmE4NS00YzAzLWI3OTEtZTViMTY3MmQ0YjE3
LzEvaHl5cTZmRDdlZDdHaEV2cXpvd2lITzlOTXNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACxM9ifet
rre+cpiDN6xD/J46NscNUiuaWc/CEnar6GE6u0LKqg6W6WjNx0P6u8REVhITUGqH
PLzhWO1jzwRfqyiwNqz4cbPCduII24CSlLL0R5SqIRhWe5gqBZXkUs+vF3H/8B2s
6eFkLmBYH6gfjjgvFkRd/EzcCTV4CpYxVqTJDSta6kVCMu0iD5kkJ5FcavlsJH+q
fDShJcTN5oPiZNH84+0rbH9BmJDZDP5xkFxIWbSJe6w7/U8Kn2E3CS2plkvXO8Ba
aiwaEXtsF+1E7715y7DSFO1yxSh0dU4OMcw7OWxQQn3rlkgbTf6O5OamE9SWp/lM
ljdAVxgmHjXXxg==
-----END CERTIFICATE-----