Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
File:                     orLY2dCvlBb6vW8gNfpyiO-XyME.mft (raw, json)
Hash identifier:          p23oUfzF2u2KNAWu/cVrmt1x25wZqWfDv/yo21QJDHQ=
Subject key identifier:   79:68:D4:9C:F8:92:22:8E:03:BC:71:06:00:C6:48:B9:C7:A2:57:F4
Authority key identifier: A2:B2:D8:D9:D0:AF:94:16:FA:BD:6F:20:35:FA:72:88:EF:97:C8:C1
Certificate issuer:       /CN=a2b2d8d9d0af9416fabd6f2035fa7288ef97c8c1
Certificate serial:       019D996257FBBB81F87ED80DB5EEC2D3DF2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
Manifest number:          0907
Signing time:             Fri 17 Apr 2026 03:00:52 +0000
Manifest this update:     Fri 17 Apr 2026 03:00:52 +0000
Manifest next update:     Sat 18 Apr 2026 03:00:52 +0000
Files and hashes:         1: orLY2dCvlBb6vW8gNfpyiO-XyME.crl (hash: 0IzfxUszMJjbtdAYArq7v9EjYf3zwf1qmsXctYrkNXM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:57:fb:bb:81:f8:7e:d8:0d:b5:ee:c2:d3:df:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2b2d8d9d0af9416fabd6f2035fa7288ef97c8c1
        Validity
            Not Before: Apr 17 03:00:52 2026 GMT
            Not After : Apr 18 03:00:52 2026 GMT
        Subject: CN=7968d49cf892228e03bc710600c648b9c7a257f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:c7:ef:b7:eb:2f:17:44:b3:8d:be:31:74:6d:
                    25:74:1e:41:37:c4:8d:62:d1:0e:e2:72:13:d9:01:
                    7c:59:9d:4f:e6:4e:93:f0:76:3b:ce:9a:6a:a2:41:
                    f8:f9:c4:ee:ae:cc:5f:dd:71:13:4f:ea:58:0b:5a:
                    08:24:21:fe:f3:5c:af:12:b8:82:de:f4:4c:f5:7b:
                    20:48:ea:43:d9:80:cc:6d:c3:24:f7:33:e6:1b:91:
                    71:4d:4f:2b:5a:4b:8e:3e:5a:4f:5a:70:de:19:40:
                    3e:08:bc:c6:11:a2:07:34:10:2e:78:9d:e6:f2:2c:
                    c6:6d:92:d4:b2:8e:23:bd:cc:42:b1:f8:98:31:c1:
                    ce:62:68:ed:90:61:71:15:f9:81:a2:bf:d3:cc:c8:
                    08:61:f7:90:35:6e:7e:a2:ef:47:5f:62:fd:20:42:
                    07:3c:82:69:7d:7b:20:45:b9:98:95:cd:e6:d3:7c:
                    74:a0:b0:77:8e:25:d7:4e:30:f9:fd:d2:39:34:17:
                    b6:69:04:c3:31:ab:27:04:bd:a8:10:f2:3c:92:aa:
                    2d:19:d7:03:7c:30:fd:7f:bd:95:63:16:77:72:08:
                    a1:b0:c6:f1:5c:8f:c3:79:a7:c8:af:42:2f:e7:4d:
                    09:62:f4:e3:a2:25:10:d4:13:9f:66:3a:3d:61:bd:
                    fa:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:68:D4:9C:F8:92:22:8E:03:BC:71:06:00:C6:48:B9:C7:A2:57:F4
            X509v3 Authority Key Identifier:
                keyid:A2:B2:D8:D9:D0:AF:94:16:FA:BD:6F:20:35:FA:72:88:EF:97:C8:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:9b:15:6d:35:07:f1:ce:53:5b:bf:99:e2:05:49:8d:f2:12:
         6d:8c:ae:ae:1f:88:3b:cf:7c:55:b1:89:03:d9:a2:54:19:6e:
         66:79:78:71:b1:7f:06:5d:44:61:20:78:42:3c:a9:37:a7:91:
         e9:24:55:36:e0:d8:f2:b8:ae:03:ca:ef:9a:c2:e0:3e:96:a4:
         3c:8f:8c:69:ec:93:5c:4e:f4:51:92:53:a0:c5:86:bb:0a:2e:
         15:bf:de:cb:60:51:a3:78:3e:2d:f7:c1:bf:b3:75:19:af:8a:
         1b:08:42:b5:35:3c:51:68:91:52:aa:22:f7:b9:b0:9d:ea:5f:
         ec:1d:cf:64:b5:0d:65:a9:bc:af:ae:9d:fa:3d:e4:15:4f:66:
         8c:c2:bf:74:7e:c2:20:e2:75:9b:67:3a:e5:ad:94:27:83:9f:
         f7:dc:d3:ac:be:4c:95:7e:5a:a4:9a:ce:78:f3:64:ec:e8:98:
         24:06:c8:05:bd:51:cd:04:39:a6:58:f6:20:c8:3c:5d:0c:49:
         4d:17:2c:fb:9b:c1:30:83:1d:5e:0e:b4:86:dc:c7:00:5e:3d:
         2e:3f:84:ad:2c:0c:d2:c5:a7:40:33:50:05:93:7c:d8:c9:17:
         1b:7b:ef:39:9a:62:98:93:1f:13:51:e4:d9:df:46:08:42:0e:
         89:38:5b:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYlf7u4H4ftgNte7C098tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjJkOGQ5ZDBhZjk0MTZmYWJkNmYyMDM1ZmE3Mjg4ZWY5
N2M4YzEwHhcNMjYwNDE3MDMwMDUyWhcNMjYwNDE4MDMwMDUyWjAzMTEwLwYDVQQD
Eyg3OTY4ZDQ5Y2Y4OTIyMjhlMDNiYzcxMDYwMGM2NDhiOWM3YTI1N2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcfvt+svF0Szjb4xdG0ldB5BN8SN
YtEO4nIT2QF8WZ1P5k6T8HY7zppqokH4+cTursxf3XETT+pYC1oIJCH+81yvEriC
3vRM9XsgSOpD2YDMbcMk9zPmG5FxTU8rWkuOPlpPWnDeGUA+CLzGEaIHNBAueJ3m
8izGbZLUso4jvcxCsfiYMcHOYmjtkGFxFfmBor/TzMgIYfeQNW5+ou9HX2L9IEIH
PIJpfXsgRbmYlc3m03x0oLB3jiXXTjD5/dI5NBe2aQTDMasnBL2oEPI8kqotGdcD
fDD9f72VYxZ3cgihsMbxXI/DeafIr0Iv500JYvTjoiUQ1BOfZjo9Yb36vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHlo1Jz4kiKOA7xxBgDGSLnHolf0MB8GA1UdIwQY
MBaAFKKy2NnQr5QW+r1vIDX6cojvl8jBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8zYTI4ZTMtODU0NC00OGM2LThiOGUt
YmFmN2JhMGM0MTc3LzEvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8zYTI4ZTMtODU0NC00OGM2LThiOGUtYmFmN2JhMGM0MTc3
LzEvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE5sVbTUH
8c5TW7+Z4gVJjfISbYyurh+IO898VbGJA9miVBluZnl4cbF/Bl1EYSB4QjypN6eR
6SRVNuDY8riuA8rvmsLgPpakPI+MaeyTXE70UZJToMWGuwouFb/ey2BRo3g+LffB
v7N1Ga+KGwhCtTU8UWiRUqoi97mwnepf7B3PZLUNZam8r66d+j3kFU9mjMK/dH7C
IOJ1m2c65a2UJ4Of99zTrL5MlX5apJrOePNk7OiYJAbIBb1RzQQ5plj2IMg8XQxJ
TRcs+5vBMIMdXg60htzHAF49Lj+ErSwM0sWnQDNQBZN82MkXG3vvOZpimJMfE1Hk
2d9GCEIOiThbZg==
-----END CERTIFICATE-----