Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/56c8a7-562b-48c8-8a8f-5a05b91b2b8c/1/dPYRYnGtLREZYKLZYaqcFi-VgKY.mft
File:                     dPYRYnGtLREZYKLZYaqcFi-VgKY.mft (raw, json)
Hash identifier:          O5FAQ6SF+FvolGJqhvloMYrbvaFUWbcVczAQJU47xNs=
Subject key identifier:   41:AF:10:8B:9C:44:5F:17:F9:CE:0B:2F:21:2A:84:E7:A2:12:E5:78
Authority key identifier: 74:F6:11:62:71:AD:2D:11:19:60:A2:D9:61:AA:9C:16:2F:95:80:A6
Certificate issuer:       /CN=74f6116271ad2d111960a2d961aa9c162f9580a6
Certificate serial:       019D98F4CD37DD3498BF225C0E760BB697D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dPYRYnGtLREZYKLZYaqcFi-VgKY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/56c8a7-562b-48c8-8a8f-5a05b91b2b8c/1/dPYRYnGtLREZYKLZYaqcFi-VgKY.mft
Manifest number:          12B9
Signing time:             Fri 17 Apr 2026 01:01:13 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:13 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:13 +0000
Files and hashes:         1: dPYRYnGtLREZYKLZYaqcFi-VgKY.crl (hash: 9TqOl9TPI49C7t1bAagl6L1udAVLwSGcvepEnsr4N1Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/56c8a7-562b-48c8-8a8f-5a05b91b2b8c/1/dPYRYnGtLREZYKLZYaqcFi-VgKY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/56c8a7-562b-48c8-8a8f-5a05b91b2b8c/1/dPYRYnGtLREZYKLZYaqcFi-VgKY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dPYRYnGtLREZYKLZYaqcFi-VgKY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:cd:37:dd:34:98:bf:22:5c:0e:76:0b:b6:97:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74f6116271ad2d111960a2d961aa9c162f9580a6
        Validity
            Not Before: Apr 17 01:01:13 2026 GMT
            Not After : Apr 18 01:01:13 2026 GMT
        Subject: CN=41af108b9c445f17f9ce0b2f212a84e7a212e578
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:51:12:d3:40:a5:4a:5f:fe:3c:41:e4:f9:8a:
                    aa:d4:66:15:cc:76:3b:93:f9:c8:79:54:52:11:6a:
                    f3:be:5d:ce:40:81:00:e8:7e:77:87:f2:f5:1f:cc:
                    e8:6f:03:88:d9:ed:cf:4a:72:e8:d1:52:d8:a8:92:
                    1e:95:c6:7c:44:45:a3:cd:7e:2a:78:81:07:a1:40:
                    80:a2:96:92:7f:99:21:4c:c5:ba:1b:35:fd:a6:a2:
                    0f:5b:53:4b:f6:3c:f7:d5:ae:c0:58:75:c4:15:eb:
                    86:eb:88:77:23:0b:20:1c:c6:3e:57:4a:d3:ba:b4:
                    18:0f:3d:bc:a4:6c:44:59:ec:9f:fa:aa:35:ea:5f:
                    b5:e4:69:f8:02:e2:9c:19:49:08:f2:b6:63:8b:e8:
                    e6:d8:78:a0:0b:74:9c:06:63:02:d0:88:fe:77:ba:
                    72:02:d2:fd:56:d5:37:97:dd:44:50:3a:98:b3:12:
                    a8:59:62:b2:96:ec:b8:3f:ac:51:57:18:c1:73:c8:
                    fd:d6:08:69:8a:ed:39:aa:68:26:06:ce:9c:7d:f8:
                    3f:9e:12:d9:c0:17:4f:a8:88:13:f6:22:bc:dc:70:
                    d3:8c:99:25:1b:ff:87:10:08:94:01:1d:f6:3c:4f:
                    00:43:c9:03:1e:b5:2c:dc:8f:bd:0a:0b:a5:cf:5e:
                    8e:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:AF:10:8B:9C:44:5F:17:F9:CE:0B:2F:21:2A:84:E7:A2:12:E5:78
            X509v3 Authority Key Identifier:
                keyid:74:F6:11:62:71:AD:2D:11:19:60:A2:D9:61:AA:9C:16:2F:95:80:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dPYRYnGtLREZYKLZYaqcFi-VgKY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/56c8a7-562b-48c8-8a8f-5a05b91b2b8c/1/dPYRYnGtLREZYKLZYaqcFi-VgKY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/56c8a7-562b-48c8-8a8f-5a05b91b2b8c/1/dPYRYnGtLREZYKLZYaqcFi-VgKY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:d0:9a:7b:77:06:1b:64:1e:b4:15:e8:58:45:c7:ef:a1:ae:
         68:76:c9:03:56:f5:b5:a7:ee:17:8c:a7:b1:d4:05:62:50:cf:
         b6:77:59:f0:d1:89:6a:4b:38:c5:a3:3d:e5:e1:c8:92:bb:db:
         1d:05:93:38:04:06:b4:2b:43:5b:3e:5d:34:79:79:58:57:fb:
         96:da:6f:e9:49:8d:db:01:eb:73:7a:81:2c:67:1c:61:4b:2b:
         72:f6:92:df:0a:71:d6:68:25:13:c1:7c:60:4d:8c:fb:13:d0:
         73:37:ac:ff:c9:bc:d7:8c:80:0f:2f:04:24:58:6c:06:0e:cf:
         a1:b5:4a:7b:43:6d:dd:42:7e:ba:96:a6:f4:67:90:a9:58:5d:
         49:d5:a5:97:a5:68:75:5d:21:aa:b6:cc:16:07:48:69:bf:43:
         9f:e6:c3:2f:eb:fa:2a:f9:24:3e:55:91:45:c7:4c:ba:66:a0:
         c9:78:42:fd:be:2e:03:ea:f3:81:92:df:1d:e5:cb:43:71:35:
         75:4a:5f:d0:5d:e3:29:1a:ce:3c:4e:30:8a:d0:c0:be:e9:b5:
         71:91:9e:6e:d7:ca:ea:db:05:74:5c:31:1e:5e:46:d2:26:51:
         97:05:6c:3a:65:53:00:99:61:50:3e:fd:ac:43:2b:a4:21:90:
         ed:bf:b4:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9M033TSYvyJcDnYLtpfXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZjYxMTYyNzFhZDJkMTExOTYwYTJkOTYxYWE5YzE2MmY5
NTgwYTYwHhcNMjYwNDE3MDEwMTEzWhcNMjYwNDE4MDEwMTEzWjAzMTEwLwYDVQQD
Eyg0MWFmMTA4YjljNDQ1ZjE3ZjljZTBiMmYyMTJhODRlN2EyMTJlNTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVES00ClSl/+PEHk+Yqq1GYVzHY7
k/nIeVRSEWrzvl3OQIEA6H53h/L1H8zobwOI2e3PSnLo0VLYqJIelcZ8REWjzX4q
eIEHoUCAopaSf5khTMW6GzX9pqIPW1NL9jz31a7AWHXEFeuG64h3IwsgHMY+V0rT
urQYDz28pGxEWeyf+qo16l+15Gn4AuKcGUkI8rZji+jm2HigC3ScBmMC0Ij+d7py
AtL9VtU3l91EUDqYsxKoWWKyluy4P6xRVxjBc8j91ghpiu05qmgmBs6cffg/nhLZ
wBdPqIgT9iK83HDTjJklG/+HEAiUAR32PE8AQ8kDHrUs3I+9Cgulz16ODwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEGvEIucRF8X+c4LLyEqhOeiEuV4MB8GA1UdIwQY
MBaAFHT2EWJxrS0RGWCi2WGqnBYvlYCmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFBZUlluR3RMUkVaWUtMWllhcWNGaS1WZ0tZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni81NmM4YTctNTYyYi00OGM4LThhOGYt
NWEwNWI5MWIyYjhjLzEvZFBZUlluR3RMUkVaWUtMWllhcWNGaS1WZ0tZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni81NmM4YTctNTYyYi00OGM4LThhOGYtNWEwNWI5MWIyYjhj
LzEvZFBZUlluR3RMUkVaWUtMWllhcWNGaS1WZ0tZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjNCae3cG
G2QetBXoWEXH76GuaHbJA1b1tafuF4ynsdQFYlDPtndZ8NGJaks4xaM95eHIkrvb
HQWTOAQGtCtDWz5dNHl5WFf7ltpv6UmN2wHrc3qBLGccYUsrcvaS3wpx1mglE8F8
YE2M+xPQczes/8m814yADy8EJFhsBg7PobVKe0Nt3UJ+upam9GeQqVhdSdWll6Vo
dV0hqrbMFgdIab9Dn+bDL+v6KvkkPlWRRcdMumagyXhC/b4uA+rzgZLfHeXLQ3E1
dUpf0F3jKRrOPE4witDAvum1cZGebtfK6tsFdFwxHl5G0iZRlwVsOmVTAJlhUD79
rEMrpCGQ7b+0Nw==
-----END CERTIFICATE-----