Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
File:                     y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft (raw, json)
Hash identifier:          RPb/HnJpc7s6t/Sp52wuZGzHO3y/KVJcHOFGRFt+VuA=
Subject key identifier:   4F:23:61:C8:5D:6D:62:CC:9D:0E:B8:EC:10:AC:BC:4D:4A:83:4E:3A
Authority key identifier: CB:9A:1C:B8:0F:B6:37:32:E5:30:04:7A:1E:C5:52:9F:8C:8B:1A:06
Certificate issuer:       /CN=cb9a1cb80fb63732e530047a1ec5529f8c8b1a06
Certificate serial:       019D9962232BEDEC527A8F9D4A143473F82A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
Manifest number:          05D9
Signing time:             Fri 17 Apr 2026 03:00:38 +0000
Manifest this update:     Fri 17 Apr 2026 03:00:38 +0000
Manifest next update:     Sat 18 Apr 2026 03:00:38 +0000
Files and hashes:         1: y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl (hash: qcB0D0+CYYJ37N4CbwTvsI3KOuQ0ANIeiSz/zsyyMWg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 03:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:23:2b:ed:ec:52:7a:8f:9d:4a:14:34:73:f8:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb9a1cb80fb63732e530047a1ec5529f8c8b1a06
        Validity
            Not Before: Apr 17 03:00:38 2026 GMT
            Not After : Apr 18 03:00:38 2026 GMT
        Subject: CN=4f2361c85d6d62cc9d0eb8ec10acbc4d4a834e3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:98:46:8f:b2:cf:80:3e:e2:e3:70:89:d5:0d:
                    04:32:66:d8:6b:6c:d6:33:99:cd:4a:7b:31:d2:26:
                    4c:9f:ae:d0:20:a5:d8:57:c7:b5:33:07:ba:51:31:
                    3b:7c:c1:3d:d6:e4:7d:d8:64:dc:99:22:49:38:5c:
                    31:79:a3:36:61:ad:18:08:ba:e2:53:50:d8:b7:cf:
                    70:09:61:cd:f7:e7:70:04:10:ed:50:ad:16:3c:4b:
                    b0:30:39:20:8a:a2:e0:19:4e:23:0c:cf:31:30:db:
                    12:2f:78:95:fa:37:8c:ec:29:f1:60:bd:68:57:a3:
                    71:17:a8:2b:c7:8f:10:41:dd:1f:da:68:d8:a6:e1:
                    42:76:d3:3d:e6:b9:05:4e:d5:71:fb:58:b9:44:9e:
                    88:40:57:20:ec:40:97:d6:ef:f8:96:3c:9f:94:fb:
                    21:c8:ea:77:ab:f1:89:88:3e:50:c9:25:15:35:8d:
                    0b:e1:2a:64:a0:65:01:e0:8e:f9:be:ee:f3:4b:0f:
                    17:4a:1e:cf:8e:f9:28:ba:db:fd:7d:c6:81:ab:25:
                    3b:5c:03:55:4b:c3:cc:60:65:9e:a0:02:78:91:17:
                    d9:00:2d:5f:8f:92:bf:d2:b8:ad:e3:76:78:f3:67:
                    82:9f:17:f2:f0:00:03:4a:c4:2e:14:a7:93:1f:85:
                    27:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:23:61:C8:5D:6D:62:CC:9D:0E:B8:EC:10:AC:BC:4D:4A:83:4E:3A
            X509v3 Authority Key Identifier:
                keyid:CB:9A:1C:B8:0F:B6:37:32:E5:30:04:7A:1E:C5:52:9F:8C:8B:1A:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:d3:fd:89:b9:4e:2e:01:8e:56:92:f7:dc:cd:e6:8a:06:93:
         40:f3:87:de:63:db:44:3f:6a:b1:b9:a3:33:fe:05:39:90:1d:
         14:65:5e:15:7a:97:43:5d:4a:30:f4:8a:31:50:fe:74:67:ba:
         a9:ef:13:c6:1f:b1:48:29:de:5b:b0:7b:05:bd:a3:7a:75:96:
         05:4d:9a:3b:5e:e1:0c:b5:83:6a:86:18:6f:91:7c:0f:7a:e6:
         d4:7f:b9:59:ba:5b:7c:dd:cd:b4:bf:81:5d:3b:cc:45:a4:66:
         ba:57:55:07:54:69:a0:c5:f1:b3:41:47:31:41:f5:7f:5d:02:
         79:f3:50:b2:59:73:23:5c:dc:c7:13:44:dc:ae:75:79:1d:d0:
         78:b3:7d:af:78:37:a0:5f:33:7d:51:5a:76:05:04:ec:bc:52:
         c3:9e:16:6e:73:78:b7:bc:c2:67:b7:47:0f:e9:b5:09:e7:ff:
         04:6d:0d:96:3f:76:8c:5d:fd:78:34:a3:76:1b:e0:65:c6:e3:
         cb:8f:a4:2c:c0:da:e2:de:ac:22:94:26:2b:87:a5:d0:5f:39:
         6d:60:2a:9a:4e:29:f7:37:8d:e9:9f:51:c2:be:ad:77:70:07:
         3d:15:0d:d5:b9:27:e8:f3:26:a0:32:73:8a:01:07:f6:69:4d:
         08:05:e2:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYiMr7exSeo+dShQ0c/gqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiOWExY2I4MGZiNjM3MzJlNTMwMDQ3YTFlYzU1MjlmOGM4
YjFhMDYwHhcNMjYwNDE3MDMwMDM4WhcNMjYwNDE4MDMwMDM4WjAzMTEwLwYDVQQD
Eyg0ZjIzNjFjODVkNmQ2MmNjOWQwZWI4ZWMxMGFjYmM0ZDRhODM0ZTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7phGj7LPgD7i43CJ1Q0EMmbYa2zW
M5nNSnsx0iZMn67QIKXYV8e1Mwe6UTE7fME91uR92GTcmSJJOFwxeaM2Ya0YCLri
U1DYt89wCWHN9+dwBBDtUK0WPEuwMDkgiqLgGU4jDM8xMNsSL3iV+jeM7CnxYL1o
V6NxF6grx48QQd0f2mjYpuFCdtM95rkFTtVx+1i5RJ6IQFcg7ECX1u/4ljyflPsh
yOp3q/GJiD5QySUVNY0L4SpkoGUB4I75vu7zSw8XSh7Pjvkoutv9fcaBqyU7XANV
S8PMYGWeoAJ4kRfZAC1fj5K/0rit43Z482eCnxfy8AADSsQuFKeTH4UntQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE8jYchdbWLMnQ647BCsvE1Kg046MB8GA1UdIwQY
MBaAFMuaHLgPtjcy5TAEeh7FUp+MixoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8wNWJiNDMtNGFlOC00YjZkLWI0NmMt
MTEzZWRlM2FmZjc5LzEveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8wNWJiNDMtNGFlOC00YjZkLWI0NmMtMTEzZWRlM2FmZjc5
LzEveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZdP9iblO
LgGOVpL33M3migaTQPOH3mPbRD9qsbmjM/4FOZAdFGVeFXqXQ11KMPSKMVD+dGe6
qe8Txh+xSCneW7B7Bb2jenWWBU2aO17hDLWDaoYYb5F8D3rm1H+5WbpbfN3NtL+B
XTvMRaRmuldVB1RpoMXxs0FHMUH1f10CefNQsllzI1zcxxNE3K51eR3QeLN9r3g3
oF8zfVFadgUE7LxSw54WbnN4t7zCZ7dHD+m1Cef/BG0Nlj92jF39eDSjdhvgZcbj
y4+kLMDa4t6sIpQmK4el0F85bWAqmk4p9zeN6Z9Rwr6td3AHPRUN1bkn6PMmoDJz
igEH9mlNCAXieQ==
-----END CERTIFICATE-----