Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft
File:                     Iycd4-AQWavm0aWTxKJP9uGI1k8.mft (raw, json)
Hash identifier:          NQ1g175gnAwJmw9oWIvFKVosofCY+Kp4O/A0G1KZcF4=
Subject key identifier:   32:0A:99:18:1D:E5:00:3C:CA:87:0B:BF:B0:D7:CE:16:FD:B7:1F:5C
Authority key identifier: 23:27:1D:E3:E0:10:59:AB:E6:D1:A5:93:C4:A2:4F:F6:E1:88:D6:4F
Certificate issuer:       /CN=23271de3e01059abe6d1a593c4a24ff6e188d64f
Certificate serial:       019D98F49E58B0916629F2BEB6EE1F7123B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iycd4-AQWavm0aWTxKJP9uGI1k8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft
Manifest number:          10C1
Signing time:             Fri 17 Apr 2026 01:01:01 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:01 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:01 +0000
Files and hashes:         1: Iycd4-AQWavm0aWTxKJP9uGI1k8.crl (hash: ILckzJR3dBtmen09kw5Yfv/VEqebfjZnot3Tdb/iziU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Iycd4-AQWavm0aWTxKJP9uGI1k8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:9e:58:b0:91:66:29:f2:be:b6:ee:1f:71:23:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23271de3e01059abe6d1a593c4a24ff6e188d64f
        Validity
            Not Before: Apr 17 01:01:01 2026 GMT
            Not After : Apr 18 01:01:01 2026 GMT
        Subject: CN=320a99181de5003cca870bbfb0d7ce16fdb71f5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:74:07:9f:b9:c7:d2:40:2b:a6:d0:5e:e2:bc:
                    21:bd:0c:f9:60:8a:9c:0c:57:b9:41:75:87:e7:a4:
                    af:8f:ff:47:22:92:fe:5c:5b:81:a5:41:a7:62:17:
                    96:a5:b4:95:84:5a:a7:70:a2:6c:c4:77:3f:fe:7c:
                    35:18:02:ba:e1:d0:b2:78:e6:7b:16:a5:a3:5c:06:
                    3b:bb:f0:e8:ee:66:5c:36:01:9c:f7:fb:c6:91:e0:
                    ad:7b:12:59:c1:d4:d2:ad:23:b9:d0:16:15:58:63:
                    c6:aa:82:bf:60:92:d2:09:85:d0:70:50:92:06:a9:
                    8b:65:41:1a:87:9e:d2:84:d5:e9:79:d9:a8:a4:84:
                    40:62:44:f0:7e:70:be:dc:75:33:14:af:ef:7e:3e:
                    b8:e0:b4:00:6c:2f:87:11:95:9f:a4:24:55:ad:76:
                    29:10:17:83:ef:36:01:55:d7:fc:d8:b4:48:66:03:
                    9e:c9:ad:db:9a:c3:13:f2:0e:f4:59:7e:79:82:76:
                    f4:6b:e6:4d:dd:a0:b6:ba:c5:c1:ff:dd:e3:93:ae:
                    d4:4b:60:e2:7c:7f:43:52:92:e2:4b:08:bb:6d:e3:
                    91:39:6b:eb:01:34:d5:bc:4a:31:3b:d3:9e:3e:85:
                    dc:5a:d8:31:70:c1:25:62:a6:85:35:c2:36:bd:64:
                    88:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:0A:99:18:1D:E5:00:3C:CA:87:0B:BF:B0:D7:CE:16:FD:B7:1F:5C
            X509v3 Authority Key Identifier:
                keyid:23:27:1D:E3:E0:10:59:AB:E6:D1:A5:93:C4:A2:4F:F6:E1:88:D6:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iycd4-AQWavm0aWTxKJP9uGI1k8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:c2:45:59:2f:f4:23:18:8d:d6:dc:e3:c5:e5:d7:b9:07:53:
         b8:88:23:3b:d7:ca:53:6e:41:75:e7:38:1f:85:60:3f:75:22:
         8d:b3:f5:93:d8:8a:35:72:b3:34:8d:eb:29:4b:3d:38:00:63:
         92:0d:49:09:a3:8b:dd:18:49:90:b6:8b:21:08:38:b2:cf:fc:
         7a:f3:68:90:b1:78:7a:19:75:03:37:87:59:06:a6:2e:27:f6:
         f8:43:93:e4:8b:ac:68:dc:62:e4:84:19:e9:80:03:62:c6:68:
         2d:dd:ef:46:dd:1a:59:bd:2e:05:6b:51:a6:83:07:72:b7:df:
         5a:d3:09:15:b7:1c:4f:cd:0b:31:da:bf:8c:2e:85:09:58:da:
         b0:e2:e6:51:29:ff:f6:6c:d9:58:d3:73:e5:1a:a8:20:27:1d:
         69:d5:69:8e:20:d7:47:98:96:84:aa:7c:5d:b4:b4:31:36:80:
         18:ec:8b:8c:c1:46:90:6a:79:59:b9:dc:93:96:79:7e:33:4f:
         b8:73:67:17:14:03:4c:44:d5:81:9b:af:27:26:21:16:d8:c2:
         c4:9f:e1:3e:8a:6d:ab:17:8b:5e:bb:2d:c3:31:11:a9:e2:90:
         dd:97:67:f8:fa:98:a5:4e:a6:37:a8:7d:8a:7b:89:32:96:af:
         36:64:3f:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9J5YsJFmKfK+tu4fcSO1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMjcxZGUzZTAxMDU5YWJlNmQxYTU5M2M0YTI0ZmY2ZTE4
OGQ2NGYwHhcNMjYwNDE3MDEwMTAxWhcNMjYwNDE4MDEwMTAxWjAzMTEwLwYDVQQD
EygzMjBhOTkxODFkZTUwMDNjY2E4NzBiYmZiMGQ3Y2UxNmZkYjcxZjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3QHn7nH0kArptBe4rwhvQz5YIqc
DFe5QXWH56Svj/9HIpL+XFuBpUGnYheWpbSVhFqncKJsxHc//nw1GAK64dCyeOZ7
FqWjXAY7u/Do7mZcNgGc9/vGkeCtexJZwdTSrSO50BYVWGPGqoK/YJLSCYXQcFCS
BqmLZUEah57ShNXpedmopIRAYkTwfnC+3HUzFK/vfj644LQAbC+HEZWfpCRVrXYp
EBeD7zYBVdf82LRIZgOeya3bmsMT8g70WX55gnb0a+ZN3aC2usXB/93jk67US2Di
fH9DUpLiSwi7beOROWvrATTVvEoxO9OePoXcWtgxcMElYqaFNcI2vWSIywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDIKmRgd5QA8yocLv7DXzhb9tx9cMB8GA1UdIwQY
MBaAFCMnHePgEFmr5tGlk8SiT/bhiNZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXljZDQtQVFXYXZtMGFXVHhLSlA5dUdJMWs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zZjdhMDYtMmI0NS00YTBiLWJhNmMt
OTU4YzM3NjUwNmVkLzEvSXljZDQtQVFXYXZtMGFXVHhLSlA5dUdJMWs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zZjdhMDYtMmI0NS00YTBiLWJhNmMtOTU4YzM3NjUwNmVk
LzEvSXljZDQtQVFXYXZtMGFXVHhLSlA5dUdJMWs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGcJFWS/0
IxiN1tzjxeXXuQdTuIgjO9fKU25Bdec4H4VgP3UijbP1k9iKNXKzNI3rKUs9OABj
kg1JCaOL3RhJkLaLIQg4ss/8evNokLF4ehl1AzeHWQamLif2+EOT5IusaNxi5IQZ
6YADYsZoLd3vRt0aWb0uBWtRpoMHcrffWtMJFbccT80LMdq/jC6FCVjasOLmUSn/
9mzZWNNz5RqoICcdadVpjiDXR5iWhKp8XbS0MTaAGOyLjMFGkGp5Wbnck5Z5fjNP
uHNnFxQDTETVgZuvJyYhFtjCxJ/hPoptqxeLXrstwzERqeKQ3Zdn+PqYpU6mN6h9
inuJMpavNmQ/Lg==
-----END CERTIFICATE-----