Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
File:                     hyDPLDSRRvabop66wMiCKIEcovE.mft (raw, json)
Hash identifier:          6crtZz+g0FQJA1QpZ/1JRkaAHh3PwTEg9nUf8SvYTV4=
Subject key identifier:   B8:8E:1A:35:F6:07:30:99:DD:78:B8:07:07:6A:FD:7C:52:F7:FF:BC
Authority key identifier: 87:20:CF:2C:34:91:46:F6:9B:A2:9E:BA:C0:C8:82:28:81:1C:A2:F1
Certificate issuer:       /CN=8720cf2c349146f69ba29ebac0c88228811ca2f1
Certificate serial:       019D98F49C4576C5978529A15C32A18DE66B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
Manifest number:          0C8D
Signing time:             Fri 17 Apr 2026 01:01:00 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:00 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:00 +0000
Files and hashes:         1: hyDPLDSRRvabop66wMiCKIEcovE.crl (hash: y3xqQtQWNumX9O25QRqgjh3S4QxVJks7U9ft2wcxCyE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:9c:45:76:c5:97:85:29:a1:5c:32:a1:8d:e6:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8720cf2c349146f69ba29ebac0c88228811ca2f1
        Validity
            Not Before: Apr 17 01:01:00 2026 GMT
            Not After : Apr 18 01:01:00 2026 GMT
        Subject: CN=b88e1a35f6073099dd78b807076afd7c52f7ffbc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:d0:0c:aa:43:ac:eb:61:2c:cf:cb:71:85:7e:
                    7c:eb:b5:24:49:16:34:57:b9:ea:bb:9a:53:30:96:
                    83:48:04:f3:e7:7d:2f:79:bd:c0:9d:f9:bf:20:0c:
                    eb:61:2e:04:d9:47:3d:79:bb:44:c9:e8:c5:01:38:
                    85:1e:1b:77:b6:16:5a:a5:23:63:74:ef:cd:a2:86:
                    f6:59:e3:05:a4:3a:c9:c4:eb:a8:df:7a:6d:b0:17:
                    9a:51:e9:4a:3d:06:92:76:01:2b:86:fe:28:26:f7:
                    3a:69:d0:97:f1:00:29:4c:63:a3:20:ac:f0:e9:c1:
                    88:74:78:a9:a6:67:f4:2e:ce:89:58:21:f6:be:01:
                    5d:76:2b:93:14:73:b4:56:34:20:f2:20:71:b8:90:
                    36:85:e3:0f:55:1a:67:4e:db:cc:cd:12:a8:a1:9a:
                    bd:16:af:99:26:6a:ca:0f:90:d7:fc:9c:11:ed:bf:
                    1e:0d:a4:94:b0:db:fd:83:6d:82:92:3a:3e:d9:70:
                    71:ce:8c:58:43:d6:37:09:25:11:a0:dd:68:55:71:
                    45:a9:02:5c:18:99:01:30:1b:da:95:58:d5:c9:0a:
                    8b:60:6e:6e:e1:4e:0e:52:d9:5f:2c:fc:7d:05:ee:
                    bc:f5:cb:a2:e5:d5:94:7f:2a:4f:29:f1:ab:88:35:
                    7e:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:8E:1A:35:F6:07:30:99:DD:78:B8:07:07:6A:FD:7C:52:F7:FF:BC
            X509v3 Authority Key Identifier:
                keyid:87:20:CF:2C:34:91:46:F6:9B:A2:9E:BA:C0:C8:82:28:81:1C:A2:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:26:d7:30:4f:55:ca:a8:fb:a4:ba:35:e7:15:dc:48:84:79:
         39:e9:70:a5:7e:f5:fd:a8:f2:39:6e:0c:3b:e9:1b:12:a4:4e:
         d2:79:d7:5b:ba:3f:ba:6a:9b:eb:75:80:9c:92:9c:93:67:95:
         7d:85:4f:47:05:22:2a:3c:02:c3:a2:24:bd:33:3f:6c:51:18:
         76:dd:b0:f5:d9:45:46:5e:ba:64:93:e0:0c:71:78:2a:22:4e:
         53:54:be:64:b4:55:e6:8d:8f:3b:1e:0c:b7:ba:c0:79:5e:64:
         37:12:9f:3c:0c:ce:27:9e:9c:21:6e:7c:e0:d4:e5:01:7e:c4:
         c7:33:a1:73:a4:4c:e7:0d:e6:24:5e:76:15:f2:ce:14:24:b9:
         e8:55:8e:25:4b:b6:ca:8e:3c:81:0e:22:42:60:43:26:79:2f:
         0e:9d:3f:29:bc:fc:ab:18:80:ae:1a:fa:71:17:42:04:69:4f:
         27:a7:03:bd:ed:19:4a:43:d0:85:9e:8e:cc:43:db:a7:0c:88:
         c8:72:99:9f:6b:15:94:e3:d8:d9:20:95:86:08:8f:8b:89:e4:
         20:cb:42:4b:17:57:72:b8:b0:c4:a2:13:84:11:e4:47:f2:f4:
         d3:16:fe:d4:50:15:eb:2a:81:a3:33:fc:33:aa:35:6a:aa:d4:
         0c:31:f5:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9JxFdsWXhSmhXDKhjeZrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MjBjZjJjMzQ5MTQ2ZjY5YmEyOWViYWMwYzg4MjI4ODEx
Y2EyZjEwHhcNMjYwNDE3MDEwMTAwWhcNMjYwNDE4MDEwMTAwWjAzMTEwLwYDVQQD
EyhiODhlMWEzNWY2MDczMDk5ZGQ3OGI4MDcwNzZhZmQ3YzUyZjdmZmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdAMqkOs62Esz8txhX5867UkSRY0
V7nqu5pTMJaDSATz530veb3Anfm/IAzrYS4E2Uc9ebtEyejFATiFHht3thZapSNj
dO/Noob2WeMFpDrJxOuo33ptsBeaUelKPQaSdgErhv4oJvc6adCX8QApTGOjIKzw
6cGIdHippmf0Ls6JWCH2vgFddiuTFHO0VjQg8iBxuJA2heMPVRpnTtvMzRKooZq9
Fq+ZJmrKD5DX/JwR7b8eDaSUsNv9g22Ckjo+2XBxzoxYQ9Y3CSURoN1oVXFFqQJc
GJkBMBvalVjVyQqLYG5u4U4OUtlfLPx9Be689cui5dWUfypPKfGriDV+twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLiOGjX2BzCZ3Xi4Bwdq/XxS9/+8MB8GA1UdIwQY
MBaAFIcgzyw0kUb2m6KeusDIgiiBHKLxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8zYmJkMzctZDNjYi00MTViLWEzOGEt
ZDQxNTA2N2E4Zjc2LzEvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8zYmJkMzctZDNjYi00MTViLWEzOGEtZDQxNTA2N2E4Zjc2
LzEvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKybXME9V
yqj7pLo15xXcSIR5OelwpX71/ajyOW4MO+kbEqRO0nnXW7o/umqb63WAnJKck2eV
fYVPRwUiKjwCw6IkvTM/bFEYdt2w9dlFRl66ZJPgDHF4KiJOU1S+ZLRV5o2POx4M
t7rAeV5kNxKfPAzOJ56cIW584NTlAX7ExzOhc6RM5w3mJF52FfLOFCS56FWOJUu2
yo48gQ4iQmBDJnkvDp0/Kbz8qxiArhr6cRdCBGlPJ6cDve0ZSkPQhZ6OzEPbpwyI
yHKZn2sVlOPY2SCVhgiPi4nkIMtCSxdXcriwxKIThBHkR/L00xb+1FAV6yqBozP8
M6o1aqrUDDH1Dw==
-----END CERTIFICATE-----