Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
File:                     hyDPLDSRRvabop66wMiCKIEcovE.mft (raw, json)
Hash identifier:          ypP1bgexCsJklfLaaZwxLaADB1je15GNhdrWvUum6SA=
Subject key identifier:   2C:A0:61:9C:A8:1D:13:33:E5:8F:9F:86:5E:12:FA:E7:5E:B7:7A:B6
Authority key identifier: 87:20:CF:2C:34:91:46:F6:9B:A2:9E:BA:C0:C8:82:28:81:1C:A2:F1
Certificate issuer:       /CN=8720cf2c349146f69ba29ebac0c88228811ca2f1
Certificate serial:       019CAD5A108B3CDD78C35958A86384F92734
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
Manifest number:          0C13
Signing time:             Mon 02 Mar 2026 07:01:26 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:26 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:26 +0000
Files and hashes:         1: hyDPLDSRRvabop66wMiCKIEcovE.crl (hash: kSkz1FKjc3P6ZGv72BvMNHJPchLmQrd4bCeMXW2eDWA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:5a:10:8b:3c:dd:78:c3:59:58:a8:63:84:f9:27:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8720cf2c349146f69ba29ebac0c88228811ca2f1
        Validity
            Not Before: Mar  2 07:01:26 2026 GMT
            Not After : Mar  3 07:01:26 2026 GMT
        Subject: CN=2ca0619ca81d1333e58f9f865e12fae75eb77ab6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:43:87:90:28:1c:54:f3:6d:b8:70:2c:07:74:
                    39:ae:b7:7c:95:07:94:3a:df:4e:d9:9a:c9:fa:17:
                    38:23:bd:a7:59:91:b7:60:8f:44:b0:a8:01:37:e2:
                    e1:ce:4c:e4:c6:18:bd:ea:a4:42:05:ca:4e:77:37:
                    21:96:33:a8:d1:af:9a:43:c5:9f:3e:f7:17:f9:bb:
                    ef:11:12:96:b1:a0:91:ec:0f:69:a9:18:ec:09:c6:
                    86:92:05:72:39:cb:43:2b:af:35:b5:3c:3d:e0:ab:
                    33:bc:14:32:a4:28:71:db:05:89:5f:1c:26:53:4d:
                    08:4c:57:5f:23:b6:32:49:2d:af:60:b3:3c:58:9f:
                    3c:19:cd:9a:3d:26:b8:c0:95:7b:96:cc:76:45:3c:
                    b2:b4:bd:34:32:81:00:f1:09:cf:a4:d2:ed:ec:2a:
                    35:35:92:0c:50:1c:e2:26:57:41:3c:60:eb:37:ec:
                    2e:9f:ec:4b:99:e9:fd:76:b8:ee:4c:35:92:c4:ee:
                    af:11:5b:94:76:8c:ef:05:98:76:33:87:c4:39:7f:
                    64:33:a4:8c:98:5d:0e:51:4c:98:95:4f:10:7f:32:
                    7d:eb:3f:e6:a4:48:fc:1b:8c:81:b6:cb:e9:22:52:
                    5d:9e:0a:6e:bb:d9:3e:fb:85:aa:8e:52:49:e8:f2:
                    23:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:A0:61:9C:A8:1D:13:33:E5:8F:9F:86:5E:12:FA:E7:5E:B7:7A:B6
            X509v3 Authority Key Identifier:
                keyid:87:20:CF:2C:34:91:46:F6:9B:A2:9E:BA:C0:C8:82:28:81:1C:A2:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyDPLDSRRvabop66wMiCKIEcovE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3bbd37-d3cb-415b-a38a-d415067a8f76/1/hyDPLDSRRvabop66wMiCKIEcovE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:0a:26:21:b4:5b:16:c9:fe:3f:58:2f:e8:7a:45:98:64:8d:
         a5:1c:ef:05:15:23:b9:e5:56:de:31:ee:b5:b5:eb:af:7d:22:
         bb:0b:c8:cb:8c:20:66:23:f0:1c:1a:5d:84:72:ff:cc:a4:ca:
         4b:10:ac:3a:b4:de:ba:84:bb:51:1c:5b:92:30:2a:be:fd:56:
         fb:bb:4e:a1:65:49:2d:9f:f1:c1:9c:84:b4:11:ff:26:ae:a6:
         03:b7:d8:3e:b7:4a:5f:cb:a4:e9:11:03:77:3c:f7:35:7e:d7:
         84:77:4d:94:3c:25:c8:26:cc:2e:c7:ea:63:b2:db:09:60:3b:
         a3:13:e1:f6:42:77:a7:ea:62:58:7a:3e:e2:5f:50:79:17:38:
         8e:30:95:f2:e9:84:8b:6d:1b:3e:81:0b:7b:13:66:3d:f3:51:
         3c:af:4a:19:7b:85:54:ba:8b:bd:92:87:8c:ee:80:a4:a8:5a:
         79:33:26:e8:87:2b:53:49:ce:c4:4e:cb:44:28:80:70:4f:c8:
         c3:42:3a:50:40:14:57:b6:be:22:17:e5:3d:af:22:6b:ed:b5:
         cd:0a:5d:d5:a0:a5:45:e0:d4:e5:a6:22:ee:e1:de:42:c1:d3:
         9e:94:c6:21:2a:68:f0:e2:d9:a3:7b:6d:78:02:41:07:aa:a5:
         d9:ac:08:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWhCLPN14w1lYqGOE+Sc0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MjBjZjJjMzQ5MTQ2ZjY5YmEyOWViYWMwYzg4MjI4ODEx
Y2EyZjEwHhcNMjYwMzAyMDcwMTI2WhcNMjYwMzAzMDcwMTI2WjAzMTEwLwYDVQQD
EygyY2EwNjE5Y2E4MWQxMzMzZTU4ZjlmODY1ZTEyZmFlNzVlYjc3YWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EOHkCgcVPNtuHAsB3Q5rrd8lQeU
Ot9O2ZrJ+hc4I72nWZG3YI9EsKgBN+Lhzkzkxhi96qRCBcpOdzchljOo0a+aQ8Wf
PvcX+bvvERKWsaCR7A9pqRjsCcaGkgVyOctDK681tTw94KszvBQypChx2wWJXxwm
U00ITFdfI7YySS2vYLM8WJ88Gc2aPSa4wJV7lsx2RTyytL00MoEA8QnPpNLt7Co1
NZIMUBziJldBPGDrN+wun+xLmen9drjuTDWSxO6vEVuUdozvBZh2M4fEOX9kM6SM
mF0OUUyYlU8QfzJ96z/mpEj8G4yBtsvpIlJdngpuu9k++4WqjlJJ6PIjHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCygYZyoHRMz5Y+fhl4S+udet3q2MB8GA1UdIwQY
MBaAFIcgzyw0kUb2m6KeusDIgiiBHKLxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8zYmJkMzctZDNjYi00MTViLWEzOGEt
ZDQxNTA2N2E4Zjc2LzEvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8zYmJkMzctZDNjYi00MTViLWEzOGEtZDQxNTA2N2E4Zjc2
LzEvaHlEUExEU1JSdmFib3A2NndNaUNLSUVjb3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYQomIbRb
Fsn+P1gv6HpFmGSNpRzvBRUjueVW3jHutbXrr30iuwvIy4wgZiPwHBpdhHL/zKTK
SxCsOrTeuoS7URxbkjAqvv1W+7tOoWVJLZ/xwZyEtBH/Jq6mA7fYPrdKX8uk6RED
dzz3NX7XhHdNlDwlyCbMLsfqY7LbCWA7oxPh9kJ3p+piWHo+4l9QeRc4jjCV8umE
i20bPoELexNmPfNRPK9KGXuFVLqLvZKHjO6ApKhaeTMm6IcrU0nOxE7LRCiAcE/I
w0I6UEAUV7a+IhflPa8ia+21zQpd1aClReDU5aYi7uHeQsHTnpTGISpo8OLZo3tt
eAJBB6ql2awIXA==
-----END CERTIFICATE-----