Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
File:                     Ay1SsyOaHOPN00MxNIzngN3xZMA.mft (raw, json)
Hash identifier:          Q9RmB70qpj/cF55hSiMA/DZStsnbnN7lUDTJ0NdUFxc=
Subject key identifier:   71:51:B9:55:32:76:16:A2:3E:4A:E5:4A:FB:9D:30:B7:B8:CB:C7:E1
Authority key identifier: 03:2D:52:B3:23:9A:1C:E3:CD:D3:43:31:34:8C:E7:80:DD:F1:64:C0
Certificate issuer:       /CN=032d52b3239a1ce3cdd34331348ce780ddf164c0
Certificate serial:       019CAB6AC9735A6F8988F3F215F41AB0030F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
Manifest number:          08F7
Signing time:             Sun 01 Mar 2026 22:00:28 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:28 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:28 +0000
Files and hashes:         1: Ay1SsyOaHOPN00MxNIzngN3xZMA.crl (hash: 70o2B82tBta6tGMFIwr5pfuMpAgdt5NhrAfN/UQ3fzc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6a:c9:73:5a:6f:89:88:f3:f2:15:f4:1a:b0:03:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=032d52b3239a1ce3cdd34331348ce780ddf164c0
        Validity
            Not Before: Mar  1 22:00:28 2026 GMT
            Not After : Mar  2 22:00:28 2026 GMT
        Subject: CN=7151b955327616a23e4ae54afb9d30b7b8cbc7e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:86:93:7d:e3:bd:17:f6:25:26:68:ef:6d:b6:
                    b1:af:67:f0:20:07:38:1c:89:c2:73:e8:5e:f3:d7:
                    e1:2e:8e:e2:4e:14:e6:28:b7:df:a5:4c:0f:ad:52:
                    aa:d2:23:cb:97:b7:0d:e6:60:7e:52:6a:02:67:08:
                    a8:9c:9d:71:25:83:b2:5e:5f:28:7a:ba:0c:ca:b1:
                    55:e0:73:a1:a2:3f:f6:fc:5c:06:b5:8a:41:fe:bc:
                    b1:d1:17:d1:62:95:e5:55:b3:0e:3d:2b:b0:81:13:
                    0d:07:e5:51:15:73:d9:eb:6c:b6:d4:04:49:16:b9:
                    05:7a:49:82:35:06:c1:7f:81:eb:08:57:25:1d:76:
                    3d:82:9c:1b:be:e8:92:3a:93:f4:67:cd:aa:93:25:
                    78:32:20:5d:ca:93:86:07:84:36:cd:e7:73:93:21:
                    6c:21:24:99:bc:dc:2c:11:8b:5c:35:6c:48:4a:1d:
                    1b:0b:5b:75:a4:c7:58:60:98:f6:16:e2:a4:a5:3d:
                    2c:67:95:ab:b7:6c:59:89:53:70:aa:cf:cb:5b:00:
                    80:20:2f:39:68:6f:36:7a:01:2f:35:9d:0d:e8:59:
                    b0:5b:14:11:59:4f:99:62:bc:5e:a2:fe:1c:65:5a:
                    7b:44:de:79:4f:2a:36:cf:90:9c:2b:98:97:a8:d1:
                    c3:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:51:B9:55:32:76:16:A2:3E:4A:E5:4A:FB:9D:30:B7:B8:CB:C7:E1
            X509v3 Authority Key Identifier:
                keyid:03:2D:52:B3:23:9A:1C:E3:CD:D3:43:31:34:8C:E7:80:DD:F1:64:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ay1SsyOaHOPN00MxNIzngN3xZMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/bc5f15-58ae-4df0-9c6d-e7ad73bbcc89/1/Ay1SsyOaHOPN00MxNIzngN3xZMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:60:60:46:c2:89:60:b2:be:70:b5:5b:7b:10:09:c5:b8:09:
         38:48:a9:1e:5e:64:fc:bb:fc:d3:e6:97:bb:3e:bc:c0:38:e3:
         8d:88:05:2a:d7:71:d2:3c:6b:2b:5a:2e:42:44:9f:57:69:59:
         59:9e:a5:67:54:1e:81:fa:35:89:a9:14:a0:4a:02:d4:f0:6a:
         ea:4c:3a:6a:4e:f7:88:ae:92:56:19:f8:0a:a2:d1:b3:54:80:
         e2:31:34:cb:f6:e0:71:7e:09:c6:9f:0f:38:88:4e:d0:dc:cd:
         fa:81:87:6a:2d:8b:6c:6a:38:07:92:d6:ac:fb:27:c1:5b:70:
         58:72:b5:d0:f4:00:b9:ec:47:ce:0c:f7:02:8f:ed:a2:79:6e:
         dd:c9:79:09:16:21:b9:ed:9f:d6:9e:85:39:6b:dc:10:b1:8c:
         9c:2b:a9:7e:bc:22:8c:22:f7:ae:ab:44:55:d9:42:92:b2:65:
         21:27:62:ed:02:de:b5:18:d2:08:82:43:2c:e6:91:79:02:37:
         d5:23:13:d6:dd:eb:59:91:d8:19:18:b2:29:e5:ac:d2:7c:40:
         a1:a7:dc:29:0e:eb:37:81:ca:9c:1b:d0:a5:ba:0b:c8:53:cf:
         18:99:ae:0f:75:a6:03:86:a0:e5:8d:2d:5f:75:a2:2c:19:9c:
         bf:43:6f:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyraslzWm+JiPPyFfQasAMPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMmQ1MmIzMjM5YTFjZTNjZGQzNDMzMTM0OGNlNzgwZGRm
MTY0YzAwHhcNMjYwMzAxMjIwMDI4WhcNMjYwMzAyMjIwMDI4WjAzMTEwLwYDVQQD
Eyg3MTUxYjk1NTMyNzYxNmEyM2U0YWU1NGFmYjlkMzBiN2I4Y2JjN2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoaTfeO9F/YlJmjvbbaxr2fwIAc4
HInCc+he89fhLo7iThTmKLffpUwPrVKq0iPLl7cN5mB+UmoCZwionJ1xJYOyXl8o
eroMyrFV4HOhoj/2/FwGtYpB/ryx0RfRYpXlVbMOPSuwgRMNB+VRFXPZ62y21ARJ
FrkFekmCNQbBf4HrCFclHXY9gpwbvuiSOpP0Z82qkyV4MiBdypOGB4Q2zedzkyFs
ISSZvNwsEYtcNWxISh0bC1t1pMdYYJj2FuKkpT0sZ5Wrt2xZiVNwqs/LWwCAIC85
aG82egEvNZ0N6FmwWxQRWU+ZYrxeov4cZVp7RN55Tyo2z5CcK5iXqNHDPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHFRuVUydhaiPkrlSvudMLe4y8fhMB8GA1UdIwQY
MBaAFAMtUrMjmhzjzdNDMTSM54Dd8WTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iYzVmMTUtNThhZS00ZGYwLTljNmQt
ZTdhZDczYmJjYzg5LzEvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iYzVmMTUtNThhZS00ZGYwLTljNmQtZTdhZDczYmJjYzg5
LzEvQXkxU3N5T2FIT1BOMDBNeE5Jem5nTjN4Wk1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO2BgRsKJ
YLK+cLVbexAJxbgJOEipHl5k/Lv80+aXuz68wDjjjYgFKtdx0jxrK1ouQkSfV2lZ
WZ6lZ1Qegfo1iakUoEoC1PBq6kw6ak73iK6SVhn4CqLRs1SA4jE0y/bgcX4Jxp8P
OIhO0NzN+oGHai2LbGo4B5LWrPsnwVtwWHK10PQAuexHzgz3Ao/tonlu3cl5CRYh
ue2f1p6FOWvcELGMnCupfrwijCL3rqtEVdlCkrJlISdi7QLetRjSCIJDLOaReQI3
1SMT1t3rWZHYGRiyKeWs0nxAoafcKQ7rN4HKnBvQpboLyFPPGJmuD3WmA4ag5Y0t
X3WiLBmcv0Nv4A==
-----END CERTIFICATE-----