Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.mft
File:                     itYGdkMvaHI2YskyV5qEk1IBS5U.mft (raw, json)
Hash identifier:          2Nztnztlj5OPaS+yjj1jywK4BPMflvALvG2jc0IjJ4g=
Subject key identifier:   95:32:0B:FA:CD:5D:7A:A7:46:68:39:FF:88:8E:DF:D5:E1:03:D2:76
Authority key identifier: 8A:D6:06:76:43:2F:68:72:36:62:C9:32:57:9A:84:93:52:01:4B:95
Certificate issuer:       /CN=8ad60676432f68723662c932579a849352014b95
Certificate serial:       019D984FC203145963485A1539AC339070F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/itYGdkMvaHI2YskyV5qEk1IBS5U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.mft
Manifest number:          0A87
Signing time:             Thu 16 Apr 2026 22:00:56 +0000
Manifest this update:     Thu 16 Apr 2026 22:00:56 +0000
Manifest next update:     Fri 17 Apr 2026 22:00:56 +0000
Files and hashes:         1: itYGdkMvaHI2YskyV5qEk1IBS5U.crl (hash: 0QGnwWjnf67Pj5Jq1A2tfKEkojs8DX/ZVmFb8Ge4l0E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/itYGdkMvaHI2YskyV5qEk1IBS5U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:4f:c2:03:14:59:63:48:5a:15:39:ac:33:90:70:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ad60676432f68723662c932579a849352014b95
        Validity
            Not Before: Apr 16 22:00:56 2026 GMT
            Not After : Apr 17 22:00:56 2026 GMT
        Subject: CN=95320bfacd5d7aa7466839ff888edfd5e103d276
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:67:4c:11:76:db:32:11:89:04:19:39:07:93:
                    b6:e9:55:4c:a4:80:27:99:d8:11:d4:bb:2e:03:6e:
                    aa:1a:19:38:05:11:f4:c9:aa:3d:87:f4:03:b1:a5:
                    97:f3:fb:d3:f6:3f:12:53:18:6d:37:ed:b6:39:bb:
                    87:07:f0:45:11:ff:5b:af:80:4a:15:0a:83:d1:60:
                    cf:8e:21:e0:7d:fa:74:77:96:91:e0:66:8a:da:20:
                    2d:e9:74:ce:71:9e:dc:72:55:d2:21:e8:fb:3b:c9:
                    29:15:7a:c1:cf:06:7e:a4:36:76:55:63:2c:d9:9f:
                    03:e5:01:25:b0:d9:00:99:2e:b4:eb:c9:07:d8:96:
                    73:2e:72:ec:85:b8:1e:ae:1c:76:5d:5d:ce:c4:da:
                    1c:97:49:82:88:ad:61:10:7a:02:b9:29:71:66:06:
                    a3:b5:ba:fc:e1:7f:fc:d5:8b:d9:f2:dc:34:4a:24:
                    fb:d0:bf:39:1f:fe:39:5a:af:c4:ba:a1:9a:4d:17:
                    cf:77:5f:ec:85:f0:0f:a7:4e:19:8e:4b:02:63:a0:
                    85:8f:c8:81:40:8c:20:7c:71:b9:59:5e:51:b2:18:
                    80:7c:fd:8d:67:e0:81:46:74:b1:de:1f:fb:2c:96:
                    5b:e9:68:24:b6:3b:dd:db:d1:51:99:d1:26:b4:88:
                    24:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:32:0B:FA:CD:5D:7A:A7:46:68:39:FF:88:8E:DF:D5:E1:03:D2:76
            X509v3 Authority Key Identifier:
                keyid:8A:D6:06:76:43:2F:68:72:36:62:C9:32:57:9A:84:93:52:01:4B:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itYGdkMvaHI2YskyV5qEk1IBS5U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:c2:ae:98:d0:70:df:4a:15:e0:f9:6f:bd:ee:f3:2a:c3:3a:
         14:bf:93:5b:6b:84:1b:08:6f:89:5e:8f:f4:2f:a1:65:a1:7a:
         61:0e:aa:ca:22:7e:40:c0:01:8c:95:b0:3a:6b:72:15:52:50:
         95:5b:46:00:49:68:59:a7:3b:2f:b8:3a:90:50:8f:22:0e:9a:
         2c:95:b1:d0:bc:30:8c:b9:06:02:a8:e6:f7:a2:98:aa:97:15:
         93:d7:47:41:12:ce:3c:da:17:5d:32:c6:98:25:59:da:9a:e1:
         b8:85:bf:e2:40:be:a4:55:3f:d9:08:65:fb:2c:92:5f:16:cc:
         ae:3d:50:98:c7:52:5c:d5:d2:87:2a:3b:9e:3a:33:b0:81:1d:
         2b:54:35:d4:41:43:2e:af:e0:bc:a4:60:05:5e:7c:9a:57:4e:
         af:d8:70:83:59:d8:69:99:4b:f9:31:85:7a:8c:91:22:9b:80:
         0b:9c:ab:60:9e:62:ac:a7:73:52:d8:7a:e6:fd:7d:a6:a0:3e:
         72:c8:95:1f:b2:f0:94:7c:4c:a2:2f:79:a6:79:42:3a:80:80:
         e3:6f:3b:e5:56:28:e9:f9:2c:c4:7a:c2:50:85:d3:be:55:56:
         5a:6d:fb:56:e0:48:70:a5:cf:13:2e:fb:9a:3d:69:99:02:07:
         5b:c0:31:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YT8IDFFljSFoVOawzkHD1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDYwNjc2NDMyZjY4NzIzNjYyYzkzMjU3OWE4NDkzNTIw
MTRiOTUwHhcNMjYwNDE2MjIwMDU2WhcNMjYwNDE3MjIwMDU2WjAzMTEwLwYDVQQD
Eyg5NTMyMGJmYWNkNWQ3YWE3NDY2ODM5ZmY4ODhlZGZkNWUxMDNkMjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGdMEXbbMhGJBBk5B5O26VVMpIAn
mdgR1LsuA26qGhk4BRH0yao9h/QDsaWX8/vT9j8SUxhtN+22ObuHB/BFEf9br4BK
FQqD0WDPjiHgffp0d5aR4GaK2iAt6XTOcZ7cclXSIej7O8kpFXrBzwZ+pDZ2VWMs
2Z8D5QElsNkAmS6068kH2JZzLnLshbgerhx2XV3OxNocl0mCiK1hEHoCuSlxZgaj
tbr84X/81YvZ8tw0SiT70L85H/45Wq/EuqGaTRfPd1/shfAPp04ZjksCY6CFj8iB
QIwgfHG5WV5RshiAfP2NZ+CBRnSx3h/7LJZb6Wgktjvd29FRmdEmtIgkdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJUyC/rNXXqnRmg5/4iO39XhA9J2MB8GA1UdIwQY
MBaAFIrWBnZDL2hyNmLJMleahJNSAUuVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRZR2RrTXZhSEkyWXNreVY1cUVrMUlCUzVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9jZGMxNDgtNTcwMy00ZTkxLTlhOGUt
Mjg0MDM2YTgxZDkwLzEvaXRZR2RrTXZhSEkyWXNreVY1cUVrMUlCUzVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9jZGMxNDgtNTcwMy00ZTkxLTlhOGUtMjg0MDM2YTgxZDkw
LzEvaXRZR2RrTXZhSEkyWXNreVY1cUVrMUlCUzVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPMKumNBw
30oV4Plvve7zKsM6FL+TW2uEGwhviV6P9C+hZaF6YQ6qyiJ+QMABjJWwOmtyFVJQ
lVtGAEloWac7L7g6kFCPIg6aLJWx0LwwjLkGAqjm96KYqpcVk9dHQRLOPNoXXTLG
mCVZ2prhuIW/4kC+pFU/2Qhl+yySXxbMrj1QmMdSXNXShyo7njozsIEdK1Q11EFD
Lq/gvKRgBV58mldOr9hwg1nYaZlL+TGFeoyRIpuAC5yrYJ5irKdzUth65v19pqA+
csiVH7LwlHxMoi95pnlCOoCA42875VYo6fksxHrCUIXTvlVWWm37VuBIcKXPEy77
mj1pmQIHW8Axxw==
-----END CERTIFICATE-----