Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
File:                     IYCTB4hvuv261Th2Eu_-dxOHowA.mft (raw, json)
Hash identifier:          nBjVGNIjPyDy22/PjDLof4R+3nYGMYe2SyalDIltoec=
Subject key identifier:   5A:49:5D:69:E9:86:45:29:64:EE:5C:E7:69:96:B9:CD:BA:EC:12:09
Authority key identifier: 21:80:93:07:88:6F:BA:FD:BA:D5:38:76:12:EF:FE:77:13:87:A3:00
Certificate issuer:       /CN=21809307886fbafdbad5387612effe771387a300
Certificate serial:       019D98F55FD65203CDF3EE37953314E254CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
Manifest number:          0A05
Signing time:             Fri 17 Apr 2026 01:01:50 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:50 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:50 +0000
Files and hashes:         1: IYCTB4hvuv261Th2Eu_-dxOHowA.crl (hash: rtZ+g3SPkPAyGhRNda/9WvQC27sVn06nFj/PsdH37KU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f5:5f:d6:52:03:cd:f3:ee:37:95:33:14:e2:54:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21809307886fbafdbad5387612effe771387a300
        Validity
            Not Before: Apr 17 01:01:50 2026 GMT
            Not After : Apr 18 01:01:50 2026 GMT
        Subject: CN=5a495d69e986452964ee5ce76996b9cdbaec1209
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:9d:ed:55:9c:aa:0a:08:80:d9:a2:53:04:a2:
                    f4:10:48:99:e6:49:38:15:68:57:b7:f5:96:6f:33:
                    3c:ca:87:29:b1:a0:11:f0:f2:9b:8a:a1:af:b3:12:
                    01:65:ad:78:9c:a0:a2:98:4b:51:8c:36:d7:92:56:
                    1e:7d:97:60:0c:05:22:a1:5d:a7:2a:b4:81:be:81:
                    88:d2:e9:42:20:be:e7:6b:fc:5e:71:6d:60:eb:ec:
                    a8:0c:92:17:f7:f4:6d:21:87:76:46:62:28:56:dc:
                    35:3a:b7:ff:6c:a2:63:08:6f:e2:92:f5:2b:3d:56:
                    cb:e7:f6:32:a4:e5:f5:a1:4e:b7:ed:f2:9c:e4:f7:
                    4e:3c:cd:f6:ad:47:8e:b9:95:23:77:69:c9:ba:1e:
                    b8:11:9d:42:2c:2d:9f:7e:18:9b:42:af:39:98:7c:
                    60:79:0b:63:f0:9b:9d:3b:4e:0e:ba:62:d7:57:e6:
                    a2:e1:33:47:da:67:20:9a:21:bc:3a:1b:7e:a9:fd:
                    be:4f:b1:d6:02:8f:32:81:cc:fe:c7:d3:6b:8e:0d:
                    29:8f:16:89:9a:cf:80:66:5f:e6:e7:41:99:6b:2e:
                    82:8f:b0:b7:e9:73:fe:f3:9f:a5:03:48:0a:f6:6c:
                    47:a2:16:f1:46:e8:35:f7:e8:18:38:1d:7b:86:06:
                    78:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:49:5D:69:E9:86:45:29:64:EE:5C:E7:69:96:B9:CD:BA:EC:12:09
            X509v3 Authority Key Identifier:
                keyid:21:80:93:07:88:6F:BA:FD:BA:D5:38:76:12:EF:FE:77:13:87:A3:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:66:6f:63:a3:75:57:d8:68:ce:5d:a3:d2:b1:29:e2:84:47:
         96:a9:ba:58:e7:9d:9d:a7:02:0d:df:ea:1c:fb:4f:64:01:79:
         4d:cd:98:49:d7:33:50:6d:f0:d4:b3:44:c6:c7:3f:58:6d:19:
         4e:fa:cd:f4:3e:c7:c3:c9:9e:e1:7b:b6:94:63:44:5c:bf:8d:
         b7:6a:3a:13:8e:f1:06:14:ab:79:31:bb:8b:5c:3f:65:d4:31:
         4a:d7:46:4c:03:8f:b3:be:75:b7:d3:9c:77:9f:b5:76:2e:c5:
         ee:b4:cb:ed:ae:ce:e1:54:20:5d:10:7e:18:99:84:49:8f:e7:
         21:f2:7a:50:53:09:01:7c:62:be:15:0b:2a:9b:72:d5:36:56:
         30:e5:f1:87:3e:45:f4:9a:49:b7:c4:b4:61:3e:c7:b5:44:4e:
         dc:fa:03:ce:30:6b:0d:92:7f:62:0a:a7:49:96:ea:d5:a5:b0:
         97:4d:7c:9e:99:fe:dd:d5:63:c0:55:e5:fb:f2:ea:d3:f7:63:
         9c:6e:0e:ba:67:b5:f3:bb:2a:a3:98:b7:cf:28:af:b6:25:03:
         98:55:46:2f:f0:a7:6a:56:b4:d1:d6:3b:02:6c:4a:15:27:38:
         48:b4:5d:b5:7f:af:0a:c8:20:91:9a:84:7c:16:45:8b:f5:b6:
         e7:9e:3d:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9V/WUgPN8+43lTMU4lTOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxODA5MzA3ODg2ZmJhZmRiYWQ1Mzg3NjEyZWZmZTc3MTM4
N2EzMDAwHhcNMjYwNDE3MDEwMTUwWhcNMjYwNDE4MDEwMTUwWjAzMTEwLwYDVQQD
Eyg1YTQ5NWQ2OWU5ODY0NTI5NjRlZTVjZTc2OTk2YjljZGJhZWMxMjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZ3tVZyqCgiA2aJTBKL0EEiZ5kk4
FWhXt/WWbzM8yocpsaAR8PKbiqGvsxIBZa14nKCimEtRjDbXklYefZdgDAUioV2n
KrSBvoGI0ulCIL7na/xecW1g6+yoDJIX9/RtIYd2RmIoVtw1Orf/bKJjCG/ikvUr
PVbL5/YypOX1oU637fKc5PdOPM32rUeOuZUjd2nJuh64EZ1CLC2ffhibQq85mHxg
eQtj8JudO04OumLXV+ai4TNH2mcgmiG8Oht+qf2+T7HWAo8ygcz+x9Nrjg0pjxaJ
ms+AZl/m50GZay6Cj7C36XP+85+lA0gK9mxHohbxRug19+gYOB17hgZ4UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFpJXWnphkUpZO5c52mWuc267BIJMB8GA1UdIwQY
MBaAFCGAkweIb7r9utU4dhLv/ncTh6MAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9hN2NiYWEtYmI5ZC00N2Y1LTkyMmQt
ZjcwOGRhZDBlZWNhLzEvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9hN2NiYWEtYmI5ZC00N2Y1LTkyMmQtZjcwOGRhZDBlZWNh
LzEvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAemZvY6N1
V9hozl2j0rEp4oRHlqm6WOednacCDd/qHPtPZAF5Tc2YSdczUG3w1LNExsc/WG0Z
TvrN9D7Hw8me4Xu2lGNEXL+Nt2o6E47xBhSreTG7i1w/ZdQxStdGTAOPs751t9Oc
d5+1di7F7rTL7a7O4VQgXRB+GJmESY/nIfJ6UFMJAXxivhULKpty1TZWMOXxhz5F
9JpJt8S0YT7HtURO3PoDzjBrDZJ/YgqnSZbq1aWwl018npn+3dVjwFXl+/Lq0/dj
nG4Oume187sqo5i3zyivtiUDmFVGL/Cnala00dY7AmxKFSc4SLRdtX+vCsggkZqE
fBZFi/W255491w==
-----END CERTIFICATE-----