Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
File:                     pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft (raw, json)
Hash identifier:          Q7wftrYNEybIGgZimQYWaqitKIREpn7gNrsqFFg4t8o=
Subject key identifier:   27:0B:14:A6:48:62:53:29:D3:8F:23:8C:14:11:C0:7C:1B:48:21:E9
Authority key identifier: A5:8E:FD:10:8D:4C:5B:0F:4F:9A:88:AE:53:BB:7F:EC:9D:59:4B:92
Certificate issuer:       /CN=a58efd108d4c5b0f4f9a88ae53bb7fec9d594b92
Certificate serial:       019D27039D88722E6E59A0A5CD53A4CA3DA5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
Manifest number:          1383
Signing time:             Wed 25 Mar 2026 22:00:41 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:41 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:41 +0000
Files and hashes:         1: pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl (hash: nvFRfsmHQD+tkKigzNQWq41UYjerjCSXVriOCQbmQtQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:9d:88:72:2e:6e:59:a0:a5:cd:53:a4:ca:3d:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a58efd108d4c5b0f4f9a88ae53bb7fec9d594b92
        Validity
            Not Before: Mar 25 22:00:41 2026 GMT
            Not After : Mar 26 22:00:41 2026 GMT
        Subject: CN=270b14a648625329d38f238c1411c07c1b4821e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:99:1b:89:c1:b2:50:96:99:66:8c:4f:92:c7:
                    72:a2:d0:03:2d:ec:e8:ab:f6:3f:24:94:33:87:38:
                    75:ff:05:d9:e1:2f:35:f6:bb:07:43:15:a2:d3:e5:
                    aa:16:bd:bd:64:3b:27:f1:63:8d:f5:19:a5:88:ed:
                    00:d2:a3:d2:68:b0:3c:ff:0a:b4:a7:ac:b9:9b:e8:
                    20:c5:a1:be:94:dd:95:3c:f7:f3:dc:b0:53:72:a3:
                    c7:a4:e2:6f:22:8c:23:fa:53:71:29:e4:3e:c3:b0:
                    aa:03:aa:66:eb:56:69:49:76:3b:85:b5:77:c8:64:
                    24:ee:bb:61:0a:8d:4a:a7:5d:a5:24:16:31:91:31:
                    f2:1f:0c:21:81:61:ed:18:fd:ff:a5:59:e2:bb:e1:
                    f9:64:a1:91:7f:8d:e5:95:f7:b5:c1:31:a1:5d:a7:
                    21:6e:2f:9d:68:29:b2:58:4d:97:f3:1c:21:b7:e7:
                    17:5c:72:b2:c7:85:1a:95:be:e2:a3:ae:98:ff:e6:
                    5f:c4:c2:35:08:26:97:a6:73:ac:4f:db:6e:3e:f7:
                    33:d9:09:0f:78:44:48:5d:26:cb:a4:28:6c:fb:59:
                    d9:c8:82:c3:82:40:08:16:d5:74:be:46:d6:5b:1a:
                    cc:30:0a:2d:2a:73:5f:db:eb:94:17:58:86:5a:cf:
                    c9:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:0B:14:A6:48:62:53:29:D3:8F:23:8C:14:11:C0:7C:1B:48:21:E9
            X509v3 Authority Key Identifier:
                keyid:A5:8E:FD:10:8D:4C:5B:0F:4F:9A:88:AE:53:BB:7F:EC:9D:59:4B:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:18:b8:df:cd:37:c4:7e:33:04:35:39:f3:ca:67:2a:d2:32:
         0e:e1:a1:ba:3f:a3:ce:f2:02:f8:5f:92:e5:ef:65:42:a0:29:
         a7:6d:c5:43:04:2d:13:81:58:e3:16:94:27:30:56:b6:3f:6b:
         5e:d6:b7:61:e2:b7:36:f6:c2:c8:57:c1:db:31:d2:90:07:d8:
         46:c3:73:36:86:b4:a8:1f:07:e2:50:83:0f:23:5e:e5:ca:e3:
         c4:a8:d6:8b:b7:24:43:dc:d4:c0:d4:83:dc:6b:c4:5a:37:79:
         f8:5a:ba:f6:7d:0c:cb:d2:89:03:3b:7f:43:8b:78:c3:3c:5d:
         f4:13:f4:8d:3b:bd:4e:65:a9:9f:e3:6f:2d:00:8d:61:d2:a2:
         45:26:97:7f:49:12:12:f8:da:30:6d:b9:54:32:7c:03:93:e3:
         ed:0b:69:ac:26:fd:bb:f9:28:ed:7b:40:02:6f:75:ca:5c:47:
         a5:b0:5b:67:ab:43:15:85:a3:79:29:f5:2a:b6:8f:9a:26:73:
         0e:63:02:48:64:f9:19:14:7a:11:c4:68:73:fa:ac:92:76:b2:
         ed:c0:12:42:95:aa:79:58:5b:b3:de:d2:f8:3d:e9:d0:a0:9f:
         bf:41:69:d3:62:f2:e0:f7:96:24:c1:10:4f:e5:07:c8:69:9e:
         f9:03:44:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA52Ici5uWaClzVOkyj2lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OGVmZDEwOGQ0YzViMGY0ZjlhODhhZTUzYmI3ZmVjOWQ1
OTRiOTIwHhcNMjYwMzI1MjIwMDQxWhcNMjYwMzI2MjIwMDQxWjAzMTEwLwYDVQQD
EygyNzBiMTRhNjQ4NjI1MzI5ZDM4ZjIzOGMxNDExYzA3YzFiNDgyMWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZkbicGyUJaZZoxPksdyotADLezo
q/Y/JJQzhzh1/wXZ4S819rsHQxWi0+WqFr29ZDsn8WON9RmliO0A0qPSaLA8/wq0
p6y5m+ggxaG+lN2VPPfz3LBTcqPHpOJvIowj+lNxKeQ+w7CqA6pm61ZpSXY7hbV3
yGQk7rthCo1Kp12lJBYxkTHyHwwhgWHtGP3/pVniu+H5ZKGRf43llfe1wTGhXach
bi+daCmyWE2X8xwht+cXXHKyx4Ualb7io66Y/+ZfxMI1CCaXpnOsT9tuPvcz2QkP
eERIXSbLpChs+1nZyILDgkAIFtV0vkbWWxrMMAotKnNf2+uUF1iGWs/JmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCcLFKZIYlMp048jjBQRwHwbSCHpMB8GA1UdIwQY
MBaAFKWO/RCNTFsPT5qIrlO7f+ydWUuSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hM2I1YjItNjYzOC00YTRiLTliODUt
MTVjYzVkYTA3ODI2LzEvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hM2I1YjItNjYzOC00YTRiLTliODUtMTVjYzVkYTA3ODI2
LzEvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkhi43803
xH4zBDU588pnKtIyDuGhuj+jzvIC+F+S5e9lQqApp23FQwQtE4FY4xaUJzBWtj9r
Xta3YeK3NvbCyFfB2zHSkAfYRsNzNoa0qB8H4lCDDyNe5crjxKjWi7ckQ9zUwNSD
3GvEWjd5+Fq69n0My9KJAzt/Q4t4wzxd9BP0jTu9TmWpn+NvLQCNYdKiRSaXf0kS
EvjaMG25VDJ8A5Pj7QtprCb9u/ko7XtAAm91ylxHpbBbZ6tDFYWjeSn1KraPmiZz
DmMCSGT5GRR6EcRoc/qsknay7cASQpWqeVhbs97S+D3p0KCfv0Fp02Ly4PeWJMEQ
T+UHyGme+QNEZg==
-----END CERTIFICATE-----