Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
File:                     1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft (raw, json)
Hash identifier:          6eETUN7zBAosYzPeonIuV6WyltKBu4BrO/k4jnlaVQk=
Subject key identifier:   EC:28:02:6C:BD:09:79:4E:26:A6:34:6A:60:A3:93:29:72:17:3F:89
Authority key identifier: D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5
Certificate issuer:       /CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
Certificate serial:       019E1D225937338F3DCAE4851B8E06ACEEAD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
Manifest number:          061D
Signing time:             Tue 12 May 2026 17:00:50 +0000
Manifest this update:     Tue 12 May 2026 17:00:50 +0000
Manifest next update:     Wed 13 May 2026 17:00:50 +0000
Files and hashes:         1: 1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl (hash: CBbGSteskLw3qS4b1Kn9BXFDIbJapaxKOpb3e4MlYlo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1d:22:59:37:33:8f:3d:ca:e4:85:1b:8e:06:ac:ee:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
        Validity
            Not Before: May 12 17:00:50 2026 GMT
            Not After : May 13 17:00:50 2026 GMT
        Subject: CN=ec28026cbd09794e26a6346a60a3932972173f89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:af:fe:3f:31:26:13:50:22:77:7f:6d:39:84:
                    ee:db:0b:de:38:fb:53:ea:6a:35:55:63:eb:3d:e0:
                    16:47:0e:67:b9:f8:82:29:6b:77:60:30:f8:ea:f7:
                    e9:3d:57:a5:26:36:d0:1c:3d:21:5e:6d:b0:bd:51:
                    84:41:bf:65:1f:3e:47:a6:09:b1:75:fb:45:e7:f8:
                    1f:2f:a8:a6:bd:fa:d0:ab:bf:38:61:ad:64:77:f6:
                    13:19:b1:0e:15:25:ef:e0:1c:f2:9e:dc:11:62:51:
                    f9:f4:c1:93:28:af:94:da:d3:8a:9b:b7:67:f8:eb:
                    69:0b:75:39:93:c5:11:f8:52:69:0e:b4:3d:49:b7:
                    c7:3f:c1:11:58:e6:6c:3c:17:38:c3:03:0f:d9:2a:
                    85:75:7b:c5:8a:3f:15:8c:f0:a4:eb:b7:d9:df:45:
                    91:da:17:ab:17:e5:75:57:17:d5:8c:8b:98:84:c2:
                    d6:38:d8:6d:b1:11:a1:cc:72:1c:04:f7:73:55:da:
                    1c:76:0c:e9:2f:87:e9:46:e9:e2:11:70:4b:f0:c8:
                    8b:eb:a0:09:00:3d:a1:95:8c:06:6e:ba:de:64:be:
                    cd:c3:20:94:f1:e4:01:6f:93:b4:96:97:7a:01:8f:
                    c4:9a:fa:66:fa:c5:8c:5f:4a:7d:47:a4:c7:a6:ad:
                    e5:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:28:02:6C:BD:09:79:4E:26:A6:34:6A:60:A3:93:29:72:17:3F:89
            X509v3 Authority Key Identifier:
                keyid:D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:13:b9:ea:8e:d3:ef:3e:42:3e:57:22:c3:f2:d0:16:0e:8d:
         55:3a:27:16:a7:8c:e5:20:a4:66:ca:11:be:59:b9:a5:3b:51:
         bc:ba:bc:d6:ed:3d:c7:1e:a5:9e:1a:d6:a2:7b:93:2d:25:d1:
         07:2f:0e:ad:cc:8d:73:c1:36:17:83:1a:0b:5b:3a:bd:d8:cb:
         02:dc:aa:26:45:ef:78:db:43:bd:e3:67:29:06:ac:a8:1e:8e:
         b9:e3:31:6e:fc:f7:06:78:27:55:62:d9:da:59:88:d5:9e:c4:
         ab:da:c6:d6:dd:18:55:dd:3e:a2:d9:e7:fe:fc:2a:0b:cf:03:
         03:2d:8b:95:17:2f:1b:40:e5:2a:f3:46:ba:ab:af:75:9b:87:
         fb:7e:94:7c:61:57:ed:fe:48:89:2a:5f:92:37:93:d3:c9:fb:
         9e:c3:54:bf:ab:65:37:41:51:85:cc:00:fd:d7:6e:db:c1:80:
         28:6d:2f:dd:be:6e:c5:b4:31:3c:fc:48:43:80:3f:ea:fb:73:
         ca:f3:28:76:c9:d4:8e:fd:5d:13:29:a8:0b:9f:f9:48:96:9f:
         af:b7:d2:7e:46:c1:ff:99:2b:c0:0b:2e:31:9d:3a:b5:85:55:
         f1:74:38:78:a9:d7:b2:dd:84:45:e4:5a:d0:e6:51:4e:19:51:
         20:e1:10:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4dIlk3M489yuSFG44GrO6tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZjYyM2RhNGNkMmVlZGRjMmM4N2M1MTVjNjI1MThjNDMx
ZDNmYjUwHhcNMjYwNTEyMTcwMDUwWhcNMjYwNTEzMTcwMDUwWjAzMTEwLwYDVQQD
EyhlYzI4MDI2Y2JkMDk3OTRlMjZhNjM0NmE2MGEzOTMyOTcyMTczZjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtq/+PzEmE1Aid39tOYTu2wveOPtT
6mo1VWPrPeAWRw5nufiCKWt3YDD46vfpPVelJjbQHD0hXm2wvVGEQb9lHz5Hpgmx
dftF5/gfL6imvfrQq784Ya1kd/YTGbEOFSXv4BzyntwRYlH59MGTKK+U2tOKm7dn
+OtpC3U5k8UR+FJpDrQ9SbfHP8ERWOZsPBc4wwMP2SqFdXvFij8VjPCk67fZ30WR
2herF+V1VxfVjIuYhMLWONhtsRGhzHIcBPdzVdocdgzpL4fpRuniEXBL8MiL66AJ
AD2hlYwGbrreZL7NwyCU8eQBb5O0lpd6AY/Emvpm+sWMX0p9R6THpq3lXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOwoAmy9CXlOJqY0amCjkylyFz+JMB8GA1UdIwQY
MBaAFNX2I9pM0u7dwsh8UVxiUYxDHT+1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3Mzkt
MDRmMWRjZWMzMjBlLzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3MzktMDRmMWRjZWMzMjBl
LzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWBO56o7T
7z5CPlciw/LQFg6NVTonFqeM5SCkZsoRvlm5pTtRvLq81u09xx6lnhrWonuTLSXR
By8OrcyNc8E2F4MaC1s6vdjLAtyqJkXveNtDveNnKQasqB6OueMxbvz3BngnVWLZ
2lmI1Z7Eq9rG1t0YVd0+otnn/vwqC88DAy2LlRcvG0DlKvNGuquvdZuH+36UfGFX
7f5IiSpfkjeT08n7nsNUv6tlN0FRhcwA/ddu28GAKG0v3b5uxbQxPPxIQ4A/6vtz
yvModsnUjv1dEymoC5/5SJafr7fSfkbB/5krwAsuMZ06tYVV8XQ4eKnXst2EReRa
0OZRThlRIOEQJA==
-----END CERTIFICATE-----