Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft
File:                     BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft (raw, json)
Hash identifier:          MvlMOFQ2xvaUvCcd03EddYf4TSzXhXxi9o7cM0eA0mo=
Subject key identifier:   23:D3:B5:CB:29:07:90:93:37:C1:F1:BD:B6:A8:CA:D1:57:75:DD:71
Authority key identifier: 04:B6:1E:51:40:CD:89:84:F7:FE:20:10:DB:59:EB:DB:2F:3E:D4:E6
Certificate issuer:       /CN=04b61e5140cd8984f7fe2010db59ebdb2f3ed4e6
Certificate serial:       019D28F26C2A733C2D27BA7E4BCC64C16466
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BLYeUUDNiYT3_iAQ21nr2y8-1OY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft
Manifest number:          0EDF
Signing time:             Thu 26 Mar 2026 07:01:09 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:09 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:09 +0000
Files and hashes:         1: BLYeUUDNiYT3_iAQ21nr2y8-1OY.crl (hash: VTiSItPVQak1RhEdXA6/mEiG4pWx7xTIvBcF0yvu0Ys=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BLYeUUDNiYT3_iAQ21nr2y8-1OY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:6c:2a:73:3c:2d:27:ba:7e:4b:cc:64:c1:64:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04b61e5140cd8984f7fe2010db59ebdb2f3ed4e6
        Validity
            Not Before: Mar 26 07:01:09 2026 GMT
            Not After : Mar 27 07:01:09 2026 GMT
        Subject: CN=23d3b5cb2907909337c1f1bdb6a8cad15775dd71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:1a:dc:73:66:45:32:2d:a7:49:c7:da:f4:90:
                    c7:4f:79:3a:c2:e7:fb:1b:68:21:da:b9:f5:18:07:
                    27:1f:2a:39:0a:7d:32:ea:95:8b:53:a5:eb:d0:52:
                    43:57:c7:26:f3:89:c5:41:c9:90:17:52:ef:cf:df:
                    9b:82:36:08:73:87:02:4f:26:e0:c4:d6:ac:68:40:
                    9a:4a:cb:40:c5:e5:2e:ea:d4:24:ab:9d:6c:31:93:
                    97:15:10:1c:a4:0a:70:b8:a1:a4:d8:77:e2:46:38:
                    82:72:ad:28:00:a6:73:40:6a:46:be:7e:2e:ec:13:
                    51:f7:86:26:a5:92:27:d5:e6:ae:64:26:8b:6b:b7:
                    cb:e0:c0:f8:14:dc:a5:29:8d:92:64:a3:4d:2c:a3:
                    88:60:e4:7b:e3:b2:f7:67:82:8b:10:34:8c:63:65:
                    c0:05:8f:e9:af:c5:b0:5a:cf:8d:7d:64:bb:81:94:
                    04:4b:9e:0b:a3:db:6f:a3:98:97:45:ea:2f:85:da:
                    d3:e3:b8:21:e4:13:1d:50:3e:2a:53:e6:45:07:7c:
                    ae:bf:76:5b:c0:ef:e8:5d:74:e1:2e:74:31:6b:26:
                    fe:b8:58:b5:86:d3:e3:4f:0d:4e:30:23:10:74:47:
                    d9:32:8d:21:82:a3:8e:18:d7:65:b1:5f:04:47:2c:
                    5e:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:D3:B5:CB:29:07:90:93:37:C1:F1:BD:B6:A8:CA:D1:57:75:DD:71
            X509v3 Authority Key Identifier:
                keyid:04:B6:1E:51:40:CD:89:84:F7:FE:20:10:DB:59:EB:DB:2F:3E:D4:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BLYeUUDNiYT3_iAQ21nr2y8-1OY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:6e:6f:0e:6f:c6:69:fc:93:fc:81:11:8e:18:55:58:76:8a:
         dc:56:0a:9a:21:1f:25:ae:2f:e3:6d:4d:d4:fc:80:94:c4:34:
         2f:c8:16:3a:14:4c:5c:5a:50:72:b0:dc:87:65:18:96:17:38:
         b0:7d:c2:df:7f:95:3b:50:40:03:99:c7:6b:04:c6:ca:5a:41:
         f6:9c:62:48:39:39:ba:46:08:89:6e:e0:7f:fc:e1:97:49:97:
         0d:6c:a4:fa:9e:7c:54:50:fc:b5:0d:fe:e5:93:4a:4d:01:60:
         ab:d5:a9:69:16:13:c0:51:48:2a:33:cb:c0:3a:25:d7:66:af:
         96:a1:18:e4:b9:78:8e:0a:84:04:67:6d:bb:40:a1:44:3a:6b:
         3d:2b:8b:6d:1e:7d:78:19:2d:63:04:82:ad:65:8e:b8:93:4d:
         f6:ec:00:40:6a:98:a5:d5:c1:c3:86:0c:e6:19:62:a2:e0:df:
         7a:14:b1:b5:bc:25:63:37:bf:63:8d:44:07:b2:3d:02:64:73:
         bd:75:0b:a8:0c:96:08:69:3f:b4:a9:c8:d3:74:0d:27:c8:a0:
         b8:df:d0:63:f5:49:a8:9b:ac:76:f8:c7:72:ea:cf:37:8c:9e:
         8b:f7:73:df:f1:49:b6:d7:b5:d6:ef:2c:21:92:e2:4b:14:29:
         11:f9:8c:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8mwqczwtJ7p+S8xkwWRmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YjYxZTUxNDBjZDg5ODRmN2ZlMjAxMGRiNTllYmRiMmYz
ZWQ0ZTYwHhcNMjYwMzI2MDcwMTA5WhcNMjYwMzI3MDcwMTA5WjAzMTEwLwYDVQQD
EygyM2QzYjVjYjI5MDc5MDkzMzdjMWYxYmRiNmE4Y2FkMTU3NzVkZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxrcc2ZFMi2nScfa9JDHT3k6wuf7
G2gh2rn1GAcnHyo5Cn0y6pWLU6Xr0FJDV8cm84nFQcmQF1Lvz9+bgjYIc4cCTybg
xNasaECaSstAxeUu6tQkq51sMZOXFRAcpApwuKGk2HfiRjiCcq0oAKZzQGpGvn4u
7BNR94YmpZIn1eauZCaLa7fL4MD4FNylKY2SZKNNLKOIYOR747L3Z4KLEDSMY2XA
BY/pr8WwWs+NfWS7gZQES54Lo9tvo5iXReovhdrT47gh5BMdUD4qU+ZFB3yuv3Zb
wO/oXXThLnQxayb+uFi1htPjTw1OMCMQdEfZMo0hgqOOGNdlsV8ERyxeuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCPTtcspB5CTN8HxvbaoytFXdd1xMB8GA1UdIwQY
MBaAFAS2HlFAzYmE9/4gENtZ69svPtTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkxZZVVVRE5pWVQzX2lBUTIxbnIyeTgtMU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9kNGVmMTYtMjc5NS00ZjM5LTliZTkt
NjE3NWU4M2M2YTJiLzEvQkxZZVVVRE5pWVQzX2lBUTIxbnIyeTgtMU9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9kNGVmMTYtMjc5NS00ZjM5LTliZTktNjE3NWU4M2M2YTJi
LzEvQkxZZVVVRE5pWVQzX2lBUTIxbnIyeTgtMU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAm5vDm/G
afyT/IERjhhVWHaK3FYKmiEfJa4v421N1PyAlMQ0L8gWOhRMXFpQcrDch2UYlhc4
sH3C33+VO1BAA5nHawTGylpB9pxiSDk5ukYIiW7gf/zhl0mXDWyk+p58VFD8tQ3+
5ZNKTQFgq9WpaRYTwFFIKjPLwDol12avlqEY5Ll4jgqEBGdtu0ChRDprPSuLbR59
eBktYwSCrWWOuJNN9uwAQGqYpdXBw4YM5hliouDfehSxtbwlYze/Y41EB7I9AmRz
vXULqAyWCGk/tKnI03QNJ8iguN/QY/VJqJusdvjHcurPN4yei/dz3/FJtte11u8s
IZLiSxQpEfmMlQ==
-----END CERTIFICATE-----