Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft
File:                     iYDaJ6VQ15vmUa15rnGcz8vFo28.mft (raw, json)
Hash identifier:          g+/h9H79eT7nmrkWiBt9mBUhs/ZknayXiaVoZQ0N5zQ=
Subject key identifier:   A9:99:F8:A1:82:D1:C0:B9:67:15:5C:ED:6A:2E:8E:5E:09:05:66:EB
Authority key identifier: 89:80:DA:27:A5:50:D7:9B:E6:51:AD:79:AE:71:9C:CF:CB:C5:A3:6F
Certificate issuer:       /CN=8980da27a550d79be651ad79ae719ccfcbc5a36f
Certificate serial:       019D2772A54BD244B2209AA23E9115B225FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft
Manifest number:          05F0
Signing time:             Thu 26 Mar 2026 00:01:58 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:58 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:58 +0000
Files and hashes:         1: iYDaJ6VQ15vmUa15rnGcz8vFo28.crl (hash: MDbYMN3p175Me8ECZxjrY5HHfw7+QHCinPLx0o0eklQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:a5:4b:d2:44:b2:20:9a:a2:3e:91:15:b2:25:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8980da27a550d79be651ad79ae719ccfcbc5a36f
        Validity
            Not Before: Mar 26 00:01:58 2026 GMT
            Not After : Mar 27 00:01:58 2026 GMT
        Subject: CN=a999f8a182d1c0b967155ced6a2e8e5e090566eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:5c:e4:a4:b2:c6:4b:65:3c:93:c3:72:58:db:
                    75:a0:0a:1d:2d:96:07:b7:5f:c5:7a:dd:1d:8c:7f:
                    d6:fc:41:2e:99:bc:84:cb:77:7c:e1:21:70:45:8a:
                    b1:28:17:2d:35:5a:e4:48:bd:0b:8b:eb:0d:24:b9:
                    1c:2d:15:4b:e5:ce:ab:dd:6b:df:4d:19:8c:ea:ee:
                    a8:2f:fd:5c:ef:18:c8:4e:f3:fd:02:f7:be:d4:1c:
                    22:53:14:29:6b:ee:a8:62:91:c3:ef:fe:68:47:c8:
                    c4:0a:e3:aa:81:52:5b:b0:18:b9:e7:8f:02:18:36:
                    45:3d:f9:37:33:8f:50:de:3f:0b:6c:d8:39:b3:d6:
                    b8:da:f3:2b:b6:28:17:a1:5c:9e:33:a0:1d:3f:97:
                    52:59:3f:23:61:b4:c2:9c:eb:31:b4:7f:5c:e7:4b:
                    57:d4:f3:bc:aa:cb:11:0e:67:0a:e2:f6:db:04:e5:
                    61:35:d8:cd:81:9e:54:eb:64:cd:3c:1d:36:33:6c:
                    b8:74:7c:eb:5d:33:b5:68:d6:36:b1:aa:5f:8b:df:
                    a3:4c:9b:53:5a:92:74:1d:e9:43:bc:93:2e:35:91:
                    16:0e:26:ea:39:61:51:96:91:e3:a2:ad:38:55:d6:
                    16:40:0f:ca:35:81:82:28:c1:07:26:08:f3:9e:1c:
                    b5:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:99:F8:A1:82:D1:C0:B9:67:15:5C:ED:6A:2E:8E:5E:09:05:66:EB
            X509v3 Authority Key Identifier:
                keyid:89:80:DA:27:A5:50:D7:9B:E6:51:AD:79:AE:71:9C:CF:CB:C5:A3:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iYDaJ6VQ15vmUa15rnGcz8vFo28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf4f41-2797-41b9-baf6-29762c1aaf65/1/iYDaJ6VQ15vmUa15rnGcz8vFo28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:2c:e5:e0:7e:be:bf:b7:1f:de:e0:5d:67:5d:c5:ff:d5:9a:
         ee:a6:5e:7e:26:28:00:66:31:8d:90:52:79:ba:c3:f4:25:22:
         b1:08:34:cd:d4:70:3e:91:f8:d6:20:ca:7d:68:11:fa:eb:87:
         f5:9c:10:b2:45:9f:69:30:ce:5d:ef:04:a4:76:b5:ba:05:45:
         3f:f5:14:f3:9a:cd:c8:d5:18:f5:a3:57:e9:f3:6f:f0:a4:1e:
         23:7c:1e:c9:41:bd:7d:b9:80:25:66:88:a8:e8:63:12:59:0e:
         4d:28:96:aa:34:7a:f3:a8:c0:40:f7:6b:f8:57:4e:43:b5:ff:
         25:17:61:44:27:6b:aa:b9:cb:01:33:68:75:4c:a2:c7:e1:09:
         fa:1e:12:33:3d:b0:c2:a9:3c:8b:84:7a:da:85:af:53:f8:b3:
         19:c7:f4:9d:6a:35:22:0d:b2:ed:4c:da:89:2f:56:7c:02:b4:
         b0:1d:b7:1a:8a:d9:95:bc:5b:3f:ab:a2:aa:37:15:90:03:59:
         e7:b5:03:ec:45:6c:27:af:22:f9:36:5a:a8:4b:08:44:ed:fe:
         05:c2:fe:f9:70:75:90:b5:fe:a0:51:17:bb:97:6d:83:21:b9:
         13:c0:d1:38:41:b7:0d:1a:9d:ac:d6:f7:1d:b6:eb:63:b5:03:
         30:39:60:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncqVL0kSyIJqiPpEVsiX6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ODBkYTI3YTU1MGQ3OWJlNjUxYWQ3OWFlNzE5Y2NmY2Jj
NWEzNmYwHhcNMjYwMzI2MDAwMTU4WhcNMjYwMzI3MDAwMTU4WjAzMTEwLwYDVQQD
EyhhOTk5ZjhhMTgyZDFjMGI5NjcxNTVjZWQ2YTJlOGU1ZTA5MDU2NmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFzkpLLGS2U8k8NyWNt1oAodLZYH
t1/Fet0djH/W/EEumbyEy3d84SFwRYqxKBctNVrkSL0Li+sNJLkcLRVL5c6r3Wvf
TRmM6u6oL/1c7xjITvP9Ave+1BwiUxQpa+6oYpHD7/5oR8jECuOqgVJbsBi5548C
GDZFPfk3M49Q3j8LbNg5s9a42vMrtigXoVyeM6AdP5dSWT8jYbTCnOsxtH9c50tX
1PO8qssRDmcK4vbbBOVhNdjNgZ5U62TNPB02M2y4dHzrXTO1aNY2sapfi9+jTJtT
WpJ0HelDvJMuNZEWDibqOWFRlpHjoq04VdYWQA/KNYGCKMEHJgjznhy1rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKmZ+KGC0cC5ZxVc7Woujl4JBWbrMB8GA1UdIwQY
MBaAFImA2ielUNeb5lGtea5xnM/LxaNvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iZjRmNDEtMjc5Ny00MWI5LWJhZjYt
Mjk3NjJjMWFhZjY1LzEvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iZjRmNDEtMjc5Ny00MWI5LWJhZjYtMjk3NjJjMWFhZjY1
LzEvaVlEYUo2VlExNXZtVWExNXJuR2N6OHZGbzI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZSzl4H6+
v7cf3uBdZ13F/9Wa7qZefiYoAGYxjZBSebrD9CUisQg0zdRwPpH41iDKfWgR+uuH
9ZwQskWfaTDOXe8EpHa1ugVFP/UU85rNyNUY9aNX6fNv8KQeI3weyUG9fbmAJWaI
qOhjElkOTSiWqjR686jAQPdr+FdOQ7X/JRdhRCdrqrnLATNodUyix+EJ+h4SMz2w
wqk8i4R62oWvU/izGcf0nWo1Ig2y7UzaiS9WfAK0sB23GorZlbxbP6uiqjcVkANZ
57UD7EVsJ68i+TZaqEsIRO3+BcL++XB1kLX+oFEXu5dtgyG5E8DROEG3DRqdrNb3
HbbrY7UDMDlgVA==
-----END CERTIFICATE-----