Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/ed4bac-e0e2-4e29-98a7-ef862e3e7128/1/AY9TOgxHePOMEstY3Xtq8l-MrOc.mft
File:                     AY9TOgxHePOMEstY3Xtq8l-MrOc.mft (raw, json)
Hash identifier:          18TW1dg7e7WCGTUVa1F02U4G+MfIfAUjw0febW7UDQg=
Subject key identifier:   88:03:49:A2:4D:64:A0:2F:30:7F:47:14:60:DE:D1:73:26:C3:06:E5
Authority key identifier: 01:8F:53:3A:0C:47:78:F3:8C:12:CB:58:DD:7B:6A:F2:5F:8C:AC:E7
Certificate issuer:       /CN=018f533a0c4778f38c12cb58dd7b6af25f8cace7
Certificate serial:       019E1C7DE188FE409725CFAD42EAD94F51C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AY9TOgxHePOMEstY3Xtq8l-MrOc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/ed4bac-e0e2-4e29-98a7-ef862e3e7128/1/AY9TOgxHePOMEstY3Xtq8l-MrOc.mft
Manifest number:          01CE
Signing time:             Tue 12 May 2026 14:01:12 +0000
Manifest this update:     Tue 12 May 2026 14:01:12 +0000
Manifest next update:     Wed 13 May 2026 14:01:12 +0000
Files and hashes:         1: AY9TOgxHePOMEstY3Xtq8l-MrOc.crl (hash: ls2Pht7NSTdwXUdiU55QgSmUNgzoXurYLRmV+kY3hTU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/ed4bac-e0e2-4e29-98a7-ef862e3e7128/1/AY9TOgxHePOMEstY3Xtq8l-MrOc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/ed4bac-e0e2-4e29-98a7-ef862e3e7128/1/AY9TOgxHePOMEstY3Xtq8l-MrOc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AY9TOgxHePOMEstY3Xtq8l-MrOc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:7d:e1:88:fe:40:97:25:cf:ad:42:ea:d9:4f:51:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=018f533a0c4778f38c12cb58dd7b6af25f8cace7
        Validity
            Not Before: May 12 14:01:12 2026 GMT
            Not After : May 13 14:01:12 2026 GMT
        Subject: CN=880349a24d64a02f307f471460ded17326c306e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:76:1c:47:a6:1d:22:07:7b:b4:9e:ab:3c:2c:
                    85:94:51:f5:fc:5f:59:8f:48:1e:dc:35:9a:10:ae:
                    08:3c:86:bb:13:23:64:a3:9a:3f:fb:6a:d5:af:9b:
                    c9:88:a3:75:ee:24:fb:ed:2e:17:09:2e:d0:81:f7:
                    40:4a:60:47:e7:a8:7f:d0:52:0f:c0:bd:09:4a:b9:
                    e5:e3:54:ad:e6:be:cd:98:4e:d1:3a:d0:9e:6c:6e:
                    32:1b:e6:3c:bc:8e:5f:d4:2f:f2:56:37:13:11:17:
                    51:f9:5d:01:3e:65:64:cf:8c:63:4a:16:33:52:46:
                    de:a4:3b:e4:6b:a6:4d:fd:35:ba:46:61:78:46:80:
                    f2:ba:1b:ae:fb:ff:1a:40:14:ac:99:a3:94:09:ed:
                    83:34:53:47:7d:97:ef:bf:04:1a:01:7a:66:cd:8d:
                    78:ee:32:19:38:92:9b:22:49:f4:7a:d7:7f:dc:6a:
                    ae:15:57:cd:cf:a0:66:88:f6:ce:13:a3:2b:4e:54:
                    a3:3b:b0:76:9b:17:35:97:5c:64:74:c4:b7:3a:42:
                    28:36:4f:7a:88:58:a8:2a:fa:0d:bc:5b:ce:8e:7a:
                    47:90:81:02:5e:0f:50:02:50:5b:79:f3:39:59:4b:
                    6c:a0:c4:16:23:eb:5f:d4:ef:29:c6:a1:2c:07:2a:
                    e0:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:03:49:A2:4D:64:A0:2F:30:7F:47:14:60:DE:D1:73:26:C3:06:E5
            X509v3 Authority Key Identifier:
                keyid:01:8F:53:3A:0C:47:78:F3:8C:12:CB:58:DD:7B:6A:F2:5F:8C:AC:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AY9TOgxHePOMEstY3Xtq8l-MrOc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/ed4bac-e0e2-4e29-98a7-ef862e3e7128/1/AY9TOgxHePOMEstY3Xtq8l-MrOc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/ed4bac-e0e2-4e29-98a7-ef862e3e7128/1/AY9TOgxHePOMEstY3Xtq8l-MrOc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:f1:ee:f5:94:29:e8:86:1f:9f:ff:09:0a:23:7a:37:4d:a1:
         da:a4:84:0b:3a:96:40:c9:59:32:08:52:e0:eb:38:ce:96:61:
         8a:17:26:44:a9:8a:59:1a:c5:f2:14:25:c8:12:67:7d:56:3a:
         b9:38:77:af:86:55:8d:68:37:61:8d:a8:af:7b:75:5c:86:fb:
         b7:70:0f:46:d0:f2:90:5d:4c:11:a3:a5:e6:c2:c3:7f:fd:75:
         e2:0a:41:13:76:d3:5a:7e:33:68:e6:1e:fd:6f:84:b4:ec:8f:
         70:b4:e1:57:a5:73:0a:3f:a6:64:ea:e1:64:40:de:84:23:e0:
         35:6f:f9:1e:b6:4a:35:a2:f6:c3:06:6d:0a:34:0d:c8:7b:95:
         78:14:4e:7d:4d:7e:ec:0f:2b:b2:91:18:ce:a0:f2:c5:46:67:
         82:0a:57:cf:0b:92:58:3a:69:91:a3:12:5d:15:ec:62:5d:20:
         a6:83:f2:ae:4f:c3:62:0e:29:9e:c2:13:4e:33:65:5b:ec:ca:
         ee:b7:4e:0a:da:7f:f2:49:bc:e7:3e:83:ea:21:98:10:0a:f7:
         a8:06:90:b8:df:f9:32:6e:f6:b4:60:55:6b:59:71:54:09:22:
         7d:63:e5:93:f4:b6:e1:80:da:1f:41:e5:ff:7c:c9:c6:00:a2:
         63:f4:2c:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cfeGI/kCXJc+tQurZT1HJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxOGY1MzNhMGM0Nzc4ZjM4YzEyY2I1OGRkN2I2YWYyNWY4
Y2FjZTcwHhcNMjYwNTEyMTQwMTEyWhcNMjYwNTEzMTQwMTEyWjAzMTEwLwYDVQQD
Eyg4ODAzNDlhMjRkNjRhMDJmMzA3ZjQ3MTQ2MGRlZDE3MzI2YzMwNmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHYcR6YdIgd7tJ6rPCyFlFH1/F9Z
j0ge3DWaEK4IPIa7EyNko5o/+2rVr5vJiKN17iT77S4XCS7QgfdASmBH56h/0FIP
wL0JSrnl41St5r7NmE7ROtCebG4yG+Y8vI5f1C/yVjcTERdR+V0BPmVkz4xjShYz
UkbepDvka6ZN/TW6RmF4RoDyuhuu+/8aQBSsmaOUCe2DNFNHfZfvvwQaAXpmzY14
7jIZOJKbIkn0etd/3GquFVfNz6BmiPbOE6MrTlSjO7B2mxc1l1xkdMS3OkIoNk96
iFioKvoNvFvOjnpHkIECXg9QAlBbefM5WUtsoMQWI+tf1O8pxqEsByrgrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIgDSaJNZKAvMH9HFGDe0XMmwwblMB8GA1UdIwQY
MBaAFAGPUzoMR3jzjBLLWN17avJfjKznMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVk5VE9neEhlUE9NRXN0WTNYdHE4bC1Nck9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9lZDRiYWMtZTBlMi00ZTI5LTk4YTct
ZWY4NjJlM2U3MTI4LzEvQVk5VE9neEhlUE9NRXN0WTNYdHE4bC1Nck9jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9lZDRiYWMtZTBlMi00ZTI5LTk4YTctZWY4NjJlM2U3MTI4
LzEvQVk5VE9neEhlUE9NRXN0WTNYdHE4bC1Nck9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASfHu9ZQp
6IYfn/8JCiN6N02h2qSECzqWQMlZMghS4Os4zpZhihcmRKmKWRrF8hQlyBJnfVY6
uTh3r4ZVjWg3YY2or3t1XIb7t3APRtDykF1MEaOl5sLDf/114gpBE3bTWn4zaOYe
/W+EtOyPcLThV6VzCj+mZOrhZEDehCPgNW/5HrZKNaL2wwZtCjQNyHuVeBROfU1+
7A8rspEYzqDyxUZnggpXzwuSWDppkaMSXRXsYl0gpoPyrk/DYg4pnsITTjNlW+zK
7rdOCtp/8km85z6D6iGYEAr3qAaQuN/5Mm72tGBVa1lxVAkifWPlk/S24YDaH0Hl
/3zJxgCiY/Qs3g==
-----END CERTIFICATE-----