Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
File:                     y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft (raw, json)
Hash identifier:          A/qV2pL0HMubiormIZ20IX5d9wcf2l+Hc114nfXI/W4=
Subject key identifier:   B4:25:DB:0A:D2:D5:79:26:FE:8E:21:0D:32:FA:C5:B4:1B:DB:2E:0E
Authority key identifier: CB:9A:1C:B8:0F:B6:37:32:E5:30:04:7A:1E:C5:52:9F:8C:8B:1A:06
Certificate issuer:       /CN=cb9a1cb80fb63732e530047a1ec5529f8c8b1a06
Certificate serial:       019D2960A0E7796A2EC43A32F6D8D0669673
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
Manifest number:          059F
Signing time:             Thu 26 Mar 2026 09:01:31 +0000
Manifest this update:     Thu 26 Mar 2026 09:01:31 +0000
Manifest next update:     Fri 27 Mar 2026 09:01:31 +0000
Files and hashes:         1: y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl (hash: +OKcvWs1zXcm44YKvPN0dN1LZz+ImlQVF/zS0ZaHBEs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:60:a0:e7:79:6a:2e:c4:3a:32:f6:d8:d0:66:96:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb9a1cb80fb63732e530047a1ec5529f8c8b1a06
        Validity
            Not Before: Mar 26 09:01:31 2026 GMT
            Not After : Mar 27 09:01:31 2026 GMT
        Subject: CN=b425db0ad2d57926fe8e210d32fac5b41bdb2e0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:1f:04:f5:b3:d2:20:e9:17:15:14:07:70:74:
                    c9:c1:31:a1:b3:d8:8a:a6:d4:88:53:01:60:8b:92:
                    62:58:9b:4c:bc:f4:c3:38:4b:f4:0b:25:69:47:e9:
                    4b:83:a7:04:16:43:68:c9:93:98:5d:8b:13:9b:82:
                    a7:9e:4f:e6:60:83:08:0a:16:0a:7d:c5:8c:7c:be:
                    cf:20:61:2b:ad:1c:cf:7e:24:0a:ef:0b:99:bc:03:
                    dc:ee:ee:d3:29:f3:8d:b9:2d:bd:09:ff:26:c7:57:
                    18:43:6c:e0:13:f3:4b:ab:11:e6:fe:fc:6d:34:8b:
                    6c:15:23:6a:09:2d:44:34:fd:1b:85:03:08:4c:f7:
                    61:1a:29:29:75:93:be:ec:e6:d4:75:c7:d4:be:3e:
                    5f:9f:00:2b:33:e1:8d:84:01:c9:71:97:ad:53:4e:
                    79:6d:80:61:0f:b7:0c:0f:94:15:ea:a3:3c:c2:30:
                    df:43:53:cd:bd:51:c0:56:a4:42:ee:fe:c9:15:6a:
                    38:ed:2a:de:f8:70:8f:bd:22:6f:d6:58:d2:2b:78:
                    0d:62:06:50:6d:1f:8d:c0:d9:50:8e:a9:ba:eb:16:
                    15:c0:1d:97:07:27:2a:35:df:fa:cf:6f:00:b4:a2:
                    57:47:68:c7:c4:2a:13:2c:b9:4d:90:51:eb:88:63:
                    71:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:25:DB:0A:D2:D5:79:26:FE:8E:21:0D:32:FA:C5:B4:1B:DB:2E:0E
            X509v3 Authority Key Identifier:
                keyid:CB:9A:1C:B8:0F:B6:37:32:E5:30:04:7A:1E:C5:52:9F:8C:8B:1A:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y5ocuA-2NzLlMAR6HsVSn4yLGgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/05bb43-4ae8-4b6d-b46c-113ede3aff79/1/y5ocuA-2NzLlMAR6HsVSn4yLGgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:fe:a0:25:0c:89:8d:6a:c9:1f:3d:e9:87:47:a3:79:ae:5f:
         33:2c:dc:64:d4:48:57:65:a1:d0:ef:a2:f9:d1:0b:3b:c9:05:
         b7:70:1a:6e:18:40:b6:a8:87:e8:5f:96:b7:20:85:bb:cc:ee:
         1f:6e:60:4f:09:63:ea:2d:ff:c9:19:75:98:8a:94:c6:7e:77:
         25:2b:39:31:5c:79:bf:bc:69:54:f7:3d:7d:29:5c:77:32:7e:
         52:e7:98:81:2a:38:a7:1c:ac:46:f2:70:5a:2f:87:02:d4:98:
         3f:28:22:e2:59:c4:75:78:ba:5e:57:a2:2e:02:b7:23:dc:a0:
         36:17:cb:d0:5b:06:d2:4d:b3:7d:16:05:ce:3a:fc:87:72:a1:
         bc:75:de:d7:f3:e8:a6:d0:36:5a:fe:66:43:f1:e7:f4:4a:6f:
         36:ca:32:20:45:88:e6:24:7e:21:ca:b4:0a:5b:4a:84:5d:7a:
         a2:7c:e0:58:50:1b:e7:6a:2b:1a:88:ef:9a:ae:c3:86:f2:dd:
         1a:7e:13:ed:09:18:84:fb:0c:c2:46:2b:53:69:a0:e9:c5:eb:
         26:6d:f6:ca:62:30:e8:69:f2:07:76:db:1f:b0:54:85:fc:27:
         0e:33:10:82:00:bf:89:cc:16:e5:d7:84:84:e3:78:ae:fe:48:
         82:78:92:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYKDneWouxDoy9tjQZpZzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiOWExY2I4MGZiNjM3MzJlNTMwMDQ3YTFlYzU1MjlmOGM4
YjFhMDYwHhcNMjYwMzI2MDkwMTMxWhcNMjYwMzI3MDkwMTMxWjAzMTEwLwYDVQQD
EyhiNDI1ZGIwYWQyZDU3OTI2ZmU4ZTIxMGQzMmZhYzViNDFiZGIyZTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuB8E9bPSIOkXFRQHcHTJwTGhs9iK
ptSIUwFgi5JiWJtMvPTDOEv0CyVpR+lLg6cEFkNoyZOYXYsTm4Knnk/mYIMIChYK
fcWMfL7PIGErrRzPfiQK7wuZvAPc7u7TKfONuS29Cf8mx1cYQ2zgE/NLqxHm/vxt
NItsFSNqCS1ENP0bhQMITPdhGikpdZO+7ObUdcfUvj5fnwArM+GNhAHJcZetU055
bYBhD7cMD5QV6qM8wjDfQ1PNvVHAVqRC7v7JFWo47Sre+HCPvSJv1ljSK3gNYgZQ
bR+NwNlQjqm66xYVwB2XBycqNd/6z28AtKJXR2jHxCoTLLlNkFHriGNxAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLQl2wrS1Xkm/o4hDTL6xbQb2y4OMB8GA1UdIwQY
MBaAFMuaHLgPtjcy5TAEeh7FUp+MixoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8wNWJiNDMtNGFlOC00YjZkLWI0NmMt
MTEzZWRlM2FmZjc5LzEveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8wNWJiNDMtNGFlOC00YjZkLWI0NmMtMTEzZWRlM2FmZjc5
LzEveTVvY3VBLTJOekxsTUFSNkhzVlNuNHlMR2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQv6gJQyJ
jWrJHz3ph0ejea5fMyzcZNRIV2Wh0O+i+dELO8kFt3AabhhAtqiH6F+WtyCFu8zu
H25gTwlj6i3/yRl1mIqUxn53JSs5MVx5v7xpVPc9fSlcdzJ+UueYgSo4pxysRvJw
Wi+HAtSYPygi4lnEdXi6XleiLgK3I9ygNhfL0FsG0k2zfRYFzjr8h3KhvHXe1/Po
ptA2Wv5mQ/Hn9EpvNsoyIEWI5iR+Icq0CltKhF16onzgWFAb52orGojvmq7DhvLd
Gn4T7QkYhPsMwkYrU2mg6cXrJm32ymIw6GnyB3bbH7BUhfwnDjMQggC/icwW5deE
hON4rv5IgniS9Q==
-----END CERTIFICATE-----