Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft
File:                     iDyv-AezKVLWjHGq8BuRmErR6gg.mft (raw, json)
Hash identifier:          yiUPFkkEg7iZe8NjxhlzbhoSz/OHQTR1jEe6Z5MXL4E=
Subject key identifier:   DC:4E:D3:45:97:BF:71:95:FF:BF:44:A6:49:39:19:EB:21:28:EE:20
Authority key identifier: 88:3C:AF:F8:07:B3:29:52:D6:8C:71:AA:F0:1B:91:98:4A:D1:EA:08
Certificate issuer:       /CN=883caff807b32952d68c71aaf01b91984ad1ea08
Certificate serial:       019D27041A949AC1CBE4DE03DE4270227C36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iDyv-AezKVLWjHGq8BuRmErR6gg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft
Manifest number:          066F
Signing time:             Wed 25 Mar 2026 22:01:13 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:13 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:13 +0000
Files and hashes:         1: iDyv-AezKVLWjHGq8BuRmErR6gg.crl (hash: RjNIltrr5XfOp5cS8IshdeBx4vusiYBaW5jSw59jIc0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iDyv-AezKVLWjHGq8BuRmErR6gg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:1a:94:9a:c1:cb:e4:de:03:de:42:70:22:7c:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=883caff807b32952d68c71aaf01b91984ad1ea08
        Validity
            Not Before: Mar 25 22:01:13 2026 GMT
            Not After : Mar 26 22:01:13 2026 GMT
        Subject: CN=dc4ed34597bf7195ffbf44a6493919eb2128ee20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:76:89:d0:5f:4c:78:c7:8d:a8:fe:e5:f3:81:
                    b4:be:b9:98:74:22:c4:59:6d:f6:ae:75:2e:a3:f9:
                    01:f4:46:15:74:f1:48:a7:02:9e:40:8d:8e:c1:55:
                    33:3e:96:6c:40:e1:d0:b7:c4:e8:4a:f8:f2:80:3d:
                    d4:d6:e8:b7:15:47:9b:c8:69:fb:67:9a:e4:a4:b5:
                    99:25:ed:1a:22:50:b9:80:ea:ec:1c:d0:55:76:a1:
                    68:fb:d3:b2:5e:b5:22:b3:8d:e0:b7:1a:66:d2:25:
                    41:c3:62:64:17:f3:3a:df:7c:db:a3:32:c9:43:7b:
                    97:4e:dd:4e:2a:a3:c0:1b:7c:0e:1a:c0:2c:fe:7e:
                    61:87:ec:15:8b:28:2c:95:20:5a:c3:23:12:4e:32:
                    a4:e8:a9:91:8e:d8:ad:a7:d5:a8:51:d4:c0:60:67:
                    45:b1:05:6b:47:07:f5:35:a1:3c:32:37:bb:9b:38:
                    69:be:89:2c:c1:5b:4d:62:c1:17:65:b4:ee:37:e2:
                    fd:5d:0e:95:5a:10:f0:c3:d8:4a:42:c6:e9:25:2e:
                    15:83:f2:d6:b5:5e:24:95:4f:8e:8a:d8:62:dd:66:
                    33:88:8d:c3:30:e9:ce:6c:52:a4:52:b8:a8:5a:8b:
                    f2:82:c2:64:25:78:1d:79:20:36:6f:1b:4d:a1:49:
                    7a:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:4E:D3:45:97:BF:71:95:FF:BF:44:A6:49:39:19:EB:21:28:EE:20
            X509v3 Authority Key Identifier:
                keyid:88:3C:AF:F8:07:B3:29:52:D6:8C:71:AA:F0:1B:91:98:4A:D1:EA:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iDyv-AezKVLWjHGq8BuRmErR6gg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/a8b3c2-cad5-45a3-afaa-9ced5e5eff0f/1/iDyv-AezKVLWjHGq8BuRmErR6gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:da:bf:5e:5e:21:90:40:1d:e0:c7:62:cc:86:f5:e0:f0:e3:
         25:d0:dc:03:b8:e3:f5:d4:bf:bf:e5:9c:9a:cd:74:dc:2b:fc:
         18:3e:20:22:d8:f7:56:ec:12:fd:fb:58:ba:d7:0b:d7:f1:d1:
         9b:3e:c5:5c:47:d6:07:e9:93:2e:56:36:98:46:ed:a3:32:a4:
         35:f8:f9:c5:df:71:91:df:86:b7:ce:96:78:7a:45:cd:07:45:
         90:66:b3:bc:f2:e9:07:fb:af:b3:45:70:4c:e5:44:02:3a:a8:
         b7:62:2a:59:ae:6c:36:14:d7:9b:23:c3:f2:38:db:dd:f4:5d:
         2f:16:51:55:68:ae:79:b4:6c:fd:b7:02:be:11:12:30:9b:40:
         fb:0a:0e:db:52:85:e1:32:75:f1:f4:7a:d8:a5:eb:ea:8d:44:
         86:43:1e:5e:5e:78:b0:d8:f3:8c:dd:b0:3b:d9:2f:c6:9c:fe:
         e5:2f:5a:e0:ca:69:f0:44:56:5f:63:d4:18:8c:ef:a3:f0:87:
         5e:c5:0e:cc:73:83:db:42:c6:c4:7f:c6:63:d8:f6:65:13:30:
         a5:3f:63:60:9a:9e:bd:a0:78:14:f1:2e:8b:fb:1d:22:49:d2:
         bd:15:ce:22:86:63:00:e4:d5:ec:57:16:83:11:cd:80:ea:9b:
         b2:64:32:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBBqUmsHL5N4D3kJwInw2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4M2NhZmY4MDdiMzI5NTJkNjhjNzFhYWYwMWI5MTk4NGFk
MWVhMDgwHhcNMjYwMzI1MjIwMTEzWhcNMjYwMzI2MjIwMTEzWjAzMTEwLwYDVQQD
EyhkYzRlZDM0NTk3YmY3MTk1ZmZiZjQ0YTY0OTM5MTllYjIxMjhlZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6HaJ0F9MeMeNqP7l84G0vrmYdCLE
WW32rnUuo/kB9EYVdPFIpwKeQI2OwVUzPpZsQOHQt8ToSvjygD3U1ui3FUebyGn7
Z5rkpLWZJe0aIlC5gOrsHNBVdqFo+9OyXrUis43gtxpm0iVBw2JkF/M633zbozLJ
Q3uXTt1OKqPAG3wOGsAs/n5hh+wViygslSBawyMSTjKk6KmRjtitp9WoUdTAYGdF
sQVrRwf1NaE8Mje7mzhpvokswVtNYsEXZbTuN+L9XQ6VWhDww9hKQsbpJS4Vg/LW
tV4klU+Oithi3WYziI3DMOnObFKkUrioWovygsJkJXgdeSA2bxtNoUl6hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNxO00WXv3GV/79Epkk5GeshKO4gMB8GA1UdIwQY
MBaAFIg8r/gHsylS1oxxqvAbkZhK0eoIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUR5di1BZXpLVkxXakhHcThCdVJtRXJSNmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9hOGIzYzItY2FkNS00NWEzLWFmYWEt
OWNlZDVlNWVmZjBmLzEvaUR5di1BZXpLVkxXakhHcThCdVJtRXJSNmdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9hOGIzYzItY2FkNS00NWEzLWFmYWEtOWNlZDVlNWVmZjBm
LzEvaUR5di1BZXpLVkxXakhHcThCdVJtRXJSNmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnNq/Xl4h
kEAd4MdizIb14PDjJdDcA7jj9dS/v+Wcms103Cv8GD4gItj3VuwS/ftYutcL1/HR
mz7FXEfWB+mTLlY2mEbtozKkNfj5xd9xkd+Gt86WeHpFzQdFkGazvPLpB/uvs0Vw
TOVEAjqot2IqWa5sNhTXmyPD8jjb3fRdLxZRVWiuebRs/bcCvhESMJtA+woO21KF
4TJ18fR62KXr6o1EhkMeXl54sNjzjN2wO9kvxpz+5S9a4Mpp8ERWX2PUGIzvo/CH
XsUOzHOD20LGxH/GY9j2ZRMwpT9jYJqevaB4FPEui/sdIknSvRXOIoZjAOTV7FcW
gxHNgOqbsmQyNA==
-----END CERTIFICATE-----