Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/a57805-a97f-4462-ae38-d86156e61c47/1/Wy17v8Kblv03I3vOZ4bFO604D70.mft
File:                     Wy17v8Kblv03I3vOZ4bFO604D70.mft (raw, json)
Hash identifier:          uW0vJ26h2BSsObi0kHI6C0cxqE4xTRxBAXCyE/qKJuM=
Subject key identifier:   5D:21:20:50:85:E5:C5:F3:39:06:DD:50:EE:F8:17:C5:D3:CE:83:3F
Authority key identifier: 5B:2D:7B:BF:C2:9B:96:FD:37:23:7B:CE:67:86:C5:3B:AD:38:0F:BD
Certificate issuer:       /CN=5b2d7bbfc29b96fd37237bce6786c53bad380fbd
Certificate serial:       019D27E0700D98214DC298ACC1620A6BA8AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Wy17v8Kblv03I3vOZ4bFO604D70.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/a57805-a97f-4462-ae38-d86156e61c47/1/Wy17v8Kblv03I3vOZ4bFO604D70.mft
Manifest number:          0458
Signing time:             Thu 26 Mar 2026 02:01:53 +0000
Manifest this update:     Thu 26 Mar 2026 02:01:53 +0000
Manifest next update:     Fri 27 Mar 2026 02:01:53 +0000
Files and hashes:         1: Wy17v8Kblv03I3vOZ4bFO604D70.crl (hash: p4rOQ+nM1mDTE/QeD54DfgbrKuCYqO2YSud5G9hRZ9Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/a57805-a97f-4462-ae38-d86156e61c47/1/Wy17v8Kblv03I3vOZ4bFO604D70.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/a57805-a97f-4462-ae38-d86156e61c47/1/Wy17v8Kblv03I3vOZ4bFO604D70.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Wy17v8Kblv03I3vOZ4bFO604D70.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:e0:70:0d:98:21:4d:c2:98:ac:c1:62:0a:6b:a8:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b2d7bbfc29b96fd37237bce6786c53bad380fbd
        Validity
            Not Before: Mar 26 02:01:53 2026 GMT
            Not After : Mar 27 02:01:53 2026 GMT
        Subject: CN=5d21205085e5c5f33906dd50eef817c5d3ce833f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:20:e7:b7:ae:02:98:3d:47:d7:d9:1f:57:65:
                    ba:80:01:5d:dc:32:7e:7e:8a:b6:e2:a4:ba:cf:63:
                    ff:a4:aa:1d:2a:29:5e:4b:a2:6e:5a:76:4f:07:66:
                    b7:ca:e7:e0:66:59:f1:c7:62:fb:02:d7:ba:eb:48:
                    73:23:e2:a5:b7:c6:19:b6:92:cb:c7:0b:46:f8:58:
                    84:24:02:68:1c:b2:e0:84:3a:5e:a1:0f:1e:de:fa:
                    23:96:6d:60:ef:00:d9:af:02:eb:c9:80:0e:39:48:
                    b6:3a:23:27:79:f8:67:ba:d6:81:9b:71:a8:6f:09:
                    40:d8:0b:b5:ee:8d:81:6b:dd:b5:3e:bd:65:77:c2:
                    7d:2a:fe:9e:aa:b7:42:87:a9:52:ff:03:15:48:e7:
                    ce:c6:6c:52:b1:0d:8e:6a:18:f4:ee:1f:27:fe:6f:
                    c2:58:ff:f5:43:35:62:2d:b7:2a:60:29:f2:d5:45:
                    47:54:47:8d:65:1d:cb:d8:59:12:89:76:d5:36:3c:
                    19:b1:3a:c0:29:c8:43:7c:f7:6e:99:96:7d:6f:33:
                    f1:67:57:d3:7d:8f:fe:94:75:78:98:a9:ed:f3:ea:
                    ad:af:92:b6:f2:47:39:99:39:55:70:38:67:96:14:
                    05:d7:26:43:6c:5f:31:89:59:3f:b8:30:f6:6e:bf:
                    1a:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:21:20:50:85:E5:C5:F3:39:06:DD:50:EE:F8:17:C5:D3:CE:83:3F
            X509v3 Authority Key Identifier:
                keyid:5B:2D:7B:BF:C2:9B:96:FD:37:23:7B:CE:67:86:C5:3B:AD:38:0F:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wy17v8Kblv03I3vOZ4bFO604D70.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a57805-a97f-4462-ae38-d86156e61c47/1/Wy17v8Kblv03I3vOZ4bFO604D70.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a57805-a97f-4462-ae38-d86156e61c47/1/Wy17v8Kblv03I3vOZ4bFO604D70.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:d8:03:8c:7e:d1:f5:66:f2:c6:7f:19:41:fb:11:68:79:b6:
         ec:b4:08:a0:97:30:a3:9b:76:bf:8c:37:8a:1d:4f:ba:f5:40:
         0f:6b:a8:8d:54:ec:25:1b:db:b8:ec:08:39:24:b5:2b:1d:25:
         21:7b:cd:0b:27:29:e5:c3:11:76:3f:b4:78:de:0f:99:52:ab:
         48:d4:40:75:84:7f:74:2e:f7:17:47:a8:ff:53:3c:42:2a:0a:
         db:82:d9:b2:ce:9c:0b:a1:c0:f2:4f:36:9c:a7:4c:ac:87:71:
         00:07:bf:6f:b0:48:49:b3:e5:6c:12:21:f1:2d:1c:4c:8e:ab:
         54:f6:bf:17:32:77:bb:ce:38:7a:2c:98:fa:56:6f:16:97:99:
         84:3e:9e:4f:b9:5f:cf:9d:e1:9e:67:6f:bf:78:0c:96:a4:84:
         ba:20:af:a4:ba:6b:32:a8:b4:f1:6d:80:f0:b6:d6:b4:d2:16:
         68:ec:8f:fe:3b:e9:58:1d:b9:52:1c:6f:fb:48:6f:d3:ec:4d:
         a1:3d:3e:16:f9:c2:75:58:de:6a:fb:d4:b7:54:02:4d:4b:8d:
         a5:c1:14:8a:8e:33:c7:36:09:46:9c:d8:97:20:1e:60:a9:da:
         c5:d3:34:1b:a0:94:ac:1b:91:e1:4e:05:01:33:f9:54:ae:14:
         70:3f:a8:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n4HANmCFNwpiswWIKa6irMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMmQ3YmJmYzI5Yjk2ZmQzNzIzN2JjZTY3ODZjNTNiYWQz
ODBmYmQwHhcNMjYwMzI2MDIwMTUzWhcNMjYwMzI3MDIwMTUzWjAzMTEwLwYDVQQD
Eyg1ZDIxMjA1MDg1ZTVjNWYzMzkwNmRkNTBlZWY4MTdjNWQzY2U4MzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSDnt64CmD1H19kfV2W6gAFd3DJ+
foq24qS6z2P/pKodKileS6JuWnZPB2a3yufgZlnxx2L7Ate660hzI+Klt8YZtpLL
xwtG+FiEJAJoHLLghDpeoQ8e3vojlm1g7wDZrwLryYAOOUi2OiMnefhnutaBm3Go
bwlA2Au17o2Ba921Pr1ld8J9Kv6eqrdCh6lS/wMVSOfOxmxSsQ2Oahj07h8n/m/C
WP/1QzViLbcqYCny1UVHVEeNZR3L2FkSiXbVNjwZsTrAKchDfPdumZZ9bzPxZ1fT
fY/+lHV4mKnt8+qtr5K28kc5mTlVcDhnlhQF1yZDbF8xiVk/uDD2br8atQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF0hIFCF5cXzOQbdUO74F8XTzoM/MB8GA1UdIwQY
MBaAFFste7/Cm5b9NyN7zmeGxTutOA+9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3kxN3Y4S2JsdjAzSTN2T1o0YkZPNjA0RDcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9hNTc4MDUtYTk3Zi00NDYyLWFlMzgt
ZDg2MTU2ZTYxYzQ3LzEvV3kxN3Y4S2JsdjAzSTN2T1o0YkZPNjA0RDcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9hNTc4MDUtYTk3Zi00NDYyLWFlMzgtZDg2MTU2ZTYxYzQ3
LzEvV3kxN3Y4S2JsdjAzSTN2T1o0YkZPNjA0RDcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnNgDjH7R
9Wbyxn8ZQfsRaHm27LQIoJcwo5t2v4w3ih1PuvVAD2uojVTsJRvbuOwIOSS1Kx0l
IXvNCycp5cMRdj+0eN4PmVKrSNRAdYR/dC73F0eo/1M8QioK24LZss6cC6HA8k82
nKdMrIdxAAe/b7BISbPlbBIh8S0cTI6rVPa/FzJ3u844eiyY+lZvFpeZhD6eT7lf
z53hnmdvv3gMlqSEuiCvpLprMqi08W2A8LbWtNIWaOyP/jvpWB25Uhxv+0hv0+xN
oT0+FvnCdVjeavvUt1QCTUuNpcEUio4zxzYJRpzYlyAeYKnaxdM0G6CUrBuR4U4F
ATP5VK4UcD+o8g==
-----END CERTIFICATE-----