Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft
File:                     PYyo-vPO4aXlGlxc2_lIKgACe2U.mft (raw, json)
Hash identifier:          Oa9hdEAgyIso8sJKMeQH29A4PydNQhZuKaKWbuEwzek=
Subject key identifier:   FD:79:9E:23:B4:DE:C5:CB:F2:0B:B6:BB:E1:92:75:75:5A:F4:9F:1E
Authority key identifier: 3D:8C:A8:FA:F3:CE:E1:A5:E5:1A:5C:5C:DB:F9:48:2A:00:02:7B:65
Certificate issuer:       /CN=3d8ca8faf3cee1a5e51a5c5cdbf9482a00027b65
Certificate serial:       019D329A46C2ADBDB160F9C14EEA062ED530
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PYyo-vPO4aXlGlxc2_lIKgACe2U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft
Manifest number:          0DF9
Signing time:             Sat 28 Mar 2026 04:01:04 +0000
Manifest this update:     Sat 28 Mar 2026 04:01:04 +0000
Manifest next update:     Sun 29 Mar 2026 04:01:04 +0000
Files and hashes:         1: PYyo-vPO4aXlGlxc2_lIKgACe2U.crl (hash: PMxETMizghJzWc/kRzt7IExOA8zCLrgVXiKQGRWN+i0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PYyo-vPO4aXlGlxc2_lIKgACe2U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 00:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:32:9a:46:c2:ad:bd:b1:60:f9:c1:4e:ea:06:2e:d5:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d8ca8faf3cee1a5e51a5c5cdbf9482a00027b65
        Validity
            Not Before: Mar 28 04:01:04 2026 GMT
            Not After : Mar 29 04:01:04 2026 GMT
        Subject: CN=fd799e23b4dec5cbf20bb6bbe19275755af49f1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:36:2b:b2:d2:0b:35:e9:9b:82:d0:cd:fa:bb:
                    a5:db:7b:0d:e1:39:a7:de:4a:f5:5d:d0:97:e4:81:
                    6d:63:db:01:cf:b8:33:bf:d8:3d:a1:48:1f:f7:66:
                    40:8f:21:62:e5:17:e1:a2:3d:9f:2e:29:af:fa:92:
                    12:e5:77:16:71:48:8c:31:30:ba:ad:55:b9:2d:9e:
                    42:55:cd:bd:5a:cf:8a:d4:81:55:b6:3d:d5:98:4b:
                    fa:fd:f1:f4:9a:59:d6:0b:8f:f1:41:56:8f:0f:3e:
                    6b:91:a5:ef:71:4b:ec:04:af:54:95:cf:36:b7:e5:
                    61:a8:05:11:7f:39:39:b3:06:e3:4d:43:7d:6b:c5:
                    bb:56:59:e9:99:40:57:3f:f7:f5:7e:43:f9:af:97:
                    51:74:6d:64:70:f8:79:cb:d7:8d:b0:d2:56:9a:5e:
                    be:04:35:62:dd:01:29:b9:e4:6f:26:a1:ea:f3:86:
                    77:1e:8e:35:6a:c4:14:75:a1:a0:16:f0:11:d1:bb:
                    59:2a:58:38:5b:f9:4b:10:03:56:d2:a8:a4:1f:39:
                    3a:ce:64:0c:a1:3e:99:07:52:88:fb:e8:ff:c7:de:
                    1f:8a:3e:e5:95:3a:72:f4:de:4a:db:cd:e7:db:52:
                    9d:28:9d:e8:4e:1b:50:3c:9e:a6:30:d7:e5:14:f1:
                    fb:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:79:9E:23:B4:DE:C5:CB:F2:0B:B6:BB:E1:92:75:75:5A:F4:9F:1E
            X509v3 Authority Key Identifier:
                keyid:3D:8C:A8:FA:F3:CE:E1:A5:E5:1A:5C:5C:DB:F9:48:2A:00:02:7B:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYyo-vPO4aXlGlxc2_lIKgACe2U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/11237d-c69d-40d4-b4d7-4e15b84ee706/1/PYyo-vPO4aXlGlxc2_lIKgACe2U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:90:b9:ae:b8:9c:64:37:dc:03:46:d1:60:ba:e9:e7:5e:f4:
         5d:2a:80:28:12:24:76:3d:6b:c6:ac:8c:8a:a6:9b:96:c2:62:
         9b:de:ae:85:d5:ed:2c:a5:e0:f2:ce:a3:14:a3:c0:a9:11:2e:
         9a:c0:e1:b3:c6:8a:ed:31:52:de:50:1e:26:63:f1:75:34:47:
         4b:9c:57:5a:cc:09:32:96:be:d0:5b:6c:5c:c7:51:00:45:e1:
         0a:bb:94:ba:06:4e:5b:1d:bc:63:51:bc:4b:66:99:56:c9:03:
         f9:ea:5d:fb:85:c2:27:ea:cd:06:e1:34:2f:35:41:02:65:af:
         0c:8b:ed:6d:61:e0:40:30:32:09:73:eb:6b:11:a9:c2:37:e4:
         10:5f:81:81:b0:4d:15:6d:df:13:7d:a7:0e:2c:6f:57:be:87:
         5d:5a:5a:6b:73:0e:74:ec:58:7e:da:52:ce:f9:21:e3:52:23:
         f9:ab:e6:6d:cc:ee:67:be:89:1c:40:31:f2:88:73:d6:85:9b:
         86:7b:f4:03:d8:d6:67:cb:6f:3a:0f:26:b3:ad:8b:48:47:8f:
         c5:5e:48:08:de:bc:62:d4:e4:b8:f8:c4:1d:e3:69:1b:82:b5:
         49:be:2f:43:dd:ea:a0:44:b0:be:41:0b:ca:0b:67:6e:d4:1e:
         ed:7c:3b:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ymkbCrb2xYPnBTuoGLtUwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGNhOGZhZjNjZWUxYTVlNTFhNWM1Y2RiZjk0ODJhMDAw
MjdiNjUwHhcNMjYwMzI4MDQwMTA0WhcNMjYwMzI5MDQwMTA0WjAzMTEwLwYDVQQD
EyhmZDc5OWUyM2I0ZGVjNWNiZjIwYmI2YmJlMTkyNzU3NTVhZjQ5ZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjYrstILNembgtDN+rul23sN4Tmn
3kr1XdCX5IFtY9sBz7gzv9g9oUgf92ZAjyFi5Rfhoj2fLimv+pIS5XcWcUiMMTC6
rVW5LZ5CVc29Ws+K1IFVtj3VmEv6/fH0mlnWC4/xQVaPDz5rkaXvcUvsBK9Ulc82
t+VhqAURfzk5swbjTUN9a8W7VlnpmUBXP/f1fkP5r5dRdG1kcPh5y9eNsNJWml6+
BDVi3QEpueRvJqHq84Z3Ho41asQUdaGgFvAR0btZKlg4W/lLEANW0qikHzk6zmQM
oT6ZB1KI++j/x94fij7llTpy9N5K283n21KdKJ3oThtQPJ6mMNflFPH7qwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP15niO03sXL8gu2u+GSdXVa9J8eMB8GA1UdIwQY
MBaAFD2MqPrzzuGl5RpcXNv5SCoAAntlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFl5by12UE80YVhsR2x4YzJfbElLZ0FDZTJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8xMTIzN2QtYzY5ZC00MGQ0LWI0ZDct
NGUxNWI4NGVlNzA2LzEvUFl5by12UE80YVhsR2x4YzJfbElLZ0FDZTJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8xMTIzN2QtYzY5ZC00MGQ0LWI0ZDctNGUxNWI4NGVlNzA2
LzEvUFl5by12UE80YVhsR2x4YzJfbElLZ0FDZTJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcJC5rric
ZDfcA0bRYLrp5170XSqAKBIkdj1rxqyMiqablsJim96uhdXtLKXg8s6jFKPAqREu
msDhs8aK7TFS3lAeJmPxdTRHS5xXWswJMpa+0FtsXMdRAEXhCruUugZOWx28Y1G8
S2aZVskD+epd+4XCJ+rNBuE0LzVBAmWvDIvtbWHgQDAyCXPraxGpwjfkEF+BgbBN
FW3fE32nDixvV76HXVpaa3MOdOxYftpSzvkh41Ij+avmbczuZ76JHEAx8ohz1oWb
hnv0A9jWZ8tvOg8ms62LSEePxV5ICN68YtTkuPjEHeNpG4K1Sb4vQ93qoESwvkEL
ygtnbtQe7Xw7pg==
-----END CERTIFICATE-----