Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/a7b265-5476-49f4-bd4a-2f9f81e93298/1/yfcvcKzNptLmEzWoFzDm9u5RPMU.mft
File:                     yfcvcKzNptLmEzWoFzDm9u5RPMU.mft (raw, json)
Hash identifier:          XVEJdhQnu/YQ/4Ry3jdZgpvJVr0r5tU5YWC7oAmAVaI=
Subject key identifier:   5D:D9:F8:14:72:FD:C4:3C:0F:FC:71:11:03:FD:8F:1C:C7:86:93:48
Authority key identifier: C9:F7:2F:70:AC:CD:A6:D2:E6:13:35:A8:17:30:E6:F6:EE:51:3C:C5
Certificate issuer:       /CN=c9f72f70accda6d2e61335a81730e6f6ee513cc5
Certificate serial:       019D28F2B51F5C02D05146B83B2B85A5BF8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yfcvcKzNptLmEzWoFzDm9u5RPMU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/a7b265-5476-49f4-bd4a-2f9f81e93298/1/yfcvcKzNptLmEzWoFzDm9u5RPMU.mft
Manifest number:          1883
Signing time:             Thu 26 Mar 2026 07:01:27 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:27 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:27 +0000
Files and hashes:         1: yfcvcKzNptLmEzWoFzDm9u5RPMU.crl (hash: LcuA5X3i5VNoiaP/PVVbZS/mBHwwC70XuDxyPzxTCUY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/a7b265-5476-49f4-bd4a-2f9f81e93298/1/yfcvcKzNptLmEzWoFzDm9u5RPMU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/a7b265-5476-49f4-bd4a-2f9f81e93298/1/yfcvcKzNptLmEzWoFzDm9u5RPMU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yfcvcKzNptLmEzWoFzDm9u5RPMU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:b5:1f:5c:02:d0:51:46:b8:3b:2b:85:a5:bf:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9f72f70accda6d2e61335a81730e6f6ee513cc5
        Validity
            Not Before: Mar 26 07:01:27 2026 GMT
            Not After : Mar 27 07:01:27 2026 GMT
        Subject: CN=5dd9f81472fdc43c0ffc711103fd8f1cc7869348
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:51:44:f1:c9:18:3b:b3:a4:f4:12:83:2e:94:
                    fa:4c:8f:c6:30:0a:f6:d9:34:0d:8d:bb:d5:82:65:
                    98:95:a3:2f:be:b2:87:50:8d:3b:c1:40:c9:fb:9f:
                    da:b0:a3:6c:33:c7:8b:7d:2a:4e:28:93:65:15:36:
                    17:35:10:14:5a:2c:3e:2d:07:ad:a2:d9:aa:dc:55:
                    64:85:17:aa:95:c0:19:be:a2:f1:e2:c2:79:41:9a:
                    69:30:29:5c:03:53:ba:0b:f2:29:72:3e:8b:57:22:
                    44:5b:a4:fb:bf:35:aa:47:4c:c7:9a:61:a2:94:1d:
                    85:91:b9:86:47:0d:62:14:b8:d1:70:7d:14:97:6e:
                    50:1e:20:09:91:1d:ab:de:69:66:32:81:34:9a:65:
                    3a:5b:05:04:cf:b5:b4:99:57:09:63:66:f2:9c:23:
                    46:6f:87:2c:cc:e0:8a:52:2c:66:b7:9b:8d:ae:d3:
                    3b:fe:72:fa:7c:a2:10:5a:11:47:fc:2c:99:db:9c:
                    f6:2b:b6:9e:a7:14:d8:f9:3d:7c:fa:ff:71:af:38:
                    eb:de:9f:fd:f9:4c:52:79:58:27:b3:c7:05:31:c6:
                    24:6f:e1:35:5c:02:64:bd:c5:65:72:f8:b1:aa:ef:
                    3f:ae:a8:21:06:54:c2:f5:01:8b:95:ed:d7:88:b3:
                    28:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:D9:F8:14:72:FD:C4:3C:0F:FC:71:11:03:FD:8F:1C:C7:86:93:48
            X509v3 Authority Key Identifier:
                keyid:C9:F7:2F:70:AC:CD:A6:D2:E6:13:35:A8:17:30:E6:F6:EE:51:3C:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yfcvcKzNptLmEzWoFzDm9u5RPMU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/a7b265-5476-49f4-bd4a-2f9f81e93298/1/yfcvcKzNptLmEzWoFzDm9u5RPMU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/a7b265-5476-49f4-bd4a-2f9f81e93298/1/yfcvcKzNptLmEzWoFzDm9u5RPMU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:32:b5:50:4a:2f:61:ef:af:dc:99:2b:9d:f5:50:dc:b3:aa:
         3f:de:52:b4:d5:f0:c0:f5:05:c0:5d:dd:0f:1f:1e:1b:b3:c1:
         d0:36:39:3c:cd:37:70:8e:32:32:db:c2:24:64:dc:4b:84:ec:
         f8:79:c9:1c:76:2d:64:87:d2:ac:7b:43:4e:f6:12:8b:b7:b4:
         50:7b:7d:26:06:08:4b:0b:fc:f6:92:5f:6a:02:70:6a:b2:fa:
         87:e1:6f:51:29:86:8e:72:b8:43:70:69:23:1c:41:fe:37:53:
         fb:7c:58:a5:cd:8b:a9:cc:43:5b:18:c5:c8:5f:8f:26:60:a7:
         01:3f:6a:f7:67:8a:db:8b:b4:f5:f5:0e:f0:08:3c:14:34:dc:
         24:e7:ad:7f:07:da:ba:01:bd:3b:23:63:cc:fb:42:1f:4f:b8:
         28:19:b8:c6:20:81:1e:36:0c:b1:d2:06:af:b6:1a:c9:c5:5e:
         5f:1a:7a:c7:bb:0f:59:20:aa:97:45:75:f4:c9:7c:8e:2e:8f:
         04:8f:fe:05:a0:9b:b3:3f:b2:99:85:03:8b:8e:f3:6f:09:dd:
         db:46:51:11:18:76:d0:31:f3:d2:50:6c:d8:6d:06:30:d5:8a:
         ed:96:c5:ba:63:02:9f:76:57:ed:ef:05:d5:ee:ad:a0:bc:65:
         e7:df:03:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8rUfXALQUUa4OyuFpb+LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZjcyZjcwYWNjZGE2ZDJlNjEzMzVhODE3MzBlNmY2ZWU1
MTNjYzUwHhcNMjYwMzI2MDcwMTI3WhcNMjYwMzI3MDcwMTI3WjAzMTEwLwYDVQQD
Eyg1ZGQ5ZjgxNDcyZmRjNDNjMGZmYzcxMTEwM2ZkOGYxY2M3ODY5MzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVFE8ckYO7Ok9BKDLpT6TI/GMAr2
2TQNjbvVgmWYlaMvvrKHUI07wUDJ+5/asKNsM8eLfSpOKJNlFTYXNRAUWiw+LQet
otmq3FVkhReqlcAZvqLx4sJ5QZppMClcA1O6C/Ipcj6LVyJEW6T7vzWqR0zHmmGi
lB2FkbmGRw1iFLjRcH0Ul25QHiAJkR2r3mlmMoE0mmU6WwUEz7W0mVcJY2bynCNG
b4cszOCKUixmt5uNrtM7/nL6fKIQWhFH/CyZ25z2K7aepxTY+T18+v9xrzjr3p/9
+UxSeVgns8cFMcYkb+E1XAJkvcVlcvixqu8/rqghBlTC9QGLle3XiLMowwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF3Z+BRy/cQ8D/xxEQP9jxzHhpNIMB8GA1UdIwQY
MBaAFMn3L3CszabS5hM1qBcw5vbuUTzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWZjdmNLek5wdExtRXpXb0Z6RG05dTVSUE1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hN2IyNjUtNTQ3Ni00OWY0LWJkNGEt
MmY5ZjgxZTkzMjk4LzEveWZjdmNLek5wdExtRXpXb0Z6RG05dTVSUE1VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hN2IyNjUtNTQ3Ni00OWY0LWJkNGEtMmY5ZjgxZTkzMjk4
LzEveWZjdmNLek5wdExtRXpXb0Z6RG05dTVSUE1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASTK1UEov
Ye+v3JkrnfVQ3LOqP95StNXwwPUFwF3dDx8eG7PB0DY5PM03cI4yMtvCJGTcS4Ts
+HnJHHYtZIfSrHtDTvYSi7e0UHt9JgYISwv89pJfagJwarL6h+FvUSmGjnK4Q3Bp
IxxB/jdT+3xYpc2LqcxDWxjFyF+PJmCnAT9q92eK24u09fUO8Ag8FDTcJOetfwfa
ugG9OyNjzPtCH0+4KBm4xiCBHjYMsdIGr7YaycVeXxp6x7sPWSCql0V19Ml8ji6P
BI/+BaCbsz+ymYUDi47zbwnd20ZRERh20DHz0lBs2G0GMNWK7ZbFumMCn3ZX7e8F
1e6toLxl598DqA==
-----END CERTIFICATE-----