Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft
File:                     YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft (raw, json)
Hash identifier:          2WoZRAVwljj3Tgjy9U0n9YKsHCvwJPAQCg+F6pRPekc=
Subject key identifier:   4C:33:62:17:F8:AE:31:37:0E:BA:EA:99:E4:CF:AA:A6:16:A1:27:4D
Authority key identifier: 60:5A:BB:25:3B:76:6D:CD:7F:16:D9:F0:1B:C1:19:69:18:48:EB:0E
Certificate issuer:       /CN=605abb253b766dcd7f16d9f01bc119691848eb0e
Certificate serial:       019D2A04DF944E3AF5A767519FEE0B31CC7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFq7JTt2bc1_FtnwG8EZaRhI6w4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft
Manifest number:          04E4
Signing time:             Thu 26 Mar 2026 12:00:55 +0000
Manifest this update:     Thu 26 Mar 2026 12:00:55 +0000
Manifest next update:     Fri 27 Mar 2026 12:00:55 +0000
Files and hashes:         1: YFq7JTt2bc1_FtnwG8EZaRhI6w4.crl (hash: azH2n6S/WB8kxO2ZGtcA5f39Jz3wny9d4Cpj/tl+1VQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YFq7JTt2bc1_FtnwG8EZaRhI6w4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:04:df:94:4e:3a:f5:a7:67:51:9f:ee:0b:31:cc:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=605abb253b766dcd7f16d9f01bc119691848eb0e
        Validity
            Not Before: Mar 26 12:00:55 2026 GMT
            Not After : Mar 27 12:00:55 2026 GMT
        Subject: CN=4c336217f8ae31370ebaea99e4cfaaa616a1274d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:94:ca:fe:a1:69:96:06:2a:ac:5b:09:07:fc:
                    22:fa:76:c4:86:ce:70:23:4e:d5:40:9e:6a:dc:f1:
                    90:54:b9:67:f9:de:e7:fa:0a:6e:bc:6a:82:e1:87:
                    fa:19:17:bd:7d:c8:c0:03:77:fd:91:f8:97:29:35:
                    63:ac:4e:47:e3:34:d4:ca:38:13:27:a9:31:05:82:
                    6a:5c:0b:36:1e:fc:5c:9c:47:d3:c6:3c:86:f7:dc:
                    4e:c2:ec:16:33:eb:db:3d:5c:3e:6c:ad:96:ca:84:
                    3e:8a:5b:d9:59:c0:67:cb:1c:a4:80:12:8d:1d:c9:
                    b7:50:e7:bd:16:ec:19:a4:3a:3e:66:11:26:32:6a:
                    ca:05:c3:59:ec:b4:e7:40:cf:19:b7:25:4f:86:9e:
                    8e:75:81:c9:78:d8:7d:6d:7c:da:91:67:2a:c6:41:
                    89:5f:ff:e7:8d:74:0f:08:9d:84:3b:72:4c:c8:b1:
                    4f:0c:f5:bc:2d:6a:68:0a:64:11:f0:bc:13:d0:fd:
                    d3:f0:db:6c:2b:ba:d9:46:cd:e5:61:ef:ee:03:de:
                    61:96:1d:ef:d5:5c:94:b7:54:b9:d9:50:e9:6b:1b:
                    0a:63:b6:01:55:27:7d:1c:7b:1d:ff:a2:c1:0c:b7:
                    30:44:68:85:8c:51:00:cb:9f:3b:96:c9:be:6b:e7:
                    d0:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:33:62:17:F8:AE:31:37:0E:BA:EA:99:E4:CF:AA:A6:16:A1:27:4D
            X509v3 Authority Key Identifier:
                keyid:60:5A:BB:25:3B:76:6D:CD:7F:16:D9:F0:1B:C1:19:69:18:48:EB:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFq7JTt2bc1_FtnwG8EZaRhI6w4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:bb:0d:b5:de:18:ec:0b:81:6a:36:41:98:80:81:64:ff:0f:
         89:78:ba:60:e5:bf:55:79:38:00:e3:ac:3e:b1:03:43:c6:b4:
         44:5c:de:e4:35:2a:c1:ea:6c:4d:25:d9:3d:2e:c6:ce:8b:6d:
         4e:6c:47:55:b9:ab:0c:44:4f:79:a6:46:a5:a6:c3:39:2a:65:
         a8:16:62:84:12:fb:7d:a1:21:a1:77:3b:1c:43:fb:66:f3:c4:
         17:f7:b4:30:45:c8:41:a0:4f:e6:82:f3:c1:78:e8:41:9a:0b:
         a0:2e:90:c9:bd:c8:69:61:c7:61:86:ff:9f:f3:81:ce:58:48:
         f7:f3:8a:6e:3d:aa:23:bc:0d:46:1a:e6:12:a5:be:42:c8:56:
         a8:14:43:c7:fe:24:20:bb:2b:7b:84:d0:9a:06:05:22:52:f5:
         f0:d9:1c:d6:77:ab:00:76:fb:85:f6:c8:0b:80:b5:f1:82:01:
         07:64:f7:41:73:c6:e0:de:36:6b:84:9f:cb:56:82:64:83:dd:
         4e:18:d1:bb:09:7b:96:6b:98:2e:a7:dd:a7:0f:4d:3e:08:5f:
         80:ca:e9:66:68:cc:25:0e:d4:14:86:cf:61:d8:7a:6c:19:d0:
         90:8d:34:b9:bd:e3:4d:e6:31:6d:d5:e9:18:af:b7:49:b9:26:
         0b:0e:ad:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qBN+UTjr1p2dRn+4LMcx6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNWFiYjI1M2I3NjZkY2Q3ZjE2ZDlmMDFiYzExOTY5MTg0
OGViMGUwHhcNMjYwMzI2MTIwMDU1WhcNMjYwMzI3MTIwMDU1WjAzMTEwLwYDVQQD
Eyg0YzMzNjIxN2Y4YWUzMTM3MGViYWVhOTllNGNmYWFhNjE2YTEyNzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZTK/qFplgYqrFsJB/wi+nbEhs5w
I07VQJ5q3PGQVLln+d7n+gpuvGqC4Yf6GRe9fcjAA3f9kfiXKTVjrE5H4zTUyjgT
J6kxBYJqXAs2HvxcnEfTxjyG99xOwuwWM+vbPVw+bK2WyoQ+ilvZWcBnyxykgBKN
Hcm3UOe9FuwZpDo+ZhEmMmrKBcNZ7LTnQM8ZtyVPhp6OdYHJeNh9bXzakWcqxkGJ
X//njXQPCJ2EO3JMyLFPDPW8LWpoCmQR8LwT0P3T8NtsK7rZRs3lYe/uA95hlh3v
1VyUt1S52VDpaxsKY7YBVSd9HHsd/6LBDLcwRGiFjFEAy587lsm+a+fQ6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEwzYhf4rjE3DrrqmeTPqqYWoSdNMB8GA1UdIwQY
MBaAFGBauyU7dm3NfxbZ8BvBGWkYSOsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZxN0pUdDJiYzFfRnRud0c4RVphUmhJNnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS82NjY2NzAtZDBmMS00NGEzLWI5M2Et
NTAxMTFjNDI5MmQwLzEvWUZxN0pUdDJiYzFfRnRud0c4RVphUmhJNnc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS82NjY2NzAtZDBmMS00NGEzLWI5M2EtNTAxMTFjNDI5MmQw
LzEvWUZxN0pUdDJiYzFfRnRud0c4RVphUmhJNnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHLsNtd4Y
7AuBajZBmICBZP8PiXi6YOW/VXk4AOOsPrEDQ8a0RFze5DUqwepsTSXZPS7Gzott
TmxHVbmrDERPeaZGpabDOSplqBZihBL7faEhoXc7HEP7ZvPEF/e0MEXIQaBP5oLz
wXjoQZoLoC6Qyb3IaWHHYYb/n/OBzlhI9/OKbj2qI7wNRhrmEqW+QshWqBRDx/4k
ILsre4TQmgYFIlL18Nkc1nerAHb7hfbIC4C18YIBB2T3QXPG4N42a4Sfy1aCZIPd
ThjRuwl7lmuYLqfdpw9NPghfgMrpZmjMJQ7UFIbPYdh6bBnQkI00ub3jTeYxbdXp
GK+3SbkmCw6t3g==
-----END CERTIFICATE-----