Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
File:                     y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft (raw, json)
Hash identifier:          m4DcBrgVOS+v5PvylivnyW9gM5rjVvGSbtbRFqFx3r4=
Subject key identifier:   11:A2:32:E1:7C:46:65:D7:C6:1A:37:30:CE:38:6D:F8:17:D1:7A:7E
Authority key identifier: CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42
Certificate issuer:       /CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
Certificate serial:       019D2703A877B053F8226858673E985D97C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
Manifest number:          1882
Signing time:             Wed 25 Mar 2026 22:00:44 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:44 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:44 +0000
Files and hashes:         1: y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl (hash: tk/FtreGeWX/baoYespICl+G9CaRp61a1yqV8Fw4SLg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:a8:77:b0:53:f8:22:68:58:67:3e:98:5d:97:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
        Validity
            Not Before: Mar 25 22:00:44 2026 GMT
            Not After : Mar 26 22:00:44 2026 GMT
        Subject: CN=11a232e17c4665d7c61a3730ce386df817d17a7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:b2:2f:32:a9:57:4a:a9:4c:8e:62:f0:da:6d:
                    cb:c5:79:81:d2:28:9e:d2:6f:aa:94:93:92:bf:dd:
                    d2:e2:78:59:8d:08:cc:8b:d1:b5:2a:40:70:2c:f9:
                    84:34:51:fb:16:5f:f4:62:5c:d1:f6:cc:8d:d3:81:
                    b8:19:72:fa:26:81:1a:31:85:d9:29:e7:ae:ed:d3:
                    3a:17:0a:60:63:a8:48:3e:f8:b1:82:9b:c2:e3:79:
                    a8:8a:8d:12:ef:11:9e:bd:43:ee:97:da:fb:47:b0:
                    26:f0:15:17:91:c3:2d:1e:ab:6d:de:b6:d3:20:a8:
                    07:fd:2f:bf:44:d1:a4:2e:4f:9f:66:51:fd:20:54:
                    16:49:3b:b4:ac:90:8d:0f:2c:48:21:43:6d:77:fe:
                    1a:ae:4d:98:95:31:56:10:41:38:aa:62:59:c7:d3:
                    a2:bc:e4:73:d2:26:0c:ce:67:b6:e6:7e:60:67:d6:
                    21:de:7c:ec:71:0b:82:38:9c:5c:bb:32:3f:80:d7:
                    74:d1:19:46:05:3e:cc:00:fe:af:12:ce:0e:fb:ea:
                    d6:4f:8d:b5:30:a3:39:d8:53:8f:cd:f1:b5:28:03:
                    f6:9f:5e:32:23:71:96:35:ca:4f:8c:01:8e:6a:99:
                    27:a8:41:fa:04:e4:6d:99:c9:bc:dc:2a:ca:64:c3:
                    2d:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:A2:32:E1:7C:46:65:D7:C6:1A:37:30:CE:38:6D:F8:17:D1:7A:7E
            X509v3 Authority Key Identifier:
                keyid:CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:c4:6b:cf:a3:28:f1:12:30:a3:2f:dd:3b:4a:d9:61:7b:33:
         06:1c:6b:10:fc:99:70:f0:48:f0:e1:02:04:e7:f1:83:4f:f1:
         2b:39:2c:f8:eb:ef:50:fc:5f:5a:da:b9:ce:e3:4b:ba:9c:7f:
         08:af:1b:81:2f:92:bb:c7:28:39:5e:38:f1:0a:75:da:0d:aa:
         2d:97:49:1b:28:e9:9f:c6:62:5d:80:d7:3d:6b:8a:53:bd:4e:
         16:66:80:3c:2f:2e:36:32:26:78:a0:93:84:60:96:ea:43:9f:
         c4:ba:63:6d:da:8a:1a:ff:77:5c:07:ac:4c:b0:fe:2d:9c:63:
         d1:c5:22:aa:73:f0:e7:74:1d:8b:0f:2d:82:75:2b:6e:c0:7f:
         0c:1b:46:47:8a:29:1c:f8:e5:35:67:7a:6c:14:38:cf:cc:fc:
         74:ca:41:35:08:30:b0:63:29:b8:09:7e:f9:d6:73:9a:64:d6:
         71:e7:95:4c:fa:c0:52:c9:19:74:a4:ab:38:96:49:f2:71:a8:
         09:87:18:f1:0a:42:df:f1:fb:c5:ae:9b:6e:14:d3:10:3f:f2:
         42:bb:45:51:ca:3d:71:4f:c2:9c:bc:81:0b:2e:55:97:79:2e:
         78:c9:39:5d:92:b1:61:c4:3d:99:a7:9e:78:4b:f1:42:3f:6a:
         fd:17:a3:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA6h3sFP4ImhYZz6YXZfBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYzJlYmRhM2FiMDg1MTBlYmU5YTEwZTYwYmUyMzE2MDIy
OGE5NDIwHhcNMjYwMzI1MjIwMDQ0WhcNMjYwMzI2MjIwMDQ0WjAzMTEwLwYDVQQD
EygxMWEyMzJlMTdjNDY2NWQ3YzYxYTM3MzBjZTM4NmRmODE3ZDE3YTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7IvMqlXSqlMjmLw2m3LxXmB0iie
0m+qlJOSv93S4nhZjQjMi9G1KkBwLPmENFH7Fl/0YlzR9syN04G4GXL6JoEaMYXZ
Keeu7dM6FwpgY6hIPvixgpvC43moio0S7xGevUPul9r7R7Am8BUXkcMtHqtt3rbT
IKgH/S+/RNGkLk+fZlH9IFQWSTu0rJCNDyxIIUNtd/4ark2YlTFWEEE4qmJZx9Oi
vORz0iYMzme25n5gZ9Yh3nzscQuCOJxcuzI/gNd00RlGBT7MAP6vEs4O++rWT421
MKM52FOPzfG1KAP2n14yI3GWNcpPjAGOapknqEH6BORtmcm83CrKZMMtxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBGiMuF8RmXXxho3MM44bfgX0Xp+MB8GA1UdIwQY
MBaAFMvC69o6sIUQ6+mhDmC+IxYCKKlCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2Et
NzQ2MzgxNWEzZjRlLzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2EtNzQ2MzgxNWEzZjRl
LzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABcRrz6Mo
8RIwoy/dO0rZYXszBhxrEPyZcPBI8OECBOfxg0/xKzks+OvvUPxfWtq5zuNLupx/
CK8bgS+Su8coOV448Qp12g2qLZdJGyjpn8ZiXYDXPWuKU71OFmaAPC8uNjImeKCT
hGCW6kOfxLpjbdqKGv93XAesTLD+LZxj0cUiqnPw53Qdiw8tgnUrbsB/DBtGR4op
HPjlNWd6bBQ4z8z8dMpBNQgwsGMpuAl++dZzmmTWceeVTPrAUskZdKSrOJZJ8nGo
CYcY8QpC3/H7xa6bbhTTED/yQrtFUco9cU/CnLyBCy5Vl3kueMk5XZKxYcQ9maee
eEvxQj9q/RejmA==
-----END CERTIFICATE-----