Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
File:                     Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft (raw, json)
Hash identifier:          7Ew/JKrI8HgwdXgoWu5fAV4s91jvbQPC2st0PBmI2Zk=
Subject key identifier:   29:43:01:03:1F:79:49:AD:C4:49:33:8F:C6:61:AF:59:34:16:48:CA
Authority key identifier: 63:EF:6B:DB:C4:2A:D0:6D:EF:DA:D7:26:79:41:43:46:D8:D0:48:DF
Certificate issuer:       /CN=63ef6bdbc42ad06defdad72679414346d8d048df
Certificate serial:       019D2703BA80B06A4C90D598D0358C955F0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
Manifest number:          1881
Signing time:             Wed 25 Mar 2026 22:00:48 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:48 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:48 +0000
Files and hashes:         1: Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl (hash: NmFFsOQxMzirm+vwHeIv2e8kth7EmX5CuI6Lmrw3fGk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:ba:80:b0:6a:4c:90:d5:98:d0:35:8c:95:5f:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63ef6bdbc42ad06defdad72679414346d8d048df
        Validity
            Not Before: Mar 25 22:00:48 2026 GMT
            Not After : Mar 26 22:00:48 2026 GMT
        Subject: CN=294301031f7949adc449338fc661af59341648ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:94:28:ac:65:56:91:dd:78:38:91:42:67:06:
                    e1:9e:36:7f:6a:09:1f:0c:ff:29:e4:75:3a:c2:3e:
                    0d:b4:74:9f:f8:24:2b:c8:08:cc:d2:1b:23:42:ad:
                    de:a8:2d:50:b3:0e:63:77:d3:04:fa:42:a6:e3:7c:
                    d7:bd:53:68:e6:a9:0e:90:6b:96:7e:1d:57:dc:9c:
                    83:c8:36:d9:e3:eb:9f:6c:4d:9c:12:5d:ef:e7:63:
                    3c:e3:16:ac:f8:1f:c1:09:68:e6:de:af:5a:28:48:
                    3b:29:1c:9a:c5:86:a4:d2:a0:77:71:f1:4f:99:61:
                    f1:e8:43:c0:bb:9d:39:8b:77:33:6a:8c:fa:8d:c8:
                    03:1c:ed:a2:1a:30:df:c7:2d:1c:3b:9d:2f:4d:39:
                    3f:19:33:98:72:04:3b:10:59:40:90:d1:57:bc:d9:
                    86:52:de:4b:ea:07:96:5c:2e:7d:f1:14:10:d7:1a:
                    91:c7:70:ae:98:13:e8:8d:24:89:e6:d2:d7:09:b1:
                    b5:c5:25:aa:18:ef:a1:f6:74:fc:60:29:62:b7:35:
                    dc:16:d2:37:8a:09:04:40:c4:c8:ad:2c:a4:71:c3:
                    92:3a:41:81:d9:e4:76:64:90:af:23:f5:f4:2d:18:
                    49:6d:2c:72:f0:d7:5d:92:7f:ee:a4:b6:c9:2f:98:
                    99:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:43:01:03:1F:79:49:AD:C4:49:33:8F:C6:61:AF:59:34:16:48:CA
            X509v3 Authority Key Identifier:
                keyid:63:EF:6B:DB:C4:2A:D0:6D:EF:DA:D7:26:79:41:43:46:D8:D0:48:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:67:1b:9b:ac:4d:ee:17:4c:09:9c:80:ac:18:78:8a:14:ab:
         07:51:6e:86:05:b1:ed:eb:62:66:e0:30:b3:c1:b8:0d:b4:7b:
         d0:24:89:f2:93:5b:1e:fa:0e:a5:d0:3f:09:d5:7d:4d:9a:f3:
         48:52:90:59:76:a6:2f:54:7a:21:3a:0c:5d:9b:2c:d7:bb:c3:
         ce:da:4b:94:8f:0d:17:55:c7:e5:7b:15:7c:23:ea:65:35:a6:
         00:22:fb:7f:da:6b:4a:f5:29:c8:ae:34:d4:61:99:4e:bd:3f:
         07:82:ec:ad:d5:b7:14:c9:d8:bf:17:30:da:a2:73:5d:60:b9:
         a7:cc:3f:6e:e7:4e:6a:e5:55:b2:4a:8a:d5:25:dd:48:4f:6c:
         24:8d:63:5e:a4:f3:16:66:52:95:f7:20:66:84:90:b5:e9:11:
         54:90:eb:f9:18:b6:e4:97:ae:c2:b8:d9:c8:99:58:94:39:c6:
         93:46:77:06:cb:1b:66:79:ba:15:3c:a7:a7:dd:e5:26:fd:da:
         d7:2b:b8:cf:2a:ea:25:b5:e1:19:07:fb:6d:64:e0:d2:4e:ef:
         ea:99:8f:e2:6c:20:2a:8c:9e:68:2d:1d:ea:99:ce:15:91:7f:
         e1:87:42:2e:1d:60:be:95:8d:0c:59:14:2f:ac:78:02:ab:47:
         ca:27:4d:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA7qAsGpMkNWY0DWMlV8MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZWY2YmRiYzQyYWQwNmRlZmRhZDcyNjc5NDE0MzQ2ZDhk
MDQ4ZGYwHhcNMjYwMzI1MjIwMDQ4WhcNMjYwMzI2MjIwMDQ4WjAzMTEwLwYDVQQD
EygyOTQzMDEwMzFmNzk0OWFkYzQ0OTMzOGZjNjYxYWY1OTM0MTY0OGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZQorGVWkd14OJFCZwbhnjZ/agkf
DP8p5HU6wj4NtHSf+CQryAjM0hsjQq3eqC1Qsw5jd9ME+kKm43zXvVNo5qkOkGuW
fh1X3JyDyDbZ4+ufbE2cEl3v52M84xas+B/BCWjm3q9aKEg7KRyaxYak0qB3cfFP
mWHx6EPAu505i3czaoz6jcgDHO2iGjDfxy0cO50vTTk/GTOYcgQ7EFlAkNFXvNmG
Ut5L6geWXC598RQQ1xqRx3CumBPojSSJ5tLXCbG1xSWqGO+h9nT8YClitzXcFtI3
igkEQMTIrSykccOSOkGB2eR2ZJCvI/X0LRhJbSxy8Nddkn/upLbJL5iZiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFClDAQMfeUmtxEkzj8Zhr1k0FkjKMB8GA1UdIwQY
MBaAFGPva9vEKtBt79rXJnlBQ0bY0EjfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81YWI1MTItOTYwNi00MmRjLTllYjUt
MGM4MzY4ZGI5NTYzLzEvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81YWI1MTItOTYwNi00MmRjLTllYjUtMGM4MzY4ZGI5NTYz
LzEvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUGcbm6xN
7hdMCZyArBh4ihSrB1FuhgWx7etiZuAws8G4DbR70CSJ8pNbHvoOpdA/CdV9TZrz
SFKQWXamL1R6IToMXZss17vDztpLlI8NF1XH5XsVfCPqZTWmACL7f9prSvUpyK40
1GGZTr0/B4LsrdW3FMnYvxcw2qJzXWC5p8w/budOauVVskqK1SXdSE9sJI1jXqTz
FmZSlfcgZoSQtekRVJDr+Ri25JeuwrjZyJlYlDnGk0Z3BssbZnm6FTynp93lJv3a
1yu4zyrqJbXhGQf7bWTg0k7v6pmP4mwgKoyeaC0d6pnOFZF/4YdCLh1gvpWNDFkU
L6x4AqtHyidN/Q==
-----END CERTIFICATE-----