Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft
File:                     yFiMcrJRDxd7g18gHjNl7PnkWh0.mft (raw, json)
Hash identifier:          mNIybTP+MIhOskg/3uewfM7PWMMAQ3V8EP3w5fN6rvg=
Subject key identifier:   8E:10:FA:59:69:7B:44:06:51:2B:66:F4:9A:D7:14:68:59:A7:D8:76
Authority key identifier: C8:58:8C:72:B2:51:0F:17:7B:83:5F:20:1E:33:65:EC:F9:E4:5A:1D
Certificate issuer:       /CN=c8588c72b2510f177b835f201e3365ecf9e45a1d
Certificate serial:       019D2997168C3348B4047286CF7501A743A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yFiMcrJRDxd7g18gHjNl7PnkWh0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft
Manifest number:          1238
Signing time:             Thu 26 Mar 2026 10:01:00 +0000
Manifest this update:     Thu 26 Mar 2026 10:01:00 +0000
Manifest next update:     Fri 27 Mar 2026 10:01:00 +0000
Files and hashes:         1: yFiMcrJRDxd7g18gHjNl7PnkWh0.crl (hash: pyYyTW5XDR+rmHwb12M+vcm0tqo6MR9T/0E3zfKu1lA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yFiMcrJRDxd7g18gHjNl7PnkWh0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:97:16:8c:33:48:b4:04:72:86:cf:75:01:a7:43:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8588c72b2510f177b835f201e3365ecf9e45a1d
        Validity
            Not Before: Mar 26 10:01:00 2026 GMT
            Not After : Mar 27 10:01:00 2026 GMT
        Subject: CN=8e10fa59697b4406512b66f49ad7146859a7d876
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:76:3b:cd:2f:ef:a5:05:c4:86:c3:2a:4c:26:
                    c8:71:d5:1a:49:5e:8a:21:22:91:75:1c:7f:e9:07:
                    3b:d4:31:7c:07:78:df:27:25:fd:30:37:ca:74:37:
                    ab:bc:07:76:a2:f2:67:14:f0:25:65:63:77:20:82:
                    06:fc:88:da:9b:f0:23:a8:f8:85:21:27:57:17:89:
                    da:30:c7:89:8e:a6:cd:dd:00:25:e7:1c:14:3e:85:
                    26:38:20:04:6d:cb:bb:a0:88:f1:e4:93:3b:a9:08:
                    e4:fe:d4:cd:01:a9:24:7a:03:7b:0b:bb:65:b3:b1:
                    dc:61:e0:50:93:82:47:4e:c8:44:a2:18:50:63:63:
                    58:21:76:72:78:dd:45:ac:dc:b6:a3:82:40:f6:0c:
                    6d:bf:24:72:ab:6f:5a:90:81:ca:3e:78:15:0c:7f:
                    58:4c:1c:12:e1:0d:a0:96:ea:d0:dc:1e:18:a5:30:
                    4f:53:8d:49:e8:68:0a:76:fe:5f:8e:77:12:f6:ca:
                    a3:52:f9:08:fa:07:54:3d:f2:30:b7:f6:41:a2:98:
                    58:33:71:a8:f6:4d:3e:15:c6:bc:99:99:10:2d:c4:
                    89:c6:34:f2:df:14:7d:b7:35:9b:76:3a:88:d7:54:
                    64:a1:87:3e:b5:d5:c0:19:06:1a:d8:79:00:42:f0:
                    d7:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:10:FA:59:69:7B:44:06:51:2B:66:F4:9A:D7:14:68:59:A7:D8:76
            X509v3 Authority Key Identifier:
                keyid:C8:58:8C:72:B2:51:0F:17:7B:83:5F:20:1E:33:65:EC:F9:E4:5A:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yFiMcrJRDxd7g18gHjNl7PnkWh0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:19:34:b0:ff:28:77:db:e2:97:d4:6a:3f:40:d3:68:ce:3b:
         e1:57:e7:d3:1f:1a:0e:c9:e7:1a:b4:f2:de:94:3f:0a:f7:57:
         3d:c5:65:4e:0d:9d:f0:23:07:5b:4f:2a:fc:50:ff:88:7e:92:
         44:7d:65:eb:dc:9b:78:72:1b:31:ee:cd:6b:69:c8:80:2a:c1:
         ad:3a:dc:c7:9a:80:28:dd:fc:54:bc:d8:a6:e2:4f:44:3a:dd:
         e6:f5:28:cb:c7:0a:e9:e9:e6:ae:86:42:99:2b:af:e4:95:31:
         b5:f4:88:be:af:10:5d:3f:ee:07:d0:7c:d2:55:b0:39:91:a7:
         f0:f7:f0:f3:b1:6d:91:0a:eb:8a:f4:be:4f:ad:24:7d:1e:77:
         8d:06:03:c3:93:a1:8a:6a:ec:4c:20:df:df:a5:c7:fc:be:18:
         a4:b2:84:5b:62:c3:4f:a9:21:fb:1f:38:d3:ef:1e:9b:a0:66:
         eb:a1:ce:1a:85:7c:7f:8e:26:2b:32:02:cc:2f:84:6e:14:94:
         af:94:ff:46:ef:b5:91:df:2b:0f:03:0e:0d:bd:9f:fb:a1:39:
         a0:a5:88:70:01:53:13:fb:5b:4b:37:c6:96:de:57:8d:09:af:
         5b:ae:ff:a4:a3:c1:09:2b:b3:b1:71:23:8f:da:c1:5f:ce:d2:
         5b:ae:0b:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0plxaMM0i0BHKGz3UBp0OlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NTg4YzcyYjI1MTBmMTc3YjgzNWYyMDFlMzM2NWVjZjll
NDVhMWQwHhcNMjYwMzI2MTAwMTAwWhcNMjYwMzI3MTAwMTAwWjAzMTEwLwYDVQQD
Eyg4ZTEwZmE1OTY5N2I0NDA2NTEyYjY2ZjQ5YWQ3MTQ2ODU5YTdkODc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3Y7zS/vpQXEhsMqTCbIcdUaSV6K
ISKRdRx/6Qc71DF8B3jfJyX9MDfKdDervAd2ovJnFPAlZWN3IIIG/Ijam/AjqPiF
ISdXF4naMMeJjqbN3QAl5xwUPoUmOCAEbcu7oIjx5JM7qQjk/tTNAakkegN7C7tl
s7HcYeBQk4JHTshEohhQY2NYIXZyeN1FrNy2o4JA9gxtvyRyq29akIHKPngVDH9Y
TBwS4Q2glurQ3B4YpTBPU41J6GgKdv5fjncS9sqjUvkI+gdUPfIwt/ZBophYM3Go
9k0+Fca8mZkQLcSJxjTy3xR9tzWbdjqI11RkoYc+tdXAGQYa2HkAQvDXwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI4Q+llpe0QGUStm9JrXFGhZp9h2MB8GA1UdIwQY
MBaAFMhYjHKyUQ8Xe4NfIB4zZez55FodMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUZpTWNySlJEeGQ3ZzE4Z0hqTmw3UG5rV2gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi85M2IzOGUtNjQwMC00ZTZkLWEwZWIt
MDQ5Y2MxZmNlMzdlLzEveUZpTWNySlJEeGQ3ZzE4Z0hqTmw3UG5rV2gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi85M2IzOGUtNjQwMC00ZTZkLWEwZWItMDQ5Y2MxZmNlMzdl
LzEveUZpTWNySlJEeGQ3ZzE4Z0hqTmw3UG5rV2gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdxk0sP8o
d9vil9RqP0DTaM474Vfn0x8aDsnnGrTy3pQ/CvdXPcVlTg2d8CMHW08q/FD/iH6S
RH1l69ybeHIbMe7Na2nIgCrBrTrcx5qAKN38VLzYpuJPRDrd5vUoy8cK6enmroZC
mSuv5JUxtfSIvq8QXT/uB9B80lWwOZGn8Pfw87FtkQrrivS+T60kfR53jQYDw5Oh
imrsTCDf36XH/L4YpLKEW2LDT6kh+x840+8em6Bm66HOGoV8f44mKzICzC+EbhSU
r5T/Ru+1kd8rDwMODb2f+6E5oKWIcAFTE/tbSzfGlt5XjQmvW67/pKPBCSuzsXEj
j9rBX87SW64L4w==
-----END CERTIFICATE-----