Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
File:                     ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft (raw, json)
Hash identifier:          9P2BUSCBE4Jo/oM5zYv1cQtwygZXGCii0SWKPL8pHf8=
Subject key identifier:   05:18:18:99:52:ED:BA:C9:D1:E1:CE:28:F9:C2:C8:F9:D7:4C:12:25
Authority key identifier: CA:45:7E:11:73:C4:E8:51:B9:2D:3C:8E:E9:96:71:51:94:8A:9A:E9
Certificate issuer:       /CN=ca457e1173c4e851b92d3c8ee9967151948a9ae9
Certificate serial:       019D25BAB17AF31C43E7403D1D8F9E74478B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
Manifest number:          1882
Signing time:             Wed 25 Mar 2026 16:01:25 +0000
Manifest this update:     Wed 25 Mar 2026 16:01:25 +0000
Manifest next update:     Thu 26 Mar 2026 16:01:25 +0000
Files and hashes:         1: ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl (hash: /kViyFJwi/xUSyrJ42eC2EROgM5IG1dyGwyNVltrmkU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:ba:b1:7a:f3:1c:43:e7:40:3d:1d:8f:9e:74:47:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca457e1173c4e851b92d3c8ee9967151948a9ae9
        Validity
            Not Before: Mar 25 16:01:25 2026 GMT
            Not After : Mar 26 16:01:25 2026 GMT
        Subject: CN=0518189952edbac9d1e1ce28f9c2c8f9d74c1225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:4b:a6:eb:86:67:ba:a5:6c:dc:c5:4b:59:16:
                    c5:84:e1:54:fa:cc:83:df:42:72:32:0a:a4:58:2e:
                    5c:03:18:91:e7:82:78:ea:8b:02:9f:85:19:67:c4:
                    96:78:99:75:38:29:6e:d6:ea:7f:97:5f:73:b4:83:
                    c7:5d:17:b1:ad:7c:88:4e:5d:c6:01:ba:f2:f3:8e:
                    f5:9c:33:22:4c:d2:3d:0c:91:cf:24:a5:23:80:7b:
                    8b:6b:49:71:8e:3f:7a:a8:9e:72:61:6e:4b:5e:f1:
                    47:ba:8d:25:89:bf:f1:12:54:66:05:cb:72:68:7c:
                    21:c6:2f:0a:a0:02:b6:80:91:ea:11:63:bf:38:04:
                    5f:0b:fe:3f:8c:64:83:09:c1:14:a4:0b:c0:82:93:
                    48:dd:f3:77:80:ea:14:9a:bd:23:7d:53:07:69:01:
                    ac:fc:4d:83:ef:d9:52:15:86:fe:b2:5e:e3:db:3f:
                    77:0a:89:4d:60:46:13:8f:44:1f:17:34:38:0d:bd:
                    35:ca:89:06:9b:52:f3:f3:8c:ed:a9:07:2f:b6:90:
                    28:5a:58:a3:1e:4a:5f:35:f5:17:e2:a8:4d:2e:9d:
                    b0:4c:99:b9:ee:13:44:2c:50:e1:a9:cb:97:87:27:
                    f1:0f:c6:74:ce:8a:48:2a:10:56:a3:22:69:36:81:
                    28:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:18:18:99:52:ED:BA:C9:D1:E1:CE:28:F9:C2:C8:F9:D7:4C:12:25
            X509v3 Authority Key Identifier:
                keyid:CA:45:7E:11:73:C4:E8:51:B9:2D:3C:8E:E9:96:71:51:94:8A:9A:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:e4:15:79:c5:03:87:e0:dc:c9:be:52:aa:68:e0:ae:90:c8:
         b9:71:3e:11:89:ba:7d:3c:17:d0:9f:d5:56:01:8b:8b:03:bd:
         14:74:92:e4:7f:21:a1:71:01:a9:d2:ea:99:cb:6c:ff:68:6c:
         e8:35:b4:bd:0c:4d:dc:93:38:69:5c:a6:8c:79:1a:d8:c3:89:
         2e:53:7f:50:e2:ca:7d:79:60:fc:4c:1b:b6:03:c3:ac:48:2e:
         fb:08:f0:5d:c5:b1:dd:b5:8c:7c:bf:0b:d2:ff:41:39:63:45:
         78:9b:f1:1b:b4:45:f5:6a:55:30:44:6a:d6:65:9a:e1:ca:b0:
         db:a6:0c:ea:b8:2f:02:13:0b:43:8b:a6:f5:58:83:8a:e3:54:
         b4:da:ff:3b:fd:20:bd:0e:b4:3c:57:52:85:dd:56:8c:77:0c:
         a3:7d:7c:2b:d2:48:53:b7:4b:8e:52:5c:8e:ec:fd:72:40:56:
         6e:50:36:8b:f1:9c:2d:a1:8e:59:61:d4:96:36:51:65:cf:64:
         ee:78:20:53:11:28:85:b2:eb:cd:97:95:da:c7:9a:86:a2:02:
         1f:10:56:b4:0a:73:0c:97:f3:22:49:65:ac:d4:44:83:75:55:
         2f:42:31:05:16:f4:c5:73:0b:54:b4:a5:4b:f5:00:a0:77:5e:
         b9:90:e4:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lurF68xxD50A9HY+edEeLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNDU3ZTExNzNjNGU4NTFiOTJkM2M4ZWU5OTY3MTUxOTQ4
YTlhZTkwHhcNMjYwMzI1MTYwMTI1WhcNMjYwMzI2MTYwMTI1WjAzMTEwLwYDVQQD
EygwNTE4MTg5OTUyZWRiYWM5ZDFlMWNlMjhmOWMyYzhmOWQ3NGMxMjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkum64ZnuqVs3MVLWRbFhOFU+syD
30JyMgqkWC5cAxiR54J46osCn4UZZ8SWeJl1OClu1up/l19ztIPHXRexrXyITl3G
Abry8471nDMiTNI9DJHPJKUjgHuLa0lxjj96qJ5yYW5LXvFHuo0lib/xElRmBcty
aHwhxi8KoAK2gJHqEWO/OARfC/4/jGSDCcEUpAvAgpNI3fN3gOoUmr0jfVMHaQGs
/E2D79lSFYb+sl7j2z93ColNYEYTj0QfFzQ4Db01yokGm1Lz84ztqQcvtpAoWlij
HkpfNfUX4qhNLp2wTJm57hNELFDhqcuXhyfxD8Z0zopIKhBWoyJpNoEo/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAUYGJlS7brJ0eHOKPnCyPnXTBIlMB8GA1UdIwQY
MBaAFMpFfhFzxOhRuS08jumWcVGUiprpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZmJiNjktOWI3ZS00M2JlLTg5MDQt
MTlkZTJjMTgzYzA1LzEveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ZmJiNjktOWI3ZS00M2JlLTg5MDQtMTlkZTJjMTgzYzA1
LzEveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtuQVecUD
h+Dcyb5SqmjgrpDIuXE+EYm6fTwX0J/VVgGLiwO9FHSS5H8hoXEBqdLqmcts/2hs
6DW0vQxN3JM4aVymjHka2MOJLlN/UOLKfXlg/EwbtgPDrEgu+wjwXcWx3bWMfL8L
0v9BOWNFeJvxG7RF9WpVMERq1mWa4cqw26YM6rgvAhMLQ4um9ViDiuNUtNr/O/0g
vQ60PFdShd1WjHcMo318K9JIU7dLjlJcjuz9ckBWblA2i/GcLaGOWWHUljZRZc9k
7nggUxEohbLrzZeV2seahqICHxBWtApzDJfzIkllrNREg3VVL0IxBRb0xXMLVLSl
S/UAoHdeuZDkog==
-----END CERTIFICATE-----