Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
File:                     yO91rieylt0KS84TZH2LWJv06cM.mft (raw, json)
Hash identifier:          SsrgctSpFTr+s2V3GuEo9YW6YQFIqBsiERWNl/uG1KU=
Subject key identifier:   A8:F8:E1:A3:02:00:EB:55:EF:90:9B:9E:36:2C:30:45:69:65:5D:40
Authority key identifier: C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3
Certificate issuer:       /CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
Certificate serial:       019D26CCAF518E3DDA0423158DDBE21EC690
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
Manifest number:          13F3
Signing time:             Wed 25 Mar 2026 21:00:41 +0000
Manifest this update:     Wed 25 Mar 2026 21:00:41 +0000
Manifest next update:     Thu 26 Mar 2026 21:00:41 +0000
Files and hashes:         1: yO91rieylt0KS84TZH2LWJv06cM.crl (hash: rb0cn2O0qwT8wwB/ojrXF/oyCKVKwjhVFlrPd9SZzYA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 21:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:cc:af:51:8e:3d:da:04:23:15:8d:db:e2:1e:c6:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
        Validity
            Not Before: Mar 25 21:00:41 2026 GMT
            Not After : Mar 26 21:00:41 2026 GMT
        Subject: CN=a8f8e1a30200eb55ef909b9e362c304569655d40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:d4:e2:a8:20:b7:c1:75:82:3b:bd:69:fd:d3:
                    c7:f3:46:2b:8a:2e:3e:ca:66:3f:b3:1e:16:9e:32:
                    0c:de:83:70:9f:6d:30:75:e6:64:ab:9e:da:02:57:
                    ad:d3:bb:c3:e2:26:71:c6:d7:42:cd:29:e6:6e:ba:
                    44:0b:8f:1d:08:e0:74:b5:52:3b:d8:7b:fd:76:6c:
                    09:ff:8f:02:da:4f:65:f6:6e:f6:dd:b8:08:36:0f:
                    c4:bf:d2:48:35:78:c4:2c:ab:2e:0b:08:39:f0:20:
                    5f:69:4d:db:e1:b2:fd:d9:db:8c:9d:4f:79:75:d7:
                    de:f5:b3:bd:c4:fe:8c:82:f5:48:b6:db:74:a2:ac:
                    d5:7f:22:08:d8:6b:a7:69:d6:ed:5e:a8:04:25:23:
                    a1:24:0c:11:67:26:83:9a:a3:83:10:d7:8b:31:5b:
                    c0:31:62:db:a1:19:79:5f:d4:13:9d:a9:c3:b3:e5:
                    b7:bb:75:62:a0:d7:44:dd:d9:3e:7a:2b:80:c4:1b:
                    fc:d2:6e:49:d5:fc:aa:e6:48:e7:42:23:bc:2f:68:
                    c9:13:88:9a:b6:4d:28:2b:12:eb:83:3d:b6:a1:31:
                    8a:57:af:3f:31:2f:6a:e5:5a:fe:20:8e:26:81:d5:
                    f2:7b:ed:64:3d:f8:17:6f:08:d2:98:cd:cf:68:b0:
                    b1:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:F8:E1:A3:02:00:EB:55:EF:90:9B:9E:36:2C:30:45:69:65:5D:40
            X509v3 Authority Key Identifier:
                keyid:C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:ba:75:f4:24:c9:d8:83:98:c3:9a:a8:1a:8f:52:66:58:30:
         d2:8d:60:b0:36:6d:41:50:95:fb:33:3d:66:26:10:ae:64:6a:
         c8:43:0c:42:d4:92:b9:a2:ec:69:62:c6:f7:36:ab:02:6b:8a:
         95:32:ee:73:e5:67:c6:f1:c8:1e:ea:e5:b7:97:33:a5:54:a2:
         32:51:6a:07:68:70:2f:49:e2:76:63:75:bd:02:3d:4c:c1:df:
         b5:b7:6d:f5:d3:d7:43:02:8c:61:36:0e:11:18:84:2c:13:4f:
         ed:a6:08:75:01:61:4e:41:17:7b:e0:31:4b:4e:3c:71:3d:cf:
         32:ed:8d:68:d5:ba:96:fa:f4:62:66:3c:61:9e:6f:ef:40:e9:
         40:a7:38:05:6a:22:30:92:09:93:cb:f9:61:c7:6c:09:7a:47:
         54:c7:c1:db:8a:6c:cb:7e:0a:84:20:1f:50:85:4d:cd:40:6a:
         83:23:20:01:02:30:7f:3c:e1:cc:0a:10:84:27:1a:62:ee:3c:
         ed:88:a9:05:59:86:3f:a1:e9:5f:0a:24:4e:42:61:3b:d7:b8:
         54:ce:77:26:d3:dc:93:35:19:47:81:94:d9:5f:85:db:ed:f1:
         11:e1:6e:50:6c:41:5f:b0:a1:e1:21:3f:c0:47:3f:90:ee:71:
         58:8b:25:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mzK9Rjj3aBCMVjdviHsaQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZWY3NWFlMjdiMjk2ZGQwYTRiY2UxMzY0N2Q4YjU4OWJm
NGU5YzMwHhcNMjYwMzI1MjEwMDQxWhcNMjYwMzI2MjEwMDQxWjAzMTEwLwYDVQQD
EyhhOGY4ZTFhMzAyMDBlYjU1ZWY5MDliOWUzNjJjMzA0NTY5NjU1ZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdTiqCC3wXWCO71p/dPH80Yrii4+
ymY/sx4WnjIM3oNwn20wdeZkq57aAlet07vD4iZxxtdCzSnmbrpEC48dCOB0tVI7
2Hv9dmwJ/48C2k9l9m723bgINg/Ev9JINXjELKsuCwg58CBfaU3b4bL92duMnU95
ddfe9bO9xP6MgvVIttt0oqzVfyII2GunadbtXqgEJSOhJAwRZyaDmqODENeLMVvA
MWLboRl5X9QTnanDs+W3u3VioNdE3dk+eiuAxBv80m5J1fyq5kjnQiO8L2jJE4ia
tk0oKxLrgz22oTGKV68/MS9q5Vr+II4mgdXye+1kPfgXbwjSmM3PaLCxIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKj44aMCAOtV75CbnjYsMEVpZV1AMB8GA1UdIwQY
MBaAFMjvda4nspbdCkvOE2R9i1ib9OnDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYt
NzczNTFkMDg1MGM5LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYtNzczNTFkMDg1MGM5
LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXLp19CTJ
2IOYw5qoGo9SZlgw0o1gsDZtQVCV+zM9ZiYQrmRqyEMMQtSSuaLsaWLG9zarAmuK
lTLuc+VnxvHIHurlt5czpVSiMlFqB2hwL0nidmN1vQI9TMHftbdt9dPXQwKMYTYO
ERiELBNP7aYIdQFhTkEXe+AxS048cT3PMu2NaNW6lvr0YmY8YZ5v70DpQKc4BWoi
MJIJk8v5YcdsCXpHVMfB24psy34KhCAfUIVNzUBqgyMgAQIwfzzhzAoQhCcaYu48
7YipBVmGP6HpXwokTkJhO9e4VM53JtPckzUZR4GU2V+F2+3xEeFuUGxBX7Ch4SE/
wEc/kO5xWIslLg==
-----END CERTIFICATE-----