Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
File:                     y_nNJDztaTe2vqVxAoFP-bpCZiE.mft (raw, json)
Hash identifier:          3KIIBX0RBsm8FvAQbJ+nU0FGrQtZz9DhwFhELlva1wo=
Subject key identifier:   AF:3C:E3:57:47:6C:5C:5C:16:04:2C:47:8B:C5:62:1E:ED:88:B0:41
Authority key identifier: CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21
Certificate issuer:       /CN=cbf9cd243ced6937b6bea57102814ff9ba426621
Certificate serial:       019D33081F089B6BEFEB11161B8803114FEF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
Manifest number:          1889
Signing time:             Sat 28 Mar 2026 06:01:03 +0000
Manifest this update:     Sat 28 Mar 2026 06:01:03 +0000
Manifest next update:     Sun 29 Mar 2026 06:01:03 +0000
Files and hashes:         1: y_nNJDztaTe2vqVxAoFP-bpCZiE.crl (hash: kfJumV/wu6IR5bFbLy++ocZcFCf2Z2o8PJdZmsxXokQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 06:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:33:08:1f:08:9b:6b:ef:eb:11:16:1b:88:03:11:4f:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbf9cd243ced6937b6bea57102814ff9ba426621
        Validity
            Not Before: Mar 28 06:01:03 2026 GMT
            Not After : Mar 29 06:01:03 2026 GMT
        Subject: CN=af3ce357476c5c5c16042c478bc5621eed88b041
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:3b:ae:95:e9:eb:ac:3b:8c:d4:db:36:5b:58:
                    46:11:80:fe:e8:a0:7c:47:7d:30:c8:ef:3f:c6:26:
                    74:e0:d3:36:29:d6:a4:29:d7:ae:3e:a3:2d:72:ac:
                    0e:9b:1e:93:6d:f4:e7:8a:eb:58:0d:41:e1:da:ff:
                    bf:02:e6:14:8d:5d:72:51:d1:32:83:db:45:74:c5:
                    49:81:27:54:d1:3a:f4:7e:56:30:b4:f0:29:bc:f3:
                    e9:33:4f:ea:86:1b:18:6f:9b:4e:68:57:81:ec:97:
                    8e:56:16:59:9f:85:9e:ab:29:77:64:ee:07:76:a9:
                    f1:0b:51:7c:2f:30:9d:f8:53:a4:61:28:89:38:60:
                    5d:c2:e6:c3:a7:d2:e5:22:cb:8d:7b:9b:42:ba:f3:
                    5a:d5:cd:fe:1a:b6:20:7f:61:65:1f:43:24:be:d1:
                    b5:dd:b8:db:e9:25:f4:da:d7:f4:fd:29:88:f0:32:
                    0d:5c:4d:7d:36:c8:94:3a:1b:e0:ca:52:1f:fd:56:
                    31:44:86:f5:83:a3:74:11:ee:e7:0e:49:d8:c7:95:
                    65:90:07:f2:2a:14:b4:24:6b:06:71:fc:73:88:9c:
                    06:49:b9:ec:1c:23:54:50:0d:b7:94:94:00:70:95:
                    5d:d9:9e:bd:91:b8:1b:e3:30:b0:aa:fe:af:02:2c:
                    90:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:3C:E3:57:47:6C:5C:5C:16:04:2C:47:8B:C5:62:1E:ED:88:B0:41
            X509v3 Authority Key Identifier:
                keyid:CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:b5:0e:e8:2a:fd:df:b3:2c:59:3f:03:90:c7:66:83:40:72:
         10:c6:7d:51:b5:e0:14:68:16:04:8b:a2:d7:c8:f8:f3:cf:d1:
         6a:08:66:42:72:eb:97:8a:a5:3b:ec:4d:a5:f7:d0:89:06:f8:
         87:89:00:49:a4:8e:e0:e1:3e:e6:a1:73:0b:42:54:12:a9:68:
         3d:ba:62:35:8c:b7:38:7c:7c:6e:6c:40:f3:80:db:59:a5:7d:
         46:f1:48:5f:13:cb:5a:e7:53:b7:8f:68:79:fb:0e:b1:c2:73:
         d7:20:bd:9b:16:09:7c:e9:45:1d:c2:71:4a:b5:11:a3:93:85:
         63:27:f6:f8:27:4c:e3:a7:eb:a2:af:09:8c:5c:2c:80:a0:c8:
         8a:1d:28:91:87:4e:c1:c9:43:b9:d1:87:3a:23:19:97:48:43:
         66:ee:bf:b1:bc:8b:04:c8:3d:9e:de:13:f8:85:cf:5b:95:4f:
         6b:0e:db:4d:a8:a5:f8:67:83:7a:b4:30:f0:20:d2:66:c3:2b:
         43:be:a4:62:f5:9d:af:60:b9:02:cc:74:3e:f3:48:23:45:2b:
         f9:46:35:c5:53:5f:3a:10:13:b4:6c:04:b8:fe:a9:c3:b0:b5:
         5a:72:f0:a6:1b:c6:49:19:8e:3c:69:65:97:15:91:b5:47:64:
         35:c3:a2:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zCB8Im2vv6xEWG4gDEU/vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZjljZDI0M2NlZDY5MzdiNmJlYTU3MTAyODE0ZmY5YmE0
MjY2MjEwHhcNMjYwMzI4MDYwMTAzWhcNMjYwMzI5MDYwMTAzWjAzMTEwLwYDVQQD
EyhhZjNjZTM1NzQ3NmM1YzVjMTYwNDJjNDc4YmM1NjIxZWVkODhiMDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TuulenrrDuM1Ns2W1hGEYD+6KB8
R30wyO8/xiZ04NM2KdakKdeuPqMtcqwOmx6TbfTniutYDUHh2v+/AuYUjV1yUdEy
g9tFdMVJgSdU0Tr0flYwtPApvPPpM0/qhhsYb5tOaFeB7JeOVhZZn4Weqyl3ZO4H
dqnxC1F8LzCd+FOkYSiJOGBdwubDp9LlIsuNe5tCuvNa1c3+GrYgf2FlH0MkvtG1
3bjb6SX02tf0/SmI8DINXE19NsiUOhvgylIf/VYxRIb1g6N0Ee7nDknYx5VlkAfy
KhS0JGsGcfxziJwGSbnsHCNUUA23lJQAcJVd2Z69kbgb4zCwqv6vAiyQDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8841dHbFxcFgQsR4vFYh7tiLBBMB8GA1UdIwQY
MBaAFMv5zSQ87Wk3tr6lcQKBT/m6QmYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQt
MWMxMzI1MGE2YTNjLzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQtMWMxMzI1MGE2YTNj
LzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABrUO6Cr9
37MsWT8DkMdmg0ByEMZ9UbXgFGgWBIui18j488/RaghmQnLrl4qlO+xNpffQiQb4
h4kASaSO4OE+5qFzC0JUEqloPbpiNYy3OHx8bmxA84DbWaV9RvFIXxPLWudTt49o
efsOscJz1yC9mxYJfOlFHcJxSrURo5OFYyf2+CdM46froq8JjFwsgKDIih0okYdO
wclDudGHOiMZl0hDZu6/sbyLBMg9nt4T+IXPW5VPaw7bTail+GeDerQw8CDSZsMr
Q76kYvWdr2C5Asx0PvNII0Ur+UY1xVNfOhATtGwEuP6pw7C1WnLwphvGSRmOPGll
lxWRtUdkNcOiew==
-----END CERTIFICATE-----