Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
File:                     YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft (raw, json)
Hash identifier:          5ngt+G6vvN/ICS5HpGHCiPQIWUmbKb/Cpyso/6IAy/0=
Subject key identifier:   FB:42:3D:4F:F2:1E:4E:00:C8:81:C6:44:56:C5:2A:ED:BA:BE:01:D5
Authority key identifier: 60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30
Certificate issuer:       /CN=6062b21fb6655b897923e29d6fcb644ab10ac530
Certificate serial:       019D27DFA58694CBFACB159DDBCE6A260173
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
Manifest number:          1883
Signing time:             Thu 26 Mar 2026 02:01:01 +0000
Manifest this update:     Thu 26 Mar 2026 02:01:01 +0000
Manifest next update:     Fri 27 Mar 2026 02:01:01 +0000
Files and hashes:         1: YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl (hash: +oMQL0I09i5yh1sYPA0bBmolEuUDmPWDn6LSrnEgpC0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:df:a5:86:94:cb:fa:cb:15:9d:db:ce:6a:26:01:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6062b21fb6655b897923e29d6fcb644ab10ac530
        Validity
            Not Before: Mar 26 02:01:01 2026 GMT
            Not After : Mar 27 02:01:01 2026 GMT
        Subject: CN=fb423d4ff21e4e00c881c64456c52aedbabe01d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:e4:e4:bb:d9:f3:da:3d:92:ee:06:5c:7f:06:
                    e6:a5:28:6e:d3:85:d1:37:80:5d:fb:0b:b8:5a:b1:
                    d0:01:17:77:6b:dc:c5:a5:1b:c3:94:3a:b6:7e:66:
                    9c:06:1a:92:46:01:6b:59:c1:a9:43:ae:ba:1a:d3:
                    9d:88:3c:13:87:1d:f3:d9:d1:4a:0e:08:00:dd:b9:
                    1f:39:52:a5:80:68:fc:81:1b:70:dd:cb:a2:e9:58:
                    60:bd:03:62:ad:54:00:5e:37:a6:a4:dc:30:f3:8a:
                    ed:83:ef:39:dd:86:2f:72:c5:c3:64:80:59:67:ff:
                    c0:90:66:e8:2e:ab:0e:72:00:8e:e4:38:7e:f0:b6:
                    ec:72:66:f0:07:ca:61:d1:4e:c1:e7:37:af:be:97:
                    0e:dd:45:0b:b6:5a:61:ae:1a:ed:86:f7:29:6e:5e:
                    c9:44:7b:ba:c2:8a:31:aa:92:55:44:cb:95:ca:4a:
                    ee:a0:3f:41:da:9b:9c:f7:2c:8a:84:9b:da:e8:ba:
                    19:61:66:78:d9:44:f7:98:4c:a6:be:dc:4c:b9:99:
                    60:7d:e7:a2:55:df:c6:ab:64:ae:c0:da:e7:75:01:
                    41:15:08:ad:44:52:42:e1:89:59:f5:35:9e:7e:db:
                    ed:d8:37:29:78:96:b3:10:c1:9d:06:aa:70:e1:68:
                    6c:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:42:3D:4F:F2:1E:4E:00:C8:81:C6:44:56:C5:2A:ED:BA:BE:01:D5
            X509v3 Authority Key Identifier:
                keyid:60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:44:2f:e9:ba:59:1d:1c:e9:6a:90:5a:be:3e:a7:15:bf:fd:
         f6:28:3c:68:06:18:62:70:66:2b:a7:ea:ab:97:7e:7b:ce:b8:
         a1:6d:a5:21:cd:90:e7:bd:3f:12:6b:f8:f9:80:6e:e3:8d:60:
         10:e7:e3:af:4b:84:e7:57:dd:bf:e0:73:81:ff:77:b0:5a:ab:
         7b:2f:36:83:fd:5f:35:da:6c:9b:ba:ec:3d:55:8c:b7:aa:d1:
         e7:6c:87:6b:90:5c:69:38:0f:bd:bc:c7:e8:43:a0:af:a8:20:
         09:28:05:31:38:e5:ac:4b:16:bd:4c:3e:52:39:92:22:0a:07:
         6f:eb:95:06:31:3c:87:cd:2c:9e:7a:da:45:04:ea:d0:89:74:
         8b:57:88:c1:5f:f7:cf:a5:63:64:0f:fe:89:05:78:de:27:2b:
         65:f0:e5:ad:9b:74:4a:34:5c:73:de:7f:56:e6:05:aa:ef:cc:
         6d:60:bb:04:a9:84:59:4e:6c:0f:16:7d:d9:a4:ac:71:89:f1:
         2b:52:8a:55:f3:58:fc:85:2b:ef:21:5b:31:fd:da:20:0e:07:
         84:af:82:c2:5e:5b:cb:e4:ad:5b:72:00:a3:f3:4f:d8:fe:89:
         1e:1d:e5:ce:97:ea:82:68:cb:82:72:3e:26:70:10:af:ff:c0:
         e9:cf:52:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n36WGlMv6yxWd285qJgFzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjJiMjFmYjY2NTViODk3OTIzZTI5ZDZmY2I2NDRhYjEw
YWM1MzAwHhcNMjYwMzI2MDIwMTAxWhcNMjYwMzI3MDIwMTAxWjAzMTEwLwYDVQQD
EyhmYjQyM2Q0ZmYyMWU0ZTAwYzg4MWM2NDQ1NmM1MmFlZGJhYmUwMWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuTku9nz2j2S7gZcfwbmpShu04XR
N4Bd+wu4WrHQARd3a9zFpRvDlDq2fmacBhqSRgFrWcGpQ666GtOdiDwThx3z2dFK
DggA3bkfOVKlgGj8gRtw3cui6VhgvQNirVQAXjempNww84rtg+853YYvcsXDZIBZ
Z//AkGboLqsOcgCO5Dh+8LbscmbwB8ph0U7B5zevvpcO3UULtlphrhrthvcpbl7J
RHu6wooxqpJVRMuVykruoD9B2puc9yyKhJva6LoZYWZ42UT3mEymvtxMuZlgfeei
Vd/Gq2SuwNrndQFBFQitRFJC4YlZ9TWeftvt2DcpeJazEMGdBqpw4WhsaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPtCPU/yHk4AyIHGRFbFKu26vgHVMB8GA1UdIwQY
MBaAFGBish+2ZVuJeSPinW/LZEqxCsUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYt
YjUyMGJlZGE2NjI2LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYtYjUyMGJlZGE2NjI2
LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAEQv6bpZ
HRzpapBavj6nFb/99ig8aAYYYnBmK6fqq5d+e864oW2lIc2Q570/Emv4+YBu441g
EOfjr0uE51fdv+Bzgf93sFqrey82g/1fNdpsm7rsPVWMt6rR52yHa5BcaTgPvbzH
6EOgr6ggCSgFMTjlrEsWvUw+UjmSIgoHb+uVBjE8h80snnraRQTq0Il0i1eIwV/3
z6VjZA/+iQV43icrZfDlrZt0SjRcc95/VuYFqu/MbWC7BKmEWU5sDxZ92aSscYnx
K1KKVfNY/IUr7yFbMf3aIA4HhK+Cwl5by+StW3IAo/NP2P6JHh3lzpfqgmjLgnI+
JnAQr//A6c9S8w==
-----END CERTIFICATE-----