Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
File:                     y3yVUPThoer5UHL7G5q7JpVNJj0.mft (raw, json)
Hash identifier:          l/sZWkxJ/T4Blq3FtVlodyphUoMgDlN9PowS3yZvUNE=
Subject key identifier:   2A:DD:27:81:8A:09:75:FE:36:CF:F4:56:89:B1:3A:D7:9D:BC:14:BD
Authority key identifier: CB:7C:95:50:F4:E1:A1:EA:F9:50:72:FB:1B:9A:BB:26:95:4D:26:3D
Certificate issuer:       /CN=cb7c9550f4e1a1eaf95072fb1b9abb26954d263d
Certificate serial:       019D25F12F764AF5E33A653EC0E7737D8F1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
Manifest number:          0F2D
Signing time:             Wed 25 Mar 2026 17:00:56 +0000
Manifest this update:     Wed 25 Mar 2026 17:00:56 +0000
Manifest next update:     Thu 26 Mar 2026 17:00:56 +0000
Files and hashes:         1: y3yVUPThoer5UHL7G5q7JpVNJj0.crl (hash: x9JmSQeRvhBHCCrZkz3nQzkVvTkWsZJKZwxSKBAj5pk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:f1:2f:76:4a:f5:e3:3a:65:3e:c0:e7:73:7d:8f:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb7c9550f4e1a1eaf95072fb1b9abb26954d263d
        Validity
            Not Before: Mar 25 17:00:56 2026 GMT
            Not After : Mar 26 17:00:56 2026 GMT
        Subject: CN=2add27818a0975fe36cff45689b13ad79dbc14bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:c4:65:5b:0b:f9:6b:47:ee:2a:e3:ff:bb:59:
                    13:d1:c8:4d:c0:67:49:fe:6f:15:13:ee:e2:37:a0:
                    7f:8f:5a:db:09:95:86:16:c6:4d:bd:e1:c1:3f:f9:
                    77:25:69:35:28:9a:9b:12:70:42:c9:d2:66:88:c4:
                    f0:1c:3d:60:d8:e4:9e:d3:21:8b:b6:04:a1:68:2c:
                    70:a1:ec:14:9b:b3:33:3e:ea:fc:ab:c7:ea:9e:4d:
                    54:cf:a8:7e:ca:a2:23:2f:77:6f:11:bd:4a:2c:f7:
                    fc:45:e2:ba:19:a0:63:c9:3a:15:7b:8c:84:d4:d8:
                    ed:dd:f9:cc:65:6c:03:59:21:ba:a8:de:ee:04:76:
                    60:7d:25:aa:e6:c7:32:9d:a0:35:e9:04:64:0a:da:
                    9b:4e:1a:f4:c2:47:dc:b2:df:d1:94:88:c3:5e:5d:
                    60:ab:33:b2:a0:a5:91:91:ce:b4:a2:e0:ed:80:b6:
                    59:f4:41:ee:aa:7b:9d:59:80:83:35:18:4e:05:7a:
                    82:e7:1d:60:aa:33:c2:10:7a:32:30:f3:50:c1:02:
                    c8:f7:f5:e4:2a:7e:0a:19:21:7b:a4:4c:d6:15:6f:
                    c8:64:90:e2:8d:ec:c0:6a:b2:c4:b2:69:03:62:fd:
                    7b:06:50:21:1b:e7:5c:e6:f7:66:87:31:12:85:e5:
                    7e:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:DD:27:81:8A:09:75:FE:36:CF:F4:56:89:B1:3A:D7:9D:BC:14:BD
            X509v3 Authority Key Identifier:
                keyid:CB:7C:95:50:F4:E1:A1:EA:F9:50:72:FB:1B:9A:BB:26:95:4D:26:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:1d:8f:40:3b:db:b1:c3:45:24:7e:87:9b:7f:9c:c6:7c:6f:
         7a:e5:7c:9a:2f:4b:a1:5f:81:87:bb:61:2d:2f:56:b9:fd:0f:
         1e:78:1f:ae:3d:c7:6c:d4:81:5b:96:11:08:17:92:19:85:44:
         a0:e3:ca:0b:6e:3e:b1:d5:64:5f:6c:f9:62:e3:09:7d:00:81:
         85:2a:95:17:99:47:13:34:9c:52:50:aa:87:8e:3c:fe:20:ab:
         af:58:c3:b5:38:b5:36:81:25:fe:d2:86:c6:88:ab:e7:39:c1:
         6f:eb:4a:37:03:39:d9:ab:64:e2:19:50:8d:b5:89:ab:45:88:
         6a:43:59:86:43:34:b1:d7:91:8a:d9:8b:32:76:d3:dd:74:f8:
         70:04:f1:42:15:03:6c:74:69:15:aa:d1:1e:d5:48:03:9b:6a:
         34:ea:ac:83:e1:e3:1d:9f:f0:76:a0:fb:1a:15:b1:bd:df:3b:
         b6:67:a5:78:0a:b5:3b:fa:5c:6c:4c:73:19:f8:6d:df:58:97:
         a5:bf:48:a8:a6:74:fe:b2:02:db:e0:94:16:6a:d3:3e:ed:2f:
         d3:9e:48:b1:05:dd:27:f3:ac:dd:72:e5:e3:9c:fb:1f:d1:9c:
         ea:6a:a1:e9:e3:f6:69:99:e1:03:e3:bc:a6:2f:02:76:41:40:
         98:7a:1a:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8S92SvXjOmU+wOdzfY8aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiN2M5NTUwZjRlMWExZWFmOTUwNzJmYjFiOWFiYjI2OTU0
ZDI2M2QwHhcNMjYwMzI1MTcwMDU2WhcNMjYwMzI2MTcwMDU2WjAzMTEwLwYDVQQD
EygyYWRkMjc4MThhMDk3NWZlMzZjZmY0NTY4OWIxM2FkNzlkYmMxNGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMRlWwv5a0fuKuP/u1kT0chNwGdJ
/m8VE+7iN6B/j1rbCZWGFsZNveHBP/l3JWk1KJqbEnBCydJmiMTwHD1g2OSe0yGL
tgShaCxwoewUm7MzPur8q8fqnk1Uz6h+yqIjL3dvEb1KLPf8ReK6GaBjyToVe4yE
1Njt3fnMZWwDWSG6qN7uBHZgfSWq5scynaA16QRkCtqbThr0wkfcst/RlIjDXl1g
qzOyoKWRkc60ouDtgLZZ9EHuqnudWYCDNRhOBXqC5x1gqjPCEHoyMPNQwQLI9/Xk
Kn4KGSF7pEzWFW/IZJDijezAarLEsmkDYv17BlAhG+dc5vdmhzESheV+twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCrdJ4GKCXX+Ns/0VomxOtedvBS9MB8GA1UdIwQY
MBaAFMt8lVD04aHq+VBy+xuauyaVTSY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82ODliMTktNDk1OC00NDIzLTg1YTkt
OTYyNmY5ZjZjZGEyLzEveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS82ODliMTktNDk1OC00NDIzLTg1YTktOTYyNmY5ZjZjZGEy
LzEveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArx2PQDvb
scNFJH6Hm3+cxnxveuV8mi9LoV+Bh7thLS9Wuf0PHngfrj3HbNSBW5YRCBeSGYVE
oOPKC24+sdVkX2z5YuMJfQCBhSqVF5lHEzScUlCqh448/iCrr1jDtTi1NoEl/tKG
xoir5znBb+tKNwM52atk4hlQjbWJq0WIakNZhkM0sdeRitmLMnbT3XT4cATxQhUD
bHRpFarRHtVIA5tqNOqsg+HjHZ/wdqD7GhWxvd87tmeleAq1O/pcbExzGfht31iX
pb9IqKZ0/rIC2+CUFmrTPu0v055IsQXdJ/Os3XLl45z7H9Gc6mqh6eP2aZnhA+O8
pi8CdkFAmHoasA==
-----END CERTIFICATE-----