Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.mft
File:                     YxB3zMSCuRtFmfUslKiJABOSSf8.mft (raw, json)
Hash identifier:          HvSKYnYwTH56WqUgSiEp9Shedx5DRZvbXHAM9bC2cc4=
Subject key identifier:   01:A9:F3:B5:67:6D:CD:98:3D:AF:49:1D:DF:E3:32:FC:55:83:4F:5A
Authority key identifier: 63:10:77:CC:C4:82:B9:1B:45:99:F5:2C:94:A8:89:00:13:92:49:FF
Certificate issuer:       /CN=631077ccc482b91b4599f52c94a88900139249ff
Certificate serial:       019D25F1CD209060D211606F79C9985CAE32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YxB3zMSCuRtFmfUslKiJABOSSf8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.mft
Manifest number:          02FE
Signing time:             Wed 25 Mar 2026 17:01:36 +0000
Manifest this update:     Wed 25 Mar 2026 17:01:36 +0000
Manifest next update:     Thu 26 Mar 2026 17:01:36 +0000
Files and hashes:         1: YxB3zMSCuRtFmfUslKiJABOSSf8.crl (hash: X8hY4eLEtzjy9BUFApB/llS+uWf38kz4xyp58YSMcHk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YxB3zMSCuRtFmfUslKiJABOSSf8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:f1:cd:20:90:60:d2:11:60:6f:79:c9:98:5c:ae:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=631077ccc482b91b4599f52c94a88900139249ff
        Validity
            Not Before: Mar 25 17:01:36 2026 GMT
            Not After : Mar 26 17:01:36 2026 GMT
        Subject: CN=01a9f3b5676dcd983daf491ddfe332fc55834f5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:76:96:a3:d1:53:51:e6:0c:60:4d:e3:ba:58:
                    bb:fb:f7:08:dd:b4:90:3e:18:da:00:8a:06:b1:12:
                    dd:5e:ad:29:7e:b6:4d:bd:81:95:be:36:d1:40:3a:
                    58:0e:d9:cb:b0:e6:c0:e9:58:f3:d6:46:6e:a3:80:
                    94:06:ac:4d:96:76:17:ff:a1:5d:bf:8f:65:d6:b5:
                    f1:60:20:c1:ae:ec:53:91:3e:1a:5d:d8:3b:f8:b0:
                    51:a5:f5:3f:93:07:91:7b:7f:98:d1:44:c8:40:c9:
                    91:e7:eb:96:17:58:3a:89:6e:39:47:5b:31:af:61:
                    50:45:68:1b:77:18:52:c8:cd:ee:70:40:01:66:91:
                    b1:a7:13:4a:eb:0b:a3:87:f8:12:dd:fe:d9:a9:be:
                    43:f8:7a:0b:4f:74:39:62:01:92:86:5e:f5:00:9c:
                    9a:2a:95:54:12:5a:d9:69:1d:04:c0:d3:3c:85:49:
                    17:98:45:11:ef:6e:76:a2:21:74:9b:81:87:65:15:
                    7e:ad:c7:5b:f2:6e:25:2e:07:8d:91:dc:50:e3:c5:
                    c9:f9:7f:2e:26:77:53:7d:0d:d9:5d:37:ec:50:bb:
                    8b:19:f8:f6:1d:9a:e1:03:28:aa:6b:7b:b8:69:6b:
                    48:92:83:e0:7f:a5:95:e4:51:bb:ad:f4:99:26:4b:
                    39:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:A9:F3:B5:67:6D:CD:98:3D:AF:49:1D:DF:E3:32:FC:55:83:4F:5A
            X509v3 Authority Key Identifier:
                keyid:63:10:77:CC:C4:82:B9:1B:45:99:F5:2C:94:A8:89:00:13:92:49:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YxB3zMSCuRtFmfUslKiJABOSSf8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/814253-f21f-4bc8-b768-804b760dd879/1/YxB3zMSCuRtFmfUslKiJABOSSf8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:7a:33:1a:03:ed:f1:60:15:fd:26:68:23:07:1d:a2:0c:a0:
         47:62:16:28:e6:91:4a:a8:97:bf:04:0a:ff:10:23:70:c6:79:
         1a:f2:70:f3:33:8f:bc:9e:e2:94:46:17:0d:cc:7c:c8:2b:f3:
         2f:eb:2a:09:0a:1f:5d:34:36:d4:d4:7e:eb:88:a3:22:e7:48:
         e6:a0:19:90:56:2f:6f:34:e2:c6:cc:23:93:f7:0d:ee:4e:e8:
         7f:53:d0:83:3a:41:a6:52:6c:24:d1:5a:a0:01:c3:ec:b4:67:
         43:ba:3b:b7:0a:28:d8:06:a2:f7:80:3d:ef:37:a6:d7:69:17:
         0f:e6:78:ca:5d:5a:2f:30:f3:d9:1a:91:dd:f8:2a:5c:20:e9:
         55:21:1e:95:0e:12:c2:e1:d9:44:80:66:41:9c:5f:b4:0b:8a:
         ca:09:5f:09:2e:ca:be:33:84:79:d2:aa:ea:d5:ce:48:5c:0d:
         86:49:e8:3e:69:0f:90:9d:ce:0a:8e:91:96:12:21:5a:9a:ba:
         ff:93:9c:81:31:3d:b5:28:68:f5:0d:f5:c3:af:91:fe:5e:1f:
         52:63:97:d9:e8:3a:d1:12:9a:fc:77:d0:52:8d:fa:9a:20:f3:
         aa:0b:17:6a:2f:e2:04:15:f2:f1:b4:ae:46:88:52:d8:24:f6:
         30:57:73:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8c0gkGDSEWBvecmYXK4yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMTA3N2NjYzQ4MmI5MWI0NTk5ZjUyYzk0YTg4OTAwMTM5
MjQ5ZmYwHhcNMjYwMzI1MTcwMTM2WhcNMjYwMzI2MTcwMTM2WjAzMTEwLwYDVQQD
EygwMWE5ZjNiNTY3NmRjZDk4M2RhZjQ5MWRkZmUzMzJmYzU1ODM0ZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHaWo9FTUeYMYE3juli7+/cI3bSQ
PhjaAIoGsRLdXq0pfrZNvYGVvjbRQDpYDtnLsObA6Vjz1kZuo4CUBqxNlnYX/6Fd
v49l1rXxYCDBruxTkT4aXdg7+LBRpfU/kweRe3+Y0UTIQMmR5+uWF1g6iW45R1sx
r2FQRWgbdxhSyM3ucEABZpGxpxNK6wujh/gS3f7Zqb5D+HoLT3Q5YgGShl71AJya
KpVUElrZaR0EwNM8hUkXmEUR7252oiF0m4GHZRV+rcdb8m4lLgeNkdxQ48XJ+X8u
JndTfQ3ZXTfsULuLGfj2HZrhAyiqa3u4aWtIkoPgf6WV5FG7rfSZJks5/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAGp87Vnbc2YPa9JHd/jMvxVg09aMB8GA1UdIwQY
MBaAFGMQd8zEgrkbRZn1LJSoiQATkkn/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXhCM3pNU0N1UnRGbWZVc2xLaUpBQk9TU2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC84MTQyNTMtZjIxZi00YmM4LWI3Njgt
ODA0Yjc2MGRkODc5LzEvWXhCM3pNU0N1UnRGbWZVc2xLaUpBQk9TU2Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC84MTQyNTMtZjIxZi00YmM4LWI3NjgtODA0Yjc2MGRkODc5
LzEvWXhCM3pNU0N1UnRGbWZVc2xLaUpBQk9TU2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd3ozGgPt
8WAV/SZoIwcdogygR2IWKOaRSqiXvwQK/xAjcMZ5GvJw8zOPvJ7ilEYXDcx8yCvz
L+sqCQofXTQ21NR+64ijIudI5qAZkFYvbzTixswjk/cN7k7of1PQgzpBplJsJNFa
oAHD7LRnQ7o7twoo2Aai94A97zem12kXD+Z4yl1aLzDz2RqR3fgqXCDpVSEelQ4S
wuHZRIBmQZxftAuKyglfCS7KvjOEedKq6tXOSFwNhknoPmkPkJ3OCo6RlhIhWpq6
/5OcgTE9tSho9Q31w6+R/l4fUmOX2eg60RKa/HfQUo36miDzqgsXai/iBBXy8bSu
RohS2CT2MFdzLg==
-----END CERTIFICATE-----