Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
File:                     yQDj7qi7474R-IxoK9E4wmUH99w.mft (raw, json)
Hash identifier:          nJS6Mu3fGYmrwKzVsQv2sivwXafSwYJ/mVpm+e/zRJU=
Subject key identifier:   21:66:A3:85:91:08:9F:99:9E:EF:1B:D1:2A:8D:96:F0:FB:73:04:D1
Authority key identifier: C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC
Certificate issuer:       /CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
Certificate serial:       019D270413CC5269B638D546581606B70EE4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
Manifest number:          0F6B
Signing time:             Wed 25 Mar 2026 22:01:11 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:11 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:11 +0000
Files and hashes:         1: yQDj7qi7474R-IxoK9E4wmUH99w.crl (hash: g8DYFXwnxhMoHHVOZDeemJvfKTD2dQTABaep1oHFDuk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:13:cc:52:69:b6:38:d5:46:58:16:06:b7:0e:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
        Validity
            Not Before: Mar 25 22:01:11 2026 GMT
            Not After : Mar 26 22:01:11 2026 GMT
        Subject: CN=2166a38591089f999eef1bd12a8d96f0fb7304d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:0d:b5:47:c5:7b:46:c8:03:53:b2:8a:43:52:
                    63:36:5d:ed:72:85:aa:18:73:16:f3:67:3e:21:cd:
                    9c:e8:b5:03:55:5b:41:e4:33:2b:37:fc:74:25:ea:
                    34:67:be:e8:71:37:3d:09:c8:5c:e7:a8:aa:64:fb:
                    f1:8c:69:e6:e7:8d:45:56:d4:53:e1:1c:80:da:b2:
                    81:99:ae:3b:ce:f6:4a:6b:03:fe:72:85:13:cc:27:
                    ad:e4:15:52:db:34:b5:67:92:13:eb:38:98:9c:7c:
                    9a:4c:67:b1:1b:ca:14:96:a8:ac:3f:70:a3:b8:5b:
                    2e:97:2e:80:5d:e2:2b:4b:ea:91:f7:1c:41:cf:7d:
                    5a:14:41:4b:12:44:fe:33:72:b2:1d:ed:22:09:81:
                    9e:93:29:06:f2:e6:1e:1d:d4:a3:e2:61:e8:d4:44:
                    95:f9:f4:19:c9:8d:d1:90:24:a6:f1:27:8d:d0:38:
                    fe:29:39:be:36:d5:be:fe:ce:fa:db:27:38:5c:d5:
                    7d:d3:88:ba:6a:18:d7:36:62:2a:8a:09:67:3a:7f:
                    7a:16:f3:31:51:e6:6a:a8:ef:e7:86:35:31:60:68:
                    b4:df:15:bd:ac:63:c1:f6:38:f1:22:9e:5e:79:6c:
                    f9:fb:df:a9:04:9d:51:63:88:fe:a3:93:b1:e4:b1:
                    68:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:66:A3:85:91:08:9F:99:9E:EF:1B:D1:2A:8D:96:F0:FB:73:04:D1
            X509v3 Authority Key Identifier:
                keyid:C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:b4:4c:be:1c:fc:65:c8:0e:ca:e1:fe:2c:24:0b:ce:9d:09:
         65:b0:85:7a:c0:70:9c:db:2b:4c:f5:de:6f:5e:4e:f9:bd:7a:
         00:7b:36:18:20:8d:15:00:65:59:8b:a4:c2:20:60:5b:c1:67:
         c4:99:41:50:2c:a2:47:97:58:ae:99:98:fd:64:45:b3:bc:e4:
         66:88:e1:cd:4d:42:c2:bc:c5:31:fb:bf:c6:05:06:75:eb:15:
         1b:68:6c:a6:a2:f1:46:69:da:62:5f:aa:6a:ea:84:32:e3:b2:
         8f:c2:23:1a:04:7d:ff:89:d5:81:06:31:62:d7:76:09:15:7b:
         d8:e7:d1:4c:a3:3e:ac:ac:eb:96:b6:e2:38:d7:66:02:39:92:
         aa:e2:2c:7d:7e:bf:76:a4:61:aa:f2:4b:da:43:3d:f8:21:64:
         42:72:14:79:22:d7:1b:46:c7:c4:06:20:61:36:7a:5a:39:e1:
         f2:a7:98:25:85:40:b9:ee:e7:9d:29:17:54:b8:e2:a0:e8:cf:
         c3:95:3c:9f:b0:82:c3:84:6d:42:a6:c0:91:f0:a0:d3:40:c2:
         60:00:0b:e5:93:29:13:9a:81:cb:a9:3c:5c:5c:3a:63:b0:a2:
         7b:46:e4:e2:bf:d8:4e:dc:c4:8c:f0:88:c9:66:72:0c:be:8b:
         fc:f9:0e:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBBPMUmm2ONVGWBYGtw7kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MDBlM2VlYThiYmUzYmUxMWY4OGM2ODJiZDEzOGMyNjUw
N2Y3ZGMwHhcNMjYwMzI1MjIwMTExWhcNMjYwMzI2MjIwMTExWjAzMTEwLwYDVQQD
EygyMTY2YTM4NTkxMDg5Zjk5OWVlZjFiZDEyYThkOTZmMGZiNzMwNGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApA21R8V7RsgDU7KKQ1JjNl3tcoWq
GHMW82c+Ic2c6LUDVVtB5DMrN/x0Jeo0Z77ocTc9Cchc56iqZPvxjGnm541FVtRT
4RyA2rKBma47zvZKawP+coUTzCet5BVS2zS1Z5IT6ziYnHyaTGexG8oUlqisP3Cj
uFsuly6AXeIrS+qR9xxBz31aFEFLEkT+M3KyHe0iCYGekykG8uYeHdSj4mHo1ESV
+fQZyY3RkCSm8SeN0Dj+KTm+NtW+/s762yc4XNV904i6ahjXNmIqiglnOn96FvMx
UeZqqO/nhjUxYGi03xW9rGPB9jjxIp5eeWz5+9+pBJ1RY4j+o5Ox5LFoxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCFmo4WRCJ+Znu8b0SqNlvD7cwTRMB8GA1UdIwQY
MBaAFMkA4+6ou+O+EfiMaCvROMJlB/fcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMt
NDE2MjA0YTAyNzM3LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMtNDE2MjA0YTAyNzM3
LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAorRMvhz8
ZcgOyuH+LCQLzp0JZbCFesBwnNsrTPXeb15O+b16AHs2GCCNFQBlWYukwiBgW8Fn
xJlBUCyiR5dYrpmY/WRFs7zkZojhzU1CwrzFMfu/xgUGdesVG2hspqLxRmnaYl+q
auqEMuOyj8IjGgR9/4nVgQYxYtd2CRV72OfRTKM+rKzrlrbiONdmAjmSquIsfX6/
dqRhqvJL2kM9+CFkQnIUeSLXG0bHxAYgYTZ6Wjnh8qeYJYVAue7nnSkXVLjioOjP
w5U8n7CCw4RtQqbAkfCg00DCYAAL5ZMpE5qBy6k8XFw6Y7Cie0bk4r/YTtzEjPCI
yWZyDL6L/PkORw==
-----END CERTIFICATE-----