Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft
File:                     yuDyZX221YxEden7gXNW4u3SzA8.mft (raw, json)
Hash identifier:          6axz+gMpy9i7GLleVNaIB2FKvidmq+l83cyLcSL8ej8=
Subject key identifier:   23:72:B3:D1:D8:91:BC:02:A9:14:04:B7:78:98:55:1E:DF:11:2A:9A
Authority key identifier: CA:E0:F2:65:7D:B6:D5:8C:44:75:E9:FB:81:73:56:E2:ED:D2:CC:0F
Certificate issuer:       /CN=cae0f2657db6d58c4475e9fb817356e2edd2cc0f
Certificate serial:       019D2961CD360E2C17257E426C60E378FB23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft
Manifest number:          1463
Signing time:             Thu 26 Mar 2026 09:02:48 +0000
Manifest this update:     Thu 26 Mar 2026 09:02:48 +0000
Manifest next update:     Fri 27 Mar 2026 09:02:48 +0000
Files and hashes:         1: yuDyZX221YxEden7gXNW4u3SzA8.crl (hash: jGNZI0VSILvZ2XOMZAlnT8PhJJ296bnVimPk4g83Ips=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:61:cd:36:0e:2c:17:25:7e:42:6c:60:e3:78:fb:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cae0f2657db6d58c4475e9fb817356e2edd2cc0f
        Validity
            Not Before: Mar 26 09:02:48 2026 GMT
            Not After : Mar 27 09:02:48 2026 GMT
        Subject: CN=2372b3d1d891bc02a91404b77898551edf112a9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:0b:63:24:7b:cf:29:88:e9:f8:ec:2a:1d:17:
                    bc:43:e7:eb:df:d5:74:b0:ae:9c:c2:62:7b:39:a7:
                    69:f8:d8:a7:a8:4b:d4:b8:19:de:0c:3d:be:f2:46:
                    e0:18:5e:98:24:dd:37:29:91:8c:08:63:ea:64:d8:
                    c9:b2:06:23:00:f3:17:8c:d2:e4:1e:18:e6:1f:a8:
                    93:87:b0:f5:53:cd:e1:cc:14:53:65:55:cd:73:26:
                    24:3a:87:99:a3:bc:d2:f7:53:74:75:79:23:6d:7b:
                    e4:96:00:dd:50:39:e2:4a:17:1c:d6:5b:9f:62:4c:
                    7b:b3:33:be:33:72:54:9b:1f:e0:c5:9f:42:c9:64:
                    62:82:a1:a0:40:73:de:a3:67:8d:0e:2b:ce:db:5c:
                    85:e2:13:25:30:b3:07:99:af:dc:20:c2:f3:6b:32:
                    21:c7:9f:66:3a:25:19:1b:7b:ce:ac:17:8f:2c:19:
                    98:6f:54:9b:86:08:41:82:21:1c:33:18:fb:dd:2c:
                    b7:b3:6b:69:6e:02:2d:5b:c5:5f:41:fb:1d:05:57:
                    1c:a3:95:2f:06:ef:d0:26:67:94:49:f2:93:df:ef:
                    1d:51:c0:20:85:72:c4:61:98:c1:f1:11:bf:1b:34:
                    d2:f7:47:35:f7:9b:cf:b4:df:a0:7a:52:8d:d5:cd:
                    8d:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:72:B3:D1:D8:91:BC:02:A9:14:04:B7:78:98:55:1E:DF:11:2A:9A
            X509v3 Authority Key Identifier:
                keyid:CA:E0:F2:65:7D:B6:D5:8C:44:75:E9:FB:81:73:56:E2:ED:D2:CC:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:07:02:00:dd:f9:00:31:67:47:db:f8:3e:de:80:d7:b6:86:
         ec:4c:86:6f:6c:91:d9:ba:2b:5d:f6:de:61:64:91:b4:68:7a:
         a3:1d:56:25:89:e5:f1:b7:7d:5f:c2:cf:39:7c:b2:11:fa:a6:
         0e:ca:a8:ea:ff:f6:71:eb:0a:50:09:93:7e:de:55:b0:9e:3c:
         7b:47:7f:d1:76:eb:52:92:a0:29:fa:27:bb:f8:9d:74:97:e5:
         d7:bd:3a:68:b7:ff:79:fc:0c:db:c4:d5:6e:a0:76:de:6d:25:
         46:2c:27:b9:1e:29:59:34:c5:29:a3:a5:6e:f1:0a:41:dd:9d:
         d3:e6:63:cd:ea:8b:f1:57:b1:ec:b3:61:ab:ba:e9:d8:aa:cb:
         15:ee:d2:1a:91:f9:50:b4:0a:53:45:57:8a:8e:05:5b:48:56:
         66:5b:c8:4a:9b:77:7a:2d:85:3e:68:86:09:8b:2c:dd:e2:d0:
         bb:03:e9:97:4b:ee:cc:aa:a1:1e:85:1d:ab:cc:31:e8:91:c1:
         64:f7:06:68:89:19:c6:c5:d5:9d:f5:bf:10:0e:c5:ce:53:bb:
         34:a6:b6:d2:3e:53:db:4f:70:f4:a4:ac:1a:be:21:6b:3f:42:
         fb:55:4e:9a:1b:9d:24:e3:08:ce:0c:34:7a:24:be:4b:31:8e:
         15:20:42:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYc02DiwXJX5CbGDjePsjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZTBmMjY1N2RiNmQ1OGM0NDc1ZTlmYjgxNzM1NmUyZWRk
MmNjMGYwHhcNMjYwMzI2MDkwMjQ4WhcNMjYwMzI3MDkwMjQ4WjAzMTEwLwYDVQQD
EygyMzcyYjNkMWQ4OTFiYzAyYTkxNDA0Yjc3ODk4NTUxZWRmMTEyYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8QtjJHvPKYjp+OwqHRe8Q+fr39V0
sK6cwmJ7Oadp+NinqEvUuBneDD2+8kbgGF6YJN03KZGMCGPqZNjJsgYjAPMXjNLk
HhjmH6iTh7D1U83hzBRTZVXNcyYkOoeZo7zS91N0dXkjbXvklgDdUDniShcc1luf
Ykx7szO+M3JUmx/gxZ9CyWRigqGgQHPeo2eNDivO21yF4hMlMLMHma/cIMLzazIh
x59mOiUZG3vOrBePLBmYb1SbhghBgiEcMxj73Sy3s2tpbgItW8VfQfsdBVcco5Uv
Bu/QJmeUSfKT3+8dUcAghXLEYZjB8RG/GzTS90c195vPtN+gelKN1c2NmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCNys9HYkbwCqRQEt3iYVR7fESqaMB8GA1UdIwQY
MBaAFMrg8mV9ttWMRHXp+4FzVuLt0swPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8wMzdmZjEtNjliOS00NGI0LThjMGUt
YTE5YTNiZWIxNWIyLzEveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8wMzdmZjEtNjliOS00NGI0LThjMGUtYTE5YTNiZWIxNWIy
LzEveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdAcCAN35
ADFnR9v4Pt6A17aG7EyGb2yR2borXfbeYWSRtGh6ox1WJYnl8bd9X8LPOXyyEfqm
Dsqo6v/2cesKUAmTft5VsJ48e0d/0XbrUpKgKfonu/iddJfl1706aLf/efwM28TV
bqB23m0lRiwnuR4pWTTFKaOlbvEKQd2d0+ZjzeqL8Vex7LNhq7rp2KrLFe7SGpH5
ULQKU0VXio4FW0hWZlvISpt3ei2FPmiGCYss3eLQuwPpl0vuzKqhHoUdq8wx6JHB
ZPcGaIkZxsXVnfW/EA7FzlO7NKa20j5T209w9KSsGr4haz9C+1VOmhudJOMIzgw0
eiS+SzGOFSBCIA==
-----END CERTIFICATE-----