Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/98d6bb-0a89-48c4-b932-5b389343dbc9/1/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.mft
File:                     yr8ZNP_pv5zjUVcu0uuCB8tVU1g.mft (raw, json)
Hash identifier:          I9GYlnGhbaVncjPehyqA+0CNjehfVKkKTONuh8s8na0=
Subject key identifier:   57:B3:81:48:13:80:A1:DD:2D:6A:65:F8:75:22:6B:38:AB:E5:78:42
Authority key identifier: CA:BF:19:34:FF:E9:BF:9C:E3:51:57:2E:D2:EB:82:07:CB:55:53:58
Certificate issuer:       /CN=cabf1934ffe9bf9ce351572ed2eb8207cb555358
Certificate serial:       019D2A3B7311F60B6DE52FC963A5F6138BFE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6b/98d6bb-0a89-48c4-b932-5b389343dbc9/1/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.mft
Manifest number:          02D9
Signing time:             Thu 26 Mar 2026 13:00:32 +0000
Manifest this update:     Thu 26 Mar 2026 13:00:32 +0000
Manifest next update:     Fri 27 Mar 2026 13:00:32 +0000
Files and hashes:         1: yr8ZNP_pv5zjUVcu0uuCB8tVU1g.crl (hash: NpX0KvX81oe6bT9sdYtWpHpDRy8r4mGUdYXJTkABshM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6b/98d6bb-0a89-48c4-b932-5b389343dbc9/1/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6b/98d6bb-0a89-48c4-b932-5b389343dbc9/1/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:3b:73:11:f6:0b:6d:e5:2f:c9:63:a5:f6:13:8b:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cabf1934ffe9bf9ce351572ed2eb8207cb555358
        Validity
            Not Before: Mar 26 13:00:32 2026 GMT
            Not After : Mar 27 13:00:32 2026 GMT
        Subject: CN=57b381481380a1dd2d6a65f875226b38abe57842
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:29:b2:7d:ae:35:72:3e:ff:45:21:94:47:31:
                    75:b0:4d:c6:19:1e:f3:e2:31:54:97:bb:d6:71:dd:
                    ca:ae:4e:95:0e:6b:9f:23:2b:56:0e:2e:c9:bf:2f:
                    84:37:3e:d7:92:cb:7a:96:d0:6e:9c:c6:bd:22:10:
                    6c:19:2f:81:2f:6f:dd:97:da:93:80:e0:88:f4:84:
                    1e:8b:b8:2f:32:c5:6b:01:5f:eb:f2:97:51:78:6d:
                    eb:e6:22:f6:88:b8:a1:d4:dd:f6:97:c1:1b:90:75:
                    ec:70:e4:90:2d:d5:aa:16:1c:06:35:c5:8b:5a:28:
                    34:31:20:58:96:d8:ff:d2:6c:d8:1e:27:14:04:1e:
                    ec:8f:c3:44:d7:60:66:b3:e8:66:57:ec:f5:4a:6a:
                    f3:5a:fc:7f:1b:11:8b:b0:ac:40:7f:83:86:51:30:
                    a8:e2:10:dc:f8:75:db:83:48:d4:1d:4f:7f:ad:68:
                    99:e5:0f:c4:ca:a9:3f:53:6c:c8:b4:df:84:8d:a9:
                    66:80:5a:d7:28:44:d1:64:9f:e3:6b:3d:ee:bb:5e:
                    b4:de:73:eb:25:40:02:76:8e:65:7f:f9:dc:89:52:
                    c7:57:aa:09:77:a8:be:4c:04:a4:de:3a:66:d2:a6:
                    c6:0b:ed:9e:24:06:e3:99:dc:fc:d2:a1:a3:4d:96:
                    6c:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:B3:81:48:13:80:A1:DD:2D:6A:65:F8:75:22:6B:38:AB:E5:78:42
            X509v3 Authority Key Identifier:
                keyid:CA:BF:19:34:FF:E9:BF:9C:E3:51:57:2E:D2:EB:82:07:CB:55:53:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/98d6bb-0a89-48c4-b932-5b389343dbc9/1/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/98d6bb-0a89-48c4-b932-5b389343dbc9/1/yr8ZNP_pv5zjUVcu0uuCB8tVU1g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:20:95:38:1c:35:e4:c1:87:2d:9c:8c:f6:4c:55:d4:7e:4e:
         80:6c:aa:cc:d4:c9:05:5d:6d:11:32:b4:ed:02:74:41:fc:d5:
         90:da:c4:d6:05:83:c5:1e:5c:c4:77:eb:05:75:f1:ab:5d:ed:
         0c:a3:a5:f5:32:00:72:4a:62:2e:82:1f:b5:be:28:2f:bc:e4:
         8e:50:71:38:43:01:92:8e:ad:0c:85:45:86:b4:2b:e7:b3:a6:
         e7:3d:9b:47:47:95:92:38:70:34:15:20:19:a8:90:22:89:48:
         ea:22:6d:b4:73:48:30:90:f7:8b:e2:c1:3d:8b:55:1e:86:c9:
         34:62:df:e5:27:df:59:69:85:bf:ae:e9:9e:78:14:47:e9:2b:
         05:a3:6f:6d:d7:f2:d8:ee:74:79:77:55:0f:2f:96:7d:a2:87:
         a3:f4:8c:56:1d:56:06:fa:39:7f:ec:9c:7d:ca:86:05:35:a4:
         45:36:e1:55:19:df:b0:61:cd:5c:48:4a:d3:e5:ef:95:07:ad:
         23:3f:8b:d9:5e:24:f9:5d:9d:a5:5c:9d:84:68:11:55:57:7f:
         b4:92:64:4b:e0:9e:18:3d:2d:cb:3b:71:69:85:74:c7:f8:94:
         7a:80:25:c8:f9:ba:9d:0a:73:9b:39:ac:44:ef:fd:ed:f9:92:
         4d:3f:c5:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qO3MR9gtt5S/JY6X2E4v+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhYmYxOTM0ZmZlOWJmOWNlMzUxNTcyZWQyZWI4MjA3Y2I1
NTUzNTgwHhcNMjYwMzI2MTMwMDMyWhcNMjYwMzI3MTMwMDMyWjAzMTEwLwYDVQQD
Eyg1N2IzODE0ODEzODBhMWRkMmQ2YTY1Zjg3NTIyNmIzOGFiZTU3ODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCmyfa41cj7/RSGURzF1sE3GGR7z
4jFUl7vWcd3Krk6VDmufIytWDi7Jvy+ENz7Xkst6ltBunMa9IhBsGS+BL2/dl9qT
gOCI9IQei7gvMsVrAV/r8pdReG3r5iL2iLih1N32l8EbkHXscOSQLdWqFhwGNcWL
Wig0MSBYltj/0mzYHicUBB7sj8NE12Bms+hmV+z1SmrzWvx/GxGLsKxAf4OGUTCo
4hDc+HXbg0jUHU9/rWiZ5Q/Eyqk/U2zItN+EjalmgFrXKETRZJ/jaz3uu1603nPr
JUACdo5lf/nciVLHV6oJd6i+TASk3jpm0qbGC+2eJAbjmdz80qGjTZZsywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFezgUgTgKHdLWpl+HUiazir5XhCMB8GA1UdIwQY
MBaAFMq/GTT/6b+c41FXLtLrggfLVVNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXI4Wk5QX3B2NXpqVVZjdTB1dUNCOHRWVTFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi85OGQ2YmItMGE4OS00OGM0LWI5MzIt
NWIzODkzNDNkYmM5LzEveXI4Wk5QX3B2NXpqVVZjdTB1dUNCOHRWVTFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi85OGQ2YmItMGE4OS00OGM0LWI5MzItNWIzODkzNDNkYmM5
LzEveXI4Wk5QX3B2NXpqVVZjdTB1dUNCOHRWVTFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHCCVOBw1
5MGHLZyM9kxV1H5OgGyqzNTJBV1tETK07QJ0QfzVkNrE1gWDxR5cxHfrBXXxq13t
DKOl9TIAckpiLoIftb4oL7zkjlBxOEMBko6tDIVFhrQr57Om5z2bR0eVkjhwNBUg
GaiQIolI6iJttHNIMJD3i+LBPYtVHobJNGLf5SffWWmFv67pnngUR+krBaNvbdfy
2O50eXdVDy+WfaKHo/SMVh1WBvo5f+ycfcqGBTWkRTbhVRnfsGHNXEhK0+XvlQet
Iz+L2V4k+V2dpVydhGgRVVd/tJJkS+CeGD0tyztxaYV0x/iUeoAlyPm6nQpzmzms
RO/97fmSTT/FiQ==
-----END CERTIFICATE-----