Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
File:                     yyDpqru2GRVGEQI1z3bEg4S0UdA.mft (raw, json)
Hash identifier:          YDTvqi1Tq1GpsEjFz98CljOpeS851CFQKy9VXaQ448I=
Subject key identifier:   5F:D4:37:9C:CC:4A:7F:DB:FA:21:90:08:B4:D5:73:68:9A:53:18:0B
Authority key identifier: CB:20:E9:AA:BB:B6:19:15:46:11:02:35:CF:76:C4:83:84:B4:51:D0
Certificate issuer:       /CN=cb20e9aabbb6191546110235cf76c48384b451d0
Certificate serial:       019D270426B7A052BBAD001ADB05A2E10897
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
Manifest number:          07D3
Signing time:             Wed 25 Mar 2026 22:01:16 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:16 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:16 +0000
Files and hashes:         1: yyDpqru2GRVGEQI1z3bEg4S0UdA.crl (hash: 8+kPvFOTF1r0LTxX1LVvGliQNT9t3rFjnrT3nkBudic=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:26:b7:a0:52:bb:ad:00:1a:db:05:a2:e1:08:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb20e9aabbb6191546110235cf76c48384b451d0
        Validity
            Not Before: Mar 25 22:01:16 2026 GMT
            Not After : Mar 26 22:01:16 2026 GMT
        Subject: CN=5fd4379ccc4a7fdbfa219008b4d573689a53180b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:45:dd:e4:8d:12:e3:c3:e5:91:6b:5d:bd:e9:
                    32:2b:2d:ea:53:28:ed:b6:57:28:57:d5:ed:ca:6b:
                    6b:4c:6c:c6:b2:f6:06:b8:8c:e2:a1:55:d1:ba:8f:
                    c3:dd:d3:50:c0:5f:4d:a5:89:41:57:6a:d9:b1:68:
                    05:76:66:e6:dc:eb:2f:f0:a5:1e:25:29:8f:b7:22:
                    79:e0:af:ca:49:1b:c3:dd:58:ba:e3:0f:d8:86:d7:
                    19:e0:e2:70:96:7e:86:6d:0c:85:98:9a:92:1c:63:
                    8b:13:5d:14:cb:e5:a8:75:2b:b3:2d:10:32:e2:53:
                    3d:4e:5d:0f:4e:94:26:71:98:6b:00:9d:ca:e7:af:
                    9b:e7:0d:42:f9:ed:c2:fc:5c:92:98:1a:12:24:f2:
                    34:b3:8c:61:9d:1c:0a:83:95:ed:eb:45:0b:98:5a:
                    9f:98:bb:91:55:50:80:ff:c9:69:4d:b3:8c:3d:03:
                    56:ba:38:66:ab:ca:5d:df:13:49:ae:d6:cf:26:04:
                    d4:11:2c:6c:1c:ee:89:d5:5d:33:0e:59:10:6b:40:
                    4e:ea:08:7f:1c:03:4c:2d:55:23:45:c4:b2:e0:8a:
                    31:4d:e7:d2:13:2a:75:fc:bb:57:64:56:b2:7f:ff:
                    37:e8:a2:88:c6:f5:e2:1b:b8:41:92:f5:a0:b8:63:
                    32:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:D4:37:9C:CC:4A:7F:DB:FA:21:90:08:B4:D5:73:68:9A:53:18:0B
            X509v3 Authority Key Identifier:
                keyid:CB:20:E9:AA:BB:B6:19:15:46:11:02:35:CF:76:C4:83:84:B4:51:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:d5:60:8b:c7:f4:3f:35:b7:f2:1c:62:ec:b6:52:f4:b4:ae:
         33:d9:4b:de:d4:f5:df:ef:3c:7d:37:08:61:fd:87:5f:ec:c3:
         5a:34:c5:59:c2:99:d5:f5:c3:b8:06:05:dd:eb:b0:61:01:75:
         ec:d3:81:6f:62:84:c1:87:ba:1d:0d:a0:7d:9a:ba:30:65:13:
         bb:e9:83:42:78:11:ee:d2:4a:46:d4:3c:ca:58:02:f9:95:f9:
         fe:f4:d5:7c:af:da:0c:72:d8:ca:ab:68:38:ce:a9:88:76:7e:
         d2:e8:5b:ba:0e:93:c2:df:e2:df:9d:b0:90:58:ce:34:d4:33:
         7a:2d:d2:14:8c:c5:da:be:6f:e1:7c:0d:21:d9:19:e3:a8:aa:
         cc:61:32:5e:38:e2:b0:02:97:a8:81:58:7a:53:40:a5:c1:a6:
         f6:0c:2b:c6:c7:91:28:da:36:dc:ae:a5:de:fd:08:55:a4:fc:
         89:3c:fe:06:29:d5:00:10:85:b5:9a:39:08:22:b1:18:4d:00:
         71:5f:93:d4:9b:c2:3a:a1:d6:94:3b:f4:6f:fc:82:f3:45:82:
         08:bd:3d:62:1f:43:e9:d1:15:bd:f4:0f:cb:17:23:fb:f6:f6:
         75:28:2d:cd:ff:ff:49:62:0c:c1:9a:7b:a9:b4:f5:66:1a:07:
         34:af:de:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBCa3oFK7rQAa2wWi4QiXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMjBlOWFhYmJiNjE5MTU0NjExMDIzNWNmNzZjNDgzODRi
NDUxZDAwHhcNMjYwMzI1MjIwMTE2WhcNMjYwMzI2MjIwMTE2WjAzMTEwLwYDVQQD
Eyg1ZmQ0Mzc5Y2NjNGE3ZmRiZmEyMTkwMDhiNGQ1NzM2ODlhNTMxODBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUXd5I0S48PlkWtdvekyKy3qUyjt
tlcoV9XtymtrTGzGsvYGuIzioVXRuo/D3dNQwF9NpYlBV2rZsWgFdmbm3Osv8KUe
JSmPtyJ54K/KSRvD3Vi64w/YhtcZ4OJwln6GbQyFmJqSHGOLE10Uy+WodSuzLRAy
4lM9Tl0PTpQmcZhrAJ3K56+b5w1C+e3C/FySmBoSJPI0s4xhnRwKg5Xt60ULmFqf
mLuRVVCA/8lpTbOMPQNWujhmq8pd3xNJrtbPJgTUESxsHO6J1V0zDlkQa0BO6gh/
HANMLVUjRcSy4IoxTefSEyp1/LtXZFayf/836KKIxvXiG7hBkvWguGMyiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF/UN5zMSn/b+iGQCLTVc2iaUxgLMB8GA1UdIwQY
MBaAFMsg6aq7thkVRhECNc92xIOEtFHQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi84ZDliYjUtYjRlNS00MzQ0LTg5MWIt
MDgwN2Y5NmNhNGEyLzEveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi84ZDliYjUtYjRlNS00MzQ0LTg5MWItMDgwN2Y5NmNhNGEy
LzEveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAftVgi8f0
PzW38hxi7LZS9LSuM9lL3tT13+88fTcIYf2HX+zDWjTFWcKZ1fXDuAYF3euwYQF1
7NOBb2KEwYe6HQ2gfZq6MGUTu+mDQngR7tJKRtQ8ylgC+ZX5/vTVfK/aDHLYyqto
OM6piHZ+0uhbug6Twt/i352wkFjONNQzei3SFIzF2r5v4XwNIdkZ46iqzGEyXjji
sAKXqIFYelNApcGm9gwrxseRKNo23K6l3v0IVaT8iTz+BinVABCFtZo5CCKxGE0A
cV+T1JvCOqHWlDv0b/yC80WCCL09Yh9D6dEVvfQPyxcj+/b2dSgtzf//SWIMwZp7
qbT1ZhoHNK/ePw==
-----END CERTIFICATE-----