Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/78c37f-2f69-4fec-a198-ccf528eb4dda/1/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.mft
File:                     yVmYmJ_bWl-TIUetcWLGMATgZ6Q.mft (raw, json)
Hash identifier:          L6JntVtMRaVkM7F69NKE3riEjvHrLi3BRqm96D3siwM=
Subject key identifier:   B3:A7:21:91:18:53:FC:56:03:19:D8:4E:69:35:A5:F7:A9:53:5F:0B
Authority key identifier: C9:59:98:98:9F:DB:5A:5F:93:21:47:AD:71:62:C6:30:04:E0:67:A4
Certificate issuer:       /CN=c95998989fdb5a5f932147ad7162c63004e067a4
Certificate serial:       019D27A8726EBF0470A1430970BB19F80E96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/78c37f-2f69-4fec-a198-ccf528eb4dda/1/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.mft
Manifest number:          0D69
Signing time:             Thu 26 Mar 2026 01:00:43 +0000
Manifest this update:     Thu 26 Mar 2026 01:00:43 +0000
Manifest next update:     Fri 27 Mar 2026 01:00:43 +0000
Files and hashes:         1: yVmYmJ_bWl-TIUetcWLGMATgZ6Q.crl (hash: OW1JVKqQdeRousdTXagTuckbl1H5yyDYOUqKN/gJ9Zo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/81/78c37f-2f69-4fec-a198-ccf528eb4dda/1/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/81/78c37f-2f69-4fec-a198-ccf528eb4dda/1/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:a8:72:6e:bf:04:70:a1:43:09:70:bb:19:f8:0e:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c95998989fdb5a5f932147ad7162c63004e067a4
        Validity
            Not Before: Mar 26 01:00:43 2026 GMT
            Not After : Mar 27 01:00:43 2026 GMT
        Subject: CN=b3a721911853fc560319d84e6935a5f7a9535f0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:4d:7b:66:6b:65:9d:32:46:0d:e7:ca:ca:94:
                    65:cf:bb:89:25:f0:a9:eb:ab:6c:ed:87:eb:09:11:
                    35:18:87:12:85:75:47:b9:f3:90:54:8e:7c:c9:2e:
                    97:f5:14:c7:27:3b:51:ac:73:9e:b6:5d:d0:4b:9a:
                    a4:2f:dd:d3:97:55:7b:15:ba:b4:44:bc:59:fe:39:
                    b5:51:18:78:cb:74:bb:58:e2:7e:8f:91:d5:01:b9:
                    d6:39:ab:d6:3f:9f:b1:93:9f:fd:fa:5d:13:c7:f3:
                    f5:38:42:86:2c:a1:84:c8:8d:da:04:bc:b2:09:29:
                    71:7a:ed:57:42:66:ce:22:f0:34:5f:1d:8d:a0:93:
                    a4:79:f2:89:d4:65:f8:bf:6a:d7:d1:47:d1:4a:10:
                    15:d4:7d:7d:2e:88:2a:a4:01:26:3e:2f:82:0b:d2:
                    ba:29:3c:9f:64:27:78:34:14:f7:08:d6:d4:85:44:
                    aa:54:ec:68:1b:16:87:28:ce:e1:19:43:2f:9b:5c:
                    55:b4:8e:71:6c:c4:43:1e:eb:db:33:75:4e:d2:3c:
                    b0:83:df:26:41:7b:b3:ab:4a:9c:10:c5:f3:60:c7:
                    67:88:80:d8:f4:c3:74:c9:dd:c1:40:40:7e:2e:94:
                    f8:e8:63:a2:58:e5:b7:d9:68:ff:a2:da:e7:52:55:
                    06:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:A7:21:91:18:53:FC:56:03:19:D8:4E:69:35:A5:F7:A9:53:5F:0B
            X509v3 Authority Key Identifier:
                keyid:C9:59:98:98:9F:DB:5A:5F:93:21:47:AD:71:62:C6:30:04:E0:67:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/78c37f-2f69-4fec-a198-ccf528eb4dda/1/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/78c37f-2f69-4fec-a198-ccf528eb4dda/1/yVmYmJ_bWl-TIUetcWLGMATgZ6Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:43:a0:37:84:10:a8:44:25:90:1e:68:a0:2e:e2:d4:d0:1d:
         7d:95:a6:e1:1a:bc:e2:70:fd:92:22:1a:72:61:b1:b1:0a:8c:
         0a:be:dd:24:e7:68:10:04:de:4f:16:54:af:4e:b2:dc:d5:30:
         32:82:1a:4a:1b:95:af:08:e0:4f:28:67:15:84:20:52:dd:59:
         29:12:82:1e:15:c7:11:6d:08:82:57:d6:ba:07:4b:82:d3:8e:
         57:c2:85:a2:17:94:08:a8:f2:31:c8:29:c7:d7:c7:77:cb:d9:
         a7:8e:69:66:05:62:b0:15:41:b0:49:4f:d5:17:7a:3e:ee:10:
         0e:d7:35:22:6e:22:25:d0:05:2d:b3:b3:b9:2c:49:73:af:8d:
         4e:68:81:31:1d:18:2b:86:60:7c:d3:51:46:52:2e:02:f3:9c:
         31:5f:9d:32:39:7d:d2:ef:84:47:49:1c:4b:da:e2:22:87:83:
         7c:80:2d:69:6b:36:1a:c7:5a:a3:c7:e9:92:7f:a3:d9:49:7a:
         90:8b:08:79:bf:87:a8:07:36:c1:fb:c0:c3:fe:07:85:8c:69:
         6f:7d:4b:dc:eb:dd:20:9e:b8:a5:38:2f:30:56:c9:f3:3e:99:
         4b:db:00:38:22:ac:79:36:f2:9e:8d:89:d2:47:bb:5d:ca:2b:
         e0:37:03:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqHJuvwRwoUMJcLsZ+A6WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NTk5ODk4OWZkYjVhNWY5MzIxNDdhZDcxNjJjNjMwMDRl
MDY3YTQwHhcNMjYwMzI2MDEwMDQzWhcNMjYwMzI3MDEwMDQzWjAzMTEwLwYDVQQD
EyhiM2E3MjE5MTE4NTNmYzU2MDMxOWQ4NGU2OTM1YTVmN2E5NTM1ZjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyU17ZmtlnTJGDefKypRlz7uJJfCp
66ts7YfrCRE1GIcShXVHufOQVI58yS6X9RTHJztRrHOetl3QS5qkL93Tl1V7Fbq0
RLxZ/jm1URh4y3S7WOJ+j5HVAbnWOavWP5+xk5/9+l0Tx/P1OEKGLKGEyI3aBLyy
CSlxeu1XQmbOIvA0Xx2NoJOkefKJ1GX4v2rX0UfRShAV1H19LogqpAEmPi+CC9K6
KTyfZCd4NBT3CNbUhUSqVOxoGxaHKM7hGUMvm1xVtI5xbMRDHuvbM3VO0jywg98m
QXuzq0qcEMXzYMdniIDY9MN0yd3BQEB+LpT46GOiWOW32Wj/otrnUlUGTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLOnIZEYU/xWAxnYTmk1pfepU18LMB8GA1UdIwQY
MBaAFMlZmJif21pfkyFHrXFixjAE4GekMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVZtWW1KX2JXbC1USVVldGNXTEdNQVRnWjZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS83OGMzN2YtMmY2OS00ZmVjLWExOTgt
Y2NmNTI4ZWI0ZGRhLzEveVZtWW1KX2JXbC1USVVldGNXTEdNQVRnWjZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS83OGMzN2YtMmY2OS00ZmVjLWExOTgtY2NmNTI4ZWI0ZGRh
LzEveVZtWW1KX2JXbC1USVVldGNXTEdNQVRnWjZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANEOgN4QQ
qEQlkB5ooC7i1NAdfZWm4Rq84nD9kiIacmGxsQqMCr7dJOdoEATeTxZUr06y3NUw
MoIaShuVrwjgTyhnFYQgUt1ZKRKCHhXHEW0IglfWugdLgtOOV8KFoheUCKjyMcgp
x9fHd8vZp45pZgVisBVBsElP1Rd6Pu4QDtc1Im4iJdAFLbOzuSxJc6+NTmiBMR0Y
K4ZgfNNRRlIuAvOcMV+dMjl90u+ER0kcS9riIoeDfIAtaWs2Gsdao8fpkn+j2Ul6
kIsIeb+HqAc2wfvAw/4HhYxpb31L3OvdIJ64pTgvMFbJ8z6ZS9sAOCKseTbyno2J
0ke7Xcor4DcDlA==
-----END CERTIFICATE-----