Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/9e36b2-3f2d-444f-9d3a-40bcb74e4c28/1/Yj2Pmd-jCS0fZ1fvrLSfngDm1Lk.mft
File:                     Yj2Pmd-jCS0fZ1fvrLSfngDm1Lk.mft (raw, json)
Hash identifier:          aiV4pyBkn16tJBJFh5LNg9cxgicTgi3E5EFi/OvPkC0=
Subject key identifier:   C5:80:41:A6:71:6D:06:0D:FE:20:73:B6:7A:41:8B:A0:7D:9F:FE:5E
Authority key identifier: 62:3D:8F:99:DF:A3:09:2D:1F:67:57:EF:AC:B4:9F:9E:00:E6:D4:B9
Certificate issuer:       /CN=623d8f99dfa3092d1f6757efacb49f9e00e6d4b9
Certificate serial:       019D28BB14CD73AA61A9246F721E52B55B93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yj2Pmd-jCS0fZ1fvrLSfngDm1Lk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/9e36b2-3f2d-444f-9d3a-40bcb74e4c28/1/Yj2Pmd-jCS0fZ1fvrLSfngDm1Lk.mft
Manifest number:          0970
Signing time:             Thu 26 Mar 2026 06:00:42 +0000
Manifest this update:     Thu 26 Mar 2026 06:00:42 +0000
Manifest next update:     Fri 27 Mar 2026 06:00:42 +0000
Files and hashes:         1: Yj2Pmd-jCS0fZ1fvrLSfngDm1Lk.crl (hash: BRALFopunbdzBgxcWfuKBHona/d6dMwlqFodxKrIFtY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/9e36b2-3f2d-444f-9d3a-40bcb74e4c28/1/Yj2Pmd-jCS0fZ1fvrLSfngDm1Lk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/9e36b2-3f2d-444f-9d3a-40bcb74e4c28/1/Yj2Pmd-jCS0fZ1fvrLSfngDm1Lk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Yj2Pmd-jCS0fZ1fvrLSfngDm1Lk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:bb:14:cd:73:aa:61:a9:24:6f:72:1e:52:b5:5b:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=623d8f99dfa3092d1f6757efacb49f9e00e6d4b9
        Validity
            Not Before: Mar 26 06:00:42 2026 GMT
            Not After : Mar 27 06:00:42 2026 GMT
        Subject: CN=c58041a6716d060dfe2073b67a418ba07d9ffe5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:7b:9b:f4:f2:04:87:46:a2:c0:a7:a2:02:c1:
                    55:f5:c3:25:05:23:2b:ea:aa:41:79:5d:02:94:70:
                    ba:ca:0d:b2:e4:a5:62:33:d7:8e:1e:2d:e4:91:bb:
                    97:4c:36:e0:63:a0:b8:98:e5:96:aa:31:98:cc:c6:
                    36:29:d6:4f:1f:77:3e:c9:09:74:26:66:38:2e:6d:
                    37:d3:df:b7:28:9c:8b:d6:0c:75:c3:5e:d6:9b:f0:
                    57:d0:77:7d:ee:75:26:df:43:70:ca:e1:db:12:61:
                    38:9f:91:92:d7:c6:5d:ef:31:21:6c:d4:83:03:9e:
                    f6:68:c6:29:93:62:c5:66:67:d3:c9:bf:0e:2d:f0:
                    c6:cf:b5:44:66:c2:f6:b7:84:65:cb:cc:b5:72:a0:
                    09:c7:10:0d:93:39:66:51:9e:31:5d:df:58:23:06:
                    4f:55:9d:f2:32:81:12:72:57:a6:64:2c:c4:f6:39:
                    65:ff:b4:d6:51:7e:47:b6:3d:db:ed:bb:29:e7:00:
                    78:8a:66:5d:85:13:1b:9f:82:f7:d5:b1:d0:a7:42:
                    e4:e2:77:22:ce:3f:03:47:81:79:9b:2e:f5:9e:92:
                    a1:c3:ae:ef:d6:0f:fe:a5:b8:82:38:e3:1b:96:ac:
                    52:da:34:7b:fe:5e:50:75:e5:43:1f:f6:24:14:c8:
                    36:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:80:41:A6:71:6D:06:0D:FE:20:73:B6:7A:41:8B:A0:7D:9F:FE:5E
            X509v3 Authority Key Identifier:
                keyid:62:3D:8F:99:DF:A3:09:2D:1F:67:57:EF:AC:B4:9F:9E:00:E6:D4:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yj2Pmd-jCS0fZ1fvrLSfngDm1Lk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/9e36b2-3f2d-444f-9d3a-40bcb74e4c28/1/Yj2Pmd-jCS0fZ1fvrLSfngDm1Lk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/9e36b2-3f2d-444f-9d3a-40bcb74e4c28/1/Yj2Pmd-jCS0fZ1fvrLSfngDm1Lk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:1b:fe:0e:af:c4:fe:a8:37:bb:11:66:28:b8:2a:d6:06:2a:
         e1:6d:45:bd:08:91:60:78:40:32:56:21:eb:c3:84:f1:93:44:
         b6:10:1e:7e:06:9c:f6:95:4a:de:c3:62:27:80:f4:8a:5a:59:
         58:77:6d:44:a3:ab:03:df:dc:f7:09:9e:21:ef:d9:d4:cb:4b:
         64:dc:5e:da:ac:90:f4:8c:fc:9b:e7:2f:37:7a:e9:e1:f0:f5:
         e7:da:a9:67:c0:05:fc:97:1b:ef:e8:b5:89:ea:12:f5:34:24:
         a3:65:99:db:41:46:40:6b:64:06:3c:60:e3:f4:e3:84:b4:dd:
         1a:36:d1:ea:a9:48:08:7a:95:f7:5a:9a:05:5c:ff:71:45:6a:
         f7:7a:1c:e7:e0:74:4f:7e:45:1d:7f:1b:f0:fa:56:f6:27:d1:
         7b:ba:e1:e4:cb:57:44:8e:9b:48:a5:b3:aa:72:4b:dc:17:94:
         11:d6:d2:3c:75:6c:23:bf:31:6c:8a:3f:a7:dd:a1:28:67:27:
         59:2f:6b:94:87:fd:67:f8:4f:25:c6:bf:3c:10:ed:77:cd:d3:
         61:b6:c4:10:5d:78:d3:4e:e0:95:77:c5:e2:f4:99:d3:90:50:
         81:fb:53:83:e3:47:f5:ad:d5:eb:7e:d2:61:3a:55:be:96:ac:
         1e:81:c7:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ouxTNc6phqSRvch5StVuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyM2Q4Zjk5ZGZhMzA5MmQxZjY3NTdlZmFjYjQ5ZjllMDBl
NmQ0YjkwHhcNMjYwMzI2MDYwMDQyWhcNMjYwMzI3MDYwMDQyWjAzMTEwLwYDVQQD
EyhjNTgwNDFhNjcxNmQwNjBkZmUyMDczYjY3YTQxOGJhMDdkOWZmZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3ub9PIEh0aiwKeiAsFV9cMlBSMr
6qpBeV0ClHC6yg2y5KViM9eOHi3kkbuXTDbgY6C4mOWWqjGYzMY2KdZPH3c+yQl0
JmY4Lm0309+3KJyL1gx1w17Wm/BX0Hd97nUm30NwyuHbEmE4n5GS18Zd7zEhbNSD
A572aMYpk2LFZmfTyb8OLfDGz7VEZsL2t4Rly8y1cqAJxxANkzlmUZ4xXd9YIwZP
VZ3yMoESclemZCzE9jll/7TWUX5Htj3b7bsp5wB4imZdhRMbn4L31bHQp0Lk4nci
zj8DR4F5my71npKhw67v1g/+pbiCOOMblqxS2jR7/l5QdeVDH/YkFMg2xQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMWAQaZxbQYN/iBztnpBi6B9n/5eMB8GA1UdIwQY
MBaAFGI9j5nfowktH2dX76y0n54A5tS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWoyUG1kLWpDUzBmWjFmdnJMU2ZuZ0RtMUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC85ZTM2YjItM2YyZC00NDRmLTlkM2Et
NDBiY2I3NGU0YzI4LzEvWWoyUG1kLWpDUzBmWjFmdnJMU2ZuZ0RtMUxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC85ZTM2YjItM2YyZC00NDRmLTlkM2EtNDBiY2I3NGU0YzI4
LzEvWWoyUG1kLWpDUzBmWjFmdnJMU2ZuZ0RtMUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbhv+Dq/E
/qg3uxFmKLgq1gYq4W1FvQiRYHhAMlYh68OE8ZNEthAefgac9pVK3sNiJ4D0ilpZ
WHdtRKOrA9/c9wmeIe/Z1MtLZNxe2qyQ9Iz8m+cvN3rp4fD159qpZ8AF/Jcb7+i1
ieoS9TQko2WZ20FGQGtkBjxg4/TjhLTdGjbR6qlICHqV91qaBVz/cUVq93oc5+B0
T35FHX8b8PpW9ifRe7rh5MtXRI6bSKWzqnJL3BeUEdbSPHVsI78xbIo/p92hKGcn
WS9rlIf9Z/hPJca/PBDtd83TYbbEEF14007glXfF4vSZ05BQgftTg+NH9a3V637S
YTpVvpasHoHHLA==
-----END CERTIFICATE-----