Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
File:                     yj7NoA-sC_tjsoVD6itdXx5N9ss.mft (raw, json)
Hash identifier:          gdIXkZf9obaBLvO0WUIbv4yRvr0JGQ5SQkPtrLwYHvk=
Subject key identifier:   E4:D2:91:17:E6:EE:9F:24:D1:E7:82:86:E8:FB:2F:39:67:F9:75:23
Authority key identifier: CA:3E:CD:A0:0F:AC:0B:FB:63:B2:85:43:EA:2B:5D:5F:1E:4D:F6:CB
Certificate issuer:       /CN=ca3ecda00fac0bfb63b28543ea2b5d5f1e4df6cb
Certificate serial:       019D2A04D24E613656572B4FFB5D46E505B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
Manifest number:          0484
Signing time:             Thu 26 Mar 2026 12:00:52 +0000
Manifest this update:     Thu 26 Mar 2026 12:00:52 +0000
Manifest next update:     Fri 27 Mar 2026 12:00:52 +0000
Files and hashes:         1: yj7NoA-sC_tjsoVD6itdXx5N9ss.crl (hash: 9poKjmsva7QFU/QcAYgPT96AHPLXGBOtYPUWZINIzg0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:04:d2:4e:61:36:56:57:2b:4f:fb:5d:46:e5:05:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca3ecda00fac0bfb63b28543ea2b5d5f1e4df6cb
        Validity
            Not Before: Mar 26 12:00:52 2026 GMT
            Not After : Mar 27 12:00:52 2026 GMT
        Subject: CN=e4d29117e6ee9f24d1e78286e8fb2f3967f97523
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:a6:91:38:e0:01:a1:c6:02:74:c0:ad:25:7f:
                    d4:08:b6:ed:de:10:bd:9f:95:48:70:cc:d1:92:c1:
                    01:07:79:82:e0:e8:03:60:0e:69:2d:82:ba:87:34:
                    5f:83:19:b1:e2:69:d0:dd:87:f7:09:d3:8e:3c:fe:
                    b6:a1:d9:f8:e5:6b:fa:05:b0:2b:8d:23:d4:20:be:
                    c5:cb:8c:5c:f4:08:1d:fa:27:c4:ba:47:1d:34:ae:
                    86:01:da:e3:7a:09:42:92:29:a0:d4:1d:c8:cd:0c:
                    40:8c:68:07:5c:bc:5d:41:c8:82:75:db:c7:a6:57:
                    b6:f0:be:5d:4e:3c:c9:e3:f2:05:d9:5b:09:62:d4:
                    8d:d1:f5:af:96:86:bb:b5:f5:bb:2e:c6:0f:fc:13:
                    2f:5c:5a:dd:4d:f9:f4:9a:94:d3:62:28:df:7d:86:
                    ca:f9:88:3c:ea:d2:25:35:57:89:9e:2a:af:24:5b:
                    e3:d5:94:d6:d1:50:91:f0:7c:26:09:82:04:6a:22:
                    b2:7c:4a:e6:87:bb:eb:64:61:ed:25:7c:3c:dd:e7:
                    6e:e5:8b:4d:e9:23:3b:36:95:f0:ba:7c:ab:6b:de:
                    c9:e2:f9:a2:8a:b0:bc:49:0d:59:55:57:a9:de:02:
                    6d:bc:d7:d9:87:47:2c:82:4e:c4:bc:d4:75:b1:de:
                    c7:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:D2:91:17:E6:EE:9F:24:D1:E7:82:86:E8:FB:2F:39:67:F9:75:23
            X509v3 Authority Key Identifier:
                keyid:CA:3E:CD:A0:0F:AC:0B:FB:63:B2:85:43:EA:2B:5D:5F:1E:4D:F6:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:8b:fd:cd:cc:2a:6a:6e:0a:03:f6:2a:e9:d1:d5:35:82:84:
         88:0a:96:65:ed:bb:b5:5c:af:15:47:0a:10:22:b0:73:fd:ea:
         07:38:a9:7b:e8:52:0f:b6:3d:f2:ac:3a:7a:af:2c:97:b2:b8:
         42:ed:10:77:28:12:85:fa:78:7d:2c:bc:00:6b:d3:42:b2:24:
         13:df:64:6f:55:c8:02:63:af:84:ef:a0:05:59:85:78:79:5e:
         25:33:4a:e3:a2:a3:df:f2:e9:25:17:96:47:9c:4c:25:42:57:
         a9:a1:cf:49:b5:42:0b:50:8c:8a:e4:61:54:36:97:c5:dc:84:
         17:9a:f9:2c:c5:63:49:ce:90:0b:d3:57:17:3c:60:c2:fa:24:
         53:09:60:70:7e:83:58:ec:74:78:95:c0:c9:0a:0b:76:da:b0:
         82:99:8b:ec:b3:e5:d4:3a:60:8f:10:b2:17:cb:e3:7a:96:40:
         fd:96:21:40:89:05:a7:40:8a:ef:a1:18:de:fb:0e:36:47:ef:
         7a:46:96:3e:e7:22:b4:b8:4f:f1:f6:43:4f:8f:e5:57:61:6d:
         84:63:cb:df:6e:85:a1:20:f7:00:c2:71:6a:e3:44:84:34:32:
         fa:eb:3c:58:9c:7c:74:9c:5b:81:8e:48:a5:6a:4f:47:b8:52:
         35:59:40:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qBNJOYTZWVytP+11G5QW3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhM2VjZGEwMGZhYzBiZmI2M2IyODU0M2VhMmI1ZDVmMWU0
ZGY2Y2IwHhcNMjYwMzI2MTIwMDUyWhcNMjYwMzI3MTIwMDUyWjAzMTEwLwYDVQQD
EyhlNGQyOTExN2U2ZWU5ZjI0ZDFlNzgyODZlOGZiMmYzOTY3Zjk3NTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3aaROOABocYCdMCtJX/UCLbt3hC9
n5VIcMzRksEBB3mC4OgDYA5pLYK6hzRfgxmx4mnQ3Yf3CdOOPP62odn45Wv6BbAr
jSPUIL7Fy4xc9Agd+ifEukcdNK6GAdrjeglCkimg1B3IzQxAjGgHXLxdQciCddvH
ple28L5dTjzJ4/IF2VsJYtSN0fWvloa7tfW7LsYP/BMvXFrdTfn0mpTTYijffYbK
+Yg86tIlNVeJniqvJFvj1ZTW0VCR8HwmCYIEaiKyfErmh7vrZGHtJXw83edu5YtN
6SM7NpXwunyra97J4vmiirC8SQ1ZVVep3gJtvNfZh0csgk7EvNR1sd7H8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOTSkRfm7p8k0eeChuj7Lzln+XUjMB8GA1UdIwQY
MBaAFMo+zaAPrAv7Y7KFQ+orXV8eTfbLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny84MmVlZDEtZDlkNS00MGQ4LWJhNTgt
M2Y5OTYwODY1ZDBmLzEveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny84MmVlZDEtZDlkNS00MGQ4LWJhNTgtM2Y5OTYwODY1ZDBm
LzEveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKYv9zcwq
am4KA/Yq6dHVNYKEiAqWZe27tVyvFUcKECKwc/3qBzipe+hSD7Y98qw6eq8sl7K4
Qu0QdygShfp4fSy8AGvTQrIkE99kb1XIAmOvhO+gBVmFeHleJTNK46Kj3/LpJReW
R5xMJUJXqaHPSbVCC1CMiuRhVDaXxdyEF5r5LMVjSc6QC9NXFzxgwvokUwlgcH6D
WOx0eJXAyQoLdtqwgpmL7LPl1DpgjxCyF8vjepZA/ZYhQIkFp0CK76EY3vsONkfv
ekaWPucitLhP8fZDT4/lV2FthGPL326FoSD3AMJxauNEhDQy+us8WJx8dJxbgY5I
pWpPR7hSNVlAVw==
-----END CERTIFICATE-----