Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/b4c9d5-e27f-44bf-ba42-6c3d11d40d78/1/YjqxggzkjFedpAxm2FJl8cLPy04.mft
File:                     YjqxggzkjFedpAxm2FJl8cLPy04.mft (raw, json)
Hash identifier:          ZTUK6VZOj2BpXwTqH8jogtAMSVBkgOyu3thrp6fRNeo=
Subject key identifier:   0C:4A:74:02:94:6A:7B:7E:3E:5E:0A:F4:F3:7D:D3:47:31:FD:A1:2F
Authority key identifier: 62:3A:B1:82:0C:E4:8C:57:9D:A4:0C:66:D8:52:65:F1:C2:CF:CB:4E
Certificate issuer:       /CN=623ab1820ce48c579da40c66d85265f1c2cfcb4e
Certificate serial:       019D27E07468844136B204998D9E1B785B80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YjqxggzkjFedpAxm2FJl8cLPy04.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/b4c9d5-e27f-44bf-ba42-6c3d11d40d78/1/YjqxggzkjFedpAxm2FJl8cLPy04.mft
Manifest number:          090B
Signing time:             Thu 26 Mar 2026 02:01:54 +0000
Manifest this update:     Thu 26 Mar 2026 02:01:54 +0000
Manifest next update:     Fri 27 Mar 2026 02:01:54 +0000
Files and hashes:         1: YjqxggzkjFedpAxm2FJl8cLPy04.crl (hash: 0G/s0z3Su2kloDH38qovaEzSuMEzX9OZ58B0G4be1+U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/b4c9d5-e27f-44bf-ba42-6c3d11d40d78/1/YjqxggzkjFedpAxm2FJl8cLPy04.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/b4c9d5-e27f-44bf-ba42-6c3d11d40d78/1/YjqxggzkjFedpAxm2FJl8cLPy04.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YjqxggzkjFedpAxm2FJl8cLPy04.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:e0:74:68:84:41:36:b2:04:99:8d:9e:1b:78:5b:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=623ab1820ce48c579da40c66d85265f1c2cfcb4e
        Validity
            Not Before: Mar 26 02:01:54 2026 GMT
            Not After : Mar 27 02:01:54 2026 GMT
        Subject: CN=0c4a7402946a7b7e3e5e0af4f37dd34731fda12f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:57:23:03:3e:2c:0f:c0:6f:5c:c8:a8:26:e0:
                    9d:ba:6d:b2:01:cf:d1:75:24:fc:27:6b:45:8d:0c:
                    92:0c:82:54:8c:6f:f1:8d:0e:64:81:9e:67:b6:54:
                    ca:29:27:75:64:47:85:dd:e0:9c:d4:e2:2f:e7:3f:
                    d1:ec:4b:7d:bb:8b:2a:fe:96:6d:f7:86:dd:99:21:
                    2c:d9:b7:aa:49:0f:3d:26:db:d4:e0:33:c2:03:32:
                    dd:e7:5e:b1:9a:7e:d3:6c:d4:ca:01:bb:21:43:a8:
                    23:71:4e:c8:5e:47:e6:9e:e3:1d:15:f3:ff:56:5c:
                    3c:a0:d2:a5:ee:48:05:72:50:c2:b6:e6:03:2b:ca:
                    1b:e4:02:41:47:f0:9a:9c:af:7a:a3:9e:e4:7c:c7:
                    63:7b:5f:3e:1f:3a:21:1a:32:64:a1:e1:bc:01:de:
                    08:72:6d:10:df:50:64:f0:38:ae:21:51:fc:dc:45:
                    14:d5:2c:76:cd:55:0f:63:5f:cb:ae:c4:f4:8b:7b:
                    05:48:80:50:30:1c:3e:45:2f:b6:dd:ce:ca:60:ac:
                    92:df:c3:40:3f:f4:53:be:28:4a:3f:37:f1:e0:2e:
                    4b:c7:00:e0:84:2c:d7:be:0b:ea:61:9d:86:52:e4:
                    ef:6d:62:9f:6a:21:d9:9c:6f:b7:a3:ab:50:60:c6:
                    ef:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:4A:74:02:94:6A:7B:7E:3E:5E:0A:F4:F3:7D:D3:47:31:FD:A1:2F
            X509v3 Authority Key Identifier:
                keyid:62:3A:B1:82:0C:E4:8C:57:9D:A4:0C:66:D8:52:65:F1:C2:CF:CB:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YjqxggzkjFedpAxm2FJl8cLPy04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b4c9d5-e27f-44bf-ba42-6c3d11d40d78/1/YjqxggzkjFedpAxm2FJl8cLPy04.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/b4c9d5-e27f-44bf-ba42-6c3d11d40d78/1/YjqxggzkjFedpAxm2FJl8cLPy04.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:b0:23:e9:68:c9:ba:b8:a7:bf:46:3e:64:6f:5e:30:7c:73:
         1d:a3:5e:a5:df:de:9e:60:0c:12:c7:e7:18:71:da:49:69:a9:
         9b:de:ce:a2:37:36:0d:46:43:39:a0:92:ba:74:cf:a8:bd:50:
         07:a6:41:b3:23:bc:72:0a:be:fc:ec:f1:fb:47:ce:23:a3:7b:
         0f:d8:70:6f:e3:18:3d:3a:0b:a3:aa:bb:47:56:fa:1b:ea:41:
         58:5c:3d:a5:93:47:ad:65:66:7f:42:19:98:c7:e7:b4:3a:43:
         30:80:0d:93:3a:d9:74:d8:ee:e8:ed:b1:e1:86:7c:00:57:6a:
         4c:5b:0c:2a:60:b2:8e:cc:a4:21:e9:a5:32:4e:6b:7e:db:4b:
         49:ed:17:2f:aa:f5:b0:02:3d:4a:25:6c:82:65:ee:81:ab:1a:
         ae:8b:6a:c3:ac:44:ae:fc:47:81:39:ee:f2:97:31:0f:f0:bb:
         87:0d:0a:c4:28:38:43:57:16:1b:66:67:12:f8:11:92:c3:e5:
         6e:45:68:ed:db:6f:d2:6c:58:f6:19:e3:2a:3c:8c:f5:d5:1e:
         fe:91:93:98:24:65:eb:86:3b:4f:1e:4e:75:d4:67:f6:da:e5:
         25:36:4e:ed:67:2b:d9:82:ba:b5:34:c0:6e:30:ff:6e:85:29:
         f9:37:ce:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n4HRohEE2sgSZjZ4beFuAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyM2FiMTgyMGNlNDhjNTc5ZGE0MGM2NmQ4NTI2NWYxYzJj
ZmNiNGUwHhcNMjYwMzI2MDIwMTU0WhcNMjYwMzI3MDIwMTU0WjAzMTEwLwYDVQQD
EygwYzRhNzQwMjk0NmE3YjdlM2U1ZTBhZjRmMzdkZDM0NzMxZmRhMTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlcjAz4sD8BvXMioJuCdum2yAc/R
dST8J2tFjQySDIJUjG/xjQ5kgZ5ntlTKKSd1ZEeF3eCc1OIv5z/R7Et9u4sq/pZt
94bdmSEs2beqSQ89JtvU4DPCAzLd516xmn7TbNTKAbshQ6gjcU7IXkfmnuMdFfP/
Vlw8oNKl7kgFclDCtuYDK8ob5AJBR/CanK96o57kfMdje18+HzohGjJkoeG8Ad4I
cm0Q31Bk8DiuIVH83EUU1Sx2zVUPY1/LrsT0i3sFSIBQMBw+RS+23c7KYKyS38NA
P/RTvihKPzfx4C5LxwDghCzXvgvqYZ2GUuTvbWKfaiHZnG+3o6tQYMbvIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAxKdAKUant+Pl4K9PN900cx/aEvMB8GA1UdIwQY
MBaAFGI6sYIM5IxXnaQMZthSZfHCz8tOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWpxeGdnemtqRmVkcEF4bTJGSmw4Y0xQeTA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9iNGM5ZDUtZTI3Zi00NGJmLWJhNDIt
NmMzZDExZDQwZDc4LzEvWWpxeGdnemtqRmVkcEF4bTJGSmw4Y0xQeTA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9iNGM5ZDUtZTI3Zi00NGJmLWJhNDItNmMzZDExZDQwZDc4
LzEvWWpxeGdnemtqRmVkcEF4bTJGSmw4Y0xQeTA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAerAj6WjJ
urinv0Y+ZG9eMHxzHaNepd/enmAMEsfnGHHaSWmpm97Oojc2DUZDOaCSunTPqL1Q
B6ZBsyO8cgq+/Ozx+0fOI6N7D9hwb+MYPToLo6q7R1b6G+pBWFw9pZNHrWVmf0IZ
mMfntDpDMIANkzrZdNju6O2x4YZ8AFdqTFsMKmCyjsykIemlMk5rfttLSe0XL6r1
sAI9SiVsgmXugasarotqw6xErvxHgTnu8pcxD/C7hw0KxCg4Q1cWG2ZnEvgRksPl
bkVo7dtv0mxY9hnjKjyM9dUe/pGTmCRl64Y7Tx5OddRn9trlJTZO7Wcr2YK6tTTA
bjD/boUp+TfORA==
-----END CERTIFICATE-----