Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft
File:                     YQy4N7bSF3jkw9u5aWefDxxQtIo.mft (raw, json)
Hash identifier:          0/jUCLZcCVBEnwB5rpj2apGizXUBZvxH8zmLxv+hAak=
Subject key identifier:   68:89:4A:27:FA:C8:40:48:26:18:2D:25:01:71:96:45:E8:65:03:3C
Authority key identifier: 61:0C:B8:37:B6:D2:17:78:E4:C3:DB:B9:69:67:9F:0F:1C:50:B4:8A
Certificate issuer:       /CN=610cb837b6d21778e4c3dbb969679f0f1c50b48a
Certificate serial:       019D28BB3D74D5B0362A7C935BE11CBD8799
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YQy4N7bSF3jkw9u5aWefDxxQtIo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft
Manifest number:          109F
Signing time:             Thu 26 Mar 2026 06:00:52 +0000
Manifest this update:     Thu 26 Mar 2026 06:00:52 +0000
Manifest next update:     Fri 27 Mar 2026 06:00:52 +0000
Files and hashes:         1: YQy4N7bSF3jkw9u5aWefDxxQtIo.crl (hash: F9ouhNVWEeXzxDsnfGBE9B2dV6ans90Ej2gDF8dy2jY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YQy4N7bSF3jkw9u5aWefDxxQtIo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 06:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:bb:3d:74:d5:b0:36:2a:7c:93:5b:e1:1c:bd:87:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=610cb837b6d21778e4c3dbb969679f0f1c50b48a
        Validity
            Not Before: Mar 26 06:00:52 2026 GMT
            Not After : Mar 27 06:00:52 2026 GMT
        Subject: CN=68894a27fac8404826182d2501719645e865033c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:f6:18:54:25:ba:0a:85:63:8f:81:51:e4:9e:
                    5a:0d:60:82:be:10:13:13:3c:dc:67:4f:f7:dd:82:
                    31:43:aa:57:af:2b:af:6e:bf:08:03:25:6c:aa:8c:
                    64:49:c1:5a:4e:9e:d6:3e:32:03:07:9f:1c:f9:d7:
                    27:9d:26:fd:b7:fc:eb:8f:c4:8d:43:51:84:0a:7f:
                    18:15:e6:c3:6f:be:35:a0:31:59:76:82:e0:71:24:
                    f9:01:e0:4e:32:4b:c4:74:5b:2a:12:dd:47:53:be:
                    64:54:39:73:00:75:a5:bf:a5:bf:27:c0:04:2c:4a:
                    eb:aa:cf:78:3f:8b:33:68:aa:3f:f5:19:8f:38:ef:
                    94:db:5b:e1:4f:33:bb:5c:b5:67:ff:a8:42:7d:92:
                    3a:8d:cc:2d:45:30:f8:ec:c9:59:5f:f0:8e:0f:be:
                    03:18:8c:84:e5:4d:b2:37:8b:41:9d:6d:89:6c:4e:
                    4e:26:32:c4:32:60:62:98:32:32:b1:74:f6:49:40:
                    e7:6f:14:71:9e:1f:ad:e5:78:89:95:31:aa:9f:d2:
                    95:bf:ef:7a:8f:a5:de:f5:16:71:83:76:10:a3:21:
                    db:45:df:48:ed:9f:f2:9d:67:39:cf:f4:2c:a1:ee:
                    b6:76:79:9b:9c:ab:be:13:a9:bc:c1:24:03:eb:6a:
                    a2:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:89:4A:27:FA:C8:40:48:26:18:2D:25:01:71:96:45:E8:65:03:3C
            X509v3 Authority Key Identifier:
                keyid:61:0C:B8:37:B6:D2:17:78:E4:C3:DB:B9:69:67:9F:0F:1C:50:B4:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YQy4N7bSF3jkw9u5aWefDxxQtIo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:b0:58:97:04:a0:d7:d7:ef:37:56:28:05:dc:6d:54:39:aa:
         63:69:35:08:49:e7:6e:f9:90:27:29:1c:36:4c:f4:bc:25:e7:
         d0:56:bd:69:40:7d:89:14:96:20:ff:61:5a:58:80:8f:97:70:
         a7:cb:8c:93:f6:d3:df:0e:e7:19:8a:51:2b:3d:52:95:64:e5:
         6d:1e:2f:1c:0b:01:16:da:eb:2e:93:11:e2:48:24:0f:80:73:
         b5:69:9b:2a:f0:c2:20:e6:34:74:93:4a:46:a3:1f:f0:9f:6c:
         b2:d6:69:bc:3a:f2:8c:3a:8a:a6:a6:ca:e3:95:0a:7d:ee:ff:
         6e:bd:38:3c:d3:c9:e3:81:45:9a:dc:c0:e2:10:bc:85:1c:63:
         15:a7:ef:a2:c2:1d:3b:90:ab:aa:1c:0c:3c:d2:30:f0:9c:92:
         ef:fa:1a:0a:0e:16:f0:b7:c6:35:fe:5e:c3:c7:c9:af:2d:40:
         b9:78:d9:3f:b0:be:96:6e:91:58:d9:20:e3:15:fc:7c:51:2f:
         3d:f1:e9:c9:fc:b1:3b:73:85:f8:06:39:01:cf:bb:3b:ea:2a:
         71:2b:cf:19:39:ef:a9:68:50:8b:c2:e2:33:cb:46:84:bf:4e:
         e5:80:8f:00:46:0a:47:d8:8a:14:44:82:25:60:f8:02:9f:a3:
         11:6a:82:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ouz101bA2KnyTW+EcvYeZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMGNiODM3YjZkMjE3NzhlNGMzZGJiOTY5Njc5ZjBmMWM1
MGI0OGEwHhcNMjYwMzI2MDYwMDUyWhcNMjYwMzI3MDYwMDUyWjAzMTEwLwYDVQQD
Eyg2ODg5NGEyN2ZhYzg0MDQ4MjYxODJkMjUwMTcxOTY0NWU4NjUwMzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfYYVCW6CoVjj4FR5J5aDWCCvhAT
EzzcZ0/33YIxQ6pXryuvbr8IAyVsqoxkScFaTp7WPjIDB58c+dcnnSb9t/zrj8SN
Q1GECn8YFebDb741oDFZdoLgcST5AeBOMkvEdFsqEt1HU75kVDlzAHWlv6W/J8AE
LErrqs94P4szaKo/9RmPOO+U21vhTzO7XLVn/6hCfZI6jcwtRTD47MlZX/COD74D
GIyE5U2yN4tBnW2JbE5OJjLEMmBimDIysXT2SUDnbxRxnh+t5XiJlTGqn9KVv+96
j6Xe9RZxg3YQoyHbRd9I7Z/ynWc5z/Qsoe62dnmbnKu+E6m8wSQD62qiMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGiJSif6yEBIJhgtJQFxlkXoZQM8MB8GA1UdIwQY
MBaAFGEMuDe20hd45MPbuWlnnw8cULSKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVF5NE43YlNGM2prdzl1NWFXZWZEeHhRdElvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy85OGU4MjUtYjU4Yy00NTZlLWFmMjgt
N2IzNWEwNmFiNTRiLzEvWVF5NE43YlNGM2prdzl1NWFXZWZEeHhRdElvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy85OGU4MjUtYjU4Yy00NTZlLWFmMjgtN2IzNWEwNmFiNTRi
LzEvWVF5NE43YlNGM2prdzl1NWFXZWZEeHhRdElvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAebBYlwSg
19fvN1YoBdxtVDmqY2k1CEnnbvmQJykcNkz0vCXn0Fa9aUB9iRSWIP9hWliAj5dw
p8uMk/bT3w7nGYpRKz1SlWTlbR4vHAsBFtrrLpMR4kgkD4BztWmbKvDCIOY0dJNK
RqMf8J9sstZpvDryjDqKpqbK45UKfe7/br04PNPJ44FFmtzA4hC8hRxjFafvosId
O5CrqhwMPNIw8JyS7/oaCg4W8LfGNf5ew8fJry1AuXjZP7C+lm6RWNkg4xX8fFEv
PfHpyfyxO3OF+AY5Ac+7O+oqcSvPGTnvqWhQi8LiM8tGhL9O5YCPAEYKR9iKFESC
JWD4Ap+jEWqCog==
-----END CERTIFICATE-----