Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft
File:                     yEg4FrQ75KdvYGCDK-xJkvpamM4.mft (raw, json)
Hash identifier:          pcWwq2ZpyJHnJ+c3S+axbzcnoOctpRVXoarxSPyPNu8=
Subject key identifier:   0A:3C:36:D0:62:62:77:EF:0C:3C:84:43:E5:AD:7E:F0:10:89:CE:A7
Authority key identifier: C8:48:38:16:B4:3B:E4:A7:6F:60:60:83:2B:EC:49:92:FA:5A:98:CE
Certificate issuer:       /CN=c8483816b43be4a76f6060832bec4992fa5a98ce
Certificate serial:       019D29297A2965FA9A48A83ED459F7066E6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yEg4FrQ75KdvYGCDK-xJkvpamM4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft
Manifest number:          08AB
Signing time:             Thu 26 Mar 2026 08:01:17 +0000
Manifest this update:     Thu 26 Mar 2026 08:01:17 +0000
Manifest next update:     Fri 27 Mar 2026 08:01:17 +0000
Files and hashes:         1: yEg4FrQ75KdvYGCDK-xJkvpamM4.crl (hash: AWC+gyIsfzzMvWKvgyCfzaF4Xt4vsY3Vfh8GNn+oIt8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yEg4FrQ75KdvYGCDK-xJkvpamM4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 08:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:29:7a:29:65:fa:9a:48:a8:3e:d4:59:f7:06:6e:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8483816b43be4a76f6060832bec4992fa5a98ce
        Validity
            Not Before: Mar 26 08:01:17 2026 GMT
            Not After : Mar 27 08:01:17 2026 GMT
        Subject: CN=0a3c36d0626277ef0c3c8443e5ad7ef01089cea7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:48:dc:54:18:80:0f:dd:59:b6:be:1d:db:63:
                    18:6f:8f:ab:b9:4d:5d:e2:f0:3f:2d:36:a5:10:9d:
                    a7:ba:b6:5d:1b:2f:8c:3c:ed:85:15:f1:27:07:97:
                    81:06:0e:c2:2e:1a:37:66:81:dc:46:7e:ee:a3:3e:
                    1f:75:34:d8:df:5a:25:62:8d:14:ae:8b:db:1d:1c:
                    ef:21:84:f5:fe:3e:51:9b:fc:c3:4d:fe:84:9c:fe:
                    1d:7c:04:34:ac:fb:5f:50:f0:ab:06:77:24:c4:9a:
                    53:90:6d:8c:eb:e2:6b:c7:3c:94:27:72:a5:59:37:
                    a9:e4:b8:00:12:d3:25:e3:03:3e:27:13:cd:e7:07:
                    f6:3e:da:84:94:99:72:8c:1c:6a:30:e5:7b:88:d9:
                    4e:61:74:b1:73:e4:b1:b8:8f:54:20:f1:41:27:14:
                    3e:86:74:76:50:d1:24:57:93:5b:01:29:8d:8e:05:
                    51:c6:4b:99:15:bf:cd:dc:f1:f1:62:4e:03:5f:be:
                    69:96:c0:53:9e:2e:c1:eb:fc:70:95:8f:e8:be:f4:
                    7f:dd:15:40:9b:78:fe:b4:bc:12:40:9b:83:e8:7b:
                    6e:2b:e3:a2:bf:5e:99:b2:e3:e7:26:c5:dd:6d:3f:
                    ca:2b:0d:6e:12:1c:0e:cd:f4:63:9c:72:79:33:47:
                    2b:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:3C:36:D0:62:62:77:EF:0C:3C:84:43:E5:AD:7E:F0:10:89:CE:A7
            X509v3 Authority Key Identifier:
                keyid:C8:48:38:16:B4:3B:E4:A7:6F:60:60:83:2B:EC:49:92:FA:5A:98:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yEg4FrQ75KdvYGCDK-xJkvpamM4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:87:5a:d5:54:17:ba:21:dc:53:9f:65:3f:07:f6:bf:bd:16:
         6d:2d:31:c0:27:d5:18:e0:fb:fc:e2:1e:84:c2:1c:02:c6:9f:
         0f:aa:b0:ae:a7:c2:d7:a0:e4:24:d6:7e:7f:59:03:34:97:55:
         23:a8:28:49:40:d9:e4:27:69:53:64:d5:58:12:e9:f4:85:3e:
         f1:45:91:2c:27:22:25:ea:f0:3b:4a:5f:9e:36:92:fb:3b:f7:
         f8:a7:6e:41:d8:13:2b:dd:33:0b:5a:78:5a:b6:ae:fa:41:9f:
         b5:96:68:f7:5d:fb:1b:29:72:9c:4c:97:13:04:4f:fe:1b:8c:
         9d:16:5e:8a:08:5e:4c:2f:ab:d5:96:f1:b4:e8:5f:f7:48:dc:
         12:29:5f:da:e9:71:aa:9e:d8:0a:18:10:b0:66:b4:bb:f7:af:
         d3:51:e5:ff:22:b6:c2:a8:6d:08:f5:9c:56:55:8d:9f:b7:3d:
         36:f8:eb:ea:5e:7b:46:46:90:19:7b:6b:52:57:e6:10:76:03:
         1f:06:31:24:4b:fe:35:43:e9:a3:1e:fd:1b:38:1c:2b:44:74:
         96:df:04:6a:f0:b1:31:87:f9:aa:05:98:e6:6b:7f:0e:38:6c:
         45:aa:3c:d2:2d:97:58:61:ab:bb:15:38:b5:96:52:c1:dd:98:
         9b:db:12:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKXopZfqaSKg+1Fn3Bm5tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NDgzODE2YjQzYmU0YTc2ZjYwNjA4MzJiZWM0OTkyZmE1
YTk4Y2UwHhcNMjYwMzI2MDgwMTE3WhcNMjYwMzI3MDgwMTE3WjAzMTEwLwYDVQQD
EygwYTNjMzZkMDYyNjI3N2VmMGMzYzg0NDNlNWFkN2VmMDEwODljZWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00jcVBiAD91Ztr4d22MYb4+ruU1d
4vA/LTalEJ2nurZdGy+MPO2FFfEnB5eBBg7CLho3ZoHcRn7uoz4fdTTY31olYo0U
rovbHRzvIYT1/j5Rm/zDTf6EnP4dfAQ0rPtfUPCrBnckxJpTkG2M6+JrxzyUJ3Kl
WTep5LgAEtMl4wM+JxPN5wf2PtqElJlyjBxqMOV7iNlOYXSxc+SxuI9UIPFBJxQ+
hnR2UNEkV5NbASmNjgVRxkuZFb/N3PHxYk4DX75plsBTni7B6/xwlY/ovvR/3RVA
m3j+tLwSQJuD6HtuK+Oiv16ZsuPnJsXdbT/KKw1uEhwOzfRjnHJ5M0crMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAo8NtBiYnfvDDyEQ+WtfvAQic6nMB8GA1UdIwQY
MBaAFMhIOBa0O+Snb2BggyvsSZL6WpjOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUVnNEZyUTc1S2R2WUdDREsteEprdnBhbU00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8xZDJjNTgtYTA3Yi00NDlkLTg0YWQt
MmEyMGE2MDhmNjMxLzEveUVnNEZyUTc1S2R2WUdDREsteEprdnBhbU00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8xZDJjNTgtYTA3Yi00NDlkLTg0YWQtMmEyMGE2MDhmNjMx
LzEveUVnNEZyUTc1S2R2WUdDREsteEprdnBhbU00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGoda1VQX
uiHcU59lPwf2v70WbS0xwCfVGOD7/OIehMIcAsafD6qwrqfC16DkJNZ+f1kDNJdV
I6goSUDZ5CdpU2TVWBLp9IU+8UWRLCciJerwO0pfnjaS+zv3+KduQdgTK90zC1p4
Wrau+kGftZZo9137GylynEyXEwRP/huMnRZeigheTC+r1ZbxtOhf90jcEilf2ulx
qp7YChgQsGa0u/ev01Hl/yK2wqhtCPWcVlWNn7c9Nvjr6l57RkaQGXtrUlfmEHYD
HwYxJEv+NUPpox79GzgcK0R0lt8EavCxMYf5qgWY5mt/DjhsRao80i2XWGGruxU4
tZZSwd2Ym9sSzA==
-----END CERTIFICATE-----