Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
File:                     YDRE4ZlioZHv0vIWoSji9M_io94.mft (raw, json)
Hash identifier:          WWisfbX/JXtyNiSI5zNLvfWHLQ0PC5bouurzLpPy/A4=
Subject key identifier:   2C:83:C7:BF:58:4D:87:56:AC:53:77:84:9A:CB:41:DA:3B:78:0F:B6
Authority key identifier: 60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE
Certificate issuer:       /CN=603444e19962a191efd2f216a128e2f4cfe2a3de
Certificate serial:       019D2704B745304F1ECDD14B5B9AB6C526AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
Manifest number:          08A0
Signing time:             Wed 25 Mar 2026 22:01:53 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:53 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:53 +0000
Files and hashes:         1: YDRE4ZlioZHv0vIWoSji9M_io94.crl (hash: KXnIExe6gu8z7/Y+BZSS+VN5sBfMljIKsp2X8sKcgfE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:b7:45:30:4f:1e:cd:d1:4b:5b:9a:b6:c5:26:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=603444e19962a191efd2f216a128e2f4cfe2a3de
        Validity
            Not Before: Mar 25 22:01:53 2026 GMT
            Not After : Mar 26 22:01:53 2026 GMT
        Subject: CN=2c83c7bf584d8756ac5377849acb41da3b780fb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:8e:18:45:c9:6e:98:97:95:11:38:d6:3a:26:
                    a2:a9:f0:75:15:07:55:5c:85:34:a7:b7:8d:18:82:
                    9c:16:c8:a5:7e:d2:09:0d:3c:97:5b:11:99:70:b0:
                    a3:de:0d:38:cc:98:c3:8a:6c:68:04:01:db:6d:12:
                    40:c7:e3:60:ea:a5:29:88:16:75:59:ba:7f:23:0c:
                    6e:a1:ce:a2:53:f4:5b:78:22:f2:45:cb:4a:d4:3c:
                    1c:ee:ad:be:48:49:60:7d:d2:e3:76:f6:6e:04:04:
                    82:aa:ab:42:4b:68:85:de:c1:31:fe:b5:3b:5f:3f:
                    a2:90:aa:84:65:6e:e9:1c:61:aa:fb:e3:2a:f8:37:
                    1a:b0:48:8f:57:52:10:06:f9:c5:22:fe:81:80:4f:
                    df:1e:8d:6a:8a:63:3d:af:80:8e:48:c4:dd:2f:d6:
                    fc:79:61:e8:26:44:64:a0:0f:f9:07:bb:d6:fc:b8:
                    ec:ad:8a:82:63:28:f1:9f:31:43:6e:80:de:8a:69:
                    a7:7c:b5:b9:56:ba:f0:63:a0:00:ce:82:d4:6e:41:
                    78:9f:ad:c2:62:6a:09:12:00:6f:99:16:d2:c8:0a:
                    e0:cb:5c:2a:d0:39:4a:8b:f6:c3:34:e8:1b:97:27:
                    3a:6b:10:65:d1:45:c2:e0:29:e8:3d:54:a7:d0:b9:
                    5b:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:83:C7:BF:58:4D:87:56:AC:53:77:84:9A:CB:41:DA:3B:78:0F:B6
            X509v3 Authority Key Identifier:
                keyid:60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:b0:a3:37:22:89:a6:af:92:59:08:41:27:d9:a4:3c:07:b3:
         8c:14:14:69:34:05:4c:c0:80:02:42:e5:76:a7:2b:1d:ad:05:
         02:52:8d:e5:df:75:d9:77:c9:d7:14:7d:14:53:4c:a9:d0:6b:
         98:28:65:de:c1:35:c1:59:b1:0a:66:a9:39:dd:9f:eb:35:b4:
         4a:b0:30:7c:f9:46:c4:c7:1c:b9:74:31:7b:44:0d:37:c7:2d:
         ad:b4:6d:32:53:4f:6e:b1:14:a0:80:62:44:b4:b5:e6:d2:cf:
         8d:c1:ef:82:74:ed:fd:a7:81:bc:44:2b:79:6c:fd:b2:91:e3:
         d3:97:7f:a8:87:6e:f9:26:5d:fa:94:ab:df:cf:bf:6d:b9:c8:
         22:96:79:9a:68:77:3b:00:cf:e6:5f:63:2f:cd:fe:93:b4:e6:
         75:fb:45:a1:ce:20:ac:13:4a:cf:61:66:43:a1:cd:24:67:60:
         5c:16:f8:05:eb:2b:1a:e8:15:d9:be:c1:cb:0a:0e:09:e2:63:
         62:16:d2:2d:11:e4:99:cc:82:01:a7:72:24:89:73:59:62:45:
         39:c0:56:6a:52:87:2a:75:e3:ac:ac:d4:65:f8:83:00:4b:5f:
         40:25:9a:df:9a:1b:84:8f:1f:39:44:e7:4f:9d:c5:35:27:11:
         d5:0f:d4:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBLdFME8ezdFLW5q2xSarMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzQ0NGUxOTk2MmExOTFlZmQyZjIxNmExMjhlMmY0Y2Zl
MmEzZGUwHhcNMjYwMzI1MjIwMTUzWhcNMjYwMzI2MjIwMTUzWjAzMTEwLwYDVQQD
EygyYzgzYzdiZjU4NGQ4NzU2YWM1Mzc3ODQ5YWNiNDFkYTNiNzgwZmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9o4YRclumJeVETjWOiaiqfB1FQdV
XIU0p7eNGIKcFsilftIJDTyXWxGZcLCj3g04zJjDimxoBAHbbRJAx+Ng6qUpiBZ1
Wbp/Iwxuoc6iU/RbeCLyRctK1Dwc7q2+SElgfdLjdvZuBASCqqtCS2iF3sEx/rU7
Xz+ikKqEZW7pHGGq++Mq+DcasEiPV1IQBvnFIv6BgE/fHo1qimM9r4COSMTdL9b8
eWHoJkRkoA/5B7vW/LjsrYqCYyjxnzFDboDeimmnfLW5VrrwY6AAzoLUbkF4n63C
YmoJEgBvmRbSyArgy1wq0DlKi/bDNOgblyc6axBl0UXC4CnoPVSn0LlbxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCyDx79YTYdWrFN3hJrLQdo7eA+2MB8GA1UdIwQY
MBaAFGA0ROGZYqGR79LyFqEo4vTP4qPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzct
ODQ0N2UyOWMxNTI0LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzctODQ0N2UyOWMxNTI0
LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH7CjNyKJ
pq+SWQhBJ9mkPAezjBQUaTQFTMCAAkLldqcrHa0FAlKN5d912XfJ1xR9FFNMqdBr
mChl3sE1wVmxCmapOd2f6zW0SrAwfPlGxMccuXQxe0QNN8ctrbRtMlNPbrEUoIBi
RLS15tLPjcHvgnTt/aeBvEQreWz9spHj05d/qIdu+SZd+pSr38+/bbnIIpZ5mmh3
OwDP5l9jL83+k7TmdftFoc4grBNKz2FmQ6HNJGdgXBb4BesrGugV2b7BywoOCeJj
YhbSLRHkmcyCAadyJIlzWWJFOcBWalKHKnXjrKzUZfiDAEtfQCWa35obhI8fOUTn
T53FNScR1Q/UjA==
-----END CERTIFICATE-----