Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
File:                     YhcForItk4GoI8l5xvTnc0I1I20.mft (raw, json)
Hash identifier:          lFjzKzMeBMApEOB9aIg/h9a5LIcCXSWUt1nYLkMOp9I=
Subject key identifier:   A9:55:DA:72:B8:A3:2F:4F:0A:45:79:42:AF:7B:D7:7F:EE:CF:BB:79
Authority key identifier: 62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D
Certificate issuer:       /CN=621705a2b22d9381a823c979c6f4e7734235236d
Certificate serial:       019D25F13094735905D71C37896B4C666688
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
Manifest number:          1167
Signing time:             Wed 25 Mar 2026 17:00:56 +0000
Manifest this update:     Wed 25 Mar 2026 17:00:56 +0000
Manifest next update:     Thu 26 Mar 2026 17:00:56 +0000
Files and hashes:         1: YhcForItk4GoI8l5xvTnc0I1I20.crl (hash: ebJ8a8XlIkpghYjDxw1NmtYZZHC5SOgKa7wMb29zZ+E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:f1:30:94:73:59:05:d7:1c:37:89:6b:4c:66:66:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=621705a2b22d9381a823c979c6f4e7734235236d
        Validity
            Not Before: Mar 25 17:00:56 2026 GMT
            Not After : Mar 26 17:00:56 2026 GMT
        Subject: CN=a955da72b8a32f4f0a457942af7bd77feecfbb79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:2e:bf:03:ef:47:5b:c8:38:d4:6a:b7:c4:e3:
                    02:8e:f2:fb:7a:79:4f:aa:d6:a2:90:1c:79:3d:2a:
                    d0:93:55:5c:60:ae:07:20:68:39:cd:90:c4:57:0b:
                    ac:03:e7:68:08:60:13:c7:51:9b:6e:d5:16:a4:99:
                    13:aa:d3:5e:e9:eb:11:b7:61:86:d7:90:78:55:83:
                    38:e7:e0:53:ef:e2:74:65:4c:19:aa:e4:a5:9d:48:
                    b7:40:a8:a6:c9:71:4d:43:8e:8e:e9:d3:10:8b:51:
                    85:30:f8:3c:ac:07:75:98:42:71:c3:20:35:c0:bd:
                    9b:c6:71:f4:91:b2:f3:c0:72:c8:31:76:b6:ab:39:
                    a8:29:2f:40:e4:d2:a5:2b:60:21:f3:ab:b6:9a:48:
                    52:ab:64:9d:60:de:53:35:7d:a8:ca:ca:57:1b:f2:
                    05:91:b2:8a:9c:72:8e:f7:b0:09:12:ff:a5:0a:39:
                    f2:a7:c9:c2:98:fb:99:bb:80:15:61:eb:34:67:38:
                    3b:73:9b:02:e1:77:d8:01:77:ea:d0:98:e5:7b:86:
                    1f:e7:1f:fe:a7:c5:a6:14:ce:58:34:e1:9e:7e:ff:
                    44:1f:39:17:33:bc:f9:28:1a:67:16:3a:af:43:b4:
                    12:e4:ae:d4:68:e6:37:0c:39:74:b3:0d:a4:36:31:
                    64:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:55:DA:72:B8:A3:2F:4F:0A:45:79:42:AF:7B:D7:7F:EE:CF:BB:79
            X509v3 Authority Key Identifier:
                keyid:62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:f6:02:02:f0:29:60:c1:72:93:bc:1e:16:fd:8d:91:26:22:
         ef:04:c8:99:8a:54:3d:ff:f9:94:3a:83:eb:b7:6a:e2:a2:18:
         e4:84:72:7c:f8:54:b2:75:e4:f9:05:49:ef:17:42:2e:42:c1:
         53:16:49:a1:b4:c4:42:3e:a2:36:17:44:44:d3:e6:c4:20:db:
         e6:f5:30:0c:82:ce:7f:d2:f2:85:7d:88:b2:d2:f1:31:f5:f7:
         a1:d9:ae:c3:b2:e1:ce:41:15:cb:7a:c8:8b:22:60:b9:08:fe:
         40:ff:c4:be:40:68:f6:0b:cc:a1:35:3d:b8:cc:7a:2d:2a:de:
         5a:83:33:3f:3a:65:3c:08:43:cf:34:27:22:45:4c:a7:b3:22:
         2d:0a:1e:ca:d4:a1:2b:18:b6:cf:12:e7:56:00:df:12:bb:cc:
         52:19:a3:82:c8:9b:4c:16:bc:d1:cd:39:8a:f5:da:c8:f1:f4:
         92:ac:2d:1d:7e:2b:3b:21:c4:dc:90:e7:3f:e2:3d:6b:a3:42:
         79:d7:52:58:28:13:e7:87:0d:34:2d:b9:75:de:4e:d2:17:ef:
         64:27:a0:b3:a0:99:ac:51:7e:dc:d8:80:48:15:cb:a9:05:36:
         a8:a4:7e:ef:a3:e5:d7:c3:22:53:86:3b:46:51:e8:95:62:82:
         dc:5c:93:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8TCUc1kF1xw3iWtMZmaIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMTcwNWEyYjIyZDkzODFhODIzYzk3OWM2ZjRlNzczNDIz
NTIzNmQwHhcNMjYwMzI1MTcwMDU2WhcNMjYwMzI2MTcwMDU2WjAzMTEwLwYDVQQD
EyhhOTU1ZGE3MmI4YTMyZjRmMGE0NTc5NDJhZjdiZDc3ZmVlY2ZiYjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3i6/A+9HW8g41Gq3xOMCjvL7enlP
qtaikBx5PSrQk1VcYK4HIGg5zZDEVwusA+doCGATx1GbbtUWpJkTqtNe6esRt2GG
15B4VYM45+BT7+J0ZUwZquSlnUi3QKimyXFNQ46O6dMQi1GFMPg8rAd1mEJxwyA1
wL2bxnH0kbLzwHLIMXa2qzmoKS9A5NKlK2Ah86u2mkhSq2SdYN5TNX2oyspXG/IF
kbKKnHKO97AJEv+lCjnyp8nCmPuZu4AVYes0Zzg7c5sC4XfYAXfq0Jjle4Yf5x/+
p8WmFM5YNOGefv9EHzkXM7z5KBpnFjqvQ7QS5K7UaOY3DDl0sw2kNjFkvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKlV2nK4oy9PCkV5Qq9713/uz7t5MB8GA1UdIwQY
MBaAFGIXBaKyLZOBqCPJecb053NCNSNtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMt
NzFhMzlkYjg4YTIzLzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMtNzFhMzlkYjg4YTIz
LzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAvYCAvAp
YMFyk7weFv2NkSYi7wTImYpUPf/5lDqD67dq4qIY5IRyfPhUsnXk+QVJ7xdCLkLB
UxZJobTEQj6iNhdERNPmxCDb5vUwDILOf9LyhX2IstLxMfX3odmuw7LhzkEVy3rI
iyJguQj+QP/EvkBo9gvMoTU9uMx6LSreWoMzPzplPAhDzzQnIkVMp7MiLQoeytSh
Kxi2zxLnVgDfErvMUhmjgsibTBa80c05ivXayPH0kqwtHX4rOyHE3JDnP+I9a6NC
eddSWCgT54cNNC25dd5O0hfvZCegs6CZrFF+3NiASBXLqQU2qKR+76Pl18MiU4Y7
RlHolWKC3FyTbw==
-----END CERTIFICATE-----