Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
File:                     YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft (raw, json)
Hash identifier:          cVhAUyVFBC03cenBO0cxNaOwXqHER7UTcJ0l3NOhYYY=
Subject key identifier:   D3:B7:23:97:59:C9:29:3F:31:4E:36:D2:52:AA:1F:73:63:10:6B:02
Authority key identifier: 60:A4:34:FD:6B:FF:8B:6F:BB:0D:52:F8:DA:42:E9:1F:8A:5A:29:2F
Certificate issuer:       /CN=60a434fd6bff8b6fbb0d52f8da42e91f8a5a292f
Certificate serial:       019D284D9A359FB3F36FA442B67698363575
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
Manifest number:          0A20
Signing time:             Thu 26 Mar 2026 04:01:07 +0000
Manifest this update:     Thu 26 Mar 2026 04:01:07 +0000
Manifest next update:     Fri 27 Mar 2026 04:01:07 +0000
Files and hashes:         1: YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl (hash: zdizJmgPKBT/z6m9zpxfJxyQ2EvbhizYa91DwO95qYM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4d:9a:35:9f:b3:f3:6f:a4:42:b6:76:98:36:35:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60a434fd6bff8b6fbb0d52f8da42e91f8a5a292f
        Validity
            Not Before: Mar 26 04:01:07 2026 GMT
            Not After : Mar 27 04:01:07 2026 GMT
        Subject: CN=d3b7239759c9293f314e36d252aa1f7363106b02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:0d:db:9f:30:b5:5d:75:14:ab:b9:d4:2c:8c:
                    3e:f4:80:5e:90:93:9e:d8:ee:d7:06:6e:d8:1f:d4:
                    dc:83:30:08:53:d5:99:d3:5f:44:12:b2:eb:3e:07:
                    4f:a8:a7:d8:03:5a:85:e4:d9:b4:52:9d:9c:44:63:
                    24:21:f7:7e:8b:d1:f3:2c:87:41:af:3b:67:4b:ee:
                    ad:b8:6d:82:d4:3f:a0:85:be:d0:83:9d:58:3c:98:
                    18:24:b8:f8:8a:09:eb:f2:cd:71:57:7b:ef:60:d4:
                    7a:0a:00:d7:a9:68:24:18:20:d6:29:4b:7b:96:14:
                    6a:90:15:d9:52:83:ae:9f:3f:bd:28:8a:3a:71:97:
                    03:30:15:78:b7:18:2f:23:ca:b6:9d:e7:5b:99:34:
                    03:e6:75:ae:7b:cb:64:11:f8:7a:f0:5d:f1:4f:a7:
                    ef:a3:e9:f4:8c:4f:24:63:1a:63:ab:a6:4d:61:57:
                    2d:7e:e5:94:fd:26:07:2b:72:da:e2:db:46:2f:db:
                    a6:f7:ea:e7:32:36:d2:7f:d0:8c:ac:e2:47:d1:87:
                    1c:22:44:07:92:a1:9c:9c:40:e1:03:1a:b2:4c:06:
                    35:a2:ab:86:e2:a8:9a:93:ea:0b:83:ef:4a:dc:62:
                    e5:af:a0:fd:33:2b:9f:74:a5:fd:3d:a7:25:3d:7b:
                    6e:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:B7:23:97:59:C9:29:3F:31:4E:36:D2:52:AA:1F:73:63:10:6B:02
            X509v3 Authority Key Identifier:
                keyid:60:A4:34:FD:6B:FF:8B:6F:BB:0D:52:F8:DA:42:E9:1F:8A:5A:29:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:3e:d8:34:82:8f:b8:44:34:e3:dc:4d:04:e7:64:82:cc:72:
         30:9d:72:2c:b3:e4:e2:23:9c:a7:3a:09:51:f8:25:e9:61:96:
         0d:c8:d1:1a:0a:0b:be:42:25:76:d6:41:af:42:6e:3d:b2:c9:
         84:a7:6d:36:55:7f:46:1e:f3:8b:6e:50:97:96:9b:0c:81:eb:
         bb:d8:d4:4f:84:4f:67:44:50:db:1b:e2:41:8b:38:9e:16:36:
         39:ce:5d:eb:89:ec:d6:7b:64:11:ab:e3:1f:dd:68:be:b1:b4:
         87:1b:d0:5d:eb:95:da:dc:75:80:53:2f:45:a3:39:47:e2:31:
         be:ca:e5:5e:fb:81:97:73:5d:ee:c9:92:90:2d:7e:13:8b:54:
         ba:26:01:6b:eb:e8:9c:8c:18:55:80:28:d4:5b:f5:3c:f3:c0:
         07:67:75:6b:c2:88:fc:34:4d:ae:14:87:60:04:ec:b4:55:08:
         c4:e3:0c:a5:e2:d0:1e:2a:7b:25:cb:8f:58:86:51:38:e7:c4:
         a8:33:75:cb:ea:42:90:b0:ca:44:9f:c6:24:e4:4c:e8:52:7a:
         f7:1b:23:1e:70:da:a5:ec:a8:8e:95:7a:b8:04:f3:d6:03:2f:
         e4:7f:84:4f:5c:3b:b2:1e:78:94:60:70:36:5b:2b:d8:a3:a0:
         70:10:3a:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTZo1n7Pzb6RCtnaYNjV1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYTQzNGZkNmJmZjhiNmZiYjBkNTJmOGRhNDJlOTFmOGE1
YTI5MmYwHhcNMjYwMzI2MDQwMTA3WhcNMjYwMzI3MDQwMTA3WjAzMTEwLwYDVQQD
EyhkM2I3MjM5NzU5YzkyOTNmMzE0ZTM2ZDI1MmFhMWY3MzYzMTA2YjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApg3bnzC1XXUUq7nULIw+9IBekJOe
2O7XBm7YH9TcgzAIU9WZ019EErLrPgdPqKfYA1qF5Nm0Up2cRGMkIfd+i9HzLIdB
rztnS+6tuG2C1D+ghb7Qg51YPJgYJLj4ignr8s1xV3vvYNR6CgDXqWgkGCDWKUt7
lhRqkBXZUoOunz+9KIo6cZcDMBV4txgvI8q2nedbmTQD5nWue8tkEfh68F3xT6fv
o+n0jE8kYxpjq6ZNYVctfuWU/SYHK3La4ttGL9um9+rnMjbSf9CMrOJH0YccIkQH
kqGcnEDhAxqyTAY1oquG4qiak+oLg+9K3GLlr6D9MyufdKX9PaclPXtusQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNO3I5dZySk/MU420lKqH3NjEGsCMB8GA1UdIwQY
MBaAFGCkNP1r/4tvuw1S+NpC6R+KWikvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82ODAxYzktZGQxNy00ZGNhLTgxMDAt
NmEzZjAxZDljYjUwLzEvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82ODAxYzktZGQxNy00ZGNhLTgxMDAtNmEzZjAxZDljYjUw
LzEvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiT7YNIKP
uEQ049xNBOdkgsxyMJ1yLLPk4iOcpzoJUfgl6WGWDcjRGgoLvkIldtZBr0JuPbLJ
hKdtNlV/Rh7zi25Ql5abDIHru9jUT4RPZ0RQ2xviQYs4nhY2Oc5d64ns1ntkEavj
H91ovrG0hxvQXeuV2tx1gFMvRaM5R+IxvsrlXvuBl3Nd7smSkC1+E4tUuiYBa+vo
nIwYVYAo1Fv1PPPAB2d1a8KI/DRNrhSHYATstFUIxOMMpeLQHip7JcuPWIZROOfE
qDN1y+pCkLDKRJ/GJORM6FJ69xsjHnDapeyojpV6uATz1gMv5H+ET1w7sh54lGBw
Nlsr2KOgcBA6QQ==
-----END CERTIFICATE-----