Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/94fd8a-3b65-4af7-885d-0147e13a993e/1/6YMf0OexWxfgoKfcz8q7Bj18R8o.mft
File:                     6YMf0OexWxfgoKfcz8q7Bj18R8o.mft (raw, json)
Hash identifier:          E2P7NN5vlC+wzeq5wlXT1LF92Wi7OBHtPSSr3VGT+ss=
Subject key identifier:   D3:98:AA:60:4D:EB:96:9C:F4:59:B1:5B:70:0A:7B:B1:D5:97:8B:D5
Authority key identifier: E9:83:1F:D0:E7:B1:5B:17:E0:A0:A7:DC:CF:CA:BB:06:3D:7C:47:CA
Certificate issuer:       /CN=e9831fd0e7b15b17e0a0a7dccfcabb063d7c47ca
Certificate serial:       019D27040DE6FFA3BA80E9EB544691380407
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6YMf0OexWxfgoKfcz8q7Bj18R8o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/94fd8a-3b65-4af7-885d-0147e13a993e/1/6YMf0OexWxfgoKfcz8q7Bj18R8o.mft
Manifest number:          0667
Signing time:             Wed 25 Mar 2026 22:01:10 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:10 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:10 +0000
Files and hashes:         1: 6YMf0OexWxfgoKfcz8q7Bj18R8o.crl (hash: Cfh6B3Q88ffkTMs5vqATdzcc0PWuKiYOnMoNDiTWJbs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/94fd8a-3b65-4af7-885d-0147e13a993e/1/6YMf0OexWxfgoKfcz8q7Bj18R8o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/94fd8a-3b65-4af7-885d-0147e13a993e/1/6YMf0OexWxfgoKfcz8q7Bj18R8o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6YMf0OexWxfgoKfcz8q7Bj18R8o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:0d:e6:ff:a3:ba:80:e9:eb:54:46:91:38:04:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9831fd0e7b15b17e0a0a7dccfcabb063d7c47ca
        Validity
            Not Before: Mar 25 22:01:10 2026 GMT
            Not After : Mar 26 22:01:10 2026 GMT
        Subject: CN=d398aa604deb969cf459b15b700a7bb1d5978bd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:d2:97:0b:ec:94:85:ee:c2:c9:6f:a4:54:22:
                    32:8d:4a:a5:78:82:57:13:27:ab:2e:15:dc:b9:64:
                    f6:49:ac:72:7f:11:fb:b4:24:b1:dc:48:91:74:63:
                    77:65:82:6e:00:34:7d:7c:ef:4e:55:51:16:30:9f:
                    91:ca:61:93:3f:6d:b2:bb:d4:2f:4a:29:65:b6:6e:
                    fd:4b:b2:e5:be:89:c8:69:c4:2b:c5:fa:9b:5f:9a:
                    a9:38:6d:9a:3d:5c:7f:53:86:ac:61:56:60:04:cd:
                    10:77:3c:fb:22:17:f7:59:fa:82:0c:25:d2:48:d3:
                    aa:c2:ac:62:a9:ca:43:e2:28:ee:22:48:06:44:67:
                    e2:5f:7c:1f:f5:e9:1f:8d:c8:01:50:8f:ae:61:11:
                    1c:b3:05:93:69:ac:50:b6:f3:e9:e4:8f:d7:c9:d6:
                    a3:a5:f5:bb:19:8f:29:f9:45:a9:3a:1c:a5:e4:b1:
                    5e:4d:4c:ab:b7:5f:23:d8:a1:09:1a:e5:b4:f0:f4:
                    8d:37:8d:05:96:24:f8:fc:68:67:a8:bd:d8:f1:f4:
                    b8:79:dc:a8:ac:0f:e6:d7:45:a2:31:c1:3e:e3:ec:
                    e0:96:bb:f8:50:48:7d:7a:78:4e:91:9d:7d:7a:fc:
                    e1:89:b7:64:e3:c9:ff:cb:de:6b:d0:29:f7:24:01:
                    c2:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:98:AA:60:4D:EB:96:9C:F4:59:B1:5B:70:0A:7B:B1:D5:97:8B:D5
            X509v3 Authority Key Identifier:
                keyid:E9:83:1F:D0:E7:B1:5B:17:E0:A0:A7:DC:CF:CA:BB:06:3D:7C:47:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6YMf0OexWxfgoKfcz8q7Bj18R8o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/94fd8a-3b65-4af7-885d-0147e13a993e/1/6YMf0OexWxfgoKfcz8q7Bj18R8o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/94fd8a-3b65-4af7-885d-0147e13a993e/1/6YMf0OexWxfgoKfcz8q7Bj18R8o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:0a:94:f2:23:c0:8b:2d:2c:12:55:57:fc:62:38:c0:6a:8d:
         92:0f:cf:f0:ec:e3:fa:2e:1b:00:88:5f:9b:fc:ba:c2:b5:e4:
         77:58:71:4f:b6:1b:d9:cc:e6:1a:e2:ae:17:28:b2:c1:90:d9:
         62:8a:ac:20:07:49:a1:62:65:2f:ae:9d:00:a3:e8:d2:35:78:
         16:56:6e:d1:ac:f2:75:40:89:28:d6:e5:0f:f0:30:05:a6:c8:
         ef:21:5c:40:e0:4b:e9:c9:00:08:cf:67:b4:89:3f:5e:a0:e0:
         20:71:bf:9b:49:ea:fc:84:c1:47:73:da:5a:bd:37:ec:24:5c:
         ea:ff:4c:72:89:76:67:42:ba:09:f4:02:be:df:f1:4d:df:b5:
         ca:56:4f:8d:cd:c4:13:d2:b8:b7:93:d9:62:2b:be:6d:e5:eb:
         4c:fe:fb:44:4d:78:2c:4f:c5:7d:fe:b1:33:84:f1:29:fb:fb:
         a0:ce:49:a2:be:3b:57:e2:f9:cf:f2:80:4a:32:3e:48:96:72:
         19:43:6e:7f:e4:ae:e5:29:b0:cd:88:0e:ea:62:1f:d0:15:93:
         14:6a:ee:af:57:17:da:1c:19:29:0f:2e:1b:c7:7f:8d:05:be:
         9d:19:7a:1b:36:f3:1a:57:38:19:b3:12:c3:a0:6b:81:e5:9f:
         a1:81:eb:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBA3m/6O6gOnrVEaROAQHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5ODMxZmQwZTdiMTViMTdlMGEwYTdkY2NmY2FiYjA2M2Q3
YzQ3Y2EwHhcNMjYwMzI1MjIwMTEwWhcNMjYwMzI2MjIwMTEwWjAzMTEwLwYDVQQD
EyhkMzk4YWE2MDRkZWI5NjljZjQ1OWIxNWI3MDBhN2JiMWQ1OTc4YmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2tKXC+yUhe7CyW+kVCIyjUqleIJX
EyerLhXcuWT2SaxyfxH7tCSx3EiRdGN3ZYJuADR9fO9OVVEWMJ+RymGTP22yu9Qv
Silltm79S7LlvonIacQrxfqbX5qpOG2aPVx/U4asYVZgBM0Qdzz7Ihf3WfqCDCXS
SNOqwqxiqcpD4ijuIkgGRGfiX3wf9ekfjcgBUI+uYREcswWTaaxQtvPp5I/Xydaj
pfW7GY8p+UWpOhyl5LFeTUyrt18j2KEJGuW08PSNN40FliT4/GhnqL3Y8fS4edyo
rA/m10WiMcE+4+zglrv4UEh9enhOkZ19evzhibdk48n/y95r0Cn3JAHCCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNOYqmBN65ac9FmxW3AKe7HVl4vVMB8GA1UdIwQY
MBaAFOmDH9DnsVsX4KCn3M/KuwY9fEfKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNllNZjBPZXhXeGZnb0tmY3o4cTdCajE4UjhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi85NGZkOGEtM2I2NS00YWY3LTg4NWQt
MDE0N2UxM2E5OTNlLzEvNllNZjBPZXhXeGZnb0tmY3o4cTdCajE4UjhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi85NGZkOGEtM2I2NS00YWY3LTg4NWQtMDE0N2UxM2E5OTNl
LzEvNllNZjBPZXhXeGZnb0tmY3o4cTdCajE4UjhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUQqU8iPA
iy0sElVX/GI4wGqNkg/P8Ozj+i4bAIhfm/y6wrXkd1hxT7Yb2czmGuKuFyiywZDZ
YoqsIAdJoWJlL66dAKPo0jV4FlZu0azydUCJKNblD/AwBabI7yFcQOBL6ckACM9n
tIk/XqDgIHG/m0nq/ITBR3PaWr037CRc6v9Mcol2Z0K6CfQCvt/xTd+1ylZPjc3E
E9K4t5PZYiu+beXrTP77RE14LE/Fff6xM4TxKfv7oM5Jor47V+L5z/KASjI+SJZy
GUNuf+Su5SmwzYgO6mIf0BWTFGrur1cX2hwZKQ8uG8d/jQW+nRl6GzbzGlc4GbMS
w6BrgeWfoYHrag==
-----END CERTIFICATE-----