Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
File:                     YNJSouMVOM2lhXutCYPIvfVYsXs.mft (raw, json)
Hash identifier:          IXs3XeKxu/1QOI99OAR/Rgvm/nCfUj5oKXcwVG0D6iM=
Subject key identifier:   56:25:2F:B2:A7:14:A7:33:B0:78:B2:35:83:A5:2E:C1:50:05:0B:DD
Authority key identifier: 60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B
Certificate issuer:       /CN=60d252a2e31538cda5857bad0983c8bdf558b17b
Certificate serial:       019D28F2D1CBFA942FDEC46CF0C46390DF55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
Manifest number:          0BC8
Signing time:             Thu 26 Mar 2026 07:01:35 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:35 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:35 +0000
Files and hashes:         1: YNJSouMVOM2lhXutCYPIvfVYsXs.crl (hash: z8SDmm+g5ebp18FkBH4VBgxaToLw38tB4FhtYNxDgBM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:d1:cb:fa:94:2f:de:c4:6c:f0:c4:63:90:df:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60d252a2e31538cda5857bad0983c8bdf558b17b
        Validity
            Not Before: Mar 26 07:01:35 2026 GMT
            Not After : Mar 27 07:01:35 2026 GMT
        Subject: CN=56252fb2a714a733b078b23583a52ec150050bdd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:75:c6:77:b0:c8:87:64:8a:ac:a9:64:bd:50:
                    4d:ac:6d:6c:49:44:d1:96:89:19:c0:5a:f6:7d:9e:
                    9b:90:df:a5:37:1f:d1:c2:f7:49:27:08:9c:df:b0:
                    4d:0a:43:d4:7e:3f:17:9b:8d:3f:1a:1f:8f:44:c8:
                    eb:be:ee:81:d4:76:85:1d:e5:4e:af:83:8c:f4:9c:
                    83:c0:ac:9a:a6:c4:04:48:5e:df:bf:73:d2:a5:27:
                    18:2c:e8:4b:9a:70:aa:21:30:32:3f:ac:0e:11:9f:
                    d1:5b:89:85:31:12:47:4c:27:0e:c0:3c:20:b5:1f:
                    01:a4:79:1f:31:cb:9b:80:c2:da:5c:b2:58:6d:ae:
                    b7:93:b0:b5:77:f5:b6:e8:67:fc:55:b8:1d:bd:f1:
                    29:6a:e0:1b:9c:1c:f4:e7:b5:e9:6d:26:ac:99:19:
                    6a:34:67:a6:70:3d:f7:b8:63:17:43:b0:95:1a:22:
                    cd:59:32:6f:89:14:57:04:b4:85:9e:c7:cd:85:f5:
                    4b:fb:0a:4d:81:13:52:a4:a9:32:90:69:88:c7:a9:
                    8c:10:02:ec:4b:35:ee:50:1f:29:2c:97:eb:18:9b:
                    bb:a8:cd:8d:9f:b8:22:e7:de:2c:88:de:8b:01:2b:
                    96:60:07:58:50:b4:f4:c3:ec:e0:6d:26:92:e0:e7:
                    5a:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:25:2F:B2:A7:14:A7:33:B0:78:B2:35:83:A5:2E:C1:50:05:0B:DD
            X509v3 Authority Key Identifier:
                keyid:60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:20:01:cc:20:8f:4d:63:c3:47:a0:3d:09:15:cb:80:65:48:
         d1:3a:62:47:13:7c:70:a8:be:cf:ec:8b:aa:a6:a0:7c:7e:b4:
         17:27:b9:73:ea:f5:19:25:ad:57:c8:7a:76:68:79:8b:ef:ca:
         43:fd:76:c6:0b:9a:db:fa:3a:9e:9d:bc:37:bb:da:91:88:0f:
         7f:69:91:19:ac:ac:bc:04:91:bd:2f:50:fc:6a:02:da:e7:1a:
         b1:4d:1e:c9:93:d2:42:af:0f:f1:dc:6f:cb:f3:3d:c1:a1:72:
         e4:6b:04:22:3b:44:c4:5a:9c:5f:2e:cb:6c:66:bf:35:d2:cd:
         46:bd:0e:3e:70:4d:34:84:67:46:01:81:0b:b3:ae:8a:3a:d8:
         9a:02:d7:53:bd:88:71:62:b0:60:65:3b:cd:d1:fe:a7:24:2a:
         68:9f:69:09:e5:12:90:38:b8:14:7f:6d:0e:cc:52:ff:5a:78:
         72:b0:ec:05:42:f1:c3:ea:12:fa:b7:c6:2c:64:50:a6:d8:df:
         62:f2:72:4c:72:2f:81:32:38:3a:62:b2:48:ce:69:61:7e:12:
         2e:01:2a:f6:65:58:bd:c4:44:cf:a9:94:d8:f2:5c:33:1d:b8:
         bf:af:b6:c4:0e:13:2e:b3:7a:50:f5:5c:07:ef:cc:34:55:54:
         3c:f3:33:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8tHL+pQv3sRs8MRjkN9VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZDI1MmEyZTMxNTM4Y2RhNTg1N2JhZDA5ODNjOGJkZjU1
OGIxN2IwHhcNMjYwMzI2MDcwMTM1WhcNMjYwMzI3MDcwMTM1WjAzMTEwLwYDVQQD
Eyg1NjI1MmZiMmE3MTRhNzMzYjA3OGIyMzU4M2E1MmVjMTUwMDUwYmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynXGd7DIh2SKrKlkvVBNrG1sSUTR
lokZwFr2fZ6bkN+lNx/RwvdJJwic37BNCkPUfj8Xm40/Gh+PRMjrvu6B1HaFHeVO
r4OM9JyDwKyapsQESF7fv3PSpScYLOhLmnCqITAyP6wOEZ/RW4mFMRJHTCcOwDwg
tR8BpHkfMcubgMLaXLJYba63k7C1d/W26Gf8VbgdvfEpauAbnBz057XpbSasmRlq
NGemcD33uGMXQ7CVGiLNWTJviRRXBLSFnsfNhfVL+wpNgRNSpKkykGmIx6mMEALs
SzXuUB8pLJfrGJu7qM2Nn7gi594siN6LASuWYAdYULT0w+zgbSaS4OdavQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFYlL7KnFKczsHiyNYOlLsFQBQvdMB8GA1UdIwQY
MBaAFGDSUqLjFTjNpYV7rQmDyL31WLF7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYt
NTY2ZjZjZjQzMWMwLzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYtNTY2ZjZjZjQzMWMw
LzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACCABzCCP
TWPDR6A9CRXLgGVI0TpiRxN8cKi+z+yLqqagfH60Fye5c+r1GSWtV8h6dmh5i+/K
Q/12xgua2/o6np28N7vakYgPf2mRGaysvASRvS9Q/GoC2ucasU0eyZPSQq8P8dxv
y/M9waFy5GsEIjtExFqcXy7LbGa/NdLNRr0OPnBNNIRnRgGBC7OuijrYmgLXU72I
cWKwYGU7zdH+pyQqaJ9pCeUSkDi4FH9tDsxS/1p4crDsBULxw+oS+rfGLGRQptjf
YvJyTHIvgTI4OmKySM5pYX4SLgEq9mVYvcREz6mU2PJcMx24v6+2xA4TLrN6UPVc
B+/MNFVUPPMzaw==
-----END CERTIFICATE-----