Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft
File:                     yKQR5q7CPK13xDcrTXsLH8gtXcA.mft (raw, json)
Hash identifier:          wLCJigZnJGN7PPWOgtWiyMl35e7MCj4vS4f2GLheGn4=
Subject key identifier:   0F:40:F6:DC:8D:EB:55:72:05:76:A3:BA:15:30:31:16:BC:9D:53:87
Authority key identifier: C8:A4:11:E6:AE:C2:3C:AD:77:C4:37:2B:4D:7B:0B:1F:C8:2D:5D:C0
Certificate issuer:       /CN=c8a411e6aec23cad77c4372b4d7b0b1fc82d5dc0
Certificate serial:       019D2996F642E58740E52178B43B768EFC6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yKQR5q7CPK13xDcrTXsLH8gtXcA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft
Manifest number:          1885
Signing time:             Thu 26 Mar 2026 10:00:52 +0000
Manifest this update:     Thu 26 Mar 2026 10:00:52 +0000
Manifest next update:     Fri 27 Mar 2026 10:00:52 +0000
Files and hashes:         1: yKQR5q7CPK13xDcrTXsLH8gtXcA.crl (hash: oxjLxxa4u+2U0p0NoEXntY2uBvG1qo3XB7l43yDMnNM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yKQR5q7CPK13xDcrTXsLH8gtXcA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:96:f6:42:e5:87:40:e5:21:78:b4:3b:76:8e:fc:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8a411e6aec23cad77c4372b4d7b0b1fc82d5dc0
        Validity
            Not Before: Mar 26 10:00:52 2026 GMT
            Not After : Mar 27 10:00:52 2026 GMT
        Subject: CN=0f40f6dc8deb55720576a3ba15303116bc9d5387
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:1c:d8:91:a7:80:5d:54:d2:c8:de:24:e5:7c:
                    b9:48:14:d2:ae:94:e0:c7:42:90:b1:0e:17:5e:8c:
                    aa:3a:6c:b8:8e:bc:3e:08:30:03:61:5e:db:de:61:
                    df:cb:0c:61:cc:32:00:34:17:b5:6f:e9:7d:b2:c2:
                    22:fc:8f:ae:35:e0:39:a0:e2:b4:30:c8:48:ad:f6:
                    52:6c:88:82:80:b3:37:e1:41:6f:8e:59:6f:54:60:
                    9a:52:59:ab:e5:22:7a:fe:69:95:53:7d:70:c4:b5:
                    db:4b:a8:d2:1c:f6:f9:32:57:ab:b6:ba:a7:0d:7d:
                    b7:79:11:52:96:29:91:80:74:16:cc:2e:99:35:e5:
                    9e:c7:82:35:e9:5f:2c:39:24:60:e2:d2:87:b1:70:
                    76:81:53:22:8e:6a:b9:f3:cc:3f:5c:d5:18:93:b9:
                    4c:f6:fe:6d:86:55:58:4e:15:ff:1f:57:93:f7:c3:
                    29:af:1d:b2:bb:54:a6:da:16:b8:29:54:4e:d1:99:
                    d4:65:d7:b1:c8:04:2c:dd:a9:07:5a:5f:32:c9:aa:
                    20:3a:5e:5a:c9:de:1b:32:16:4f:0a:a4:c4:1d:75:
                    c5:aa:0b:e4:84:08:53:5c:e6:bd:22:8b:98:44:b0:
                    8d:1d:ec:51:d3:75:9a:3e:89:55:4d:03:37:2f:3f:
                    61:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:40:F6:DC:8D:EB:55:72:05:76:A3:BA:15:30:31:16:BC:9D:53:87
            X509v3 Authority Key Identifier:
                keyid:C8:A4:11:E6:AE:C2:3C:AD:77:C4:37:2B:4D:7B:0B:1F:C8:2D:5D:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKQR5q7CPK13xDcrTXsLH8gtXcA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:c0:6e:23:d2:e9:34:69:c4:1f:36:f9:d1:bf:10:a9:16:62:
         6a:b3:26:ff:9c:0d:3d:4e:5c:1d:0c:2e:3d:3d:b2:95:bd:ad:
         1d:91:a4:bb:33:04:ea:ac:e9:a0:c1:38:04:cc:1c:2f:06:ff:
         7e:cf:28:08:af:3b:ee:b5:7a:77:13:7e:2a:b6:c3:39:f8:ce:
         54:c1:4f:ae:c3:17:b2:9b:77:d1:fe:ba:00:c2:0b:49:df:20:
         65:7f:e3:3b:91:2d:37:8c:2d:cf:f5:be:99:2e:e5:83:3d:56:
         79:2b:e6:93:6a:9a:70:00:da:65:51:69:3b:15:28:38:45:58:
         ba:63:f3:3a:71:99:12:47:45:98:45:76:b2:2b:b8:ec:da:bb:
         d5:6c:e6:12:46:27:78:a5:63:83:9d:bf:f5:23:f5:c0:0f:a8:
         58:2b:cf:74:88:f2:57:96:ea:0d:7e:22:a6:a4:1f:77:ec:06:
         26:7a:fd:99:b5:15:c1:5f:4f:25:a6:1a:fd:f7:6c:0a:2a:9a:
         37:77:14:7d:3b:6a:7f:86:96:22:8d:ec:87:7d:1a:71:ed:29:
         f2:36:94:41:4f:3e:0b:34:f4:db:ed:8f:d3:a2:59:54:bf:3b:
         51:a0:21:bf:59:d0:58:a1:e1:34:78:b3:46:82:c6:4a:68:de:
         f3:19:a3:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0plvZC5YdA5SF4tDt2jvxqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YTQxMWU2YWVjMjNjYWQ3N2M0MzcyYjRkN2IwYjFmYzgy
ZDVkYzAwHhcNMjYwMzI2MTAwMDUyWhcNMjYwMzI3MTAwMDUyWjAzMTEwLwYDVQQD
EygwZjQwZjZkYzhkZWI1NTcyMDU3NmEzYmExNTMwMzExNmJjOWQ1Mzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRzYkaeAXVTSyN4k5Xy5SBTSrpTg
x0KQsQ4XXoyqOmy4jrw+CDADYV7b3mHfywxhzDIANBe1b+l9ssIi/I+uNeA5oOK0
MMhIrfZSbIiCgLM34UFvjllvVGCaUlmr5SJ6/mmVU31wxLXbS6jSHPb5Mlertrqn
DX23eRFSlimRgHQWzC6ZNeWex4I16V8sOSRg4tKHsXB2gVMijmq588w/XNUYk7lM
9v5thlVYThX/H1eT98Mprx2yu1Sm2ha4KVRO0ZnUZdexyAQs3akHWl8yyaogOl5a
yd4bMhZPCqTEHXXFqgvkhAhTXOa9IouYRLCNHexR03WaPolVTQM3Lz9hJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA9A9tyN61VyBXajuhUwMRa8nVOHMB8GA1UdIwQY
MBaAFMikEeauwjytd8Q3K017Cx/ILV3AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUtRUjVxN0NQSzEzeERjclRYc0xIOGd0WGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83YjU0MGYtYjgzYS00MGI5LWFlNmQt
Y2RjZWUyM2E4M2IwLzEveUtRUjVxN0NQSzEzeERjclRYc0xIOGd0WGNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83YjU0MGYtYjgzYS00MGI5LWFlNmQtY2RjZWUyM2E4M2Iw
LzEveUtRUjVxN0NQSzEzeERjclRYc0xIOGd0WGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAsBuI9Lp
NGnEHzb50b8QqRZiarMm/5wNPU5cHQwuPT2ylb2tHZGkuzME6qzpoME4BMwcLwb/
fs8oCK877rV6dxN+KrbDOfjOVMFPrsMXspt30f66AMILSd8gZX/jO5EtN4wtz/W+
mS7lgz1WeSvmk2qacADaZVFpOxUoOEVYumPzOnGZEkdFmEV2siu47Nq71WzmEkYn
eKVjg52/9SP1wA+oWCvPdIjyV5bqDX4ipqQfd+wGJnr9mbUVwV9PJaYa/fdsCiqa
N3cUfTtqf4aWIo3sh30ace0p8jaUQU8+CzT02+2P06JZVL87UaAhv1nQWKHhNHiz
RoLGSmje8xmjNw==
-----END CERTIFICATE-----