Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
File:                     ydD7lgitlbS_5q4unxPgAv2raA0.mft (raw, json)
Hash identifier:          5QbMY9KRKl+v6pR9D9Cx757KwkOg2NoJ5ciDkyjHs4o=
Subject key identifier:   3D:C3:CB:FF:F4:90:55:24:78:54:49:D0:F4:DA:5D:21:67:26:0E:51
Authority key identifier: C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D
Certificate issuer:       /CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
Certificate serial:       019D2884414F68EE5201DC003785AB861402
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
Manifest number:          0720
Signing time:             Thu 26 Mar 2026 05:00:49 +0000
Manifest this update:     Thu 26 Mar 2026 05:00:49 +0000
Manifest next update:     Fri 27 Mar 2026 05:00:49 +0000
Files and hashes:         1: ydD7lgitlbS_5q4unxPgAv2raA0.crl (hash: gQAbe/0qh03yCuMQrH3t1ecJwZtOOf6Q/40cHnvsq7g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:84:41:4f:68:ee:52:01:dc:00:37:85:ab:86:14:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
        Validity
            Not Before: Mar 26 05:00:49 2026 GMT
            Not After : Mar 27 05:00:49 2026 GMT
        Subject: CN=3dc3cbfff4905524785449d0f4da5d2167260e51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:42:0f:5e:be:80:78:95:e8:88:4c:5d:34:66:
                    93:f6:88:5e:0a:5d:c7:7d:20:76:de:ce:f6:2a:bf:
                    a7:36:40:ce:62:51:34:ee:a5:09:36:5b:ed:b2:7a:
                    88:89:4f:f0:9f:47:d9:d0:ba:08:51:b5:fb:17:96:
                    21:5d:60:a3:44:78:50:bf:11:af:da:b3:26:8f:d0:
                    42:cd:10:05:84:59:32:f6:fd:1d:74:11:dc:fe:bd:
                    db:4c:27:d0:48:f9:4a:12:f4:e9:3f:fe:be:8f:ca:
                    a9:12:18:81:b2:49:c7:ee:32:3a:25:c7:4d:3e:a4:
                    9f:48:d4:d1:7a:f3:26:35:8f:a9:44:2e:1b:38:b7:
                    2a:d2:40:7d:30:d4:d3:95:35:9b:03:3f:57:57:cc:
                    b6:96:3a:bd:39:c2:f1:5d:4d:28:1f:9b:43:53:5b:
                    7e:31:b2:aa:32:41:ce:98:2f:61:11:9c:54:b4:a3:
                    db:15:2e:7b:4c:0b:c1:7e:a0:97:ea:b4:ba:33:75:
                    2f:20:73:46:46:45:23:e2:d5:5d:34:4f:be:19:8e:
                    cd:b7:4a:36:86:f1:c4:b4:39:81:66:08:03:47:a9:
                    e3:4c:40:ef:6f:a6:f7:9d:2e:eb:91:15:80:eb:fc:
                    bd:8b:7b:a8:86:32:31:48:e4:ee:99:69:04:fc:5d:
                    5b:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:C3:CB:FF:F4:90:55:24:78:54:49:D0:F4:DA:5D:21:67:26:0E:51
            X509v3 Authority Key Identifier:
                keyid:C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:eb:79:36:83:50:fb:98:64:aa:d0:e3:02:4d:3e:1d:c3:8d:
         4b:9b:c4:f4:6d:10:a6:5f:41:4c:3b:52:54:60:66:60:81:5f:
         6c:75:14:9c:71:4c:17:b2:3a:63:ef:2f:30:24:7e:14:8d:ba:
         ac:db:99:cd:2c:6f:48:ac:73:a9:a3:3b:a7:00:ba:6e:3b:31:
         d4:b9:17:93:e4:11:77:e0:af:57:60:dd:47:63:a1:95:2a:5b:
         e1:53:e2:49:36:41:42:dc:a3:bf:a1:be:9a:4b:aa:1a:bf:3a:
         d7:73:68:07:a9:56:24:59:a8:70:53:89:d1:c4:f3:d5:75:fa:
         18:ff:36:e0:1d:67:de:e1:b6:99:b5:2b:c4:9b:4c:08:b5:e4:
         97:87:d3:ea:89:c7:f7:01:4e:1d:5c:eb:c8:5e:6a:7c:13:5f:
         91:50:f5:c3:8f:c2:6a:68:18:04:18:27:6b:f7:2e:77:8b:24:
         dc:dc:3e:f3:eb:93:1e:d0:05:60:f2:8b:a0:b2:b1:10:c5:77:
         89:b4:32:07:74:36:66:4e:ce:53:f4:42:ba:25:d6:90:ed:3f:
         7d:74:d7:bb:3f:e1:28:4a:7c:2b:67:d7:3a:80:66:a9:db:7c:
         87:78:d6:59:28:2c:cb:32:e7:3a:9c:ea:af:9a:8e:d9:88:34:
         30:d1:d2:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ohEFPaO5SAdwAN4WrhhQCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDBmYjk2MDhhZDk1YjRiZmU2YWUyZTlmMTNlMDAyZmRh
YjY4MGQwHhcNMjYwMzI2MDUwMDQ5WhcNMjYwMzI3MDUwMDQ5WjAzMTEwLwYDVQQD
EygzZGMzY2JmZmY0OTA1NTI0Nzg1NDQ5ZDBmNGRhNWQyMTY3MjYwZTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEIPXr6AeJXoiExdNGaT9oheCl3H
fSB23s72Kr+nNkDOYlE07qUJNlvtsnqIiU/wn0fZ0LoIUbX7F5YhXWCjRHhQvxGv
2rMmj9BCzRAFhFky9v0ddBHc/r3bTCfQSPlKEvTpP/6+j8qpEhiBsknH7jI6JcdN
PqSfSNTRevMmNY+pRC4bOLcq0kB9MNTTlTWbAz9XV8y2ljq9OcLxXU0oH5tDU1t+
MbKqMkHOmC9hEZxUtKPbFS57TAvBfqCX6rS6M3UvIHNGRkUj4tVdNE++GY7Nt0o2
hvHEtDmBZggDR6njTEDvb6b3nS7rkRWA6/y9i3uohjIxSOTumWkE/F1bZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD3Dy//0kFUkeFRJ0PTaXSFnJg5RMB8GA1UdIwQY
MBaAFMnQ+5YIrZW0v+auLp8T4AL9q2gNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjkt
MDUzNDk1ODc1OWFjLzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjktMDUzNDk1ODc1OWFj
LzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM+t5NoNQ
+5hkqtDjAk0+HcONS5vE9G0Qpl9BTDtSVGBmYIFfbHUUnHFMF7I6Y+8vMCR+FI26
rNuZzSxvSKxzqaM7pwC6bjsx1LkXk+QRd+CvV2DdR2OhlSpb4VPiSTZBQtyjv6G+
mkuqGr8613NoB6lWJFmocFOJ0cTz1XX6GP824B1n3uG2mbUrxJtMCLXkl4fT6onH
9wFOHVzryF5qfBNfkVD1w4/CamgYBBgna/cud4sk3Nw+8+uTHtAFYPKLoLKxEMV3
ibQyB3Q2Zk7OU/RCuiXWkO0/fXTXuz/hKEp8K2fXOoBmqdt8h3jWWSgsyzLnOpzq
r5qO2Yg0MNHSAw==
-----END CERTIFICATE-----