Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft
File:                     yoaOeySqNaTdEKyVmfBkqpadAx0.mft (raw, json)
Hash identifier:          Mw/fvCuF0hsWJPRptXLFA8FuUIcYaoE2i3Av2ustVdk=
Subject key identifier:   73:F6:FA:E7:C1:D6:E1:9E:8C:45:4C:1A:66:20:DF:7D:92:92:16:A1
Authority key identifier: CA:86:8E:7B:24:AA:35:A4:DD:10:AC:95:99:F0:64:AA:96:9D:03:1D
Certificate issuer:       /CN=ca868e7b24aa35a4dd10ac9599f064aa969d031d
Certificate serial:       019D2628969C2595EA37DF3D2AFDC9D5D9BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yoaOeySqNaTdEKyVmfBkqpadAx0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft
Manifest number:          04F7
Signing time:             Wed 25 Mar 2026 18:01:27 +0000
Manifest this update:     Wed 25 Mar 2026 18:01:27 +0000
Manifest next update:     Thu 26 Mar 2026 18:01:27 +0000
Files and hashes:         1: yoaOeySqNaTdEKyVmfBkqpadAx0.crl (hash: brwd7XU6cq5hFC0YOIY4h16Uu1LCXINE2MOWrhGtUr8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yoaOeySqNaTdEKyVmfBkqpadAx0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 18:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:28:96:9c:25:95:ea:37:df:3d:2a:fd:c9:d5:d9:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca868e7b24aa35a4dd10ac9599f064aa969d031d
        Validity
            Not Before: Mar 25 18:01:27 2026 GMT
            Not After : Mar 26 18:01:27 2026 GMT
        Subject: CN=73f6fae7c1d6e19e8c454c1a6620df7d929216a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:17:3a:3f:70:7c:84:a4:70:a8:05:78:b4:a0:
                    c2:4a:d9:d2:dd:f9:27:a3:18:b5:d0:29:07:6d:01:
                    1c:59:3f:51:62:3a:af:fb:fb:13:59:ca:9f:00:7c:
                    66:38:8e:88:2b:cf:c1:64:cf:b3:3c:92:d7:36:3d:
                    6e:53:41:ea:60:92:6a:69:47:dc:f7:d2:4b:60:9f:
                    b8:a8:38:1c:4b:3e:19:0b:67:0c:b5:19:9d:24:d5:
                    1f:35:9f:bd:c5:6f:cb:3f:a8:3f:89:63:7a:39:31:
                    0e:3f:0e:ae:d7:d5:c0:1f:52:2c:61:81:e1:e5:cd:
                    96:bf:80:75:fe:87:fa:b5:51:64:15:ee:2e:02:27:
                    17:7b:3e:69:fb:ed:3f:ee:4b:2b:b5:61:2b:19:ec:
                    26:61:a2:f8:0a:9b:84:8c:d4:92:a7:80:4b:c6:4f:
                    1d:f6:02:48:2c:7d:ff:33:62:d5:f9:e4:0c:0e:cd:
                    0d:61:61:d7:3f:a9:9b:a5:6b:49:5f:d1:2c:b7:92:
                    9f:b8:02:01:e0:6e:1e:4c:6b:50:35:45:d5:72:54:
                    47:3c:8c:e7:9e:e7:d2:56:b9:93:1a:51:84:b4:a0:
                    5d:3c:d4:41:3f:3a:fd:33:4a:43:e5:19:9a:88:58:
                    c7:bc:f1:31:83:e1:b8:72:55:a1:10:15:dd:e9:4f:
                    f7:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:F6:FA:E7:C1:D6:E1:9E:8C:45:4C:1A:66:20:DF:7D:92:92:16:A1
            X509v3 Authority Key Identifier:
                keyid:CA:86:8E:7B:24:AA:35:A4:DD:10:AC:95:99:F0:64:AA:96:9D:03:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yoaOeySqNaTdEKyVmfBkqpadAx0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f327eb-d71a-4279-af22-b8d06f46aec3/1/yoaOeySqNaTdEKyVmfBkqpadAx0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:ad:d3:9f:f6:5a:ed:0c:0d:88:ae:b1:fc:83:28:10:4f:db:
         3d:5d:c3:05:59:13:02:68:27:2d:07:99:2a:55:31:47:a4:c2:
         e9:cd:99:1d:bf:5e:8a:ee:f5:d1:22:87:7a:f2:3a:8b:dd:92:
         78:34:69:34:3b:95:e1:eb:ca:79:3b:c7:4f:0a:4e:15:e8:a0:
         f3:3e:2f:9d:b6:38:8b:07:07:8e:11:26:97:4f:5f:88:8e:e9:
         1a:af:1e:ae:f9:08:29:33:b5:ee:6e:9c:ae:47:ab:02:d6:c9:
         1f:1d:ae:2c:6c:ed:8f:85:2a:62:42:9f:93:ab:c1:93:05:8a:
         3a:ab:36:23:ff:70:ad:fa:f5:a3:96:47:e0:3b:a2:d3:15:71:
         a7:3e:09:f4:67:89:62:4c:80:1f:d3:69:61:e6:13:b5:a5:61:
         63:e7:6b:da:53:03:fa:df:02:3b:a0:85:cb:65:23:89:34:07:
         7d:eb:96:34:03:c7:43:c9:11:dd:94:2c:c0:63:32:a5:a4:22:
         b0:e5:57:1a:30:96:8a:e9:4a:88:2f:fa:ae:da:d3:b3:b9:b7:
         48:85:2f:af:63:6c:1c:f3:78:c3:48:3d:22:f7:f2:ce:2a:48:
         a7:43:94:16:59:00:1e:dd:48:0a:78:c7:fd:77:72:9a:87:71:
         81:b7:f2:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mKJacJZXqN989Kv3J1dm8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhODY4ZTdiMjRhYTM1YTRkZDEwYWM5NTk5ZjA2NGFhOTY5
ZDAzMWQwHhcNMjYwMzI1MTgwMTI3WhcNMjYwMzI2MTgwMTI3WjAzMTEwLwYDVQQD
Eyg3M2Y2ZmFlN2MxZDZlMTllOGM0NTRjMWE2NjIwZGY3ZDkyOTIxNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhc6P3B8hKRwqAV4tKDCStnS3fkn
oxi10CkHbQEcWT9RYjqv+/sTWcqfAHxmOI6IK8/BZM+zPJLXNj1uU0HqYJJqaUfc
99JLYJ+4qDgcSz4ZC2cMtRmdJNUfNZ+9xW/LP6g/iWN6OTEOPw6u19XAH1IsYYHh
5c2Wv4B1/of6tVFkFe4uAicXez5p++0/7ksrtWErGewmYaL4CpuEjNSSp4BLxk8d
9gJILH3/M2LV+eQMDs0NYWHXP6mbpWtJX9Est5KfuAIB4G4eTGtQNUXVclRHPIzn
nufSVrmTGlGEtKBdPNRBPzr9M0pD5RmaiFjHvPExg+G4clWhEBXd6U/3ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHP2+ufB1uGejEVMGmYg332SkhahMB8GA1UdIwQY
MBaAFMqGjnskqjWk3RCslZnwZKqWnQMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW9hT2V5U3FOYVRkRUt5Vm1mQmtxcGFkQXgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mMzI3ZWItZDcxYS00Mjc5LWFmMjIt
YjhkMDZmNDZhZWMzLzEveW9hT2V5U3FOYVRkRUt5Vm1mQmtxcGFkQXgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mMzI3ZWItZDcxYS00Mjc5LWFmMjItYjhkMDZmNDZhZWMz
LzEveW9hT2V5U3FOYVRkRUt5Vm1mQmtxcGFkQXgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnK3Tn/Za
7QwNiK6x/IMoEE/bPV3DBVkTAmgnLQeZKlUxR6TC6c2ZHb9eiu710SKHevI6i92S
eDRpNDuV4evKeTvHTwpOFeig8z4vnbY4iwcHjhEml09fiI7pGq8ervkIKTO17m6c
rkerAtbJHx2uLGztj4UqYkKfk6vBkwWKOqs2I/9wrfr1o5ZH4Dui0xVxpz4J9GeJ
YkyAH9NpYeYTtaVhY+dr2lMD+t8CO6CFy2UjiTQHfeuWNAPHQ8kR3ZQswGMypaQi
sOVXGjCWiulKiC/6rtrTs7m3SIUvr2NsHPN4w0g9IvfyzipIp0OUFlkAHt1ICnjH
/Xdymodxgbfyag==
-----END CERTIFICATE-----