Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
File:                     YTChAogFFzqiJUSk67mECskbyNA.mft (raw, json)
Hash identifier:          UkIJB1XacMI6MSKbTKyYyuyKg4OWDhYKl4J1M5wSy3c=
Subject key identifier:   A2:3D:1C:1F:DD:01:DF:E1:C2:CB:00:0C:09:38:72:4C:0C:A5:18:E1
Authority key identifier: 61:30:A1:02:88:05:17:3A:A2:25:44:A4:EB:B9:84:0A:C9:1B:C8:D0
Certificate issuer:       /CN=6130a1028805173aa22544a4ebb9840ac91bc8d0
Certificate serial:       019D38662B1C804CB6F48D5D9F063579B249
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
Manifest number:          0FEF
Signing time:             Sun 29 Mar 2026 07:01:52 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:52 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:52 +0000
Files and hashes:         1: YTChAogFFzqiJUSk67mECskbyNA.crl (hash: i8PwPbAMKWDJEtIQvgS7g57/Ft2FysPNxX35QUC4fYE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:2b:1c:80:4c:b6:f4:8d:5d:9f:06:35:79:b2:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6130a1028805173aa22544a4ebb9840ac91bc8d0
        Validity
            Not Before: Mar 29 07:01:52 2026 GMT
            Not After : Mar 30 07:01:52 2026 GMT
        Subject: CN=a23d1c1fdd01dfe1c2cb000c0938724c0ca518e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:50:87:09:a9:d5:5f:6c:52:0f:3f:56:ea:98:
                    45:f4:a3:1b:aa:cc:05:d8:09:b6:ec:a7:75:45:6f:
                    ea:1b:a9:32:4b:7e:ea:38:e7:3f:f6:3b:b7:bb:24:
                    9f:11:04:4d:07:7f:e1:59:6f:54:a2:ce:88:17:a3:
                    db:c0:d8:a2:8b:cc:59:97:bf:83:9d:2a:64:ce:73:
                    c1:26:94:76:49:db:3e:eb:e4:b1:7b:a4:6a:9b:4b:
                    2d:60:c0:46:70:02:48:90:2f:e4:f5:50:fd:ec:85:
                    43:67:c7:0b:b1:cb:52:6d:26:ac:5a:b6:7b:49:4e:
                    0a:13:d3:a2:ad:2b:c4:38:28:24:24:a7:d2:52:96:
                    a7:d3:c1:73:79:bd:09:a4:f4:e2:0f:a4:b3:f9:0a:
                    67:6d:c0:c8:9e:25:8c:28:4c:a6:3b:b7:5b:f7:e0:
                    ee:e4:a9:73:f2:90:40:61:10:82:9e:11:02:82:ef:
                    11:0d:ff:e5:03:16:d4:f3:ed:7e:2d:a9:dd:ca:dd:
                    4c:4f:43:50:98:6a:31:0f:94:43:36:7c:b7:0c:8b:
                    2b:34:b6:c1:33:24:ab:11:54:c1:2f:cd:37:b7:70:
                    a2:ee:b4:7f:3a:7f:51:f6:92:30:8d:02:62:d2:16:
                    a2:97:63:4f:61:6b:e7:8a:ff:bb:a6:1d:71:c0:f7:
                    d0:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:3D:1C:1F:DD:01:DF:E1:C2:CB:00:0C:09:38:72:4C:0C:A5:18:E1
            X509v3 Authority Key Identifier:
                keyid:61:30:A1:02:88:05:17:3A:A2:25:44:A4:EB:B9:84:0A:C9:1B:C8:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:09:fb:ad:fc:f3:80:ab:8c:87:c9:4e:66:4a:e8:c8:da:b8:
         2a:15:f8:96:12:96:e2:b5:ce:b4:5c:63:ed:55:3d:55:5d:87:
         7f:e9:f3:d2:70:ec:9c:d6:f4:a3:a7:38:bc:68:36:d2:d0:5a:
         1a:da:13:69:9b:bc:3f:1b:0f:57:f1:3b:67:d6:a9:25:fc:ea:
         15:d9:42:6c:42:ab:e1:7e:b2:f6:84:ef:8f:dc:79:48:b0:59:
         ee:de:a7:70:9b:de:e8:c5:78:df:22:77:5c:74:9a:c1:cc:be:
         35:09:96:ab:34:b4:50:81:b2:a9:66:eb:57:10:a9:74:37:f6:
         95:4e:99:2b:7d:3d:90:b1:e3:81:cb:71:82:df:3d:9c:ed:bf:
         75:f6:94:5c:ba:49:af:66:1d:af:56:b3:6d:ac:43:91:4f:89:
         7e:ee:59:85:b3:39:9f:2a:a7:c7:50:41:56:da:55:ba:40:5f:
         3c:10:69:28:74:20:e6:f6:4e:39:05:52:c8:20:39:38:fd:f3:
         bc:8f:25:d5:38:8c:af:4c:81:6f:86:fe:20:e2:b8:2d:49:00:
         68:0f:08:a5:7d:59:c4:05:7e:85:b4:fb:2c:4b:4c:99:3b:b9:
         32:83:ad:9a:02:c0:f9:51:b4:6e:16:98:97:40:cc:59:a0:ef:
         63:44:56:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZiscgEy29I1dnwY1ebJJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMzBhMTAyODgwNTE3M2FhMjI1NDRhNGViYjk4NDBhYzkx
YmM4ZDAwHhcNMjYwMzI5MDcwMTUyWhcNMjYwMzMwMDcwMTUyWjAzMTEwLwYDVQQD
EyhhMjNkMWMxZmRkMDFkZmUxYzJjYjAwMGMwOTM4NzI0YzBjYTUxOGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FCHCanVX2xSDz9W6phF9KMbqswF
2Am27Kd1RW/qG6kyS37qOOc/9ju3uySfEQRNB3/hWW9Uos6IF6PbwNiii8xZl7+D
nSpkznPBJpR2Sds+6+Sxe6Rqm0stYMBGcAJIkC/k9VD97IVDZ8cLsctSbSasWrZ7
SU4KE9OirSvEOCgkJKfSUpan08Fzeb0JpPTiD6Sz+QpnbcDIniWMKEymO7db9+Du
5Klz8pBAYRCCnhECgu8RDf/lAxbU8+1+Landyt1MT0NQmGoxD5RDNny3DIsrNLbB
MySrEVTBL803t3Ci7rR/On9R9pIwjQJi0hail2NPYWvniv+7ph1xwPfQYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKI9HB/dAd/hwssADAk4ckwMpRjhMB8GA1UdIwQY
MBaAFGEwoQKIBRc6oiVEpOu5hArJG8jQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8zYWU4NjMtNjkwZS00NjMxLTkxMjAt
YTUzYjVlOTc5MTMxLzEvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8zYWU4NjMtNjkwZS00NjMxLTkxMjAtYTUzYjVlOTc5MTMx
LzEvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZwn7rfzz
gKuMh8lOZkroyNq4KhX4lhKW4rXOtFxj7VU9VV2Hf+nz0nDsnNb0o6c4vGg20tBa
GtoTaZu8PxsPV/E7Z9apJfzqFdlCbEKr4X6y9oTvj9x5SLBZ7t6ncJve6MV43yJ3
XHSawcy+NQmWqzS0UIGyqWbrVxCpdDf2lU6ZK309kLHjgctxgt89nO2/dfaUXLpJ
r2Ydr1azbaxDkU+Jfu5ZhbM5nyqnx1BBVtpVukBfPBBpKHQg5vZOOQVSyCA5OP3z
vI8l1TiMr0yBb4b+IOK4LUkAaA8IpX1ZxAV+hbT7LEtMmTu5MoOtmgLA+VG0bhaY
l0DMWaDvY0RWpA==
-----END CERTIFICATE-----