Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft
File:                     YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft (raw, json)
Hash identifier:          FiXzAVkTkjjbUECuI01PF1jOYvDYo6BPEis0TG1MOv4=
Subject key identifier:   D6:8B:02:ED:BF:58:0F:03:5A:EF:9E:56:B3:53:65:DB:62:10:A1:46
Authority key identifier: 60:5A:BB:25:3B:76:6D:CD:7F:16:D9:F0:1B:C1:19:69:18:48:EB:0E
Certificate issuer:       /CN=605abb253b766dcd7f16d9f01bc119691848eb0e
Certificate serial:       019D3977BC1FF6303EBCED714445EF37DB38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFq7JTt2bc1_FtnwG8EZaRhI6w4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft
Manifest number:          04EC
Signing time:             Sun 29 Mar 2026 12:00:41 +0000
Manifest this update:     Sun 29 Mar 2026 12:00:41 +0000
Manifest next update:     Mon 30 Mar 2026 12:00:41 +0000
Files and hashes:         1: YFq7JTt2bc1_FtnwG8EZaRhI6w4.crl (hash: jtNKYmZ6NCpfXU8jkoTkl1fUBuZY3snAznAlY/NJAsQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YFq7JTt2bc1_FtnwG8EZaRhI6w4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 12:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:77:bc:1f:f6:30:3e:bc:ed:71:44:45:ef:37:db:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=605abb253b766dcd7f16d9f01bc119691848eb0e
        Validity
            Not Before: Mar 29 12:00:41 2026 GMT
            Not After : Mar 30 12:00:41 2026 GMT
        Subject: CN=d68b02edbf580f035aef9e56b35365db6210a146
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:de:6e:c2:e6:77:9a:94:c7:f1:a8:2b:5c:0b:
                    32:a8:bd:18:aa:80:14:89:01:64:2d:52:cc:6b:8a:
                    ff:08:0c:46:64:e4:e4:ca:9e:7d:80:9c:82:4e:b3:
                    b5:c9:39:7a:a0:31:9a:76:5b:ca:20:d0:43:6e:0a:
                    c2:80:dd:95:0a:97:eb:f1:72:48:d5:08:43:32:e5:
                    28:5c:87:d3:15:a4:c2:63:25:5b:47:e9:91:a3:6c:
                    ae:55:4a:fc:49:72:4b:5e:c5:9e:ba:31:a0:ad:7e:
                    46:5b:ec:e1:7e:db:e4:9a:7b:74:1a:9c:3a:58:84:
                    43:8a:40:55:b5:cb:c8:73:60:dc:e3:27:94:fa:1c:
                    9b:d8:fa:d9:9e:b8:a5:50:af:9e:37:d8:48:fa:ac:
                    58:96:13:b8:63:6b:ad:d2:ec:64:74:75:de:d4:0d:
                    06:53:1f:d1:04:a0:0a:79:b6:f2:68:55:f4:fd:96:
                    c5:8d:f3:29:ae:84:bd:07:e6:42:56:21:dd:42:13:
                    70:81:3d:ca:76:e5:25:92:b1:95:01:dd:72:cd:f8:
                    ad:f0:7f:bf:ef:b1:1c:5f:04:42:98:c9:fb:68:13:
                    08:62:41:71:0e:32:60:b0:84:65:d4:9f:fd:8f:48:
                    ab:1e:ae:14:19:10:7f:6e:16:dd:60:06:d8:f9:e0:
                    87:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:8B:02:ED:BF:58:0F:03:5A:EF:9E:56:B3:53:65:DB:62:10:A1:46
            X509v3 Authority Key Identifier:
                keyid:60:5A:BB:25:3B:76:6D:CD:7F:16:D9:F0:1B:C1:19:69:18:48:EB:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFq7JTt2bc1_FtnwG8EZaRhI6w4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/666670-d0f1-44a3-b93a-50111c4292d0/1/YFq7JTt2bc1_FtnwG8EZaRhI6w4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:74:b8:5b:78:9b:aa:5a:5d:a8:cb:2d:6f:e5:50:5f:e9:f8:
         41:28:fd:b9:80:b3:ec:3e:00:1c:73:16:5a:d8:8e:cc:07:5b:
         51:26:e1:d9:10:d5:98:a1:70:e4:1e:5e:5f:50:00:79:ee:14:
         4c:14:84:b9:1a:0b:af:7f:36:95:a7:80:61:03:8f:46:55:49:
         51:83:b5:3c:b7:6a:42:78:06:ea:39:a1:cf:a9:9a:d9:bc:22:
         c8:1a:71:e8:21:e4:8e:8b:d8:94:d1:47:1d:c8:b2:18:d8:23:
         34:6c:6e:5a:b2:5b:32:78:49:b9:55:e4:2c:5e:22:76:98:31:
         e6:0f:a5:d6:cc:19:40:c7:9f:e6:00:16:a2:08:5d:9e:a9:03:
         56:84:c5:35:6b:a2:0b:ff:bf:3d:46:95:06:04:7f:a2:b8:48:
         ac:6e:28:6e:43:1f:fd:35:87:94:29:16:7e:2a:f0:79:5d:5c:
         04:d7:2e:38:51:d5:38:c6:e9:12:27:9e:ee:8c:4b:39:70:57:
         d9:b0:89:b8:c9:bc:d8:3d:1e:83:4e:79:17:5b:9d:cf:5d:3d:
         7d:02:b4:ac:f6:b9:b0:08:8b:84:80:cb:86:94:01:b0:5e:01:
         56:04:e3:c3:c3:fd:65:58:02:b9:4d:fd:0f:95:29:7b:bb:14:
         43:dc:9f:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d7wf9jA+vO1xREXvN9s4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNWFiYjI1M2I3NjZkY2Q3ZjE2ZDlmMDFiYzExOTY5MTg0
OGViMGUwHhcNMjYwMzI5MTIwMDQxWhcNMjYwMzMwMTIwMDQxWjAzMTEwLwYDVQQD
EyhkNjhiMDJlZGJmNTgwZjAzNWFlZjllNTZiMzUzNjVkYjYyMTBhMTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3N5uwuZ3mpTH8agrXAsyqL0YqoAU
iQFkLVLMa4r/CAxGZOTkyp59gJyCTrO1yTl6oDGadlvKINBDbgrCgN2VCpfr8XJI
1QhDMuUoXIfTFaTCYyVbR+mRo2yuVUr8SXJLXsWeujGgrX5GW+zhftvkmnt0Gpw6
WIRDikBVtcvIc2Dc4yeU+hyb2PrZnrilUK+eN9hI+qxYlhO4Y2ut0uxkdHXe1A0G
Ux/RBKAKebbyaFX0/ZbFjfMproS9B+ZCViHdQhNwgT3KduUlkrGVAd1yzfit8H+/
77EcXwRCmMn7aBMIYkFxDjJgsIRl1J/9j0irHq4UGRB/bhbdYAbY+eCHmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNaLAu2/WA8DWu+eVrNTZdtiEKFGMB8GA1UdIwQY
MBaAFGBauyU7dm3NfxbZ8BvBGWkYSOsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZxN0pUdDJiYzFfRnRud0c4RVphUmhJNnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS82NjY2NzAtZDBmMS00NGEzLWI5M2Et
NTAxMTFjNDI5MmQwLzEvWUZxN0pUdDJiYzFfRnRud0c4RVphUmhJNnc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS82NjY2NzAtZDBmMS00NGEzLWI5M2EtNTAxMTFjNDI5MmQw
LzEvWUZxN0pUdDJiYzFfRnRud0c4RVphUmhJNnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWHS4W3ib
qlpdqMstb+VQX+n4QSj9uYCz7D4AHHMWWtiOzAdbUSbh2RDVmKFw5B5eX1AAee4U
TBSEuRoLr382laeAYQOPRlVJUYO1PLdqQngG6jmhz6ma2bwiyBpx6CHkjovYlNFH
HciyGNgjNGxuWrJbMnhJuVXkLF4idpgx5g+l1swZQMef5gAWoghdnqkDVoTFNWui
C/+/PUaVBgR/orhIrG4obkMf/TWHlCkWfirweV1cBNcuOFHVOMbpEiee7oxLOXBX
2bCJuMm82D0eg055F1udz109fQK0rPa5sAiLhIDLhpQBsF4BVgTjw8P9ZVgCuU39
D5Upe7sUQ9yfCg==
-----END CERTIFICATE-----