Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
File:                     Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft (raw, json)
Hash identifier:          s10r59SCZXUvjlda4m+kuc1oNrwzJ72bCPZZSl4UqFU=
Subject key identifier:   83:F3:E5:36:41:07:1E:8B:54:3A:94:04:98:8E:58:6C:F3:A7:B9:2E
Authority key identifier: 63:A8:CA:16:66:20:6D:2C:F1:2B:50:78:72:EA:D0:F5:A7:93:D0:E0
Certificate issuer:       /CN=63a8ca1666206d2cf12b507872ead0f5a793d0e0
Certificate serial:       019D3AF814D34F8BCC5A2ECCB4B288FF312E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
Manifest number:          0A1B
Signing time:             Sun 29 Mar 2026 19:00:29 +0000
Manifest this update:     Sun 29 Mar 2026 19:00:29 +0000
Manifest next update:     Mon 30 Mar 2026 19:00:29 +0000
Files and hashes:         1: Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl (hash: /I3wW25Z2s/9JxQoOKrJtRuk1evqcWpR1mqeFgcO+DA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:f8:14:d3:4f:8b:cc:5a:2e:cc:b4:b2:88:ff:31:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63a8ca1666206d2cf12b507872ead0f5a793d0e0
        Validity
            Not Before: Mar 29 19:00:29 2026 GMT
            Not After : Mar 30 19:00:29 2026 GMT
        Subject: CN=83f3e53641071e8b543a9404988e586cf3a7b92e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:43:c6:6e:ff:11:a4:c9:a1:c0:b8:cf:7b:52:
                    34:b6:70:1b:0c:69:90:de:74:2c:4c:05:68:c8:44:
                    a6:d9:18:37:94:ca:29:ff:ae:25:d1:3b:bb:f7:a9:
                    23:03:2c:17:bc:5a:25:60:28:63:3f:d3:a7:d7:d6:
                    b1:9d:28:0a:32:2b:20:4f:21:ee:a1:54:41:b8:ae:
                    d8:7d:b4:68:01:e3:31:ae:1b:55:71:6b:0c:e4:91:
                    50:d8:bf:a1:ad:08:0d:73:a4:ec:d5:2f:a1:0e:64:
                    cf:a4:4c:84:40:c5:d3:7e:f5:d7:aa:13:2f:c2:f5:
                    8f:f1:cc:97:50:b8:ff:7f:e4:4e:13:b4:0b:8a:6a:
                    48:01:06:27:bc:8b:7d:da:66:09:9c:ae:3a:df:c1:
                    52:4d:96:a4:84:9c:ef:1b:79:90:b0:37:65:b3:8a:
                    15:f8:20:19:f1:fe:a6:d4:f5:e3:2f:55:72:ee:66:
                    b3:ee:bc:f6:6e:5d:e2:7c:25:02:05:c6:08:65:41:
                    86:bc:76:79:61:41:ed:df:b2:f7:58:e3:d1:33:ff:
                    4a:d4:19:5a:92:51:32:38:e7:dd:5d:3c:0e:9f:6f:
                    7e:df:db:12:6f:b1:74:8c:4d:6c:ee:a2:1c:8b:02:
                    6b:c6:cf:b0:fa:1b:ee:b7:7a:36:4d:05:fd:d3:7e:
                    2a:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:F3:E5:36:41:07:1E:8B:54:3A:94:04:98:8E:58:6C:F3:A7:B9:2E
            X509v3 Authority Key Identifier:
                keyid:63:A8:CA:16:66:20:6D:2C:F1:2B:50:78:72:EA:D0:F5:A7:93:D0:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:7a:a0:ec:65:56:f8:2d:3d:e8:10:eb:f8:23:f1:5f:e6:40:
         b9:08:fc:8c:de:b2:7c:6a:95:2f:21:de:73:a9:76:e2:96:18:
         e2:fc:30:49:d3:0c:c6:63:59:e3:25:fa:35:09:93:54:e6:db:
         bd:31:27:30:a9:6c:1c:8b:b7:39:31:f7:5e:41:ff:ae:dd:93:
         79:26:5a:fc:3d:da:d0:d1:19:1f:11:42:52:49:5a:3b:cf:7c:
         e3:fd:1b:0c:8b:1b:69:05:06:82:67:fd:59:c7:a3:65:8a:73:
         2f:a9:29:4f:9f:84:c3:93:84:c3:9b:fd:0a:7c:10:53:40:67:
         1e:e6:c9:20:4c:f7:14:37:03:f5:9b:91:20:cd:da:cf:31:7f:
         d6:90:4f:ad:65:46:4f:e4:e9:81:af:ef:8f:16:58:ee:23:21:
         2a:b8:bc:1c:24:a1:d9:7c:ee:92:38:71:8c:a8:7f:0c:05:9e:
         0b:8f:65:d0:1f:91:65:95:34:27:25:45:ea:00:9a:a5:e0:f9:
         31:64:c9:79:82:b3:fc:06:70:87:2b:1a:d2:3a:7a:c2:0e:f3:
         6a:33:7e:cf:f7:6c:6e:78:47:b1:2b:79:55:1d:06:64:24:00:
         2f:f3:d8:59:05:31:6c:13:6a:49:64:75:6e:ea:45:e6:29:3d:
         d3:15:e0:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06+BTTT4vMWi7MtLKI/zEuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYThjYTE2NjYyMDZkMmNmMTJiNTA3ODcyZWFkMGY1YTc5
M2QwZTAwHhcNMjYwMzI5MTkwMDI5WhcNMjYwMzMwMTkwMDI5WjAzMTEwLwYDVQQD
Eyg4M2YzZTUzNjQxMDcxZThiNTQzYTk0MDQ5ODhlNTg2Y2YzYTdiOTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUPGbv8RpMmhwLjPe1I0tnAbDGmQ
3nQsTAVoyESm2Rg3lMop/64l0Tu796kjAywXvFolYChjP9On19axnSgKMisgTyHu
oVRBuK7YfbRoAeMxrhtVcWsM5JFQ2L+hrQgNc6Ts1S+hDmTPpEyEQMXTfvXXqhMv
wvWP8cyXULj/f+ROE7QLimpIAQYnvIt92mYJnK4638FSTZakhJzvG3mQsDdls4oV
+CAZ8f6m1PXjL1Vy7maz7rz2bl3ifCUCBcYIZUGGvHZ5YUHt37L3WOPRM/9K1Bla
klEyOOfdXTwOn29+39sSb7F0jE1s7qIciwJrxs+w+hvut3o2TQX9034q3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIPz5TZBBx6LVDqUBJiOWGzzp7kuMB8GA1UdIwQY
MBaAFGOoyhZmIG0s8StQeHLq0PWnk9DgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8wNDQ2YjEtZGYyZi00MjYxLWExYmEt
NzVhYjIxZjNiM2QwLzEvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8wNDQ2YjEtZGYyZi00MjYxLWExYmEtNzVhYjIxZjNiM2Qw
LzEvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANnqg7GVW
+C096BDr+CPxX+ZAuQj8jN6yfGqVLyHec6l24pYY4vwwSdMMxmNZ4yX6NQmTVObb
vTEnMKlsHIu3OTH3XkH/rt2TeSZa/D3a0NEZHxFCUklaO8984/0bDIsbaQUGgmf9
WcejZYpzL6kpT5+Ew5OEw5v9CnwQU0BnHubJIEz3FDcD9ZuRIM3azzF/1pBPrWVG
T+Tpga/vjxZY7iMhKri8HCSh2XzukjhxjKh/DAWeC49l0B+RZZU0JyVF6gCapeD5
MWTJeYKz/AZwhysa0jp6wg7zajN+z/dsbnhHsSt5VR0GZCQAL/PYWQUxbBNqSWR1
bupF5ik90xXgSg==
-----END CERTIFICATE-----