Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
File:                     Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft (raw, json)
Hash identifier:          Pf7BSBzPVtFvuN8W/9MZYE3KUfm7sdcEnnIiT/fWxqk=
Subject key identifier:   6F:5B:CB:E7:CF:A1:6D:2E:69:75:02:A0:AC:D3:BE:09:68:53:2D:39
Authority key identifier: 63:EF:6B:DB:C4:2A:D0:6D:EF:DA:D7:26:79:41:43:46:D8:D0:48:DF
Certificate issuer:       /CN=63ef6bdbc42ad06defdad72679414346d8d048df
Certificate serial:       019D386633BFBEC94B20B6825E1DB66C60A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
Manifest number:          188A
Signing time:             Sun 29 Mar 2026 07:01:55 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:55 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:55 +0000
Files and hashes:         1: Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl (hash: 6J83udUw6lgK8Uefao2rNe6KkPB9qGPm4g0OC/Kd/6g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:33:bf:be:c9:4b:20:b6:82:5e:1d:b6:6c:60:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63ef6bdbc42ad06defdad72679414346d8d048df
        Validity
            Not Before: Mar 29 07:01:55 2026 GMT
            Not After : Mar 30 07:01:55 2026 GMT
        Subject: CN=6f5bcbe7cfa16d2e697502a0acd3be0968532d39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:d8:cc:9a:a3:ca:8b:5d:90:32:78:98:2d:06:
                    86:50:b2:c2:e5:81:5f:33:3d:91:5e:46:fc:7a:2c:
                    48:6c:39:73:71:8d:e4:bf:12:fb:c6:5a:3d:c2:f3:
                    ee:8e:3c:29:b2:0e:38:a8:04:ec:85:35:df:e1:85:
                    fc:2b:85:de:52:57:9f:34:24:c9:72:0e:28:05:f2:
                    62:66:c2:aa:23:db:e3:d7:c6:75:a1:20:70:c2:31:
                    a4:bc:1e:94:46:35:fd:7c:e3:81:ab:54:9b:6d:54:
                    35:d1:0d:2f:51:87:52:ca:4c:3a:d1:4c:91:4e:68:
                    ed:03:c5:7f:c1:dc:30:8c:81:b8:b9:14:96:20:a3:
                    00:cf:1b:fd:f3:b9:73:d1:64:20:4e:f5:77:e2:89:
                    21:88:70:2d:03:df:be:d7:ba:ff:ec:d0:66:7c:3c:
                    bc:c4:e2:ba:b4:8c:80:4e:fb:f3:27:06:2d:75:45:
                    6e:88:a1:e7:93:78:f4:f3:bc:81:87:18:84:eb:d7:
                    e9:03:c3:92:19:ae:a6:f1:c3:94:89:ad:72:bf:95:
                    9e:61:fa:48:0d:95:fe:80:04:75:bd:0d:e6:b1:9a:
                    18:17:3e:28:d8:63:7d:6f:25:2c:d4:b5:ae:37:1c:
                    40:9f:cf:87:95:6d:1a:6f:d7:ff:3d:ae:ca:7a:77:
                    45:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:5B:CB:E7:CF:A1:6D:2E:69:75:02:A0:AC:D3:BE:09:68:53:2D:39
            X509v3 Authority Key Identifier:
                keyid:63:EF:6B:DB:C4:2A:D0:6D:EF:DA:D7:26:79:41:43:46:D8:D0:48:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5ab512-9606-42dc-9eb5-0c8368db9563/1/Y-9r28Qq0G3v2tcmeUFDRtjQSN8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:e5:c2:35:04:78:4a:42:15:16:6f:60:42:1a:dc:9b:cf:b9:
         a6:e5:85:3a:fe:1f:ef:86:64:51:f2:4b:7a:ff:f8:58:27:7d:
         df:c9:87:83:56:a8:b2:65:68:6e:c8:4c:e8:fd:10:22:29:f5:
         37:00:aa:4e:a5:18:98:3f:5c:7a:52:21:a2:82:29:f0:a3:be:
         00:48:7d:7b:d7:15:22:30:12:c8:52:5a:f8:69:a1:09:fd:14:
         85:54:54:a4:9a:58:b5:02:a7:7d:25:f9:bc:38:99:12:0f:21:
         7b:93:f1:e7:7c:81:ae:d4:18:b1:4a:7a:24:bb:f6:ca:e5:7c:
         91:a4:3a:c7:d3:ab:7d:f6:57:b0:77:a2:24:1f:cd:c0:6f:bc:
         5f:f2:17:cb:51:c3:e6:2b:6a:82:cb:5e:75:61:9b:8d:c8:70:
         49:fc:5c:6f:91:e2:c1:10:9a:fc:1e:48:d9:4d:91:04:17:eb:
         2a:8d:d6:45:c6:19:f4:14:f0:ea:d3:24:1c:f0:5a:6b:46:c9:
         7c:28:5e:f0:ea:2a:5d:97:f9:c6:ba:d4:19:e1:ad:a5:b9:9e:
         60:4a:b9:8b:45:ae:e6:50:26:d1:3b:0c:18:71:3e:52:10:02:
         b1:70:fb:58:24:9a:41:b4:c5:8d:5e:ae:e1:c6:d8:5f:ae:f4:
         51:4e:c5:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZjO/vslLILaCXh22bGCpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZWY2YmRiYzQyYWQwNmRlZmRhZDcyNjc5NDE0MzQ2ZDhk
MDQ4ZGYwHhcNMjYwMzI5MDcwMTU1WhcNMjYwMzMwMDcwMTU1WjAzMTEwLwYDVQQD
Eyg2ZjViY2JlN2NmYTE2ZDJlNjk3NTAyYTBhY2QzYmUwOTY4NTMyZDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldjMmqPKi12QMniYLQaGULLC5YFf
Mz2RXkb8eixIbDlzcY3kvxL7xlo9wvPujjwpsg44qATshTXf4YX8K4XeUlefNCTJ
cg4oBfJiZsKqI9vj18Z1oSBwwjGkvB6URjX9fOOBq1SbbVQ10Q0vUYdSykw60UyR
TmjtA8V/wdwwjIG4uRSWIKMAzxv987lz0WQgTvV34okhiHAtA9++17r/7NBmfDy8
xOK6tIyATvvzJwYtdUVuiKHnk3j087yBhxiE69fpA8OSGa6m8cOUia1yv5WeYfpI
DZX+gAR1vQ3msZoYFz4o2GN9byUs1LWuNxxAn8+HlW0ab9f/Pa7KendFUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG9by+fPoW0uaXUCoKzTvgloUy05MB8GA1UdIwQY
MBaAFGPva9vEKtBt79rXJnlBQ0bY0EjfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81YWI1MTItOTYwNi00MmRjLTllYjUt
MGM4MzY4ZGI5NTYzLzEvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81YWI1MTItOTYwNi00MmRjLTllYjUtMGM4MzY4ZGI5NTYz
LzEvWS05cjI4UXEwRzN2MnRjbWVVRkRSdGpRU044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfuXCNQR4
SkIVFm9gQhrcm8+5puWFOv4f74ZkUfJLev/4WCd938mHg1aosmVobshM6P0QIin1
NwCqTqUYmD9celIhooIp8KO+AEh9e9cVIjASyFJa+GmhCf0UhVRUpJpYtQKnfSX5
vDiZEg8he5Px53yBrtQYsUp6JLv2yuV8kaQ6x9OrffZXsHeiJB/NwG+8X/IXy1HD
5itqgstedWGbjchwSfxcb5HiwRCa/B5I2U2RBBfrKo3WRcYZ9BTw6tMkHPBaa0bJ
fChe8OoqXZf5xrrUGeGtpbmeYEq5i0Wu5lAm0TsMGHE+UhACsXD7WCSaQbTFjV6u
4cbYX670UU7FXA==
-----END CERTIFICATE-----