Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft
File:                     yFiMcrJRDxd7g18gHjNl7PnkWh0.mft (raw, json)
Hash identifier:          /YrENkmpoGwmx34iKRclOhzqIHPING3ChlmCAVBvCPc=
Subject key identifier:   F6:54:07:A4:32:75:C9:E5:37:B8:24:3B:BC:CC:E0:FA:89:CB:0B:FD
Authority key identifier: C8:58:8C:72:B2:51:0F:17:7B:83:5F:20:1E:33:65:EC:F9:E4:5A:1D
Certificate issuer:       /CN=c8588c72b2510f177b835f201e3365ecf9e45a1d
Certificate serial:       019D3909E932FF0A8817C8E1B1C00221F3D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yFiMcrJRDxd7g18gHjNl7PnkWh0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft
Manifest number:          1240
Signing time:             Sun 29 Mar 2026 10:00:43 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:43 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:43 +0000
Files and hashes:         1: yFiMcrJRDxd7g18gHjNl7PnkWh0.crl (hash: 2uHjnEs8RUV1BFz5cDzaVCGjdATGT9kqz9uEa6ujcho=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yFiMcrJRDxd7g18gHjNl7PnkWh0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:e9:32:ff:0a:88:17:c8:e1:b1:c0:02:21:f3:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8588c72b2510f177b835f201e3365ecf9e45a1d
        Validity
            Not Before: Mar 29 10:00:43 2026 GMT
            Not After : Mar 30 10:00:43 2026 GMT
        Subject: CN=f65407a43275c9e537b8243bbccce0fa89cb0bfd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:b4:95:5b:fc:b6:55:45:d8:27:1d:22:b8:a5:
                    4b:52:e4:f5:a4:5e:c8:ac:93:7e:71:75:41:37:a8:
                    22:cd:59:42:95:c7:70:ca:ff:16:4e:8c:d7:72:cf:
                    75:31:b1:79:0c:14:82:63:be:13:71:3f:67:37:01:
                    fc:5c:8d:55:0b:12:6f:15:90:0b:60:ff:6b:66:33:
                    b5:af:8f:92:f3:9a:89:b4:9f:f8:18:14:d2:95:9b:
                    2e:b1:25:0b:61:1a:79:0b:d7:06:2f:ca:4d:67:ee:
                    0c:2a:ec:b2:9e:db:22:70:eb:98:dc:23:93:81:cf:
                    f5:d8:ef:12:7b:32:d3:b1:0a:1e:4c:d7:4c:aa:2a:
                    34:6c:ec:cd:49:4e:f9:8c:a3:dc:85:d9:87:e4:eb:
                    2c:5d:93:99:97:4d:6b:df:c8:d2:f9:44:f6:bd:0f:
                    d7:fe:62:f7:a1:69:ce:ad:65:3a:be:5c:59:4c:97:
                    76:61:24:c4:20:85:d6:09:c5:b7:ad:c9:c8:53:ef:
                    12:23:a3:77:08:57:6f:04:f5:61:2c:a6:3e:1d:83:
                    3d:bf:02:fa:a3:96:33:1e:c6:4f:34:b0:f4:4f:51:
                    1c:ec:30:56:7a:e8:ab:09:23:cc:b7:5f:15:c0:5b:
                    9b:21:27:c6:fe:c2:cf:43:c9:79:9f:39:f4:8b:75:
                    2f:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:54:07:A4:32:75:C9:E5:37:B8:24:3B:BC:CC:E0:FA:89:CB:0B:FD
            X509v3 Authority Key Identifier:
                keyid:C8:58:8C:72:B2:51:0F:17:7B:83:5F:20:1E:33:65:EC:F9:E4:5A:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yFiMcrJRDxd7g18gHjNl7PnkWh0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/93b38e-6400-4e6d-a0eb-049cc1fce37e/1/yFiMcrJRDxd7g18gHjNl7PnkWh0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:1e:22:9b:ff:dc:23:91:fe:a8:5b:c3:5c:b1:43:58:c5:66:
         53:e3:d9:e3:9d:36:43:47:56:df:6e:99:e9:4a:8e:31:97:49:
         e2:59:ca:45:f7:34:05:4d:85:6c:5e:f8:91:8b:e7:55:91:97:
         a4:39:71:6e:61:a1:75:1f:75:63:6b:cf:c8:83:4a:a0:41:6f:
         ca:f2:22:e3:49:c4:ca:f9:60:ab:09:62:d9:8a:aa:25:41:86:
         c2:15:34:37:e0:2d:d8:79:c1:23:fb:ab:88:97:60:ba:57:2b:
         87:0b:14:99:9b:9f:b3:0f:70:e6:92:18:10:71:c1:4d:d3:9d:
         3e:d1:50:13:9a:91:c9:63:fb:3e:7d:ba:de:09:6b:bf:32:0a:
         b8:6e:49:80:59:5c:8f:98:a6:1e:94:ab:46:8f:06:26:63:34:
         3e:66:9a:ca:af:8d:f4:47:af:25:42:f4:20:46:be:f5:c7:4a:
         9c:05:4d:9c:3d:7c:75:7d:dc:2c:6c:59:d3:a8:9a:10:6f:61:
         9a:66:7d:e1:c2:83:51:98:03:e7:6d:9e:03:42:fb:96:95:e5:
         23:f1:35:51:c8:44:8e:32:c6:c1:06:fb:8b:d9:37:9f:15:f3:
         b2:f4:6e:23:b3:e5:a4:bb:f6:fb:1f:df:d5:ed:62:dc:77:c2:
         a0:ad:23:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Ceky/wqIF8jhscACIfPRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NTg4YzcyYjI1MTBmMTc3YjgzNWYyMDFlMzM2NWVjZjll
NDVhMWQwHhcNMjYwMzI5MTAwMDQzWhcNMjYwMzMwMTAwMDQzWjAzMTEwLwYDVQQD
EyhmNjU0MDdhNDMyNzVjOWU1MzdiODI0M2JiY2NjZTBmYTg5Y2IwYmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbSVW/y2VUXYJx0iuKVLUuT1pF7I
rJN+cXVBN6gizVlClcdwyv8WTozXcs91MbF5DBSCY74TcT9nNwH8XI1VCxJvFZAL
YP9rZjO1r4+S85qJtJ/4GBTSlZsusSULYRp5C9cGL8pNZ+4MKuyyntsicOuY3COT
gc/12O8SezLTsQoeTNdMqio0bOzNSU75jKPchdmH5OssXZOZl01r38jS+UT2vQ/X
/mL3oWnOrWU6vlxZTJd2YSTEIIXWCcW3rcnIU+8SI6N3CFdvBPVhLKY+HYM9vwL6
o5YzHsZPNLD0T1Ec7DBWeuirCSPMt18VwFubISfG/sLPQ8l5nzn0i3UvQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPZUB6QydcnlN7gkO7zM4PqJywv9MB8GA1UdIwQY
MBaAFMhYjHKyUQ8Xe4NfIB4zZez55FodMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUZpTWNySlJEeGQ3ZzE4Z0hqTmw3UG5rV2gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi85M2IzOGUtNjQwMC00ZTZkLWEwZWIt
MDQ5Y2MxZmNlMzdlLzEveUZpTWNySlJEeGQ3ZzE4Z0hqTmw3UG5rV2gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi85M2IzOGUtNjQwMC00ZTZkLWEwZWItMDQ5Y2MxZmNlMzdl
LzEveUZpTWNySlJEeGQ3ZzE4Z0hqTmw3UG5rV2gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVR4im//c
I5H+qFvDXLFDWMVmU+PZ4502Q0dW326Z6UqOMZdJ4lnKRfc0BU2FbF74kYvnVZGX
pDlxbmGhdR91Y2vPyINKoEFvyvIi40nEyvlgqwli2YqqJUGGwhU0N+At2HnBI/ur
iJdgulcrhwsUmZufsw9w5pIYEHHBTdOdPtFQE5qRyWP7Pn263glrvzIKuG5JgFlc
j5imHpSrRo8GJmM0Pmaayq+N9EevJUL0IEa+9cdKnAVNnD18dX3cLGxZ06iaEG9h
mmZ94cKDUZgD522eA0L7lpXlI/E1UchEjjLGwQb7i9k3nxXzsvRuI7PlpLv2+x/f
1e1i3HfCoK0jsw==
-----END CERTIFICATE-----