Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/e3c390-e475-4024-ac7f-08740df87106/1/Yefv0ZrydUeUJswZJcW8Ls7ums4.mft
File:                     Yefv0ZrydUeUJswZJcW8Ls7ums4.mft (raw, json)
Hash identifier:          2BojRp8d3GiUE7Anp46GxdDSh0PB2bk6vaFgPcdZMtU=
Subject key identifier:   38:4F:A0:2D:D6:6B:4C:95:FB:67:50:10:8E:82:0A:5C:71:22:A6:63
Authority key identifier: 61:E7:EF:D1:9A:F2:75:47:94:26:CC:19:25:C5:BC:2E:CE:EE:9A:CE
Certificate issuer:       /CN=61e7efd19af275479426cc1925c5bc2eceee9ace
Certificate serial:       019D37C090EBC133A2BD54CF5924D8AD2743
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yefv0ZrydUeUJswZJcW8Ls7ums4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/e3c390-e475-4024-ac7f-08740df87106/1/Yefv0ZrydUeUJswZJcW8Ls7ums4.mft
Manifest number:          17A0
Signing time:             Sun 29 Mar 2026 04:01:00 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:00 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:00 +0000
Files and hashes:         1: Yefv0ZrydUeUJswZJcW8Ls7ums4.crl (hash: p0+tYao/Oz1qWRkYkvjoiqYIb8bgvewyr84BTRQna5c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/e3c390-e475-4024-ac7f-08740df87106/1/Yefv0ZrydUeUJswZJcW8Ls7ums4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/e3c390-e475-4024-ac7f-08740df87106/1/Yefv0ZrydUeUJswZJcW8Ls7ums4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Yefv0ZrydUeUJswZJcW8Ls7ums4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:90:eb:c1:33:a2:bd:54:cf:59:24:d8:ad:27:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61e7efd19af275479426cc1925c5bc2eceee9ace
        Validity
            Not Before: Mar 29 04:01:00 2026 GMT
            Not After : Mar 30 04:01:00 2026 GMT
        Subject: CN=384fa02dd66b4c95fb6750108e820a5c7122a663
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:33:d2:7f:98:6d:17:46:15:a9:b1:22:21:38:
                    1f:d8:3b:45:94:66:eb:2d:c1:0d:72:e0:1c:b6:be:
                    16:fb:4c:bf:6b:6e:fb:c5:74:75:0f:58:4d:c3:59:
                    7b:92:bf:96:3f:8b:e1:0a:84:0f:b9:7d:80:2d:a8:
                    89:9a:b9:0b:bb:2e:d7:9e:74:23:ad:f7:2d:21:79:
                    76:e3:54:3a:60:31:e9:01:97:e0:7b:8b:f1:b0:9e:
                    9c:a8:58:43:7c:d5:7b:2f:07:a3:3a:47:2a:f7:5d:
                    d2:7c:3a:d9:41:64:a2:fe:0d:f9:8f:7c:f2:45:2b:
                    02:98:30:7a:02:06:3d:4e:48:f2:51:b2:c2:77:15:
                    0e:29:e7:ec:1c:7e:86:09:f7:36:fe:21:fc:b1:69:
                    77:04:a7:18:65:28:91:15:03:8e:c5:50:df:4c:db:
                    3d:f5:c4:0a:bf:24:f6:71:9e:82:f6:89:da:26:03:
                    c3:b9:70:87:0e:0c:c9:14:06:e1:38:c8:9e:ba:23:
                    fa:33:da:ce:5c:af:b1:41:d9:79:7c:3c:3c:1b:7c:
                    d5:34:7c:13:45:1e:97:53:55:2d:48:2f:fd:87:9e:
                    c1:ea:8d:b6:ec:d7:63:45:61:b8:78:27:9c:c2:93:
                    71:c3:1d:fd:b1:65:69:71:d5:b5:29:29:79:a5:16:
                    76:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:4F:A0:2D:D6:6B:4C:95:FB:67:50:10:8E:82:0A:5C:71:22:A6:63
            X509v3 Authority Key Identifier:
                keyid:61:E7:EF:D1:9A:F2:75:47:94:26:CC:19:25:C5:BC:2E:CE:EE:9A:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yefv0ZrydUeUJswZJcW8Ls7ums4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/e3c390-e475-4024-ac7f-08740df87106/1/Yefv0ZrydUeUJswZJcW8Ls7ums4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/e3c390-e475-4024-ac7f-08740df87106/1/Yefv0ZrydUeUJswZJcW8Ls7ums4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:c1:de:50:ff:28:72:20:95:c6:23:5f:65:5b:46:24:90:6f:
         f8:da:51:aa:c1:d4:d5:a4:ad:9a:ca:09:9a:ba:17:c2:23:08:
         9f:eb:cd:98:b8:b6:9d:68:55:27:8c:ca:2b:f3:50:63:0c:6e:
         e7:4f:c8:7b:60:99:04:22:ef:9d:bc:3e:36:25:5f:86:99:e9:
         e5:1d:00:94:64:52:5d:76:1e:08:10:d1:b2:d5:dc:22:e0:27:
         8d:88:a3:c5:6c:ef:d9:5a:e6:a9:e0:64:78:c5:26:ba:75:72:
         fd:d4:1b:5d:92:99:45:19:12:0e:44:25:f6:dd:2f:e3:6a:f7:
         09:e0:bf:6f:16:b8:2c:36:e6:33:ab:ff:6c:f5:de:19:59:c1:
         f3:33:33:fc:ba:d1:d3:7a:0f:1d:e4:e8:9d:53:fe:c1:a2:88:
         c2:40:04:87:1e:20:10:ec:3a:30:17:15:f0:59:c4:05:3c:ff:
         8e:2d:31:6a:03:6e:a4:82:89:0b:c5:b5:14:39:6a:22:e3:6e:
         ee:7c:56:99:f8:3f:77:d2:f6:bb:f2:09:03:ed:c3:2a:cc:0a:
         fb:07:5e:e7:10:61:5b:da:85:49:38:10:f9:d9:5b:2f:39:de:
         bb:1c:62:c8:26:06:a0:e5:e1:81:5d:55:e3:0f:eb:0b:24:0a:
         63:ce:17:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wJDrwTOivVTPWSTYrSdDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxZTdlZmQxOWFmMjc1NDc5NDI2Y2MxOTI1YzViYzJlY2Vl
ZTlhY2UwHhcNMjYwMzI5MDQwMTAwWhcNMjYwMzMwMDQwMTAwWjAzMTEwLwYDVQQD
EygzODRmYTAyZGQ2NmI0Yzk1ZmI2NzUwMTA4ZTgyMGE1YzcxMjJhNjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTPSf5htF0YVqbEiITgf2DtFlGbr
LcENcuActr4W+0y/a277xXR1D1hNw1l7kr+WP4vhCoQPuX2ALaiJmrkLuy7XnnQj
rfctIXl241Q6YDHpAZfge4vxsJ6cqFhDfNV7LwejOkcq913SfDrZQWSi/g35j3zy
RSsCmDB6AgY9TkjyUbLCdxUOKefsHH6GCfc2/iH8sWl3BKcYZSiRFQOOxVDfTNs9
9cQKvyT2cZ6C9onaJgPDuXCHDgzJFAbhOMieuiP6M9rOXK+xQdl5fDw8G3zVNHwT
RR6XU1UtSC/9h57B6o227NdjRWG4eCecwpNxwx39sWVpcdW1KSl5pRZ2pwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDhPoC3Wa0yV+2dQEI6CClxxIqZjMB8GA1UdIwQY
MBaAFGHn79Ga8nVHlCbMGSXFvC7O7prOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWVmdjBacnlkVWVVSnN3WkpjVzhMczd1bXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9lM2MzOTAtZTQ3NS00MDI0LWFjN2Yt
MDg3NDBkZjg3MTA2LzEvWWVmdjBacnlkVWVVSnN3WkpjVzhMczd1bXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9lM2MzOTAtZTQ3NS00MDI0LWFjN2YtMDg3NDBkZjg3MTA2
LzEvWWVmdjBacnlkVWVVSnN3WkpjVzhMczd1bXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY8HeUP8o
ciCVxiNfZVtGJJBv+NpRqsHU1aStmsoJmroXwiMIn+vNmLi2nWhVJ4zKK/NQYwxu
50/Ie2CZBCLvnbw+NiVfhpnp5R0AlGRSXXYeCBDRstXcIuAnjYijxWzv2VrmqeBk
eMUmunVy/dQbXZKZRRkSDkQl9t0v42r3CeC/bxa4LDbmM6v/bPXeGVnB8zMz/LrR
03oPHeTonVP+waKIwkAEhx4gEOw6MBcV8FnEBTz/ji0xagNupIKJC8W1FDlqIuNu
7nxWmfg/d9L2u/IJA+3DKswK+wde5xBhW9qFSTgQ+dlbLzneuxxiyCYGoOXhgV1V
4w/rCyQKY84Xcw==
-----END CERTIFICATE-----