Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft
File:                     yM7BO9bzBCDedNLDFWTa3aCOAU0.mft (raw, json)
Hash identifier:          b9fQjYU1/BWkVeQMZSu/7NYCob0vLIL1I8737GhwhrU=
Subject key identifier:   00:23:87:49:3B:FC:84:2F:46:03:22:27:31:48:64:1C:74:9A:34:80
Authority key identifier: C8:CE:C1:3B:D6:F3:04:20:DE:74:D2:C3:15:64:DA:DD:A0:8E:01:4D
Certificate issuer:       /CN=c8cec13bd6f30420de74d2c31564dadda08e014d
Certificate serial:       019D386609F11EA580DBF5F57192645E96F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yM7BO9bzBCDedNLDFWTa3aCOAU0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft
Manifest number:          02B9
Signing time:             Sun 29 Mar 2026 07:01:44 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:44 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:44 +0000
Files and hashes:         1: yM7BO9bzBCDedNLDFWTa3aCOAU0.crl (hash: oZB+3UKu/Q1EN6Im8+s6aHiH6680BmbeyNr0ZPTAQiQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yM7BO9bzBCDedNLDFWTa3aCOAU0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:09:f1:1e:a5:80:db:f5:f5:71:92:64:5e:96:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8cec13bd6f30420de74d2c31564dadda08e014d
        Validity
            Not Before: Mar 29 07:01:44 2026 GMT
            Not After : Mar 30 07:01:44 2026 GMT
        Subject: CN=002387493bfc842f460322273148641c749a3480
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:f5:51:c1:d6:ea:e0:d8:75:5b:e1:3f:fe:91:
                    f3:b9:71:bb:cd:13:3d:e5:05:9c:af:7b:9a:00:8b:
                    ca:e7:81:be:80:92:56:1b:7b:c6:f1:2f:05:86:d8:
                    5c:da:fd:b1:be:50:4b:b4:51:4a:3e:7d:80:58:ef:
                    88:7b:4f:e4:bb:dc:86:0c:da:30:fe:ca:80:2a:5e:
                    36:a9:1b:0b:d5:7a:bf:9a:e5:bd:87:8f:14:c9:a8:
                    1a:12:0d:1c:c7:fb:e7:0f:2b:bc:96:db:23:01:5c:
                    66:0f:8b:84:f5:0c:5f:09:80:f0:db:ae:73:30:17:
                    5e:c3:07:a6:23:60:97:54:49:eb:12:06:3a:b3:6e:
                    9c:6c:b6:90:50:d4:9e:35:0d:16:d1:58:52:9f:6b:
                    79:d9:2e:ce:7c:85:28:8b:b2:ec:10:27:c5:d9:32:
                    de:af:9e:16:be:da:ba:27:19:1c:ef:bc:53:1d:2d:
                    f6:58:e4:6a:81:1c:00:42:29:d5:3b:a0:08:85:0f:
                    19:b9:f1:57:3a:66:3a:65:a5:66:9d:4b:cb:88:d9:
                    81:ff:76:23:cd:05:15:12:6c:03:6f:e4:46:9e:22:
                    16:77:57:16:a7:b8:43:89:9a:5a:79:92:3c:85:51:
                    38:f7:5b:23:ea:13:a3:2b:04:64:10:29:75:33:32:
                    4a:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:23:87:49:3B:FC:84:2F:46:03:22:27:31:48:64:1C:74:9A:34:80
            X509v3 Authority Key Identifier:
                keyid:C8:CE:C1:3B:D6:F3:04:20:DE:74:D2:C3:15:64:DA:DD:A0:8E:01:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yM7BO9bzBCDedNLDFWTa3aCOAU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:99:c7:e5:ec:4b:a3:89:2d:71:1d:46:d9:a2:f7:31:8f:86:
         f7:5a:12:f0:15:65:1d:12:77:17:d8:e1:67:7d:32:cc:96:a1:
         4a:3f:ea:50:7f:e5:28:44:68:6f:2f:1e:96:f3:a2:9e:d0:29:
         fe:0f:9b:12:ab:0e:5f:c8:78:83:0d:88:78:ef:44:be:7a:ad:
         f2:03:17:92:ca:a1:62:91:fb:01:ab:56:05:74:fb:95:2c:b0:
         3c:ee:b0:27:a4:06:23:24:88:f3:f6:65:67:c2:6d:53:fb:7e:
         55:cc:b9:48:b3:50:6e:51:2f:d4:47:5e:2a:68:f0:aa:75:d4:
         a5:07:e8:53:8c:50:51:9b:56:10:b1:57:dc:8f:fe:4d:aa:c1:
         f8:29:16:7f:86:92:0f:72:e4:e9:f7:73:ef:49:6f:0e:6e:08:
         2e:e0:fb:f3:6c:0b:f0:83:c7:be:a6:dc:42:e7:56:d1:4b:8b:
         a1:8d:a9:d4:88:82:56:a6:14:5a:4c:5e:cf:b3:34:3c:b1:dd:
         93:ba:83:b8:15:6d:ba:c8:e5:20:7d:be:20:19:cf:7b:43:6e:
         0c:4d:e4:22:06:2e:60:80:48:48:d0:38:bb:dc:4f:d6:75:c5:
         e2:c1:b4:74:63:d6:76:3f:02:e3:f6:cf:c2:56:ea:db:9f:ff:
         51:d1:30:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZgnxHqWA2/X1cZJkXpbzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4Y2VjMTNiZDZmMzA0MjBkZTc0ZDJjMzE1NjRkYWRkYTA4
ZTAxNGQwHhcNMjYwMzI5MDcwMTQ0WhcNMjYwMzMwMDcwMTQ0WjAzMTEwLwYDVQQD
EygwMDIzODc0OTNiZmM4NDJmNDYwMzIyMjczMTQ4NjQxYzc0OWEzNDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fVRwdbq4Nh1W+E//pHzuXG7zRM9
5QWcr3uaAIvK54G+gJJWG3vG8S8Fhthc2v2xvlBLtFFKPn2AWO+Ie0/ku9yGDNow
/sqAKl42qRsL1Xq/muW9h48UyagaEg0cx/vnDyu8ltsjAVxmD4uE9QxfCYDw265z
MBdewwemI2CXVEnrEgY6s26cbLaQUNSeNQ0W0VhSn2t52S7OfIUoi7LsECfF2TLe
r54Wvtq6Jxkc77xTHS32WORqgRwAQinVO6AIhQ8ZufFXOmY6ZaVmnUvLiNmB/3Yj
zQUVEmwDb+RGniIWd1cWp7hDiZpaeZI8hVE491sj6hOjKwRkECl1MzJKHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAAjh0k7/IQvRgMiJzFIZBx0mjSAMB8GA1UdIwQY
MBaAFMjOwTvW8wQg3nTSwxVk2t2gjgFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU03Qk85YnpCQ0RlZE5MREZXVGEzYUNPQVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84NWRmMTQtYTgxNS00NjkxLWE5MjMt
NDZlNjVjOTVmODNhLzEveU03Qk85YnpCQ0RlZE5MREZXVGEzYUNPQVUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi84NWRmMTQtYTgxNS00NjkxLWE5MjMtNDZlNjVjOTVmODNh
LzEveU03Qk85YnpCQ0RlZE5MREZXVGEzYUNPQVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJJnH5exL
o4ktcR1G2aL3MY+G91oS8BVlHRJ3F9jhZ30yzJahSj/qUH/lKERoby8elvOintAp
/g+bEqsOX8h4gw2IeO9Evnqt8gMXksqhYpH7AatWBXT7lSywPO6wJ6QGIySI8/Zl
Z8JtU/t+Vcy5SLNQblEv1EdeKmjwqnXUpQfoU4xQUZtWELFX3I/+TarB+CkWf4aS
D3Lk6fdz70lvDm4ILuD782wL8IPHvqbcQudW0UuLoY2p1IiCVqYUWkxez7M0PLHd
k7qDuBVtusjlIH2+IBnPe0NuDE3kIgYuYIBISNA4u9xP1nXF4sG0dGPWdj8C4/bP
wlbq25//UdEwSw==
-----END CERTIFICATE-----