Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/e5055f-dd77-4e66-b76e-f1e18b31292c/1/ySqWHIeskFGOp1LxhbtlEoq6KGY.mft
File:                     ySqWHIeskFGOp1LxhbtlEoq6KGY.mft (raw, json)
Hash identifier:          lGt27LiPqHuyXeb0aOoo3NKZcF7OLuINRL4B9+6WB0Y=
Subject key identifier:   21:82:23:78:B9:70:E6:85:95:23:C5:08:A8:85:E3:4F:B8:6D:81:79
Authority key identifier: C9:2A:96:1C:87:AC:90:51:8E:A7:52:F1:85:BB:65:12:8A:BA:28:66
Certificate issuer:       /CN=c92a961c87ac90518ea752f185bb65128aba2866
Certificate serial:       019D38666C58CFB5C00B8ADC8665231FD1C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ySqWHIeskFGOp1LxhbtlEoq6KGY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/e5055f-dd77-4e66-b76e-f1e18b31292c/1/ySqWHIeskFGOp1LxhbtlEoq6KGY.mft
Manifest number:          0533
Signing time:             Sun 29 Mar 2026 07:02:09 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:09 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:09 +0000
Files and hashes:         1: ySqWHIeskFGOp1LxhbtlEoq6KGY.crl (hash: V0ByAlfg6tVP0O/WCwra+oH9+onq/p0eJcZOs/VpV5c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/e5055f-dd77-4e66-b76e-f1e18b31292c/1/ySqWHIeskFGOp1LxhbtlEoq6KGY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/e5055f-dd77-4e66-b76e-f1e18b31292c/1/ySqWHIeskFGOp1LxhbtlEoq6KGY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ySqWHIeskFGOp1LxhbtlEoq6KGY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:6c:58:cf:b5:c0:0b:8a:dc:86:65:23:1f:d1:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c92a961c87ac90518ea752f185bb65128aba2866
        Validity
            Not Before: Mar 29 07:02:09 2026 GMT
            Not After : Mar 30 07:02:09 2026 GMT
        Subject: CN=21822378b970e6859523c508a885e34fb86d8179
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:a6:35:5e:44:2d:3b:88:ca:f0:cb:f7:4e:e3:
                    b3:3c:91:36:81:a5:1b:f1:93:2c:5c:de:27:e7:8f:
                    21:bb:1d:32:eb:e0:4a:f1:15:f2:64:5c:3a:38:e3:
                    fa:c7:de:8b:e7:71:a0:a7:59:55:28:bb:e4:0f:23:
                    a2:8e:04:19:0a:bd:e6:ea:61:c7:87:a9:21:92:66:
                    b8:c5:dc:83:43:ca:37:e0:8c:e0:c0:ce:93:6f:22:
                    cb:26:5b:e3:b0:fd:c3:5a:c6:f4:d5:5a:10:04:c3:
                    dc:94:2d:87:45:f3:69:2e:ff:76:4d:88:79:6f:3f:
                    3f:47:ea:7d:81:32:82:3a:4b:26:93:dc:7d:39:a5:
                    cd:88:4b:21:a3:4c:b2:0e:a2:96:2a:2e:e3:da:49:
                    ee:f8:fd:e7:b4:09:16:54:6e:13:8c:b4:26:04:c5:
                    b3:9d:97:86:2a:4a:e3:df:19:11:48:d2:fd:05:59:
                    0f:33:fa:1d:0a:85:27:00:f2:4e:14:97:b8:cf:b8:
                    22:77:7c:40:19:8f:5f:b1:99:c0:d9:d3:3f:f6:14:
                    53:51:16:fb:ba:44:7f:3a:0b:44:b0:e9:3e:75:fa:
                    31:1d:c0:68:35:e7:d0:dc:f6:e1:77:ed:fd:c8:ea:
                    e7:47:24:84:bd:99:ec:4c:ee:6e:08:62:03:1f:33:
                    a8:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:82:23:78:B9:70:E6:85:95:23:C5:08:A8:85:E3:4F:B8:6D:81:79
            X509v3 Authority Key Identifier:
                keyid:C9:2A:96:1C:87:AC:90:51:8E:A7:52:F1:85:BB:65:12:8A:BA:28:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ySqWHIeskFGOp1LxhbtlEoq6KGY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/e5055f-dd77-4e66-b76e-f1e18b31292c/1/ySqWHIeskFGOp1LxhbtlEoq6KGY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/e5055f-dd77-4e66-b76e-f1e18b31292c/1/ySqWHIeskFGOp1LxhbtlEoq6KGY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:92:aa:a0:00:6e:3b:f5:6c:4f:3a:50:16:a2:91:51:95:e4:
         c8:91:56:0d:4e:c7:91:c4:6a:98:c2:d9:eb:da:8e:d8:a9:22:
         92:9c:8c:75:ec:bf:68:3c:85:f2:cd:fa:19:2e:39:b2:4e:d6:
         8d:56:fe:85:d0:55:17:9e:c9:21:bf:af:22:4b:1e:51:0f:43:
         3c:47:22:bf:4b:15:a8:bd:b6:63:38:3d:0f:34:38:23:8e:e0:
         68:a8:a0:c1:49:57:6f:fb:b0:fb:c9:da:5f:36:25:bb:16:87:
         9e:70:97:11:04:31:39:d9:b0:bd:af:9f:d7:4f:e1:ff:a0:55:
         6d:8b:3f:04:34:0c:c3:e1:20:5f:e4:16:9e:27:4e:3e:3d:99:
         c0:b6:a4:82:e4:bc:89:7c:59:91:6f:b4:d9:1e:2a:74:fc:fd:
         07:e9:3a:d7:18:bd:00:8b:fc:00:e6:d7:0b:a0:b7:3f:a8:48:
         22:6d:d1:91:9b:fe:e1:76:1f:2a:9f:e0:25:60:d3:95:bc:4b:
         f0:d1:b3:19:a5:5d:90:df:11:09:2d:19:03:4e:ec:75:9f:66:
         a7:fb:64:1a:ae:f0:2c:36:6f:6c:23:59:a6:fc:cf:7a:30:9c:
         7a:9f:08:5f:9e:87:b9:d7:99:b0:65:9c:01:0a:b4:ec:ae:cf:
         76:e0:04:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZmxYz7XAC4rchmUjH9HFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MmE5NjFjODdhYzkwNTE4ZWE3NTJmMTg1YmI2NTEyOGFi
YTI4NjYwHhcNMjYwMzI5MDcwMjA5WhcNMjYwMzMwMDcwMjA5WjAzMTEwLwYDVQQD
EygyMTgyMjM3OGI5NzBlNjg1OTUyM2M1MDhhODg1ZTM0ZmI4NmQ4MTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6Y1XkQtO4jK8Mv3TuOzPJE2gaUb
8ZMsXN4n548hux0y6+BK8RXyZFw6OOP6x96L53Ggp1lVKLvkDyOijgQZCr3m6mHH
h6khkma4xdyDQ8o34IzgwM6TbyLLJlvjsP3DWsb01VoQBMPclC2HRfNpLv92TYh5
bz8/R+p9gTKCOksmk9x9OaXNiEsho0yyDqKWKi7j2knu+P3ntAkWVG4TjLQmBMWz
nZeGKkrj3xkRSNL9BVkPM/odCoUnAPJOFJe4z7gid3xAGY9fsZnA2dM/9hRTURb7
ukR/OgtEsOk+dfoxHcBoNefQ3Pbhd+39yOrnRySEvZnsTO5uCGIDHzOoqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCGCI3i5cOaFlSPFCKiF40+4bYF5MB8GA1UdIwQY
MBaAFMkqlhyHrJBRjqdS8YW7ZRKKuihmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVNxV0hJZXNrRkdPcDFMeGhidGxFb3E2S0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9lNTA1NWYtZGQ3Ny00ZTY2LWI3NmUt
ZjFlMThiMzEyOTJjLzEveVNxV0hJZXNrRkdPcDFMeGhidGxFb3E2S0dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9lNTA1NWYtZGQ3Ny00ZTY2LWI3NmUtZjFlMThiMzEyOTJj
LzEveVNxV0hJZXNrRkdPcDFMeGhidGxFb3E2S0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXJKqoABu
O/VsTzpQFqKRUZXkyJFWDU7HkcRqmMLZ69qO2KkikpyMdey/aDyF8s36GS45sk7W
jVb+hdBVF57JIb+vIkseUQ9DPEciv0sVqL22Yzg9DzQ4I47gaKigwUlXb/uw+8na
XzYluxaHnnCXEQQxOdmwva+f10/h/6BVbYs/BDQMw+EgX+QWnidOPj2ZwLakguS8
iXxZkW+02R4qdPz9B+k61xi9AIv8AObXC6C3P6hIIm3RkZv+4XYfKp/gJWDTlbxL
8NGzGaVdkN8RCS0ZA07sdZ9mp/tkGq7wLDZvbCNZpvzPejCcep8IX56HudeZsGWc
AQq07K7PduAE8A==
-----END CERTIFICATE-----