Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/1fc853-6526-4091-95f4-f9f601c0686e/1/YB4KrpPrBf9dQt1wFvXeo4H7hmA.mft
File:                     YB4KrpPrBf9dQt1wFvXeo4H7hmA.mft (raw, json)
Hash identifier:          H4FEHfoHkbPu+2YfHwQo7pZFr78AjdX/q2RjC7vybrQ=
Subject key identifier:   F7:9D:46:28:18:EA:9D:EE:18:E6:7D:A2:6B:C5:FE:71:08:51:19:4F
Authority key identifier: 60:1E:0A:AE:93:EB:05:FF:5D:42:DD:70:16:F5:DE:A3:81:FB:86:60
Certificate issuer:       /CN=601e0aae93eb05ff5d42dd7016f5dea381fb8660
Certificate serial:       019D3909CA26C50DC533D58A0B21BD0FDF07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YB4KrpPrBf9dQt1wFvXeo4H7hmA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/1fc853-6526-4091-95f4-f9f601c0686e/1/YB4KrpPrBf9dQt1wFvXeo4H7hmA.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 10:00:36 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:36 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:36 +0000
Files and hashes:         1: YB4KrpPrBf9dQt1wFvXeo4H7hmA.crl (hash: AU5gKqgIfnGERRjONF6R3mprqTXgTo4Lh/8955aQewU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/1fc853-6526-4091-95f4-f9f601c0686e/1/YB4KrpPrBf9dQt1wFvXeo4H7hmA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/1fc853-6526-4091-95f4-f9f601c0686e/1/YB4KrpPrBf9dQt1wFvXeo4H7hmA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YB4KrpPrBf9dQt1wFvXeo4H7hmA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:ca:26:c5:0d:c5:33:d5:8a:0b:21:bd:0f:df:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=601e0aae93eb05ff5d42dd7016f5dea381fb8660
        Validity
            Not Before: Mar 29 10:00:36 2026 GMT
            Not After : Mar 30 10:00:36 2026 GMT
        Subject: CN=f79d462818ea9dee18e67da26bc5fe710851194f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:c0:97:41:60:30:cd:2f:6c:a5:1e:67:f7:7a:
                    3f:df:b3:ce:1e:c7:dc:cd:68:d0:85:76:71:38:bb:
                    4c:65:a2:f2:b5:d2:ac:8a:a7:8c:8e:b5:71:81:3f:
                    da:b8:55:3e:4c:bb:f8:d1:5a:99:8c:b0:a1:e9:fd:
                    93:79:6a:79:91:5e:8f:b7:d7:05:ee:fb:bc:a1:68:
                    d3:d7:21:6c:85:30:81:f0:18:b0:93:88:96:3e:ad:
                    d1:f5:f9:7e:53:2b:37:58:1a:75:55:31:9e:eb:9e:
                    f3:a2:d0:92:0e:73:bc:df:3a:d8:b9:d2:5e:4c:d0:
                    f7:87:80:78:84:e9:d0:bb:1b:bd:80:35:7e:b9:0c:
                    ea:cc:ab:82:45:fb:71:db:44:15:43:1e:ac:70:6f:
                    f3:68:92:0c:32:a6:c8:6f:98:c4:7a:ef:2d:7d:5b:
                    a0:c2:6a:7d:6e:f7:ec:b3:aa:de:82:0b:8e:7b:56:
                    d2:b0:43:6b:02:b3:01:0d:fa:ce:19:e7:50:9c:0d:
                    e0:81:d5:3a:5f:c9:2d:dd:15:a4:01:5b:f3:6f:5b:
                    a5:90:5c:bb:d4:13:a2:da:82:81:fd:81:32:af:fb:
                    97:44:67:dc:6d:7d:21:63:a3:b9:53:e8:f0:a9:32:
                    8f:ab:1b:a8:e7:6a:31:11:fe:1e:4d:4c:32:5f:56:
                    ec:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:9D:46:28:18:EA:9D:EE:18:E6:7D:A2:6B:C5:FE:71:08:51:19:4F
            X509v3 Authority Key Identifier:
                keyid:60:1E:0A:AE:93:EB:05:FF:5D:42:DD:70:16:F5:DE:A3:81:FB:86:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YB4KrpPrBf9dQt1wFvXeo4H7hmA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/1fc853-6526-4091-95f4-f9f601c0686e/1/YB4KrpPrBf9dQt1wFvXeo4H7hmA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/1fc853-6526-4091-95f4-f9f601c0686e/1/YB4KrpPrBf9dQt1wFvXeo4H7hmA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:ec:f0:e2:2e:3c:1b:e5:89:05:be:61:18:cf:6c:e5:bc:89:
         24:e8:55:05:c1:23:31:46:e5:40:92:01:7c:49:b2:89:68:3c:
         fa:e5:1f:61:58:5e:aa:6c:50:8c:bb:c5:b4:49:17:7a:ce:3e:
         94:0c:ef:c5:fd:b6:10:a8:d0:97:dc:b7:6f:64:06:9f:2a:a3:
         3b:22:61:0b:d0:e2:44:b1:f7:88:5c:84:4f:81:89:fb:c7:80:
         97:3b:bc:cf:17:2f:f5:eb:90:1b:1d:6b:5e:d9:c5:28:5e:99:
         b8:6a:8c:0a:ff:81:f7:af:db:c4:8c:3f:81:6b:25:1d:f7:08:
         e6:9a:2c:78:ff:82:41:23:f8:b3:42:fd:37:28:33:8f:e4:bb:
         aa:23:8a:84:82:53:28:83:9b:8a:1a:c0:75:00:b2:69:fa:91:
         f9:7f:dc:6e:a3:7a:cc:fa:f9:a4:bc:f5:bd:ce:a2:ae:cd:7a:
         f9:fe:61:28:cf:98:61:aa:b8:75:f1:9e:6e:c2:0d:8d:77:b1:
         37:c5:74:0b:09:90:ed:e0:79:60:df:e7:96:2e:17:bf:2a:6a:
         5c:1f:de:6f:19:94:c5:6f:ae:5c:1a:59:48:d2:dc:9b:a4:08:
         34:ca:c5:e3:5c:ff:49:e3:af:66:77:f0:e4:16:0b:47:40:36:
         2f:55:7f:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CcomxQ3FM9WKCyG9D98HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMWUwYWFlOTNlYjA1ZmY1ZDQyZGQ3MDE2ZjVkZWEzODFm
Yjg2NjAwHhcNMjYwMzI5MTAwMDM2WhcNMjYwMzMwMTAwMDM2WjAzMTEwLwYDVQQD
EyhmNzlkNDYyODE4ZWE5ZGVlMThlNjdkYTI2YmM1ZmU3MTA4NTExOTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3cCXQWAwzS9spR5n93o/37POHsfc
zWjQhXZxOLtMZaLytdKsiqeMjrVxgT/auFU+TLv40VqZjLCh6f2TeWp5kV6Pt9cF
7vu8oWjT1yFshTCB8Biwk4iWPq3R9fl+Uys3WBp1VTGe657zotCSDnO83zrYudJe
TND3h4B4hOnQuxu9gDV+uQzqzKuCRftx20QVQx6scG/zaJIMMqbIb5jEeu8tfVug
wmp9bvfss6regguOe1bSsENrArMBDfrOGedQnA3ggdU6X8kt3RWkAVvzb1ulkFy7
1BOi2oKB/YEyr/uXRGfcbX0hY6O5U+jwqTKPqxuo52oxEf4eTUwyX1bsdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPedRigY6p3uGOZ9omvF/nEIURlPMB8GA1UdIwQY
MBaAFGAeCq6T6wX/XULdcBb13qOB+4ZgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUI0S3JwUHJCZjlkUXQxd0Z2WGVvNEg3aG1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8xZmM4NTMtNjUyNi00MDkxLTk1ZjQt
ZjlmNjAxYzA2ODZlLzEvWUI0S3JwUHJCZjlkUXQxd0Z2WGVvNEg3aG1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8xZmM4NTMtNjUyNi00MDkxLTk1ZjQtZjlmNjAxYzA2ODZl
LzEvWUI0S3JwUHJCZjlkUXQxd0Z2WGVvNEg3aG1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALOzw4i48
G+WJBb5hGM9s5byJJOhVBcEjMUblQJIBfEmyiWg8+uUfYVheqmxQjLvFtEkXes4+
lAzvxf22EKjQl9y3b2QGnyqjOyJhC9DiRLH3iFyET4GJ+8eAlzu8zxcv9euQGx1r
XtnFKF6ZuGqMCv+B96/bxIw/gWslHfcI5poseP+CQSP4s0L9Nygzj+S7qiOKhIJT
KIObihrAdQCyafqR+X/cbqN6zPr5pLz1vc6irs16+f5hKM+YYaq4dfGebsINjXex
N8V0CwmQ7eB5YN/nli4XvypqXB/ebxmUxW+uXBpZSNLcm6QINMrF41z/SeOvZnfw
5BYLR0A2L1V/+w==
-----END CERTIFICATE-----