Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft
File:                     YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft (raw, json)
Hash identifier:          wBaVu3fMFcOw+mkfel8TJQRBFhrzcVfVw9CqYya/gGo=
Subject key identifier:   0C:F1:CC:8D:30:D3:2F:91:3A:8D:71:20:29:C9:80:CD:67:30:33:06
Authority key identifier: 60:F3:1D:82:0C:32:40:0D:EC:0C:60:49:61:78:99:4D:57:75:2A:CC
Certificate issuer:       /CN=60f31d820c32400dec0c60496178994d57752acc
Certificate serial:       019D3865EED6E3D5A5331A62391A0AD3BFFA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YPMdggwyQA3sDGBJYXiZTVd1Ksw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 07:01:37 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:37 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:37 +0000
Files and hashes:         1: YPMdggwyQA3sDGBJYXiZTVd1Ksw.crl (hash: /ihb7SWCZEYL2+nT5zF3MxGrmUyIFgYoB04Q2oqFOWE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YPMdggwyQA3sDGBJYXiZTVd1Ksw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:ee:d6:e3:d5:a5:33:1a:62:39:1a:0a:d3:bf:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60f31d820c32400dec0c60496178994d57752acc
        Validity
            Not Before: Mar 29 07:01:37 2026 GMT
            Not After : Mar 30 07:01:37 2026 GMT
        Subject: CN=0cf1cc8d30d32f913a8d712029c980cd67303306
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:20:92:5d:6a:df:05:46:97:a5:91:0f:2e:b0:
                    d1:f3:1d:16:1f:09:50:f4:4b:e7:74:e7:aa:7e:87:
                    ca:78:aa:81:8e:81:b2:bc:f2:fc:ea:50:0c:a4:3a:
                    17:3f:8f:8c:49:9e:04:3a:d5:e7:1d:33:2c:0e:ab:
                    bf:14:37:ff:8e:ef:6f:8d:bd:55:59:22:86:5b:a5:
                    0e:30:a4:fa:d2:2d:55:b4:df:ec:bc:c3:3d:33:86:
                    ad:f3:c9:38:87:ec:08:fb:ef:e0:40:ab:56:6f:dc:
                    50:52:f0:62:83:97:04:b6:67:f9:a7:53:1f:37:2c:
                    fe:1e:2e:be:e7:ea:dc:2c:8f:d7:11:10:1a:e1:d6:
                    c6:28:71:b2:40:13:35:0e:49:c9:62:fa:6e:59:29:
                    92:98:6c:9b:43:0a:e7:26:00:af:80:c1:33:21:d2:
                    7e:17:c5:6f:df:2f:b7:0c:5b:8e:ed:eb:20:8e:4e:
                    0c:25:9b:4d:08:2e:24:5e:d8:d0:da:3b:e0:2c:4c:
                    fb:45:fe:c1:ac:db:8c:47:e8:3c:7e:6c:86:c3:e3:
                    71:a4:e6:ef:85:9d:1e:01:50:83:40:56:aa:b7:95:
                    e9:c5:93:90:9a:ff:1a:85:80:b7:97:d4:14:01:90:
                    1d:b2:4b:30:a4:30:9f:51:0d:b7:de:90:7e:35:55:
                    8b:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:F1:CC:8D:30:D3:2F:91:3A:8D:71:20:29:C9:80:CD:67:30:33:06
            X509v3 Authority Key Identifier:
                keyid:60:F3:1D:82:0C:32:40:0D:EC:0C:60:49:61:78:99:4D:57:75:2A:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YPMdggwyQA3sDGBJYXiZTVd1Ksw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:14:92:16:29:00:fb:b5:36:b2:27:fb:14:dc:ec:90:26:3a:
         19:11:bd:8e:5c:76:17:56:1f:50:29:17:dd:bd:3f:2b:3e:ef:
         e9:bd:09:de:db:bb:df:f8:8b:e6:1b:4e:4d:22:90:fd:ee:e2:
         f2:67:72:26:40:07:06:98:ac:f4:64:80:52:ec:9e:c4:41:93:
         4e:b6:15:23:bd:20:31:1d:7f:45:82:1a:45:e0:d2:ff:b7:cb:
         7b:c2:b0:2d:45:2a:5c:86:bf:fa:e6:f7:f6:a8:cc:1c:77:da:
         80:89:0f:8e:f7:17:b3:13:e1:9e:83:38:72:93:ab:36:1b:ff:
         2d:1f:ff:37:a4:08:39:51:3c:23:11:00:8f:b0:9f:c0:3d:4d:
         45:a5:99:54:bb:5f:89:6a:bf:84:2c:7c:f0:b8:4f:ad:9b:af:
         83:f5:31:03:d3:11:9d:d6:ed:5d:bb:ce:d6:93:1e:78:4c:18:
         37:f4:37:dd:3d:bb:bc:ef:99:ae:17:91:54:07:c1:15:cc:b5:
         0b:1b:2b:81:8a:a1:ee:74:ed:a2:8f:c8:a9:e0:4e:6e:16:e3:
         39:9b:31:8b:41:c6:06:02:b3:25:cc:01:a6:6e:e8:67:72:1b:
         63:9c:00:cf:ae:68:50:7f:81:0d:e8:da:63:59:ed:72:9e:12:
         37:04:03:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Ze7W49WlMxpiORoK07/6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZjMxZDgyMGMzMjQwMGRlYzBjNjA0OTYxNzg5OTRkNTc3
NTJhY2MwHhcNMjYwMzI5MDcwMTM3WhcNMjYwMzMwMDcwMTM3WjAzMTEwLwYDVQQD
EygwY2YxY2M4ZDMwZDMyZjkxM2E4ZDcxMjAyOWM5ODBjZDY3MzAzMzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yCSXWrfBUaXpZEPLrDR8x0WHwlQ
9EvndOeqfofKeKqBjoGyvPL86lAMpDoXP4+MSZ4EOtXnHTMsDqu/FDf/ju9vjb1V
WSKGW6UOMKT60i1VtN/svMM9M4at88k4h+wI++/gQKtWb9xQUvBig5cEtmf5p1Mf
Nyz+Hi6+5+rcLI/XERAa4dbGKHGyQBM1DknJYvpuWSmSmGybQwrnJgCvgMEzIdJ+
F8Vv3y+3DFuO7esgjk4MJZtNCC4kXtjQ2jvgLEz7Rf7BrNuMR+g8fmyGw+NxpObv
hZ0eAVCDQFaqt5XpxZOQmv8ahYC3l9QUAZAdskswpDCfUQ233pB+NVWLwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAzxzI0w0y+ROo1xICnJgM1nMDMGMB8GA1UdIwQY
MBaAFGDzHYIMMkAN7AxgSWF4mU1XdSrMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVBNZGdnd3lRQTNzREdCSllYaVpUVmQxS3N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9hMjg1NTMtODk5Yy00MDY4LTk2NzMt
ZGVkMjExM2I5MDYwLzEvWVBNZGdnd3lRQTNzREdCSllYaVpUVmQxS3N3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9hMjg1NTMtODk5Yy00MDY4LTk2NzMtZGVkMjExM2I5MDYw
LzEvWVBNZGdnd3lRQTNzREdCSllYaVpUVmQxS3N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfhSSFikA
+7U2sif7FNzskCY6GRG9jlx2F1YfUCkX3b0/Kz7v6b0J3tu73/iL5htOTSKQ/e7i
8mdyJkAHBpis9GSAUuyexEGTTrYVI70gMR1/RYIaReDS/7fLe8KwLUUqXIa/+ub3
9qjMHHfagIkPjvcXsxPhnoM4cpOrNhv/LR//N6QIOVE8IxEAj7CfwD1NRaWZVLtf
iWq/hCx88LhPrZuvg/UxA9MRndbtXbvO1pMeeEwYN/Q33T27vO+ZrheRVAfBFcy1
CxsrgYqh7nTtoo/IqeBObhbjOZsxi0HGBgKzJcwBpm7oZ3IbY5wAz65oUH+BDeja
Y1ntcp4SNwQDGQ==
-----END CERTIFICATE-----