Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
File:                     ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft (raw, json)
Hash identifier:          UOqUfZPtGWdOgIIagDLQd455ozA9RgMOjvp6kuguu58=
Subject key identifier:   C8:4B:FE:E0:74:EA:C9:B9:9D:47:27:6E:C7:60:0E:AE:72:C8:00:5D
Authority key identifier: CA:45:7E:11:73:C4:E8:51:B9:2D:3C:8E:E9:96:71:51:94:8A:9A:E9
Certificate issuer:       /CN=ca457e1173c4e851b92d3c8ee9967151948a9ae9
Certificate serial:       019D3909FBA97E97D4FC331F68C2DAAE7AFA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 10:00:48 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:48 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:48 +0000
Files and hashes:         1: ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl (hash: ojtttclfOxXCy6ccShAy+YPdQ2GCLcnmcByLMA/KzaU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:fb:a9:7e:97:d4:fc:33:1f:68:c2:da:ae:7a:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca457e1173c4e851b92d3c8ee9967151948a9ae9
        Validity
            Not Before: Mar 29 10:00:48 2026 GMT
            Not After : Mar 30 10:00:48 2026 GMT
        Subject: CN=c84bfee074eac9b99d47276ec7600eae72c8005d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:ad:d6:6e:03:80:75:c9:1e:ec:fd:80:05:5a:
                    b9:f4:97:f8:d2:70:24:78:fd:76:00:cf:83:01:d1:
                    34:e9:3b:15:48:16:22:fe:67:15:fb:50:37:fe:73:
                    47:fc:1a:86:0d:e2:dd:95:d4:4d:e8:15:66:57:37:
                    2d:69:cd:b0:72:6d:d0:0e:be:f1:4a:bf:ce:d1:27:
                    7b:70:8e:c3:e2:c8:92:d3:f0:d7:a0:2d:07:9d:d7:
                    4c:a6:b9:b0:94:d2:93:ab:05:a1:8e:bd:31:c3:cd:
                    63:20:c0:6d:f8:ec:6b:b4:a8:ac:5e:ea:1b:bc:ff:
                    4f:28:b6:6a:3b:d8:35:4d:1c:e8:5d:8b:c3:7d:e5:
                    53:bd:ca:50:16:d2:b0:6a:29:4a:97:10:0d:29:53:
                    08:75:b2:45:0d:f0:23:99:e5:24:9c:5b:6b:b5:dc:
                    14:a0:79:c4:56:e0:09:bc:e0:6b:50:ae:d5:30:92:
                    ff:e6:44:8f:d7:33:86:01:fb:ba:4e:a4:0a:d0:0f:
                    59:0f:d8:2d:89:b9:79:96:51:79:c3:e3:bc:00:85:
                    61:8d:01:fa:60:f8:74:e6:4e:7b:e3:87:55:89:3d:
                    a6:1a:3d:83:b2:59:5f:f2:2b:9a:4f:9e:24:45:03:
                    90:3c:ce:cf:b9:f8:f8:1f:32:b2:96:ea:3e:8e:9b:
                    85:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:4B:FE:E0:74:EA:C9:B9:9D:47:27:6E:C7:60:0E:AE:72:C8:00:5D
            X509v3 Authority Key Identifier:
                keyid:CA:45:7E:11:73:C4:E8:51:B9:2D:3C:8E:E9:96:71:51:94:8A:9A:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5fbb69-9b7e-43be-8904-19de2c183c05/1/ykV-EXPE6FG5LTyO6ZZxUZSKmuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:fa:af:76:ba:ea:d4:7b:14:b5:65:e1:85:3b:d3:73:99:f3:
         dc:17:6d:2c:2e:7d:2c:c2:55:02:35:2c:08:da:6d:8d:22:a6:
         4f:69:6f:08:3e:a0:b3:01:60:31:10:1e:e8:b2:81:c4:f4:60:
         c2:53:f5:85:0a:08:d2:f0:b5:01:73:aa:13:98:56:48:8e:f0:
         d1:58:4a:1a:cb:6b:b6:c9:1c:72:24:dc:3e:d5:78:0e:d4:08:
         e3:4d:67:b8:34:62:4c:6b:e5:4f:83:95:c1:45:a0:4f:ce:53:
         c8:05:40:08:d7:f9:de:e9:88:52:dc:b1:1d:5d:3a:e8:06:1b:
         6c:27:41:64:f3:04:c2:c5:6d:2d:4a:4c:6a:18:8a:0d:e0:34:
         09:84:38:5d:49:b5:68:cf:96:28:8c:fe:97:1f:74:db:e9:47:
         26:7e:fe:2f:9a:50:ef:80:e7:eb:34:ce:e0:15:b3:f9:2a:5e:
         51:94:91:74:e8:75:f8:41:51:75:5f:b2:af:c5:36:8d:0a:a6:
         a6:92:e3:cc:81:7a:95:3e:bf:e6:85:06:f1:26:41:91:9c:9e:
         e2:a5:aa:1f:1c:75:3f:aa:9a:26:07:22:0f:16:eb:83:74:d1:
         1d:bd:69:26:bf:c7:93:15:81:83:17:7b:a6:69:ac:e4:36:a0:
         e0:6c:c1:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CfupfpfU/DMfaMLarnr6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNDU3ZTExNzNjNGU4NTFiOTJkM2M4ZWU5OTY3MTUxOTQ4
YTlhZTkwHhcNMjYwMzI5MTAwMDQ4WhcNMjYwMzMwMTAwMDQ4WjAzMTEwLwYDVQQD
EyhjODRiZmVlMDc0ZWFjOWI5OWQ0NzI3NmVjNzYwMGVhZTcyYzgwMDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwa3WbgOAdcke7P2ABVq59Jf40nAk
eP12AM+DAdE06TsVSBYi/mcV+1A3/nNH/BqGDeLdldRN6BVmVzctac2wcm3QDr7x
Sr/O0Sd7cI7D4siS0/DXoC0HnddMprmwlNKTqwWhjr0xw81jIMBt+OxrtKisXuob
vP9PKLZqO9g1TRzoXYvDfeVTvcpQFtKwailKlxANKVMIdbJFDfAjmeUknFtrtdwU
oHnEVuAJvOBrUK7VMJL/5kSP1zOGAfu6TqQK0A9ZD9gtibl5llF5w+O8AIVhjQH6
YPh05k5744dViT2mGj2Dsllf8iuaT54kRQOQPM7Pufj4HzKyluo+jpuFjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMhL/uB06sm5nUcnbsdgDq5yyABdMB8GA1UdIwQY
MBaAFMpFfhFzxOhRuS08jumWcVGUiprpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZmJiNjktOWI3ZS00M2JlLTg5MDQt
MTlkZTJjMTgzYzA1LzEveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ZmJiNjktOWI3ZS00M2JlLTg5MDQtMTlkZTJjMTgzYzA1
LzEveWtWLUVYUEU2Rkc1TFR5TzZaWnhVWlNLbXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg/qvdrrq
1HsUtWXhhTvTc5nz3BdtLC59LMJVAjUsCNptjSKmT2lvCD6gswFgMRAe6LKBxPRg
wlP1hQoI0vC1AXOqE5hWSI7w0VhKGstrtskcciTcPtV4DtQI401nuDRiTGvlT4OV
wUWgT85TyAVACNf53umIUtyxHV066AYbbCdBZPMEwsVtLUpMahiKDeA0CYQ4XUm1
aM+WKIz+lx902+lHJn7+L5pQ74Dn6zTO4BWz+SpeUZSRdOh1+EFRdV+yr8U2jQqm
ppLjzIF6lT6/5oUG8SZBkZye4qWqHxx1P6qaJgciDxbrg3TRHb1pJr/HkxWBgxd7
pmms5Dag4GzBPw==
-----END CERTIFICATE-----