Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
File:                     yO91rieylt0KS84TZH2LWJv06cM.mft (raw, json)
Hash identifier:          /ntBUJ87MjQxcaNaWV8xL+gIZT9JimEJnVMu/dpNifs=
Subject key identifier:   B2:38:7A:16:1C:CF:7E:85:56:47:39:D8:3F:B6:6A:2B:4D:55:A5:0E
Authority key identifier: C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3
Certificate issuer:       /CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
Certificate serial:       019D3A1C402C46F3A76722D58EC1965EF0E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
Manifest number:          13FD
Signing time:             Sun 29 Mar 2026 15:00:22 +0000
Manifest this update:     Sun 29 Mar 2026 15:00:22 +0000
Manifest next update:     Mon 30 Mar 2026 15:00:22 +0000
Files and hashes:         1: yO91rieylt0KS84TZH2LWJv06cM.crl (hash: 1sBFoBHjHWfPg+cMiWPZePFw0RfdiGUtWrRAnHG6NVM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:1c:40:2c:46:f3:a7:67:22:d5:8e:c1:96:5e:f0:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
        Validity
            Not Before: Mar 29 15:00:22 2026 GMT
            Not After : Mar 30 15:00:22 2026 GMT
        Subject: CN=b2387a161ccf7e85564739d83fb66a2b4d55a50e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ab:33:de:c7:d0:6d:be:b6:af:86:1a:fa:fb:
                    12:16:7a:bb:6e:fe:37:f9:3d:0c:85:d3:63:09:f5:
                    e4:9d:c1:25:11:60:36:66:2d:3e:a7:f5:c3:d1:fc:
                    63:55:82:31:87:7d:92:68:f5:98:57:8e:b5:69:6a:
                    99:0b:0a:2e:5b:a2:d4:7e:73:1b:d2:75:be:5b:1a:
                    89:3b:64:26:4a:2f:ae:bd:39:3a:d0:a1:4c:7d:a4:
                    cb:78:a4:db:44:0d:e3:a2:d6:df:e6:d0:0d:29:36:
                    74:e9:52:ab:d5:67:41:b0:e5:6a:51:65:1a:ea:c8:
                    d5:9d:c3:12:57:01:82:7f:e3:c5:5e:f4:fc:86:ee:
                    01:37:b8:c6:6e:ba:0c:33:45:fa:9c:d7:bc:f7:ea:
                    f9:ba:95:1a:f4:4f:5b:a4:f5:1f:08:54:75:fa:1f:
                    6f:78:1c:c1:97:5f:2c:0c:78:cb:e6:a1:8c:17:10:
                    df:03:2b:e4:3c:4f:47:a2:60:b3:17:24:53:0e:f1:
                    bc:71:05:6a:92:0b:c0:3a:65:0c:04:96:d3:7c:3f:
                    be:87:b9:30:a3:c2:2f:77:ea:8c:69:5a:7a:90:06:
                    51:c9:51:87:06:77:5f:04:14:95:b4:97:3f:a7:ce:
                    9b:07:ba:6f:b3:fd:36:1c:e2:b8:f0:32:70:5f:e6:
                    88:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:38:7A:16:1C:CF:7E:85:56:47:39:D8:3F:B6:6A:2B:4D:55:A5:0E
            X509v3 Authority Key Identifier:
                keyid:C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:e4:75:e4:54:d8:00:e4:40:af:34:2b:db:de:6a:2f:fb:21:
         07:c4:9d:37:67:5b:be:a0:4f:89:cb:30:ab:9c:43:3a:90:76:
         2a:a1:4b:cf:74:f8:dd:6c:8e:24:d9:33:ec:27:36:fc:f4:60:
         5a:f5:dc:80:aa:82:6f:bf:63:2b:d5:a1:b0:bd:f1:df:21:1c:
         45:98:db:b4:02:6f:b9:fb:5d:9c:c0:96:b4:d6:5c:e8:e7:7a:
         b6:38:94:e8:6d:6a:4c:d2:7b:e3:dc:73:67:35:12:d3:41:56:
         d6:e0:b2:83:e7:72:0f:7f:58:93:56:bb:01:46:d3:63:d4:45:
         1d:87:32:65:82:a5:86:18:18:32:d0:43:8f:f5:a8:6e:20:7c:
         50:6e:5a:0a:ae:1b:35:0f:7f:5b:0b:03:7a:dd:30:cb:4f:4c:
         7c:20:f5:fb:fc:a2:97:94:dd:95:71:79:0b:9d:3a:b6:b3:18:
         d5:e6:56:db:27:f1:bf:7f:35:4f:4e:4f:18:75:8a:63:b9:8e:
         97:f1:4b:43:cf:23:50:f0:2c:ec:d0:03:00:40:6a:39:ee:04:
         6f:23:d5:c8:98:ac:6d:f5:a7:0d:f8:c9:95:48:85:43:14:32:
         bf:f7:81:e7:c6:52:15:a2:11:7c:53:c2:58:f2:9b:0f:71:94:
         3d:d5:72:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06HEAsRvOnZyLVjsGWXvDoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZWY3NWFlMjdiMjk2ZGQwYTRiY2UxMzY0N2Q4YjU4OWJm
NGU5YzMwHhcNMjYwMzI5MTUwMDIyWhcNMjYwMzMwMTUwMDIyWjAzMTEwLwYDVQQD
EyhiMjM4N2ExNjFjY2Y3ZTg1NTY0NzM5ZDgzZmI2NmEyYjRkNTVhNTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6sz3sfQbb62r4Ya+vsSFnq7bv43
+T0MhdNjCfXkncElEWA2Zi0+p/XD0fxjVYIxh32SaPWYV461aWqZCwouW6LUfnMb
0nW+WxqJO2QmSi+uvTk60KFMfaTLeKTbRA3jotbf5tANKTZ06VKr1WdBsOVqUWUa
6sjVncMSVwGCf+PFXvT8hu4BN7jGbroMM0X6nNe89+r5upUa9E9bpPUfCFR1+h9v
eBzBl18sDHjL5qGMFxDfAyvkPE9HomCzFyRTDvG8cQVqkgvAOmUMBJbTfD++h7kw
o8Ivd+qMaVp6kAZRyVGHBndfBBSVtJc/p86bB7pvs/02HOK48DJwX+aIbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLI4ehYcz36FVkc52D+2aitNVaUOMB8GA1UdIwQY
MBaAFMjvda4nspbdCkvOE2R9i1ib9OnDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYt
NzczNTFkMDg1MGM5LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYtNzczNTFkMDg1MGM5
LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgOR15FTY
AORArzQr295qL/shB8SdN2dbvqBPicswq5xDOpB2KqFLz3T43WyOJNkz7Cc2/PRg
WvXcgKqCb79jK9WhsL3x3yEcRZjbtAJvuftdnMCWtNZc6Od6tjiU6G1qTNJ749xz
ZzUS00FW1uCyg+dyD39Yk1a7AUbTY9RFHYcyZYKlhhgYMtBDj/WobiB8UG5aCq4b
NQ9/WwsDet0wy09MfCD1+/yil5TdlXF5C506trMY1eZW2yfxv381T05PGHWKY7mO
l/FLQ88jUPAs7NADAEBqOe4EbyPVyJisbfWnDfjJlUiFQxQyv/eB58ZSFaIRfFPC
WPKbD3GUPdVyrA==
-----END CERTIFICATE-----