Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.mft
File:                     ypfglEx3smswKXwtScO-ausnNxE.mft (raw, json)
Hash identifier:          M5PQBiofKn7kU18qp1mtL1w1pDVBsG7xbgexbXLawBk=
Subject key identifier:   56:6E:21:44:8F:A1:A1:B6:73:46:FA:F3:7B:43:3F:5C:AA:9B:8B:1B
Authority key identifier: CA:97:E0:94:4C:77:B2:6B:30:29:7C:2D:49:C3:BE:6A:EB:27:37:11
Certificate issuer:       /CN=ca97e0944c77b26b30297c2d49c3be6aeb273711
Certificate serial:       019D3A547B19E6FD380D871F8EA169B3C924
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ypfglEx3smswKXwtScO-ausnNxE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.mft
Manifest number:          05A5
Signing time:             Sun 29 Mar 2026 16:01:48 +0000
Manifest this update:     Sun 29 Mar 2026 16:01:48 +0000
Manifest next update:     Mon 30 Mar 2026 16:01:48 +0000
Files and hashes:         1: ypfglEx3smswKXwtScO-ausnNxE.crl (hash: Ws9GxDbN7TYhGOBJtB3nFldZxKaOFWcwqJpisn9C3Hc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ypfglEx3smswKXwtScO-ausnNxE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:54:7b:19:e6:fd:38:0d:87:1f:8e:a1:69:b3:c9:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca97e0944c77b26b30297c2d49c3be6aeb273711
        Validity
            Not Before: Mar 29 16:01:48 2026 GMT
            Not After : Mar 30 16:01:48 2026 GMT
        Subject: CN=566e21448fa1a1b67346faf37b433f5caa9b8b1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:ba:d3:5f:51:c3:b3:08:06:40:95:50:15:52:
                    56:d5:bc:e6:c6:60:14:1f:a6:c8:1e:06:de:e7:9c:
                    77:2c:95:b5:4e:bf:9a:cc:78:e9:f1:e3:2f:06:ad:
                    e5:8b:7f:63:49:aa:45:8c:ee:df:e8:e3:91:7f:cb:
                    20:02:0b:16:3f:06:33:30:0a:d8:64:b0:7c:14:88:
                    ac:15:e0:6b:c7:dd:d7:02:5a:7d:60:f9:9b:dd:bd:
                    63:ff:6e:34:ca:37:f0:b5:a0:18:cb:b1:d7:2d:a8:
                    e7:81:01:6f:20:d1:2d:43:50:39:4d:88:e1:94:84:
                    6e:9b:af:98:c7:27:a4:0c:af:a3:d1:8a:a3:51:c7:
                    59:03:50:1d:c4:13:9a:6a:3f:85:f6:b6:28:87:98:
                    9c:0b:64:df:09:f2:02:3c:85:ba:ad:fa:fe:da:09:
                    d1:d2:f1:07:b6:ad:27:c4:d7:ff:d6:e4:ef:5c:68:
                    3b:79:04:b5:ae:51:c8:94:8f:2c:2b:86:ed:2e:e7:
                    d6:46:d3:c7:b4:3e:17:68:f7:14:71:d5:f2:ba:e0:
                    ab:36:30:a5:94:c6:da:e0:88:0c:14:bc:44:a2:5f:
                    9a:41:dd:b4:ba:29:45:5d:5d:1d:1e:fc:23:7f:65:
                    98:c9:06:9e:17:e1:a9:62:e2:7b:9e:6f:11:64:cf:
                    41:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:6E:21:44:8F:A1:A1:B6:73:46:FA:F3:7B:43:3F:5C:AA:9B:8B:1B
            X509v3 Authority Key Identifier:
                keyid:CA:97:E0:94:4C:77:B2:6B:30:29:7C:2D:49:C3:BE:6A:EB:27:37:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypfglEx3smswKXwtScO-ausnNxE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c0e385-cbe5-47f3-808d-e68767c18f02/1/ypfglEx3smswKXwtScO-ausnNxE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:d3:80:ad:9e:bc:05:29:fa:1f:dc:4d:e5:84:5a:d7:8e:ef:
         79:55:46:ed:49:6f:e7:98:91:3f:f7:e1:17:a3:05:54:d4:cd:
         9b:52:1b:d8:bb:81:75:29:0c:62:e2:8c:98:00:73:f7:f3:8b:
         cb:9d:ed:93:75:bc:55:26:a9:c8:bc:e3:b2:b4:2d:bd:98:d9:
         64:32:aa:29:b6:8d:2b:54:33:b4:32:54:dd:f8:a4:4c:a8:d6:
         70:5b:7d:46:aa:35:72:78:12:b3:c7:fc:96:9c:d8:a4:bf:30:
         44:71:b9:94:08:2b:fb:3b:6a:1d:50:7f:04:e9:0c:39:1a:0f:
         23:03:56:75:db:cb:79:fd:f5:8f:b8:f3:27:1c:af:21:d3:17:
         0c:4c:a7:6f:bd:85:97:56:60:c9:fe:54:37:cf:ff:14:31:a0:
         4d:0f:ee:f4:bb:5a:fe:d1:74:25:c8:13:65:a7:a0:b6:01:07:
         ea:90:ce:de:2f:84:2a:e4:91:12:11:96:8b:99:0e:fa:8b:c0:
         f4:37:92:c2:16:65:98:1a:fb:6e:68:75:32:2b:32:0a:cd:6c:
         da:fd:53:15:44:e0:54:33:df:ef:3c:5b:9c:05:fa:5b:8b:db:
         ca:7d:82:be:0d:8f:af:ec:e0:6a:ac:38:63:a1:dd:52:15:e2:
         20:13:58:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VHsZ5v04DYcfjqFps8kkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOTdlMDk0NGM3N2IyNmIzMDI5N2MyZDQ5YzNiZTZhZWIy
NzM3MTEwHhcNMjYwMzI5MTYwMTQ4WhcNMjYwMzMwMTYwMTQ4WjAzMTEwLwYDVQQD
Eyg1NjZlMjE0NDhmYTFhMWI2NzM0NmZhZjM3YjQzM2Y1Y2FhOWI4YjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4rrTX1HDswgGQJVQFVJW1bzmxmAU
H6bIHgbe55x3LJW1Tr+azHjp8eMvBq3li39jSapFjO7f6OORf8sgAgsWPwYzMArY
ZLB8FIisFeBrx93XAlp9YPmb3b1j/240yjfwtaAYy7HXLajngQFvINEtQ1A5TYjh
lIRum6+YxyekDK+j0YqjUcdZA1AdxBOaaj+F9rYoh5icC2TfCfICPIW6rfr+2gnR
0vEHtq0nxNf/1uTvXGg7eQS1rlHIlI8sK4btLufWRtPHtD4XaPcUcdXyuuCrNjCl
lMba4IgMFLxEol+aQd20uilFXV0dHvwjf2WYyQaeF+GpYuJ7nm8RZM9BwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFZuIUSPoaG2c0b683tDP1yqm4sbMB8GA1UdIwQY
MBaAFMqX4JRMd7JrMCl8LUnDvmrrJzcRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBmZ2xFeDNzbXN3S1h3dFNjTy1hdXNuTnhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9jMGUzODUtY2JlNS00N2YzLTgwOGQt
ZTY4NzY3YzE4ZjAyLzEveXBmZ2xFeDNzbXN3S1h3dFNjTy1hdXNuTnhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9jMGUzODUtY2JlNS00N2YzLTgwOGQtZTY4NzY3YzE4ZjAy
LzEveXBmZ2xFeDNzbXN3S1h3dFNjTy1hdXNuTnhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO9OArZ68
BSn6H9xN5YRa147veVVG7Ulv55iRP/fhF6MFVNTNm1Ib2LuBdSkMYuKMmABz9/OL
y53tk3W8VSapyLzjsrQtvZjZZDKqKbaNK1QztDJU3fikTKjWcFt9Rqo1cngSs8f8
lpzYpL8wRHG5lAgr+ztqHVB/BOkMORoPIwNWddvLef31j7jzJxyvIdMXDEynb72F
l1Zgyf5UN8//FDGgTQ/u9Lta/tF0JcgTZaegtgEH6pDO3i+EKuSREhGWi5kO+ovA
9DeSwhZlmBr7bmh1MisyCs1s2v1TFUTgVDPf7zxbnAX6W4vbyn2Cvg2Pr+zgaqw4
Y6HdUhXiIBNYYg==
-----END CERTIFICATE-----