Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
File:                     YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft (raw, json)
Hash identifier:          oh8vZrNRRfKHoXN5msa129dr3KFOsfwlBMd84/pyoRY=
Subject key identifier:   FF:7F:34:4C:3E:A6:69:F8:26:6E:23:5A:96:0E:AD:98:22:D5:67:B7
Authority key identifier: 60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30
Certificate issuer:       /CN=6062b21fb6655b897923e29d6fcb644ab10ac530
Certificate serial:       019D37526BE58AEEB33385651508B4ABCAC6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 02:00:41 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:41 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:41 +0000
Files and hashes:         1: YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl (hash: gcW7O7/YhXp880RmnRraOwp0wlPXPW8PQIguTWCPyLU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:6b:e5:8a:ee:b3:33:85:65:15:08:b4:ab:ca:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6062b21fb6655b897923e29d6fcb644ab10ac530
        Validity
            Not Before: Mar 29 02:00:41 2026 GMT
            Not After : Mar 30 02:00:41 2026 GMT
        Subject: CN=ff7f344c3ea669f8266e235a960ead9822d567b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:05:e3:bd:1f:01:3a:80:0c:10:67:e0:1a:16:
                    56:a7:ca:c7:f0:23:94:36:b0:f1:6c:4a:d0:78:b6:
                    af:ad:52:d3:ca:a4:47:20:7c:ab:c9:bb:6b:00:67:
                    ab:8a:6b:4e:62:7b:f4:ac:e8:62:cd:1e:ac:4e:68:
                    c6:17:d5:7e:37:1e:30:dc:20:51:af:25:15:61:fc:
                    91:b9:0e:67:cf:1d:b5:6e:22:e6:5c:5c:75:82:89:
                    b7:2b:13:9e:07:3c:f2:7e:2c:02:40:2b:14:58:03:
                    f9:42:a6:af:ae:d5:af:32:c7:fa:3c:f1:1a:96:b3:
                    c9:0b:2a:aa:d6:6d:e1:a0:b1:e3:58:3e:ff:4b:bd:
                    09:e5:51:3d:3e:43:ea:af:c5:cc:c6:c7:e3:0b:8c:
                    13:1a:04:a6:46:6c:85:b1:35:13:f9:b6:07:f2:5b:
                    69:19:d9:34:3d:ff:18:f3:33:b9:f3:d0:20:b3:ad:
                    26:d0:c2:5c:c9:2c:c7:5b:3e:63:d2:2f:93:4b:c1:
                    31:3d:79:ae:1a:c3:79:4a:b8:68:c1:14:84:4d:2d:
                    c4:0b:3d:3a:a9:5f:60:a9:d9:c0:f3:9f:86:5f:8d:
                    6c:c1:de:96:a7:15:89:de:1d:76:54:f4:7d:e1:57:
                    8b:7b:aa:69:db:91:60:e7:e7:c2:39:38:42:95:4e:
                    ee:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:7F:34:4C:3E:A6:69:F8:26:6E:23:5A:96:0E:AD:98:22:D5:67:B7
            X509v3 Authority Key Identifier:
                keyid:60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:2d:e9:56:34:49:c1:08:8a:53:11:15:34:72:01:f4:b8:43:
         ab:fd:19:cd:b6:76:9a:2f:58:58:39:90:32:92:d8:0b:03:6c:
         8c:b3:72:ce:ab:d7:2d:0a:fd:06:be:c3:e5:37:64:db:63:c8:
         c5:78:94:83:1b:af:1f:a4:f2:8f:65:d2:e9:0c:06:86:c2:a1:
         a3:12:1f:ba:ac:7b:a8:53:bd:09:7d:18:2d:93:66:3d:82:ba:
         9b:a8:15:9a:47:83:06:fe:5d:46:8d:4f:c4:5b:65:ae:76:9a:
         bd:96:c7:8b:3a:9d:87:86:1d:68:f4:d9:bd:ee:1d:ff:a0:85:
         c6:fb:86:ee:64:33:5d:d8:87:db:60:9d:1b:0e:f8:eb:d4:d0:
         60:d4:62:67:bb:d4:a8:84:7d:c7:04:ee:c4:c0:d3:70:f6:2c:
         e8:dd:ff:63:25:12:2a:9b:94:0b:38:e4:4b:e4:1b:21:26:ac:
         85:66:24:5a:1b:fa:ce:fb:49:18:2a:a1:a6:e0:02:cf:46:f8:
         a0:7c:2a:23:95:d9:b1:73:57:a1:70:ed:a6:bc:8a:5d:a3:71:
         5b:a6:c0:a1:6c:95:5d:8f:8a:d5:62:0c:5a:65:07:a4:8e:c8:
         cf:4b:5e:02:ad:d4:a5:c5:38:92:44:1d:91:88:d0:1e:30:cc:
         bb:64:ef:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Umvliu6zM4VlFQi0q8rGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjJiMjFmYjY2NTViODk3OTIzZTI5ZDZmY2I2NDRhYjEw
YWM1MzAwHhcNMjYwMzI5MDIwMDQxWhcNMjYwMzMwMDIwMDQxWjAzMTEwLwYDVQQD
EyhmZjdmMzQ0YzNlYTY2OWY4MjY2ZTIzNWE5NjBlYWQ5ODIyZDU2N2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4QXjvR8BOoAMEGfgGhZWp8rH8COU
NrDxbErQeLavrVLTyqRHIHyrybtrAGerimtOYnv0rOhizR6sTmjGF9V+Nx4w3CBR
ryUVYfyRuQ5nzx21biLmXFx1gom3KxOeBzzyfiwCQCsUWAP5QqavrtWvMsf6PPEa
lrPJCyqq1m3hoLHjWD7/S70J5VE9PkPqr8XMxsfjC4wTGgSmRmyFsTUT+bYH8ltp
Gdk0Pf8Y8zO589Ags60m0MJcySzHWz5j0i+TS8ExPXmuGsN5SrhowRSETS3ECz06
qV9gqdnA85+GX41swd6WpxWJ3h12VPR94VeLe6pp25Fg5+fCOThClU7uywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP9/NEw+pmn4Jm4jWpYOrZgi1We3MB8GA1UdIwQY
MBaAFGBish+2ZVuJeSPinW/LZEqxCsUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYt
YjUyMGJlZGE2NjI2LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYtYjUyMGJlZGE2NjI2
LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYC3pVjRJ
wQiKUxEVNHIB9LhDq/0ZzbZ2mi9YWDmQMpLYCwNsjLNyzqvXLQr9Br7D5Tdk22PI
xXiUgxuvH6Tyj2XS6QwGhsKhoxIfuqx7qFO9CX0YLZNmPYK6m6gVmkeDBv5dRo1P
xFtlrnaavZbHizqdh4YdaPTZve4d/6CFxvuG7mQzXdiH22CdGw7469TQYNRiZ7vU
qIR9xwTuxMDTcPYs6N3/YyUSKpuUCzjkS+QbISashWYkWhv6zvtJGCqhpuACz0b4
oHwqI5XZsXNXoXDtpryKXaNxW6bAoWyVXY+K1WIMWmUHpI7Iz0teAq3UpcU4kkQd
kYjQHjDMu2TvmQ==
-----END CERTIFICATE-----