Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/4485b8-3976-4282-8b6a-47c0f54032b8/1/yd8LG2yhi_s1FedhDgfZhASvL2c.mft
File:                     yd8LG2yhi_s1FedhDgfZhASvL2c.mft (raw, json)
Hash identifier:          upAVHZe9T444mLbmSxtzqR1I+xvk5IsWNM3EkKYlYc4=
Subject key identifier:   56:1E:81:5B:5C:3C:9C:0D:81:7E:9F:60:35:30:C9:C3:C5:DA:67:DE
Authority key identifier: C9:DF:0B:1B:6C:A1:8B:FB:35:15:E7:61:0E:07:D9:84:04:AF:2F:67
Certificate issuer:       /CN=c9df0b1b6ca18bfb3515e7610e07d98404af2f67
Certificate serial:       019D37F7432E3F2FB21CE33D2472A9794D2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yd8LG2yhi_s1FedhDgfZhASvL2c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/4485b8-3976-4282-8b6a-47c0f54032b8/1/yd8LG2yhi_s1FedhDgfZhASvL2c.mft
Manifest number:          010B
Signing time:             Sun 29 Mar 2026 05:00:44 +0000
Manifest this update:     Sun 29 Mar 2026 05:00:44 +0000
Manifest next update:     Mon 30 Mar 2026 05:00:44 +0000
Files and hashes:         1: yd8LG2yhi_s1FedhDgfZhASvL2c.crl (hash: B0kwMe4hYyKbpLUFUGj8BqIEn9UEFLy1+xPIZc8yy5k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/4485b8-3976-4282-8b6a-47c0f54032b8/1/yd8LG2yhi_s1FedhDgfZhASvL2c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/4485b8-3976-4282-8b6a-47c0f54032b8/1/yd8LG2yhi_s1FedhDgfZhASvL2c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yd8LG2yhi_s1FedhDgfZhASvL2c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 05:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:f7:43:2e:3f:2f:b2:1c:e3:3d:24:72:a9:79:4d:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9df0b1b6ca18bfb3515e7610e07d98404af2f67
        Validity
            Not Before: Mar 29 05:00:44 2026 GMT
            Not After : Mar 30 05:00:44 2026 GMT
        Subject: CN=561e815b5c3c9c0d817e9f603530c9c3c5da67de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:91:e8:a1:b1:76:61:9c:f6:e9:86:24:48:91:
                    4c:05:7f:d4:a3:7d:09:a4:b6:c2:4f:c6:18:7a:96:
                    c4:57:56:6d:34:8e:58:37:d0:e9:3d:0f:40:1d:b3:
                    ad:c8:7e:b5:9b:8f:1c:22:8f:82:55:ae:2c:0a:b6:
                    2e:45:49:46:38:2f:21:c7:6a:40:d4:fc:af:33:8e:
                    ac:96:45:c4:9e:69:ae:0b:0b:c9:f7:7f:04:66:32:
                    45:51:8b:d5:ce:fd:95:7f:e8:d5:09:df:53:c9:3e:
                    b0:98:df:45:6b:83:20:3b:78:fd:6f:2c:de:84:fe:
                    73:89:62:0e:df:74:72:52:35:a6:24:76:55:6e:c1:
                    7e:94:cf:19:91:57:29:7e:ae:11:ca:2f:fa:53:d2:
                    37:e9:5a:4f:cc:83:c1:d1:14:34:56:91:24:4c:07:
                    99:13:c1:1d:3d:68:2b:d7:15:b0:e7:b9:a7:ca:67:
                    17:d3:b2:ca:41:76:d7:f6:47:81:a9:07:1e:15:b5:
                    63:f7:b1:83:f5:95:56:35:ce:1b:0f:a8:ae:66:9d:
                    ba:f8:06:c9:85:3f:5e:da:eb:2a:95:74:24:05:86:
                    c9:33:a4:11:64:a8:d0:49:b8:15:46:9e:b2:a5:d3:
                    02:a2:0e:6c:47:73:46:0d:fb:cf:cb:3f:2e:86:be:
                    7f:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:1E:81:5B:5C:3C:9C:0D:81:7E:9F:60:35:30:C9:C3:C5:DA:67:DE
            X509v3 Authority Key Identifier:
                keyid:C9:DF:0B:1B:6C:A1:8B:FB:35:15:E7:61:0E:07:D9:84:04:AF:2F:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yd8LG2yhi_s1FedhDgfZhASvL2c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/4485b8-3976-4282-8b6a-47c0f54032b8/1/yd8LG2yhi_s1FedhDgfZhASvL2c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/4485b8-3976-4282-8b6a-47c0f54032b8/1/yd8LG2yhi_s1FedhDgfZhASvL2c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:60:85:61:bc:9d:b3:d4:ba:23:e7:71:e5:43:6e:f5:7d:d7:
         be:9f:9d:75:92:44:ea:11:1a:cb:fd:f5:a3:b7:2b:6d:8b:fc:
         18:63:c2:17:12:e0:d3:12:86:bd:04:79:c8:f2:1f:89:fb:ba:
         36:a9:cb:86:0d:5e:ae:a9:e9:1d:e0:31:4a:4f:40:d8:02:3e:
         72:c7:50:4c:5d:5a:86:51:f1:a3:a4:79:cf:c8:72:79:69:60:
         bc:9f:72:77:d0:e4:2e:ae:1a:a0:93:8a:47:5a:c1:48:44:58:
         3c:ce:f4:4b:0e:32:f1:d4:f4:35:fc:d2:0a:71:d3:e8:71:3b:
         27:76:de:ec:d8:db:7b:51:b0:00:d4:c1:c2:31:be:15:1c:b2:
         58:18:27:80:b7:18:f4:49:b5:1a:39:80:56:8e:de:ef:97:ca:
         a7:88:18:fc:c4:bc:0e:70:b6:69:cd:ec:72:0a:03:c4:ac:0c:
         82:75:6a:23:60:6e:88:fb:7a:e8:c5:ab:de:43:91:af:e4:13:
         c3:af:db:64:92:05:07:fa:97:8f:07:d8:1a:44:13:06:ae:a8:
         b9:29:df:4e:c7:62:1f:a7:37:ed:36:0f:90:d6:7d:f8:ea:53:
         3c:ae:2b:a7:03:96:a4:86:8f:e8:82:29:ef:cc:62:19:09:40:
         6f:22:1a:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0390MuPy+yHOM9JHKpeU0vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZGYwYjFiNmNhMThiZmIzNTE1ZTc2MTBlMDdkOTg0MDRh
ZjJmNjcwHhcNMjYwMzI5MDUwMDQ0WhcNMjYwMzMwMDUwMDQ0WjAzMTEwLwYDVQQD
Eyg1NjFlODE1YjVjM2M5YzBkODE3ZTlmNjAzNTMwYzljM2M1ZGE2N2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ZHoobF2YZz26YYkSJFMBX/Uo30J
pLbCT8YYepbEV1ZtNI5YN9DpPQ9AHbOtyH61m48cIo+CVa4sCrYuRUlGOC8hx2pA
1PyvM46slkXEnmmuCwvJ938EZjJFUYvVzv2Vf+jVCd9TyT6wmN9Fa4MgO3j9byze
hP5ziWIO33RyUjWmJHZVbsF+lM8ZkVcpfq4Ryi/6U9I36VpPzIPB0RQ0VpEkTAeZ
E8EdPWgr1xWw57mnymcX07LKQXbX9keBqQceFbVj97GD9ZVWNc4bD6iuZp26+AbJ
hT9e2usqlXQkBYbJM6QRZKjQSbgVRp6ypdMCog5sR3NGDfvPyz8uhr5/9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFYegVtcPJwNgX6fYDUwycPF2mfeMB8GA1UdIwQY
MBaAFMnfCxtsoYv7NRXnYQ4H2YQEry9nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWQ4TEcyeWhpX3MxRmVkaERnZlpoQVN2TDJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My80NDg1YjgtMzk3Ni00MjgyLThiNmEt
NDdjMGY1NDAzMmI4LzEveWQ4TEcyeWhpX3MxRmVkaERnZlpoQVN2TDJjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My80NDg1YjgtMzk3Ni00MjgyLThiNmEtNDdjMGY1NDAzMmI4
LzEveWQ4TEcyeWhpX3MxRmVkaERnZlpoQVN2TDJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK2CFYbyd
s9S6I+dx5UNu9X3Xvp+ddZJE6hEay/31o7crbYv8GGPCFxLg0xKGvQR5yPIfifu6
NqnLhg1erqnpHeAxSk9A2AI+csdQTF1ahlHxo6R5z8hyeWlgvJ9yd9DkLq4aoJOK
R1rBSERYPM70Sw4y8dT0NfzSCnHT6HE7J3be7Njbe1GwANTBwjG+FRyyWBgngLcY
9Em1GjmAVo7e75fKp4gY/MS8DnC2ac3scgoDxKwMgnVqI2BuiPt66MWr3kORr+QT
w6/bZJIFB/qXjwfYGkQTBq6ouSnfTsdiH6c37TYPkNZ9+OpTPK4rpwOWpIaP6IIp
78xiGQlAbyIa2g==
-----END CERTIFICATE-----