Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft
File:                     yAH8mVpSGvH1Atnq8S1mIaZMr00.mft (raw, json)
Hash identifier:          5cR8+0iYa7lfyU8ewEsLGWaZz6575nZo4Ct0wpXioLo=
Subject key identifier:   4E:4B:EE:4C:91:FE:02:89:BD:80:E9:B8:CF:EE:A9:DB:EE:B1:72:C9
Authority key identifier: C8:01:FC:99:5A:52:1A:F1:F5:02:D9:EA:F1:2D:66:21:A6:4C:AF:4D
Certificate issuer:       /CN=c801fc995a521af1f502d9eaf12d6621a64caf4d
Certificate serial:       019D38659252D01E83B19BA5E59D9AA9CDC4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 07:01:13 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:13 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:13 +0000
Files and hashes:         1: yAH8mVpSGvH1Atnq8S1mIaZMr00.crl (hash: /pdIGGFfIRHrFB/XuyPEhFz/ze1C2673HC8kPzQszQ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:92:52:d0:1e:83:b1:9b:a5:e5:9d:9a:a9:cd:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c801fc995a521af1f502d9eaf12d6621a64caf4d
        Validity
            Not Before: Mar 29 07:01:13 2026 GMT
            Not After : Mar 30 07:01:13 2026 GMT
        Subject: CN=4e4bee4c91fe0289bd80e9b8cfeea9dbeeb172c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:cb:8a:5e:e3:fa:38:3e:e8:6d:68:9e:db:f9:
                    ba:54:76:48:c9:89:fa:a7:66:e5:ee:9a:03:b8:78:
                    c1:19:b7:0f:ac:55:d0:b6:8e:41:59:61:9d:a9:44:
                    74:1b:6f:88:68:2b:c1:7f:67:d4:a4:b1:c3:e8:11:
                    14:74:65:02:e6:ba:9b:59:da:88:5a:e2:4e:7c:c6:
                    e6:d9:5f:e9:f8:af:2b:27:51:c6:18:a6:9c:8a:3d:
                    15:4a:06:ff:19:4c:2f:0c:c7:12:18:04:77:35:d5:
                    88:2c:94:8e:1b:22:ea:22:34:bd:00:77:1f:f0:72:
                    e6:d4:6b:86:67:68:f7:7a:ba:cd:ef:8b:8e:b2:25:
                    0b:d4:5d:f7:9b:1c:24:f6:e3:90:5a:56:c0:35:17:
                    42:12:aa:c0:b8:03:f2:ea:07:94:b6:60:c1:cf:b1:
                    6b:83:e5:b5:ee:cf:ef:b7:99:83:2e:02:a8:af:10:
                    14:81:f3:f8:2b:df:a2:fe:b1:1a:11:41:bb:12:a1:
                    d4:f9:02:9f:86:66:17:0b:9b:ff:da:1e:1e:75:38:
                    b5:c4:20:d9:1b:fd:f6:ab:f5:b0:e0:92:a1:4b:89:
                    a7:37:01:99:ba:30:e2:b2:d6:0a:05:dd:48:07:96:
                    23:15:42:46:b4:7c:0b:e8:40:12:3b:57:b6:8a:99:
                    1f:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:4B:EE:4C:91:FE:02:89:BD:80:E9:B8:CF:EE:A9:DB:EE:B1:72:C9
            X509v3 Authority Key Identifier:
                keyid:C8:01:FC:99:5A:52:1A:F1:F5:02:D9:EA:F1:2D:66:21:A6:4C:AF:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:2f:b1:2f:ac:43:cf:fc:4f:61:d9:1c:9a:11:82:77:07:95:
         8a:f2:df:1b:8a:f4:64:62:51:b8:68:3c:38:92:b4:e9:4a:b9:
         2e:02:6d:9a:40:5a:5e:a3:2e:78:30:49:66:ef:23:cf:1c:b6:
         da:73:ad:58:3b:9d:5f:cd:51:36:f6:ad:1b:d6:d2:dc:3e:29:
         2c:12:0e:b8:16:54:09:7a:a8:0f:ae:14:cb:d4:28:97:1a:b9:
         ea:96:a3:03:b5:15:18:96:ab:39:b6:ad:27:73:55:87:5e:97:
         7c:35:7c:e2:2e:88:1b:56:8f:f7:10:92:7c:24:8b:e7:82:75:
         f0:5c:75:68:a3:2c:52:25:0c:62:ce:ef:4c:fb:81:59:38:b2:
         40:aa:95:4c:cb:b2:99:04:92:4e:01:07:71:bd:a8:7b:17:fc:
         b6:87:b5:83:1c:9f:9e:85:f9:f1:5c:32:d6:70:88:05:58:24:
         b0:60:71:4d:d1:56:70:11:a3:69:47:72:af:f4:e6:42:8d:9a:
         2c:62:77:b9:e8:d1:b2:4e:80:db:8f:a1:95:2e:91:e9:90:74:
         b8:f1:75:cc:1a:8c:04:49:98:3e:2d:13:fe:2a:db:c4:9c:0a:
         a5:be:71:ef:34:c0:8b:51:fe:40:89:7f:23:cf:ab:d7:73:15:
         9e:6d:1c:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZZJS0B6DsZul5Z2aqc3EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MDFmYzk5NWE1MjFhZjFmNTAyZDllYWYxMmQ2NjIxYTY0
Y2FmNGQwHhcNMjYwMzI5MDcwMTEzWhcNMjYwMzMwMDcwMTEzWjAzMTEwLwYDVQQD
Eyg0ZTRiZWU0YzkxZmUwMjg5YmQ4MGU5YjhjZmVlYTlkYmVlYjE3MmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcuKXuP6OD7obWie2/m6VHZIyYn6
p2bl7poDuHjBGbcPrFXQto5BWWGdqUR0G2+IaCvBf2fUpLHD6BEUdGUC5rqbWdqI
WuJOfMbm2V/p+K8rJ1HGGKacij0VSgb/GUwvDMcSGAR3NdWILJSOGyLqIjS9AHcf
8HLm1GuGZ2j3errN74uOsiUL1F33mxwk9uOQWlbANRdCEqrAuAPy6geUtmDBz7Fr
g+W17s/vt5mDLgKorxAUgfP4K9+i/rEaEUG7EqHU+QKfhmYXC5v/2h4edTi1xCDZ
G/32q/Ww4JKhS4mnNwGZujDistYKBd1IB5YjFUJGtHwL6EASO1e2ipkf/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE5L7kyR/gKJvYDpuM/uqdvusXLJMB8GA1UdIwQY
MBaAFMgB/JlaUhrx9QLZ6vEtZiGmTK9NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9iMDQxYjgtNmIyNC00NGYzLWE3NDgt
NzJjMGQ1MDkzMzRkLzEveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9iMDQxYjgtNmIyNC00NGYzLWE3NDgtNzJjMGQ1MDkzMzRk
LzEveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPS+xL6xD
z/xPYdkcmhGCdweVivLfG4r0ZGJRuGg8OJK06Uq5LgJtmkBaXqMueDBJZu8jzxy2
2nOtWDudX81RNvatG9bS3D4pLBIOuBZUCXqoD64Uy9Qolxq56pajA7UVGJarObat
J3NVh16XfDV84i6IG1aP9xCSfCSL54J18Fx1aKMsUiUMYs7vTPuBWTiyQKqVTMuy
mQSSTgEHcb2oexf8toe1gxyfnoX58Vwy1nCIBVgksGBxTdFWcBGjaUdyr/TmQo2a
LGJ3uejRsk6A24+hlS6R6ZB0uPF1zBqMBEmYPi0T/irbxJwKpb5x7zTAi1H+QIl/
I8+r13MVnm0crg==
-----END CERTIFICATE-----