Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
File:                     yQDj7qi7474R-IxoK9E4wmUH99w.mft (raw, json)
Hash identifier:          ijfR1dnys6tSEqSo9DsyVAgGDG+4DS3xPF3O35GAYyo=
Subject key identifier:   87:B4:3F:19:42:29:E9:01:82:6D:CA:26:4B:A2:E9:12:C8:F8:7C:DF
Authority key identifier: C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC
Certificate issuer:       /CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
Certificate serial:       019D38664D169189512CBDD3463D6B95FDAD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
Manifest number:          0F74
Signing time:             Sun 29 Mar 2026 07:02:01 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:01 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:01 +0000
Files and hashes:         1: yQDj7qi7474R-IxoK9E4wmUH99w.crl (hash: dOTBMXezuXWOILwjyE46FqgF0obz1DT4EbVb5SiiR3I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:4d:16:91:89:51:2c:bd:d3:46:3d:6b:95:fd:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
        Validity
            Not Before: Mar 29 07:02:01 2026 GMT
            Not After : Mar 30 07:02:01 2026 GMT
        Subject: CN=87b43f194229e901826dca264ba2e912c8f87cdf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:5c:b6:f8:c1:fa:3a:46:5f:17:c6:75:d6:f2:
                    34:97:f0:a9:d6:ee:c6:9b:b0:77:d8:f7:73:d5:00:
                    05:af:d6:3b:0f:79:03:be:0f:1d:d2:20:49:88:28:
                    68:b2:63:4c:a2:1c:ba:73:e2:0b:e3:25:ef:5c:a4:
                    05:dd:9d:13:a3:de:5c:e4:a3:5b:1c:8c:af:7e:a4:
                    1f:9e:ac:c6:c8:5e:08:3f:02:b5:0b:d4:06:84:ce:
                    5e:01:e9:d9:9e:4b:f8:53:2d:5d:c1:ab:fe:7d:7b:
                    27:96:4a:0d:17:d3:db:b8:01:d4:0c:03:85:b1:d9:
                    05:d0:ce:b8:02:17:1f:c5:23:ba:76:81:9a:95:09:
                    f8:26:17:4b:bb:24:af:d8:61:f3:30:f1:c2:6e:44:
                    4a:9e:e3:4c:ba:de:e0:89:1b:6e:8a:a1:a6:e8:75:
                    00:11:3e:da:43:81:69:f8:63:26:1c:1b:29:97:b0:
                    cf:8e:dc:56:20:a0:51:8a:90:89:6f:ac:8e:c7:e2:
                    3d:17:7a:f7:f4:32:35:ea:5c:a7:09:f4:de:3f:90:
                    fa:96:34:55:ec:e9:d4:2e:0a:09:97:45:fe:f4:1c:
                    7f:cc:0e:d9:1f:27:db:a4:de:86:78:f9:b6:d5:c3:
                    d4:fe:c1:03:9b:bd:1f:cb:4f:a7:ef:fa:a0:49:ae:
                    12:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:B4:3F:19:42:29:E9:01:82:6D:CA:26:4B:A2:E9:12:C8:F8:7C:DF
            X509v3 Authority Key Identifier:
                keyid:C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:a1:29:10:e7:6d:51:82:44:89:e9:2a:71:28:50:ee:8e:e4:
         9a:cb:17:c7:5b:c2:94:0d:d5:d4:f8:8e:c5:6b:a1:6d:f7:81:
         73:71:b2:32:0e:83:71:2e:bd:95:13:22:e9:3d:93:d6:1a:3f:
         d4:d0:7c:0a:17:4a:00:c4:c0:07:91:31:66:d3:ad:48:85:34:
         97:53:08:f7:69:88:ad:13:4d:0f:eb:ea:dc:0b:f3:07:28:5a:
         6b:2f:67:9a:58:02:ab:65:f6:e4:93:7b:34:a9:d0:25:a6:da:
         c9:13:cf:98:7b:dd:d5:39:a8:32:b3:74:51:aa:f3:29:82:3e:
         76:00:bc:1c:8a:17:74:18:38:1c:95:8d:b0:00:66:21:14:15:
         6f:78:c3:72:3f:b5:c3:49:c9:2d:1f:f5:f5:0d:95:21:7c:21:
         d8:8c:00:9d:66:7d:55:09:b2:70:c4:0b:d7:27:05:ab:16:8e:
         71:da:df:b9:24:93:61:e7:20:e3:14:a5:92:dd:19:4b:17:47:
         11:60:b1:0f:e8:3b:db:53:81:37:f7:b8:45:19:d6:ef:42:fe:
         32:f9:46:72:d8:7e:9f:8d:31:8b:45:85:9c:75:e0:b8:e0:d2:
         39:e2:d5:1e:7c:ca:ea:4b:75:66:1c:09:3e:36:79:85:39:f2:
         f2:d9:4a:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zk0WkYlRLL3TRj1rlf2tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MDBlM2VlYThiYmUzYmUxMWY4OGM2ODJiZDEzOGMyNjUw
N2Y3ZGMwHhcNMjYwMzI5MDcwMjAxWhcNMjYwMzMwMDcwMjAxWjAzMTEwLwYDVQQD
Eyg4N2I0M2YxOTQyMjllOTAxODI2ZGNhMjY0YmEyZTkxMmM4Zjg3Y2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArly2+MH6OkZfF8Z11vI0l/Cp1u7G
m7B32Pdz1QAFr9Y7D3kDvg8d0iBJiChosmNMohy6c+IL4yXvXKQF3Z0To95c5KNb
HIyvfqQfnqzGyF4IPwK1C9QGhM5eAenZnkv4Uy1dwav+fXsnlkoNF9PbuAHUDAOF
sdkF0M64AhcfxSO6doGalQn4JhdLuySv2GHzMPHCbkRKnuNMut7giRtuiqGm6HUA
ET7aQ4Fp+GMmHBspl7DPjtxWIKBRipCJb6yOx+I9F3r39DI16lynCfTeP5D6ljRV
7OnULgoJl0X+9Bx/zA7ZHyfbpN6GePm21cPU/sEDm70fy0+n7/qgSa4SuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIe0PxlCKekBgm3KJkui6RLI+HzfMB8GA1UdIwQY
MBaAFMkA4+6ou+O+EfiMaCvROMJlB/fcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMt
NDE2MjA0YTAyNzM3LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMtNDE2MjA0YTAyNzM3
LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmqEpEOdt
UYJEiekqcShQ7o7kmssXx1vClA3V1PiOxWuhbfeBc3GyMg6DcS69lRMi6T2T1ho/
1NB8ChdKAMTAB5ExZtOtSIU0l1MI92mIrRNND+vq3AvzByhaay9nmlgCq2X25JN7
NKnQJabayRPPmHvd1TmoMrN0UarzKYI+dgC8HIoXdBg4HJWNsABmIRQVb3jDcj+1
w0nJLR/19Q2VIXwh2IwAnWZ9VQmycMQL1ycFqxaOcdrfuSSTYecg4xSlkt0ZSxdH
EWCxD+g721OBN/e4RRnW70L+MvlGcth+n40xi0WFnHXguODSOeLVHnzK6kt1ZhwJ
PjZ5hTny8tlKmw==
-----END CERTIFICATE-----