Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
File:                     yyDpqru2GRVGEQI1z3bEg4S0UdA.mft (raw, json)
Hash identifier:          xG9P/stkJE92VAY1/BcKq7W7lWXNwUxPj+GVeSLf9f8=
Subject key identifier:   53:78:8D:FF:20:A0:C3:7E:26:B2:76:D8:10:1A:47:1C:2B:63:B7:B1
Authority key identifier: CB:20:E9:AA:BB:B6:19:15:46:11:02:35:CF:76:C4:83:84:B4:51:D0
Certificate issuer:       /CN=cb20e9aabbb6191546110235cf76c48384b451d0
Certificate serial:       019D3865D3FBD86F2DCB1690B9F2BE6EE9AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
Manifest number:          07DC
Signing time:             Sun 29 Mar 2026 07:01:30 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:30 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:30 +0000
Files and hashes:         1: yyDpqru2GRVGEQI1z3bEg4S0UdA.crl (hash: E/UIdXW+b9rtXCtVDQ8/QxbKKor4gkH7sVq8/LGpVpA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:d3:fb:d8:6f:2d:cb:16:90:b9:f2:be:6e:e9:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb20e9aabbb6191546110235cf76c48384b451d0
        Validity
            Not Before: Mar 29 07:01:30 2026 GMT
            Not After : Mar 30 07:01:30 2026 GMT
        Subject: CN=53788dff20a0c37e26b276d8101a471c2b63b7b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:12:a1:d4:ac:c0:9a:c9:8e:89:13:85:e1:fb:
                    dd:c3:d1:2b:01:5b:e3:7a:0c:1b:96:e7:fb:4a:17:
                    15:39:85:d8:c0:ae:1e:53:c5:e7:c2:22:b1:68:b1:
                    5b:2a:02:48:ca:de:4e:d2:0f:bb:1b:5c:f6:48:a1:
                    88:72:1e:03:86:59:5b:d6:fb:16:9c:c0:55:74:ad:
                    a1:a9:30:34:60:b5:f0:62:62:de:b4:14:2c:7a:63:
                    5b:ce:81:27:88:b2:a2:9f:f4:17:6c:f8:b8:78:06:
                    63:42:45:d5:d1:0f:27:61:18:a1:0e:28:cd:a4:15:
                    b8:45:60:eb:8d:de:56:ee:14:86:77:ac:3f:f2:df:
                    96:ba:00:d9:e5:42:fd:57:f3:83:7b:8d:29:60:ca:
                    bd:fd:d2:04:3a:66:b9:0b:36:49:66:d1:3d:3c:b4:
                    a0:c2:73:36:b1:0d:0c:51:07:c2:a2:a4:70:b8:e6:
                    4c:7b:b4:2f:d8:ae:46:74:c5:2a:5a:0b:11:87:f3:
                    8d:7d:93:99:df:4f:86:09:c6:5d:23:84:08:da:33:
                    22:1d:1c:03:2c:71:dc:88:ad:77:5f:43:22:91:cb:
                    f1:0b:bb:25:1a:de:b9:46:2c:16:fa:d5:33:25:94:
                    a6:60:f5:4b:e4:f7:16:40:91:ea:ea:de:f0:3f:2e:
                    22:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:78:8D:FF:20:A0:C3:7E:26:B2:76:D8:10:1A:47:1C:2B:63:B7:B1
            X509v3 Authority Key Identifier:
                keyid:CB:20:E9:AA:BB:B6:19:15:46:11:02:35:CF:76:C4:83:84:B4:51:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yyDpqru2GRVGEQI1z3bEg4S0UdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8d9bb5-b4e5-4344-891b-0807f96ca4a2/1/yyDpqru2GRVGEQI1z3bEg4S0UdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:c0:ff:64:d1:3b:18:a7:55:8a:63:42:d0:f7:54:a8:d1:4b:
         92:6a:10:26:ca:1a:54:5c:47:50:98:94:41:86:22:8b:5a:d3:
         14:c0:a6:63:ca:a2:1b:6b:33:53:98:b8:b4:5e:ae:46:f2:08:
         84:ae:a6:aa:0b:eb:96:c1:1a:7b:de:5c:bb:61:be:9b:8e:d5:
         4a:e8:33:a9:d5:55:7c:e4:23:bc:cd:c5:68:86:6a:3b:c8:3b:
         c6:c2:1b:1a:ef:00:d4:34:c0:42:c3:30:c7:23:da:72:27:f1:
         76:7a:d8:c2:c8:53:b0:01:d8:fb:e0:21:16:e4:09:25:9c:79:
         a2:15:b0:9c:6d:65:3f:05:bf:88:18:64:03:c2:5b:bc:cb:2f:
         8b:fe:32:fc:84:9d:32:ea:a6:0f:01:f5:26:c3:0f:7b:5b:1d:
         5c:e0:92:a6:61:36:03:07:01:80:32:bb:db:02:e6:07:f2:81:
         0c:ab:6a:ee:b5:e9:17:4a:3c:2a:65:0b:30:92:c7:97:8a:01:
         20:66:e2:53:a6:b5:65:36:ea:c9:a1:43:60:46:b0:13:60:6d:
         56:3d:7e:87:36:1a:a7:8a:0f:02:84:78:a4:19:7f:5f:45:d5:
         0a:47:e2:d1:d7:2f:05:ed:b7:61:45:ba:ca:f0:03:fc:4a:32:
         63:65:b5:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZdP72G8tyxaQufK+bumtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMjBlOWFhYmJiNjE5MTU0NjExMDIzNWNmNzZjNDgzODRi
NDUxZDAwHhcNMjYwMzI5MDcwMTMwWhcNMjYwMzMwMDcwMTMwWjAzMTEwLwYDVQQD
Eyg1Mzc4OGRmZjIwYTBjMzdlMjZiMjc2ZDgxMDFhNDcxYzJiNjNiN2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBKh1KzAmsmOiROF4fvdw9ErAVvj
egwbluf7ShcVOYXYwK4eU8XnwiKxaLFbKgJIyt5O0g+7G1z2SKGIch4Dhllb1vsW
nMBVdK2hqTA0YLXwYmLetBQsemNbzoEniLKin/QXbPi4eAZjQkXV0Q8nYRihDijN
pBW4RWDrjd5W7hSGd6w/8t+WugDZ5UL9V/ODe40pYMq9/dIEOma5CzZJZtE9PLSg
wnM2sQ0MUQfCoqRwuOZMe7Qv2K5GdMUqWgsRh/ONfZOZ30+GCcZdI4QI2jMiHRwD
LHHciK13X0MikcvxC7slGt65RiwW+tUzJZSmYPVL5PcWQJHq6t7wPy4iKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFN4jf8goMN+JrJ22BAaRxwrY7exMB8GA1UdIwQY
MBaAFMsg6aq7thkVRhECNc92xIOEtFHQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi84ZDliYjUtYjRlNS00MzQ0LTg5MWIt
MDgwN2Y5NmNhNGEyLzEveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi84ZDliYjUtYjRlNS00MzQ0LTg5MWItMDgwN2Y5NmNhNGEy
LzEveXlEcHFydTJHUlZHRVFJMXozYkVnNFMwVWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo8D/ZNE7
GKdVimNC0PdUqNFLkmoQJsoaVFxHUJiUQYYii1rTFMCmY8qiG2szU5i4tF6uRvII
hK6mqgvrlsEae95cu2G+m47VSugzqdVVfOQjvM3FaIZqO8g7xsIbGu8A1DTAQsMw
xyPacifxdnrYwshTsAHY++AhFuQJJZx5ohWwnG1lPwW/iBhkA8JbvMsvi/4y/ISd
MuqmDwH1JsMPe1sdXOCSpmE2AwcBgDK72wLmB/KBDKtq7rXpF0o8KmULMJLHl4oB
IGbiU6a1ZTbqyaFDYEawE2BtVj1+hzYap4oPAoR4pBl/X0XVCkfi0dcvBe23YUW6
yvAD/EoyY2W1qg==
-----END CERTIFICATE-----