Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/67f1c5-8229-4173-99c1-dbd760045eb7/1/yPGA3UiWddR5NSX-5s__Rpcv8zw.mft
File:                     yPGA3UiWddR5NSX-5s__Rpcv8zw.mft (raw, json)
Hash identifier:          xZ9IuO+BudwCuKkU15opjdrRFb33w++SBqz/PCzTfSc=
Subject key identifier:   2F:A0:01:32:17:33:C7:33:F8:04:6F:62:93:EF:2E:7C:54:66:68:0A
Authority key identifier: C8:F1:80:DD:48:96:75:D4:79:35:25:FE:E6:CF:FF:46:97:2F:F3:3C
Certificate issuer:       /CN=c8f180dd489675d4793525fee6cfff46972ff33c
Certificate serial:       019D38D385995B9A14CEC5617306C73B5FE7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yPGA3UiWddR5NSX-5s__Rpcv8zw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/67f1c5-8229-4173-99c1-dbd760045eb7/1/yPGA3UiWddR5NSX-5s__Rpcv8zw.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 09:01:19 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:19 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:19 +0000
Files and hashes:         1: yPGA3UiWddR5NSX-5s__Rpcv8zw.crl (hash: ZkBq5Q5kClJ5N5I8ti7c6XBJD/0yucvISgo3QMFDTcA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/67f1c5-8229-4173-99c1-dbd760045eb7/1/yPGA3UiWddR5NSX-5s__Rpcv8zw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/67f1c5-8229-4173-99c1-dbd760045eb7/1/yPGA3UiWddR5NSX-5s__Rpcv8zw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yPGA3UiWddR5NSX-5s__Rpcv8zw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:85:99:5b:9a:14:ce:c5:61:73:06:c7:3b:5f:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8f180dd489675d4793525fee6cfff46972ff33c
        Validity
            Not Before: Mar 29 09:01:19 2026 GMT
            Not After : Mar 30 09:01:19 2026 GMT
        Subject: CN=2fa001321733c733f8046f6293ef2e7c5466680a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:46:af:3a:2d:5f:93:84:54:c2:af:aa:80:46:
                    e7:66:ee:d8:9e:cf:8a:d5:9c:97:e7:27:28:2e:5f:
                    9a:eb:b8:b9:58:d2:6c:f1:33:fb:d9:10:b5:90:07:
                    74:af:f1:b8:e5:2c:12:51:93:48:71:19:bb:1e:c9:
                    f2:be:c6:7c:76:b7:a0:5c:d5:60:f9:3a:da:a1:82:
                    76:26:85:0b:2e:03:14:c6:27:49:51:7c:81:89:36:
                    56:98:d0:48:72:bb:7d:9b:71:7e:ec:06:ec:09:83:
                    db:96:38:36:1b:88:91:4c:05:db:74:7e:4f:6f:1a:
                    d3:3e:b4:d2:6a:20:14:c0:1d:27:b4:bd:37:43:99:
                    f3:9d:47:07:46:c1:96:7c:81:fc:3f:79:b6:d7:72:
                    11:b7:ad:1a:85:df:60:55:07:4a:3a:44:f3:c7:44:
                    40:0d:df:4a:10:d5:60:06:d9:d8:a5:04:59:2f:25:
                    a0:20:cc:27:98:94:b0:14:ce:68:99:74:6f:93:25:
                    ad:bf:7a:f1:65:19:8f:e4:f7:bf:e7:63:70:83:3c:
                    06:1c:98:f7:b0:1c:96:29:22:a9:4f:86:7a:e8:f3:
                    f0:06:d0:a6:df:4f:22:bd:e0:3e:9b:84:55:00:84:
                    59:2d:56:db:9c:69:c9:73:8c:7b:47:bd:22:5d:15:
                    a5:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:A0:01:32:17:33:C7:33:F8:04:6F:62:93:EF:2E:7C:54:66:68:0A
            X509v3 Authority Key Identifier:
                keyid:C8:F1:80:DD:48:96:75:D4:79:35:25:FE:E6:CF:FF:46:97:2F:F3:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yPGA3UiWddR5NSX-5s__Rpcv8zw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/67f1c5-8229-4173-99c1-dbd760045eb7/1/yPGA3UiWddR5NSX-5s__Rpcv8zw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/67f1c5-8229-4173-99c1-dbd760045eb7/1/yPGA3UiWddR5NSX-5s__Rpcv8zw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:36:3a:43:5c:dc:b5:36:2f:55:ec:2c:55:63:f3:b3:30:c1:
         72:cd:a6:91:fc:1d:ab:93:08:74:3f:92:85:87:8c:f5:ec:53:
         31:92:cc:f0:9f:7d:f7:74:f6:f9:9a:ab:29:3d:6d:cd:27:71:
         bf:67:48:96:6f:24:60:88:26:e3:f2:71:ba:b3:0a:2c:b4:6a:
         41:2a:e1:69:cd:6e:a4:eb:0e:ff:ee:de:ff:ea:80:3c:64:11:
         9a:dd:03:e1:bf:47:ae:7a:88:48:0c:3d:c9:e6:68:01:54:f2:
         78:6b:41:7b:de:bd:bc:99:41:47:e0:15:4a:8d:9f:ff:c2:73:
         80:36:00:ab:56:08:3d:b8:ca:cb:5c:41:08:81:6f:fd:c0:1d:
         9c:48:a4:a4:24:f5:ce:1c:73:ff:b9:2f:c9:fe:4c:82:46:ed:
         92:19:54:61:4a:fb:3f:ea:77:04:5b:95:81:c2:c1:03:8c:c2:
         86:41:26:1a:3f:ea:16:c0:1d:65:ec:1a:26:e7:09:9b:bc:56:
         1f:ba:72:e4:08:27:85:c8:91:d8:44:a3:68:7d:35:53:21:fb:
         c5:92:76:5c:35:b3:af:8b:c3:94:b0:7e:2e:94:bf:58:39:d4:
         6a:95:44:d2:f2:03:ef:a0:f9:f4:82:f5:5d:5d:62:c9:3d:24:
         40:20:64:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0404WZW5oUzsVhcwbHO1/nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZjE4MGRkNDg5Njc1ZDQ3OTM1MjVmZWU2Y2ZmZjQ2OTcy
ZmYzM2MwHhcNMjYwMzI5MDkwMTE5WhcNMjYwMzMwMDkwMTE5WjAzMTEwLwYDVQQD
EygyZmEwMDEzMjE3MzNjNzMzZjgwNDZmNjI5M2VmMmU3YzU0NjY2ODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UavOi1fk4RUwq+qgEbnZu7Yns+K
1ZyX5ycoLl+a67i5WNJs8TP72RC1kAd0r/G45SwSUZNIcRm7HsnyvsZ8dregXNVg
+TraoYJ2JoULLgMUxidJUXyBiTZWmNBIcrt9m3F+7AbsCYPbljg2G4iRTAXbdH5P
bxrTPrTSaiAUwB0ntL03Q5nznUcHRsGWfIH8P3m213IRt60ahd9gVQdKOkTzx0RA
Dd9KENVgBtnYpQRZLyWgIMwnmJSwFM5omXRvkyWtv3rxZRmP5Pe/52NwgzwGHJj3
sByWKSKpT4Z66PPwBtCm308iveA+m4RVAIRZLVbbnGnJc4x7R70iXRWlEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC+gATIXM8cz+ARvYpPvLnxUZmgKMB8GA1UdIwQY
MBaAFMjxgN1IlnXUeTUl/ubP/0aXL/M8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVBHQTNVaVdkZFI1TlNYLTVzX19ScGN2OHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS82N2YxYzUtODIyOS00MTczLTk5YzEt
ZGJkNzYwMDQ1ZWI3LzEveVBHQTNVaVdkZFI1TlNYLTVzX19ScGN2OHp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS82N2YxYzUtODIyOS00MTczLTk5YzEtZGJkNzYwMDQ1ZWI3
LzEveVBHQTNVaVdkZFI1TlNYLTVzX19ScGN2OHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJjY6Q1zc
tTYvVewsVWPzszDBcs2mkfwdq5MIdD+ShYeM9exTMZLM8J9993T2+ZqrKT1tzSdx
v2dIlm8kYIgm4/JxurMKLLRqQSrhac1upOsO/+7e/+qAPGQRmt0D4b9HrnqISAw9
yeZoAVTyeGtBe969vJlBR+AVSo2f/8JzgDYAq1YIPbjKy1xBCIFv/cAdnEikpCT1
zhxz/7kvyf5MgkbtkhlUYUr7P+p3BFuVgcLBA4zChkEmGj/qFsAdZewaJucJm7xW
H7py5AgnhciR2ESjaH01UyH7xZJ2XDWzr4vDlLB+LpS/WDnUapVE0vID76D59IL1
XV1iyT0kQCBk2A==
-----END CERTIFICATE-----