Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.mft
File:                     yGEQ5MdkHRgOjxkgrGX7788G18c.mft (raw, json)
Hash identifier:          GczMbW25bfUbK4pOs7lsHS81ufzSLfc2+FUg9ldVpRo=
Subject key identifier:   5C:3F:7C:61:14:75:53:BE:23:6D:BA:43:7B:05:7D:A5:10:49:56:30
Authority key identifier: C8:61:10:E4:C7:64:1D:18:0E:8F:19:20:AC:65:FB:EF:CF:06:D7:C7
Certificate issuer:       /CN=c86110e4c7641d180e8f1920ac65fbefcf06d7c7
Certificate serial:       019D37F75E8810E678B748643CE53974C9D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yGEQ5MdkHRgOjxkgrGX7788G18c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.mft
Manifest number:          0322
Signing time:             Sun 29 Mar 2026 05:00:51 +0000
Manifest this update:     Sun 29 Mar 2026 05:00:51 +0000
Manifest next update:     Mon 30 Mar 2026 05:00:51 +0000
Files and hashes:         1: yGEQ5MdkHRgOjxkgrGX7788G18c.crl (hash: k8tMohdrtMcGv1lYUsKOj1MHTVnOFUA5v34MbT0N5l8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yGEQ5MdkHRgOjxkgrGX7788G18c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 05:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:f7:5e:88:10:e6:78:b7:48:64:3c:e5:39:74:c9:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c86110e4c7641d180e8f1920ac65fbefcf06d7c7
        Validity
            Not Before: Mar 29 05:00:51 2026 GMT
            Not After : Mar 30 05:00:51 2026 GMT
        Subject: CN=5c3f7c61147553be236dba437b057da510495630
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:f3:c0:42:03:07:01:e8:93:49:04:4a:f6:61:
                    0c:b1:d3:64:51:95:7a:b2:63:7e:a4:84:d2:aa:b8:
                    1f:93:8b:d6:84:35:92:ab:00:9e:d9:a4:4a:64:a1:
                    c1:d8:44:2f:79:ed:d1:6e:48:ec:aa:07:cf:3b:93:
                    c8:80:49:4b:0f:e2:09:67:0e:2f:10:52:2a:d2:fe:
                    fb:bf:33:9b:f0:b6:f0:43:a1:7e:42:9c:46:e5:c2:
                    2b:4d:0a:3f:45:45:71:6a:02:0b:3c:02:bd:8f:30:
                    45:e2:42:65:64:58:da:5c:78:08:43:02:3a:87:fb:
                    97:a2:8f:32:d2:07:5d:9f:ca:47:63:d7:e6:fc:a2:
                    79:1c:fb:e2:04:f3:e9:09:09:77:9d:09:1b:45:de:
                    8f:3c:16:ea:fd:1d:b0:20:6e:59:34:07:33:5e:5d:
                    3b:a5:8a:d6:65:e9:22:b7:78:2e:06:f6:c8:a9:1f:
                    15:7e:46:fc:1d:e9:a7:1c:fe:5b:9f:0c:98:1e:5e:
                    43:25:44:47:fc:8d:d9:97:b2:27:75:83:9f:7c:94:
                    92:be:08:25:be:bb:94:f1:cc:7f:9b:38:7e:df:ca:
                    fa:76:17:e6:96:5a:22:fb:de:1b:2e:86:9d:ae:4a:
                    d7:4e:d7:ac:14:fe:6b:d5:eb:8a:61:ce:72:09:ac:
                    e2:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:3F:7C:61:14:75:53:BE:23:6D:BA:43:7B:05:7D:A5:10:49:56:30
            X509v3 Authority Key Identifier:
                keyid:C8:61:10:E4:C7:64:1D:18:0E:8F:19:20:AC:65:FB:EF:CF:06:D7:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGEQ5MdkHRgOjxkgrGX7788G18c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/208c25-edce-4131-b31b-66a52c7c8c00/1/yGEQ5MdkHRgOjxkgrGX7788G18c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:bc:cd:4c:48:33:84:0f:d7:1b:ae:2c:46:66:fd:15:5f:2f:
         5e:67:a1:43:b5:c8:b8:64:b9:84:60:a1:e8:b3:be:c3:fd:60:
         d6:fd:7c:35:1c:89:60:5d:e5:36:ef:8d:b1:01:f8:8b:8f:6e:
         2a:ba:86:a4:c4:81:77:8b:d8:f6:07:6e:92:00:44:ac:b6:f8:
         3a:41:76:91:2a:29:c5:9d:55:c6:35:0a:37:a8:0b:f7:f4:99:
         4e:88:d6:f6:92:19:41:0a:0a:ec:a9:e0:11:1b:f2:f0:91:c8:
         c0:e0:40:33:ca:1c:aa:46:ee:4e:6f:2f:a6:c9:3c:c6:86:d1:
         2a:ce:b0:ed:83:73:02:07:f9:c0:30:c6:f9:40:b0:19:b4:b7:
         5d:01:00:2d:54:37:1e:22:88:a4:a0:68:8c:00:0e:ef:fb:72:
         42:7d:c6:7b:b3:bc:2e:71:ce:2a:bd:2e:32:f9:20:20:72:2c:
         92:aa:35:e1:0d:ec:b8:21:f2:bd:c1:2f:a5:6b:c5:b6:d4:89:
         05:a3:24:49:45:2c:40:7d:a6:1b:9a:48:b4:ec:66:c0:7e:c6:
         c8:00:81:9b:5f:c8:14:c2:8c:69:cc:6e:79:5b:ba:7d:de:f0:
         c0:9a:9f:a0:76:c5:de:0c:e0:69:52:c6:e7:e6:58:27:0b:3d:
         4c:35:94:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03916IEOZ4t0hkPOU5dMnZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NjExMGU0Yzc2NDFkMTgwZThmMTkyMGFjNjVmYmVmY2Yw
NmQ3YzcwHhcNMjYwMzI5MDUwMDUxWhcNMjYwMzMwMDUwMDUxWjAzMTEwLwYDVQQD
Eyg1YzNmN2M2MTE0NzU1M2JlMjM2ZGJhNDM3YjA1N2RhNTEwNDk1NjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vPAQgMHAeiTSQRK9mEMsdNkUZV6
smN+pITSqrgfk4vWhDWSqwCe2aRKZKHB2EQvee3RbkjsqgfPO5PIgElLD+IJZw4v
EFIq0v77vzOb8LbwQ6F+QpxG5cIrTQo/RUVxagILPAK9jzBF4kJlZFjaXHgIQwI6
h/uXoo8y0gddn8pHY9fm/KJ5HPviBPPpCQl3nQkbRd6PPBbq/R2wIG5ZNAczXl07
pYrWZekit3guBvbIqR8Vfkb8HemnHP5bnwyYHl5DJURH/I3Zl7IndYOffJSSvggl
vruU8cx/mzh+38r6dhfmlloi+94bLoadrkrXTtesFP5r1euKYc5yCaziqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFw/fGEUdVO+I226Q3sFfaUQSVYwMB8GA1UdIwQY
MBaAFMhhEOTHZB0YDo8ZIKxl++/PBtfHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUdFUTVNZGtIUmdPanhrZ3JHWDc3ODhHMThjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8yMDhjMjUtZWRjZS00MTMxLWIzMWIt
NjZhNTJjN2M4YzAwLzEveUdFUTVNZGtIUmdPanhrZ3JHWDc3ODhHMThjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8yMDhjMjUtZWRjZS00MTMxLWIzMWItNjZhNTJjN2M4YzAw
LzEveUdFUTVNZGtIUmdPanhrZ3JHWDc3ODhHMThjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJLzNTEgz
hA/XG64sRmb9FV8vXmehQ7XIuGS5hGCh6LO+w/1g1v18NRyJYF3lNu+NsQH4i49u
KrqGpMSBd4vY9gdukgBErLb4OkF2kSopxZ1VxjUKN6gL9/SZTojW9pIZQQoK7Kng
ERvy8JHIwOBAM8ocqkbuTm8vpsk8xobRKs6w7YNzAgf5wDDG+UCwGbS3XQEALVQ3
HiKIpKBojAAO7/tyQn3Ge7O8LnHOKr0uMvkgIHIskqo14Q3suCHyvcEvpWvFttSJ
BaMkSUUsQH2mG5pItOxmwH7GyACBm1/IFMKMacxueVu6fd7wwJqfoHbF3gzgaVLG
5+ZYJws9TDWUZg==
-----END CERTIFICATE-----