Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/61d2b3-79db-4899-8b80-2f725956148f/1/RYemiKiamJlJQWqBnMSoDepFTJ0.mft
File:                     RYemiKiamJlJQWqBnMSoDepFTJ0.mft (raw, json)
Hash identifier:          6329KKe/1fowKnhOvw1jgJFVbm4bQGmqP3mdi6YaGUI=
Subject key identifier:   7C:E5:CA:EA:00:F5:BE:23:23:6B:9F:39:2E:28:68:B5:22:59:F1:C9
Authority key identifier: 45:87:A6:88:A8:9A:98:99:49:41:6A:81:9C:C4:A8:0D:EA:45:4C:9D
Certificate issuer:       /CN=4587a688a89a989949416a819cc4a80dea454c9d
Certificate serial:       019D38D30456ECB186475EB0B1DBC6018702
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RYemiKiamJlJQWqBnMSoDepFTJ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/61d2b3-79db-4899-8b80-2f725956148f/1/RYemiKiamJlJQWqBnMSoDepFTJ0.mft
Manifest number:          0549
Signing time:             Sun 29 Mar 2026 09:00:46 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:46 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:46 +0000
Files and hashes:         1: RYemiKiamJlJQWqBnMSoDepFTJ0.crl (hash: L1yAdCR6grhmzYX3zRY89gbz4NpJCMLFJdJEVxEjgYo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/96/61d2b3-79db-4899-8b80-2f725956148f/1/RYemiKiamJlJQWqBnMSoDepFTJ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/96/61d2b3-79db-4899-8b80-2f725956148f/1/RYemiKiamJlJQWqBnMSoDepFTJ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RYemiKiamJlJQWqBnMSoDepFTJ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:04:56:ec:b1:86:47:5e:b0:b1:db:c6:01:87:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4587a688a89a989949416a819cc4a80dea454c9d
        Validity
            Not Before: Mar 29 09:00:46 2026 GMT
            Not After : Mar 30 09:00:46 2026 GMT
        Subject: CN=7ce5caea00f5be23236b9f392e2868b52259f1c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:91:f7:43:f5:75:d1:e2:e8:91:70:5f:a3:de:
                    83:43:3f:d4:44:6f:58:6e:52:32:9d:8b:2a:4c:eb:
                    58:4b:75:88:40:dc:98:07:87:0b:ed:49:0f:c0:c2:
                    43:8f:2e:6f:c1:4f:89:43:88:ea:26:08:11:3e:58:
                    ed:5a:89:6f:2a:c7:6b:21:e9:b2:5d:ff:7d:51:19:
                    71:c8:93:aa:e6:7a:10:98:2b:0c:c2:1f:5a:23:7a:
                    99:7b:28:35:5a:3c:54:19:c2:86:6e:54:a8:3b:a7:
                    ad:3d:43:74:12:37:37:ea:a7:a1:0f:0f:f4:13:3b:
                    b7:c0:58:e7:17:ca:3f:57:56:88:98:6d:2c:6f:f0:
                    2a:0c:a7:95:64:1a:20:01:53:c7:ec:85:94:ea:15:
                    67:fa:92:2f:11:32:c9:b7:4d:a3:c1:54:ff:f4:da:
                    51:89:ae:79:3f:11:6b:09:50:0e:9a:43:14:f1:3c:
                    0a:cd:be:c1:1e:bc:2d:d9:1c:ef:d1:80:9c:28:32:
                    04:7c:e0:6f:e8:66:0e:6c:f9:f1:d4:85:bc:85:95:
                    1c:7b:78:7c:55:31:d5:fe:c5:87:4d:02:08:3d:35:
                    03:93:3c:d1:08:81:b8:b1:98:8d:bd:29:59:b6:27:
                    49:99:19:e7:b9:07:c5:1a:fc:d1:45:3a:ff:91:b7:
                    da:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:E5:CA:EA:00:F5:BE:23:23:6B:9F:39:2E:28:68:B5:22:59:F1:C9
            X509v3 Authority Key Identifier:
                keyid:45:87:A6:88:A8:9A:98:99:49:41:6A:81:9C:C4:A8:0D:EA:45:4C:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RYemiKiamJlJQWqBnMSoDepFTJ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/61d2b3-79db-4899-8b80-2f725956148f/1/RYemiKiamJlJQWqBnMSoDepFTJ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/61d2b3-79db-4899-8b80-2f725956148f/1/RYemiKiamJlJQWqBnMSoDepFTJ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:d3:4a:7c:4c:a1:90:11:91:d5:41:a4:cb:1d:7f:7c:54:f4:
         7f:cf:e5:07:41:32:6d:9b:eb:a8:5d:8d:a3:18:f0:32:c6:61:
         0b:bf:4d:bc:a2:36:15:cc:3a:93:39:da:4b:ae:a6:ce:00:15:
         1a:c0:fa:cc:c5:76:15:82:7f:6a:67:c2:39:24:ee:cd:70:4f:
         96:a5:03:e9:e2:a7:1c:a5:23:73:4f:ca:a0:5c:4b:2f:a1:98:
         0a:8e:79:1b:35:73:e9:20:31:1d:c4:b8:7c:78:88:dc:14:fd:
         13:38:a9:b4:17:5d:9c:d5:57:10:87:63:df:81:f4:07:db:5e:
         de:6f:a2:13:ca:52:3c:b3:77:a2:f4:b3:6a:96:57:98:76:af:
         0e:98:03:36:6d:2c:7a:1b:09:20:1e:90:70:18:93:dd:20:e2:
         21:fd:ab:69:79:62:f0:35:fc:15:c1:8f:04:ef:5b:38:67:96:
         46:3f:da:fe:97:da:29:85:89:76:79:db:fd:c3:d4:3a:3b:56:
         16:ce:5a:2a:16:f9:40:d4:18:d6:b1:fe:7c:e3:da:10:0b:0d:
         0d:31:01:b4:56:a9:3e:42:30:d7:f9:78:82:31:f1:9a:de:1e:
         50:f7:5a:e4:e0:50:30:91:85:6c:2e:e5:91:c9:9d:82:92:0b:
         e9:30:4e:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040wRW7LGGR16wsdvGAYcCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1ODdhNjg4YTg5YTk4OTk0OTQxNmE4MTljYzRhODBkZWE0
NTRjOWQwHhcNMjYwMzI5MDkwMDQ2WhcNMjYwMzMwMDkwMDQ2WjAzMTEwLwYDVQQD
Eyg3Y2U1Y2FlYTAwZjViZTIzMjM2YjlmMzkyZTI4NjhiNTIyNTlmMWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZH3Q/V10eLokXBfo96DQz/URG9Y
blIynYsqTOtYS3WIQNyYB4cL7UkPwMJDjy5vwU+JQ4jqJggRPljtWolvKsdrIemy
Xf99URlxyJOq5noQmCsMwh9aI3qZeyg1WjxUGcKGblSoO6etPUN0Ejc36qehDw/0
Ezu3wFjnF8o/V1aImG0sb/AqDKeVZBogAVPH7IWU6hVn+pIvETLJt02jwVT/9NpR
ia55PxFrCVAOmkMU8TwKzb7BHrwt2Rzv0YCcKDIEfOBv6GYObPnx1IW8hZUce3h8
VTHV/sWHTQIIPTUDkzzRCIG4sZiNvSlZtidJmRnnuQfFGvzRRTr/kbfaFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHzlyuoA9b4jI2ufOS4oaLUiWfHJMB8GA1UdIwQY
MBaAFEWHpoiompiZSUFqgZzEqA3qRUydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlllbWlLaWFtSmxKUVdxQm5NU29EZXBGVEowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni82MWQyYjMtNzlkYi00ODk5LThiODAt
MmY3MjU5NTYxNDhmLzEvUlllbWlLaWFtSmxKUVdxQm5NU29EZXBGVEowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni82MWQyYjMtNzlkYi00ODk5LThiODAtMmY3MjU5NTYxNDhm
LzEvUlllbWlLaWFtSmxKUVdxQm5NU29EZXBGVEowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJdNKfEyh
kBGR1UGkyx1/fFT0f8/lB0EybZvrqF2NoxjwMsZhC79NvKI2Fcw6kznaS66mzgAV
GsD6zMV2FYJ/amfCOSTuzXBPlqUD6eKnHKUjc0/KoFxLL6GYCo55GzVz6SAxHcS4
fHiI3BT9EziptBddnNVXEIdj34H0B9te3m+iE8pSPLN3ovSzapZXmHavDpgDNm0s
ehsJIB6QcBiT3SDiIf2raXli8DX8FcGPBO9bOGeWRj/a/pfaKYWJdnnb/cPUOjtW
Fs5aKhb5QNQY1rH+fOPaEAsNDTEBtFapPkIw1/l4gjHxmt4eUPda5OBQMJGFbC7l
kcmdgpIL6TBOdQ==
-----END CERTIFICATE-----