Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
File:                     yj7NoA-sC_tjsoVD6itdXx5N9ss.mft (raw, json)
Hash identifier:          TkGfOEp+4ljM/4c2qUDZQpymQJV66juupJDd5WEogxI=
Subject key identifier:   CD:2D:A7:0E:A5:11:19:DD:87:36:2E:B9:5E:D2:67:77:68:39:04:59
Authority key identifier: CA:3E:CD:A0:0F:AC:0B:FB:63:B2:85:43:EA:2B:5D:5F:1E:4D:F6:CB
Certificate issuer:       /CN=ca3ecda00fac0bfb63b28543ea2b5d5f1e4df6cb
Certificate serial:       019D3789AD9577316A221F76CFA6A4173E9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
Manifest number:          048B
Signing time:             Sun 29 Mar 2026 03:01:02 +0000
Manifest this update:     Sun 29 Mar 2026 03:01:02 +0000
Manifest next update:     Mon 30 Mar 2026 03:01:02 +0000
Files and hashes:         1: yj7NoA-sC_tjsoVD6itdXx5N9ss.crl (hash: vRwlTbApye//2xYC9NpUq99m6bOt9p9jOKAghtgQ1n4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:ad:95:77:31:6a:22:1f:76:cf:a6:a4:17:3e:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca3ecda00fac0bfb63b28543ea2b5d5f1e4df6cb
        Validity
            Not Before: Mar 29 03:01:02 2026 GMT
            Not After : Mar 30 03:01:02 2026 GMT
        Subject: CN=cd2da70ea51119dd87362eb95ed2677768390459
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:5c:b6:98:d6:07:eb:e5:bc:f6:59:45:72:42:
                    e8:2f:c5:d6:57:bd:95:33:9f:50:e3:ef:df:9b:ad:
                    86:a0:2e:cb:b8:b5:94:f9:f0:3c:ae:40:fa:97:5a:
                    51:bc:4c:83:53:0a:dc:1b:f2:e8:46:85:fc:a2:fd:
                    93:cb:1e:64:39:27:e7:79:29:2d:8d:d7:da:0d:7f:
                    d6:02:fd:1a:fb:00:78:bc:9a:ae:27:f1:58:27:c1:
                    4c:84:7f:ae:ac:c5:1d:0a:75:c4:4a:8a:dd:41:78:
                    bf:44:49:25:a0:fd:8a:a0:20:e2:f6:0c:4a:3f:72:
                    0e:20:cb:32:e0:5b:24:bc:d3:e6:c2:b5:21:6a:44:
                    5a:ad:be:d9:4c:87:a6:50:6a:b3:c6:15:ad:78:6f:
                    a7:fb:55:8b:33:4b:3c:ad:1c:14:0d:7c:da:ab:8b:
                    ab:1d:30:5e:17:20:10:ac:9f:a4:d5:e7:de:c7:52:
                    3d:2f:c9:f7:8e:8c:96:63:31:82:ad:7d:41:29:85:
                    19:d5:2f:1e:90:3a:a7:65:db:90:06:91:e8:1c:cb:
                    34:27:f8:64:67:b3:84:a2:13:39:03:ea:9b:5b:33:
                    75:72:73:8e:e5:98:ea:97:d4:6b:2f:b5:64:35:94:
                    e5:86:20:0c:f4:69:ed:2f:4f:3d:37:b9:63:ad:79:
                    44:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:2D:A7:0E:A5:11:19:DD:87:36:2E:B9:5E:D2:67:77:68:39:04:59
            X509v3 Authority Key Identifier:
                keyid:CA:3E:CD:A0:0F:AC:0B:FB:63:B2:85:43:EA:2B:5D:5F:1E:4D:F6:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:1d:e1:dd:84:07:9d:eb:69:ff:b9:36:a0:90:9c:81:6f:07:
         6b:fd:0c:4a:c6:d7:69:59:78:4d:2d:5f:1c:ab:9d:34:e6:9f:
         8a:0e:5f:1f:e6:77:5d:80:f5:e9:12:4b:67:a9:e9:da:03:4d:
         bf:c5:17:5e:8f:68:bf:4b:dd:92:6a:58:79:b4:49:86:4b:2e:
         02:9c:bc:f7:64:4a:4d:3e:40:1a:a8:80:78:2d:7e:4b:d9:48:
         1b:4c:62:6d:ba:3f:94:54:b3:d4:22:fa:9c:e7:9b:de:18:ce:
         58:36:f4:de:ca:3d:21:d9:37:96:c8:95:e7:80:4f:c5:fd:cf:
         08:eb:6b:ae:37:bf:d5:29:07:ed:33:e2:b3:64:ee:98:94:37:
         0b:6d:aa:d5:8f:65:3a:eb:91:2f:4a:89:6d:c9:0d:6c:03:96:
         00:86:fb:12:8c:9b:b2:0c:af:57:61:18:5e:12:46:08:c8:99:
         89:87:34:22:5a:22:5f:7c:e7:a9:e3:1c:35:be:3f:91:72:ac:
         f6:9b:81:f1:82:9b:16:5e:a3:b8:f1:21:f5:8b:83:e1:bb:5e:
         c0:49:27:43:d1:af:c4:af:75:8a:fd:14:b4:b7:cb:a4:ab:63:
         b1:26:2e:14:59:9c:f0:c7:7e:59:30:59:66:ec:42:d5:a3:b2:
         0b:94:8f:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03ia2VdzFqIh92z6akFz6fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhM2VjZGEwMGZhYzBiZmI2M2IyODU0M2VhMmI1ZDVmMWU0
ZGY2Y2IwHhcNMjYwMzI5MDMwMTAyWhcNMjYwMzMwMDMwMTAyWjAzMTEwLwYDVQQD
EyhjZDJkYTcwZWE1MTExOWRkODczNjJlYjk1ZWQyNjc3NzY4MzkwNDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11y2mNYH6+W89llFckLoL8XWV72V
M59Q4+/fm62GoC7LuLWU+fA8rkD6l1pRvEyDUwrcG/LoRoX8ov2Tyx5kOSfneSkt
jdfaDX/WAv0a+wB4vJquJ/FYJ8FMhH+urMUdCnXESordQXi/REkloP2KoCDi9gxK
P3IOIMsy4FskvNPmwrUhakRarb7ZTIemUGqzxhWteG+n+1WLM0s8rRwUDXzaq4ur
HTBeFyAQrJ+k1efex1I9L8n3joyWYzGCrX1BKYUZ1S8ekDqnZduQBpHoHMs0J/hk
Z7OEohM5A+qbWzN1cnOO5Zjql9RrL7VkNZTlhiAM9GntL089N7ljrXlEJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM0tpw6lERndhzYuuV7SZ3doOQRZMB8GA1UdIwQY
MBaAFMo+zaAPrAv7Y7KFQ+orXV8eTfbLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny84MmVlZDEtZDlkNS00MGQ4LWJhNTgt
M2Y5OTYwODY1ZDBmLzEveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny84MmVlZDEtZDlkNS00MGQ4LWJhNTgtM2Y5OTYwODY1ZDBm
LzEveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEB3h3YQH
netp/7k2oJCcgW8Ha/0MSsbXaVl4TS1fHKudNOafig5fH+Z3XYD16RJLZ6np2gNN
v8UXXo9ov0vdkmpYebRJhksuApy892RKTT5AGqiAeC1+S9lIG0xibbo/lFSz1CL6
nOeb3hjOWDb03so9Idk3lsiV54BPxf3PCOtrrje/1SkH7TPis2TumJQ3C22q1Y9l
OuuRL0qJbckNbAOWAIb7EoybsgyvV2EYXhJGCMiZiYc0IloiX3znqeMcNb4/kXKs
9puB8YKbFl6juPEh9YuD4btewEknQ9GvxK91iv0UtLfLpKtjsSYuFFmc8Md+WTBZ
ZuxC1aOyC5SPYw==
-----END CERTIFICATE-----