Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
File:                     yj7NoA-sC_tjsoVD6itdXx5N9ss.mft (raw, json)
Hash identifier:          /wweR9pwKlx9FP9/pinS1hZUH2+YO7q6719qPRtVPV4=
Subject key identifier:   E9:35:5D:94:77:FF:0C:32:8E:C8:02:21:14:FE:37:2D:E1:47:52:43
Authority key identifier: CA:3E:CD:A0:0F:AC:0B:FB:63:B2:85:43:EA:2B:5D:5F:1E:4D:F6:CB
Certificate issuer:       /CN=ca3ecda00fac0bfb63b28543ea2b5d5f1e4df6cb
Certificate serial:       019F0EBF3AD7B9D463F9D421157181F8EEE6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
Manifest number:          057F
Signing time:             Sun 28 Jun 2026 15:00:41 +0000
Manifest this update:     Sun 28 Jun 2026 15:00:41 +0000
Manifest next update:     Mon 29 Jun 2026 15:00:41 +0000
Files and hashes:         1: yj7NoA-sC_tjsoVD6itdXx5N9ss.crl (hash: nqXOfz4fZTJwRgRHZiR9d3vbjT+wz6xvkJW+sgeOqkQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 29 Jun 2026 12:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:0e:bf:3a:d7:b9:d4:63:f9:d4:21:15:71:81:f8:ee:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca3ecda00fac0bfb63b28543ea2b5d5f1e4df6cb
        Validity
            Not Before: Jun 28 15:00:41 2026 GMT
            Not After : Jun 29 15:00:41 2026 GMT
        Subject: CN=e9355d9477ff0c328ec8022114fe372de1475243
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:27:f9:18:35:e3:fd:d6:4f:2b:fa:b2:12:84:
                    76:9c:b9:0b:de:81:06:72:34:3b:6f:d4:5b:4f:dd:
                    4d:e6:c3:d5:7b:12:ac:0e:91:e6:4e:24:c5:fe:2d:
                    b3:26:ee:87:83:01:c5:3b:b3:9d:a5:d0:51:74:a5:
                    c7:59:36:dc:bb:2a:e5:f0:79:5f:67:c0:36:fc:22:
                    d6:4b:04:54:80:9d:19:d9:58:e2:28:4c:2c:92:2b:
                    1e:d3:15:df:9a:0f:24:ac:2c:6e:41:1f:7a:24:44:
                    e4:cf:6b:95:d3:83:aa:d3:37:cc:a4:2d:84:92:2f:
                    64:8d:58:75:89:78:7c:9c:c0:8d:e4:40:25:f0:38:
                    89:9d:b9:ab:2b:c1:82:dc:62:db:3b:b0:a9:4c:b3:
                    1d:b3:ab:00:e4:a8:1b:14:7c:e9:a1:88:78:ac:a9:
                    c9:b8:5d:ca:b9:a4:39:f0:41:2e:c9:d3:f9:52:c7:
                    f8:10:77:61:0a:ad:25:b1:14:5c:70:11:b9:90:66:
                    0f:28:1a:95:01:4b:07:e3:71:fc:93:89:21:7f:94:
                    f1:ee:c3:67:d2:cd:6e:34:d1:c1:99:05:f3:62:3d:
                    06:b8:cc:f9:1c:70:52:49:5a:c8:53:2a:95:3a:8b:
                    db:7c:18:7f:b0:e6:26:dc:c0:7b:fa:f3:fa:b9:49:
                    2c:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:35:5D:94:77:FF:0C:32:8E:C8:02:21:14:FE:37:2D:E1:47:52:43
            X509v3 Authority Key Identifier:
                keyid:CA:3E:CD:A0:0F:AC:0B:FB:63:B2:85:43:EA:2B:5D:5F:1E:4D:F6:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yj7NoA-sC_tjsoVD6itdXx5N9ss.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/82eed1-d9d5-40d8-ba58-3f9960865d0f/1/yj7NoA-sC_tjsoVD6itdXx5N9ss.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cb:33:f7:39:62:13:e8:b5:6d:d6:ef:26:91:28:52:8f:a0:95:
         87:44:6b:67:2e:e4:91:06:6a:99:91:97:05:59:0a:9e:fe:7b:
         b4:11:d2:8d:16:ef:46:e6:34:5c:c6:30:2f:4b:98:f1:4e:79:
         03:99:ec:0b:93:d0:80:5e:ba:47:e0:c7:55:52:17:45:a4:a4:
         6e:f9:f6:f1:02:aa:2c:1c:4a:59:6a:43:76:34:9b:95:ea:ad:
         10:b0:aa:f7:fc:95:e7:b8:bd:b5:88:86:86:3e:5b:e9:80:ca:
         dd:b2:ac:68:c9:a9:3d:20:9b:d9:27:08:13:29:93:0a:cd:9c:
         40:7e:f5:53:b8:6b:48:e8:ce:9d:11:ac:fa:a2:fb:b8:a2:5e:
         2a:39:9e:8f:ac:a0:4a:97:fa:de:85:78:1b:57:41:47:57:70:
         79:0e:57:8b:19:4c:17:b6:c0:58:b6:a2:50:29:7f:56:91:a2:
         ea:f2:36:c3:5c:fc:5d:2f:10:da:a5:65:7e:2f:20:aa:f1:42:
         dc:bc:12:0d:3b:51:27:cd:1c:9c:b0:6e:92:64:a9:8c:cb:92:
         cf:4c:9d:7c:b9:7e:d3:b0:d9:d1:ab:10:42:7e:5b:5b:f4:61:
         d5:b4:30:3c:8f:4d:0f:3c:e6:fd:89:db:4c:0c:2a:36:62:e4:
         fa:3c:ca:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8OvzrXudRj+dQhFXGB+O7mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhM2VjZGEwMGZhYzBiZmI2M2IyODU0M2VhMmI1ZDVmMWU0
ZGY2Y2IwHhcNMjYwNjI4MTUwMDQxWhcNMjYwNjI5MTUwMDQxWjAzMTEwLwYDVQQD
EyhlOTM1NWQ5NDc3ZmYwYzMyOGVjODAyMjExNGZlMzcyZGUxNDc1MjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCf5GDXj/dZPK/qyEoR2nLkL3oEG
cjQ7b9RbT91N5sPVexKsDpHmTiTF/i2zJu6HgwHFO7OdpdBRdKXHWTbcuyrl8Hlf
Z8A2/CLWSwRUgJ0Z2VjiKEwskise0xXfmg8krCxuQR96JETkz2uV04Oq0zfMpC2E
ki9kjVh1iXh8nMCN5EAl8DiJnbmrK8GC3GLbO7CpTLMds6sA5KgbFHzpoYh4rKnJ
uF3KuaQ58EEuydP5Usf4EHdhCq0lsRRccBG5kGYPKBqVAUsH43H8k4khf5Tx7sNn
0s1uNNHBmQXzYj0GuMz5HHBSSVrIUyqVOovbfBh/sOYm3MB7+vP6uUksGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOk1XZR3/wwyjsgCIRT+Ny3hR1JDMB8GA1UdIwQY
MBaAFMo+zaAPrAv7Y7KFQ+orXV8eTfbLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny84MmVlZDEtZDlkNS00MGQ4LWJhNTgt
M2Y5OTYwODY1ZDBmLzEveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny84MmVlZDEtZDlkNS00MGQ4LWJhNTgtM2Y5OTYwODY1ZDBm
LzEveWo3Tm9BLXNDX3Rqc29WRDZpdGRYeDVOOXNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyzP3OWIT
6LVt1u8mkShSj6CVh0RrZy7kkQZqmZGXBVkKnv57tBHSjRbvRuY0XMYwL0uY8U55
A5nsC5PQgF66R+DHVVIXRaSkbvn28QKqLBxKWWpDdjSbleqtELCq9/yV57i9tYiG
hj5b6YDK3bKsaMmpPSCb2ScIEymTCs2cQH71U7hrSOjOnRGs+qL7uKJeKjmej6yg
Spf63oV4G1dBR1dweQ5XixlMF7bAWLaiUCl/VpGi6vI2w1z8XS8Q2qVlfi8gqvFC
3LwSDTtRJ80cnLBukmSpjMuSz0ydfLl+07DZ0asQQn5bW/Rh1bQwPI9NDzzm/Ynb
TAwqNmLk+jzK6g==
-----END CERTIFICATE-----