Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/9adbe4-3363-4523-9278-2f8121a28bf0/1/Yo_i0jQ88o4ie1T4BLLOAy09GJU.mft
File:                     Yo_i0jQ88o4ie1T4BLLOAy09GJU.mft (raw, json)
Hash identifier:          +AEudz95zXeZsKXjDfv02TiWeELoyMLDeY7LkPsFMZE=
Subject key identifier:   9E:0A:96:18:EE:EA:7E:E4:1D:8F:C2:A2:B4:6B:58:83:58:74:6C:9B
Authority key identifier: 62:8F:E2:D2:34:3C:F2:8E:22:7B:54:F8:04:B2:CE:03:2D:3D:18:95
Certificate issuer:       /CN=628fe2d2343cf28e227b54f804b2ce032d3d1895
Certificate serial:       019D3789C1825AD47E0B8D0533E3CD578105
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yo_i0jQ88o4ie1T4BLLOAy09GJU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/9adbe4-3363-4523-9278-2f8121a28bf0/1/Yo_i0jQ88o4ie1T4BLLOAy09GJU.mft
Manifest number:          02E5
Signing time:             Sun 29 Mar 2026 03:01:07 +0000
Manifest this update:     Sun 29 Mar 2026 03:01:07 +0000
Manifest next update:     Mon 30 Mar 2026 03:01:07 +0000
Files and hashes:         1: Yo_i0jQ88o4ie1T4BLLOAy09GJU.crl (hash: AdPQyOha5xuf07OLQ+ZPFIbm2LOFrdLErJPpD98QSsg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/9adbe4-3363-4523-9278-2f8121a28bf0/1/Yo_i0jQ88o4ie1T4BLLOAy09GJU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/9adbe4-3363-4523-9278-2f8121a28bf0/1/Yo_i0jQ88o4ie1T4BLLOAy09GJU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Yo_i0jQ88o4ie1T4BLLOAy09GJU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:c1:82:5a:d4:7e:0b:8d:05:33:e3:cd:57:81:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=628fe2d2343cf28e227b54f804b2ce032d3d1895
        Validity
            Not Before: Mar 29 03:01:07 2026 GMT
            Not After : Mar 30 03:01:07 2026 GMT
        Subject: CN=9e0a9618eeea7ee41d8fc2a2b46b588358746c9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:11:50:dc:e2:12:fc:67:11:a3:87:ed:ea:02:
                    56:d6:fe:41:95:62:68:7f:f0:80:ef:e2:08:60:2f:
                    20:b0:70:38:69:06:e2:da:ef:eb:4f:79:fb:53:f9:
                    4b:d7:68:13:94:15:1d:9a:05:0d:87:e4:c1:bb:e5:
                    67:45:6a:2c:23:ce:e2:b2:be:34:24:75:6c:e5:02:
                    eb:e2:1f:61:0e:89:d2:e8:3e:8f:ec:35:d6:78:08:
                    b7:78:95:80:b3:21:6d:c8:44:e6:4e:93:a8:95:fe:
                    09:ef:66:fe:4b:a6:b9:6b:48:df:80:4b:48:04:f4:
                    26:77:14:2a:76:aa:b2:84:eb:ca:07:51:eb:84:56:
                    87:76:6c:0f:c8:97:58:ae:36:43:2d:28:ff:e4:99:
                    86:3a:f1:fd:e0:23:e5:f6:b5:e1:77:70:fc:4c:82:
                    d3:41:09:f7:3f:e6:9e:95:d6:22:b6:89:fd:46:df:
                    33:1e:26:45:8c:3a:4d:e9:21:7e:59:42:fe:73:27:
                    79:82:54:6c:17:15:96:e7:d4:4d:48:d1:7d:78:b9:
                    a2:29:8d:05:31:1b:f2:15:59:f7:ce:67:3b:f5:8d:
                    10:6a:3b:98:f4:16:59:49:22:26:ee:f0:cd:17:aa:
                    8a:3b:8c:4d:6f:dc:f9:c9:0e:3e:66:95:b2:a3:f4:
                    fa:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:0A:96:18:EE:EA:7E:E4:1D:8F:C2:A2:B4:6B:58:83:58:74:6C:9B
            X509v3 Authority Key Identifier:
                keyid:62:8F:E2:D2:34:3C:F2:8E:22:7B:54:F8:04:B2:CE:03:2D:3D:18:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yo_i0jQ88o4ie1T4BLLOAy09GJU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/9adbe4-3363-4523-9278-2f8121a28bf0/1/Yo_i0jQ88o4ie1T4BLLOAy09GJU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/9adbe4-3363-4523-9278-2f8121a28bf0/1/Yo_i0jQ88o4ie1T4BLLOAy09GJU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:58:2f:77:fe:b6:e8:31:72:cc:fb:02:73:d4:af:57:ea:04:
         26:f3:1b:8e:49:2f:3d:eb:11:68:58:ea:13:b4:65:9b:02:4e:
         c0:c3:06:bf:2f:bd:af:a7:4d:d6:d8:f5:2f:8d:48:b7:2b:cc:
         43:1c:97:ec:c6:0d:48:1e:cf:9e:ba:38:88:66:84:d5:d1:65:
         18:a2:bc:98:bf:77:63:ea:70:a2:61:67:a3:5a:f3:69:bf:15:
         ca:b5:0d:c4:db:88:99:2d:dd:72:ac:78:75:14:32:45:64:bc:
         d0:90:e0:37:04:0e:df:11:64:be:be:09:aa:b2:c5:ba:5b:cd:
         d3:d2:51:56:7d:d8:24:23:72:df:fb:2d:eb:f4:5e:8c:d2:38:
         b4:1c:22:29:e5:ab:84:74:2e:8f:07:8b:64:39:a9:8d:21:b9:
         22:be:70:1e:1b:51:e4:7c:60:d4:8b:31:23:03:5a:32:95:3e:
         65:64:b8:38:34:e7:d0:81:74:5c:ab:67:fc:62:fe:3d:de:32:
         1c:ea:39:85:f7:b3:08:1c:3d:c8:f7:48:cf:ea:e7:1e:4f:b6:
         e0:19:ef:22:59:70:26:16:5c:24:2d:b9:50:72:6e:cd:d2:64:
         1f:da:fc:72:8b:8d:cd:4d:d9:1b:d4:af:49:00:2a:db:87:f3:
         f9:f1:9e:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03icGCWtR+C40FM+PNV4EFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyOGZlMmQyMzQzY2YyOGUyMjdiNTRmODA0YjJjZTAzMmQz
ZDE4OTUwHhcNMjYwMzI5MDMwMTA3WhcNMjYwMzMwMDMwMTA3WjAzMTEwLwYDVQQD
Eyg5ZTBhOTYxOGVlZWE3ZWU0MWQ4ZmMyYTJiNDZiNTg4MzU4NzQ2YzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3hFQ3OIS/GcRo4ft6gJW1v5BlWJo
f/CA7+IIYC8gsHA4aQbi2u/rT3n7U/lL12gTlBUdmgUNh+TBu+VnRWosI87isr40
JHVs5QLr4h9hDonS6D6P7DXWeAi3eJWAsyFtyETmTpOolf4J72b+S6a5a0jfgEtI
BPQmdxQqdqqyhOvKB1HrhFaHdmwPyJdYrjZDLSj/5JmGOvH94CPl9rXhd3D8TILT
QQn3P+aeldYiton9Rt8zHiZFjDpN6SF+WUL+cyd5glRsFxWW59RNSNF9eLmiKY0F
MRvyFVn3zmc79Y0QajuY9BZZSSIm7vDNF6qKO4xNb9z5yQ4+ZpWyo/T6YwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ4Klhju6n7kHY/CorRrWINYdGybMB8GA1UdIwQY
MBaAFGKP4tI0PPKOIntU+ASyzgMtPRiVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW9faTBqUTg4bzRpZTFUNEJMTE9BeTA5R0pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS85YWRiZTQtMzM2My00NTIzLTkyNzgt
MmY4MTIxYTI4YmYwLzEvWW9faTBqUTg4bzRpZTFUNEJMTE9BeTA5R0pVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS85YWRiZTQtMzM2My00NTIzLTkyNzgtMmY4MTIxYTI4YmYw
LzEvWW9faTBqUTg4bzRpZTFUNEJMTE9BeTA5R0pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFlgvd/62
6DFyzPsCc9SvV+oEJvMbjkkvPesRaFjqE7RlmwJOwMMGvy+9r6dN1tj1L41ItyvM
QxyX7MYNSB7Pnro4iGaE1dFlGKK8mL93Y+pwomFno1rzab8VyrUNxNuImS3dcqx4
dRQyRWS80JDgNwQO3xFkvr4JqrLFulvN09JRVn3YJCNy3/st6/RejNI4tBwiKeWr
hHQujweLZDmpjSG5Ir5wHhtR5Hxg1IsxIwNaMpU+ZWS4ODTn0IF0XKtn/GL+Pd4y
HOo5hfezCBw9yPdIz+rnHk+24BnvIllwJhZcJC25UHJuzdJkH9r8couNzU3ZG9Sv
SQAq24fz+fGe2g==
-----END CERTIFICATE-----