Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft
File:                     YQy4N7bSF3jkw9u5aWefDxxQtIo.mft (raw, json)
Hash identifier:          /qL3WuzRvXZlJb4LRZ7WhRGqt1G95oLJ8leQ+8lWFhM=
Subject key identifier:   0B:2E:16:0F:C7:0F:A9:CF:4F:87:FA:DE:8C:F3:EE:71:B2:65:33:B9
Authority key identifier: 61:0C:B8:37:B6:D2:17:78:E4:C3:DB:B9:69:67:9F:0F:1C:50:B4:8A
Certificate issuer:       /CN=610cb837b6d21778e4c3dbb969679f0f1c50b48a
Certificate serial:       019D382E79114D2F42CF0D1C1B7A9D2F825B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YQy4N7bSF3jkw9u5aWefDxxQtIo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft
Manifest number:          10A7
Signing time:             Sun 29 Mar 2026 06:01:02 +0000
Manifest this update:     Sun 29 Mar 2026 06:01:02 +0000
Manifest next update:     Mon 30 Mar 2026 06:01:02 +0000
Files and hashes:         1: YQy4N7bSF3jkw9u5aWefDxxQtIo.crl (hash: xBNrntuF+SV+hnYuBxE57JnadX+lPsyOqxrN4AyUI/k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YQy4N7bSF3jkw9u5aWefDxxQtIo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 06:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:2e:79:11:4d:2f:42:cf:0d:1c:1b:7a:9d:2f:82:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=610cb837b6d21778e4c3dbb969679f0f1c50b48a
        Validity
            Not Before: Mar 29 06:01:02 2026 GMT
            Not After : Mar 30 06:01:02 2026 GMT
        Subject: CN=0b2e160fc70fa9cf4f87fade8cf3ee71b26533b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:14:7d:b6:03:7f:6b:6b:11:b2:27:5d:04:05:
                    53:39:f7:a8:7f:9a:8f:ad:20:3f:57:5d:0b:ae:00:
                    a7:38:5d:fe:c7:81:ab:ca:c0:b5:67:b7:e6:da:e2:
                    da:84:8c:5f:c0:e4:3b:28:43:70:bd:f5:6f:43:31:
                    c3:73:5c:78:c3:a0:8e:0f:81:2d:00:ce:d5:4b:db:
                    0c:6d:7d:0a:9b:02:85:68:35:fa:27:07:4c:6f:c4:
                    49:3e:08:e6:5e:4e:5e:d3:47:15:77:01:42:0b:ef:
                    6c:5e:2c:a4:46:82:c8:44:2e:af:c2:51:aa:34:0d:
                    6b:cf:05:d2:75:0e:53:3b:bf:e4:99:e0:87:94:44:
                    c7:7e:22:45:f2:f2:bd:5e:19:3f:5e:8a:db:48:01:
                    02:48:2e:f4:ba:e8:22:19:3a:5f:dd:63:63:1d:93:
                    bd:12:1f:2e:45:24:a0:93:e9:57:2e:61:bb:f1:e9:
                    4b:fe:49:97:65:ad:91:1e:77:db:be:b4:07:08:68:
                    52:67:ff:7d:e6:e5:4d:0f:61:4d:75:df:83:af:96:
                    fb:c9:dd:47:ae:0b:5c:a0:aa:33:49:32:27:da:78:
                    f2:6d:ff:ae:24:bb:03:71:73:44:aa:6a:21:93:93:
                    98:c0:c8:b9:d6:cd:33:71:d5:3f:52:e8:f0:60:91:
                    69:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:2E:16:0F:C7:0F:A9:CF:4F:87:FA:DE:8C:F3:EE:71:B2:65:33:B9
            X509v3 Authority Key Identifier:
                keyid:61:0C:B8:37:B6:D2:17:78:E4:C3:DB:B9:69:67:9F:0F:1C:50:B4:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YQy4N7bSF3jkw9u5aWefDxxQtIo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:82:8e:b0:ee:fa:0a:c4:3f:4d:82:e2:a2:2f:a0:5c:15:a8:
         6c:f1:70:45:82:24:db:51:35:bf:b0:af:95:20:8e:ea:6e:47:
         16:e3:97:31:e5:f1:ac:4c:b0:21:93:6b:5e:12:c9:1b:fa:62:
         04:2a:ef:dc:5f:03:a8:9c:e5:ed:e8:e5:bc:4f:23:14:0d:d3:
         a4:e9:f0:e2:12:96:ea:da:f2:5b:d7:76:e0:1f:9d:50:5b:7d:
         c2:99:30:e8:57:a4:3f:c9:ac:ba:28:bd:4e:ef:97:32:2e:e5:
         9a:b7:03:50:91:b4:73:05:10:69:20:b7:df:ae:62:2e:55:73:
         2e:92:bb:95:c1:fd:04:3e:e1:61:8c:82:2a:d1:b6:0f:a6:18:
         56:68:07:fe:f0:34:6b:50:b5:a3:52:e8:a9:9b:ec:a5:3c:81:
         bd:e4:55:f9:65:0e:1e:c9:5d:45:17:f9:66:5e:59:b2:df:03:
         92:5a:63:9d:b6:a6:46:a5:3a:ce:10:ea:3f:3d:3a:38:d1:d7:
         5d:2e:30:fc:de:da:a0:50:55:20:c6:f7:e5:0e:24:07:89:48:
         e5:ac:a8:d4:9b:d7:f9:a3:3f:80:24:2f:ea:91:49:d8:b7:52:
         df:f7:9d:91:da:bc:c7:56:99:ea:4a:77:f1:08:d9:06:3c:48:
         d8:81:dd:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LnkRTS9Czw0cG3qdL4JbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMGNiODM3YjZkMjE3NzhlNGMzZGJiOTY5Njc5ZjBmMWM1
MGI0OGEwHhcNMjYwMzI5MDYwMTAyWhcNMjYwMzMwMDYwMTAyWjAzMTEwLwYDVQQD
EygwYjJlMTYwZmM3MGZhOWNmNGY4N2ZhZGU4Y2YzZWU3MWIyNjUzM2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBR9tgN/a2sRsiddBAVTOfeof5qP
rSA/V10LrgCnOF3+x4GrysC1Z7fm2uLahIxfwOQ7KENwvfVvQzHDc1x4w6COD4Et
AM7VS9sMbX0KmwKFaDX6JwdMb8RJPgjmXk5e00cVdwFCC+9sXiykRoLIRC6vwlGq
NA1rzwXSdQ5TO7/kmeCHlETHfiJF8vK9Xhk/XorbSAECSC70uugiGTpf3WNjHZO9
Eh8uRSSgk+lXLmG78elL/kmXZa2RHnfbvrQHCGhSZ/995uVND2FNdd+Dr5b7yd1H
rgtcoKozSTIn2njybf+uJLsDcXNEqmohk5OYwMi51s0zcdU/UujwYJFpMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAsuFg/HD6nPT4f63ozz7nGyZTO5MB8GA1UdIwQY
MBaAFGEMuDe20hd45MPbuWlnnw8cULSKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVF5NE43YlNGM2prdzl1NWFXZWZEeHhRdElvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy85OGU4MjUtYjU4Yy00NTZlLWFmMjgt
N2IzNWEwNmFiNTRiLzEvWVF5NE43YlNGM2prdzl1NWFXZWZEeHhRdElvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy85OGU4MjUtYjU4Yy00NTZlLWFmMjgtN2IzNWEwNmFiNTRi
LzEvWVF5NE43YlNGM2prdzl1NWFXZWZEeHhRdElvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABYKOsO76
CsQ/TYLioi+gXBWobPFwRYIk21E1v7CvlSCO6m5HFuOXMeXxrEywIZNrXhLJG/pi
BCrv3F8DqJzl7ejlvE8jFA3TpOnw4hKW6tryW9d24B+dUFt9wpkw6FekP8msuii9
Tu+XMi7lmrcDUJG0cwUQaSC3365iLlVzLpK7lcH9BD7hYYyCKtG2D6YYVmgH/vA0
a1C1o1LoqZvspTyBveRV+WUOHsldRRf5Zl5Zst8DklpjnbamRqU6zhDqPz06ONHX
XS4w/N7aoFBVIMb35Q4kB4lI5ayo1JvX+aM/gCQv6pFJ2LdS3/edkdq8x1aZ6kp3
8QjZBjxI2IHdLw==
-----END CERTIFICATE-----