Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
File:                     YDRE4ZlioZHv0vIWoSji9M_io94.mft (raw, json)
Hash identifier:          xQVEjb+JXLQXu7CT7SRTPtXbe5i9cXleOipsw2GZn3s=
Subject key identifier:   F1:0E:B9:5C:57:3C:F5:2D:A6:68:07:93:30:30:13:0C:C3:A4:64:4A
Authority key identifier: 60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE
Certificate issuer:       /CN=603444e19962a191efd2f216a128e2f4cfe2a3de
Certificate serial:       019D386682E1EC2736B3838D7EB08A464790
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
Manifest number:          08A9
Signing time:             Sun 29 Mar 2026 07:02:15 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:15 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:15 +0000
Files and hashes:         1: YDRE4ZlioZHv0vIWoSji9M_io94.crl (hash: ecAHkON+CAMYRn5j8q2klSYC9saatZT7DaBot8PweEQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:82:e1:ec:27:36:b3:83:8d:7e:b0:8a:46:47:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=603444e19962a191efd2f216a128e2f4cfe2a3de
        Validity
            Not Before: Mar 29 07:02:15 2026 GMT
            Not After : Mar 30 07:02:15 2026 GMT
        Subject: CN=f10eb95c573cf52da66807933030130cc3a4644a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:2c:20:92:fe:f7:0b:36:d2:57:d7:0a:5b:c3:
                    74:6c:a9:a7:18:f3:9e:9b:e3:c1:e5:5b:74:bd:52:
                    84:92:15:94:60:78:3e:6b:d0:97:fc:c7:55:ce:87:
                    33:8b:43:57:e2:f8:e8:cc:a0:5b:ab:b9:23:a9:a4:
                    12:97:3d:a5:92:61:51:44:9d:c3:0b:c3:31:d8:60:
                    2d:c2:33:d6:5a:69:47:1e:34:aa:b2:d9:94:cb:f0:
                    0a:c6:f1:f3:de:5f:7d:de:5f:9b:2a:14:1a:36:b1:
                    d2:5b:27:f3:f2:9f:69:73:fc:c4:75:bc:48:1e:f7:
                    47:3d:71:c0:4c:40:d3:00:8b:06:07:4a:16:2c:50:
                    80:87:90:72:c5:c6:3f:e3:cd:06:91:fa:d3:63:35:
                    d2:8d:0f:e2:f7:7f:4d:32:f8:d7:8d:a4:e2:b0:ce:
                    e5:c0:c0:8f:24:bc:b2:dd:bc:0d:9d:60:93:dc:65:
                    a3:2a:f3:e4:4a:11:a4:cc:51:5c:a4:10:88:e3:fc:
                    6e:97:6f:0f:bf:10:85:5e:09:b9:f8:ff:a6:25:89:
                    cd:94:09:4f:68:33:04:f2:d1:8b:78:ab:93:63:28:
                    bc:4e:9e:28:42:a3:0c:8b:08:34:b9:70:10:3b:27:
                    a2:80:10:9f:6e:9e:df:bf:a5:c9:96:72:d8:42:85:
                    fb:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:0E:B9:5C:57:3C:F5:2D:A6:68:07:93:30:30:13:0C:C3:A4:64:4A
            X509v3 Authority Key Identifier:
                keyid:60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:bf:bc:da:7f:af:7b:16:a8:a2:57:fe:00:e8:81:54:29:49:
         13:b8:2a:7d:b9:39:c8:71:ff:7e:83:5c:60:b2:42:37:f9:0c:
         16:18:32:f9:03:26:7a:98:c5:9c:36:c6:08:04:1e:63:4c:f2:
         b8:41:69:6d:27:42:72:0b:bd:42:92:11:35:0a:7f:2a:f6:3e:
         47:35:fd:5b:ad:07:72:a9:da:a9:24:f9:39:cc:53:db:49:6b:
         f6:f1:30:bb:36:a9:23:c0:e9:cd:b7:08:4a:ad:ef:04:d9:43:
         53:a8:6c:b5:29:54:1d:c9:ef:9a:ae:d7:79:cb:8a:ca:a4:fd:
         da:1e:91:c4:d9:f2:2c:70:83:b1:2f:2d:99:a6:f5:03:39:c3:
         2a:2a:a6:5b:ad:3f:85:89:bb:11:31:ec:d9:43:1c:26:b9:f5:
         b3:d8:a1:27:66:61:c5:fc:a4:6e:91:f1:79:0e:2e:fc:b7:e1:
         7d:a7:51:4e:92:82:fe:72:8b:46:05:4b:c2:9a:66:f7:8b:88:
         e5:b2:ec:ae:86:91:b5:70:a3:f6:03:98:ce:f3:5d:2e:e4:b6:
         f3:23:15:13:1c:a9:7d:a8:3b:3a:06:10:dc:8d:0a:3f:25:ca:
         ea:46:82:da:ce:ef:05:5a:c5:9a:b4:b2:88:a8:10:d2:cd:7a:
         0b:21:85:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZoLh7Cc2s4ONfrCKRkeQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzQ0NGUxOTk2MmExOTFlZmQyZjIxNmExMjhlMmY0Y2Zl
MmEzZGUwHhcNMjYwMzI5MDcwMjE1WhcNMjYwMzMwMDcwMjE1WjAzMTEwLwYDVQQD
EyhmMTBlYjk1YzU3M2NmNTJkYTY2ODA3OTMzMDMwMTMwY2MzYTQ2NDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCwgkv73CzbSV9cKW8N0bKmnGPOe
m+PB5Vt0vVKEkhWUYHg+a9CX/MdVzoczi0NX4vjozKBbq7kjqaQSlz2lkmFRRJ3D
C8Mx2GAtwjPWWmlHHjSqstmUy/AKxvHz3l993l+bKhQaNrHSWyfz8p9pc/zEdbxI
HvdHPXHATEDTAIsGB0oWLFCAh5ByxcY/480GkfrTYzXSjQ/i939NMvjXjaTisM7l
wMCPJLyy3bwNnWCT3GWjKvPkShGkzFFcpBCI4/xul28PvxCFXgm5+P+mJYnNlAlP
aDME8tGLeKuTYyi8Tp4oQqMMiwg0uXAQOyeigBCfbp7fv6XJlnLYQoX7rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPEOuVxXPPUtpmgHkzAwEwzDpGRKMB8GA1UdIwQY
MBaAFGA0ROGZYqGR79LyFqEo4vTP4qPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzct
ODQ0N2UyOWMxNTI0LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzctODQ0N2UyOWMxNTI0
LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJr+82n+v
exaoolf+AOiBVClJE7gqfbk5yHH/foNcYLJCN/kMFhgy+QMmepjFnDbGCAQeY0zy
uEFpbSdCcgu9QpIRNQp/KvY+RzX9W60HcqnaqST5OcxT20lr9vEwuzapI8DpzbcI
Sq3vBNlDU6hstSlUHcnvmq7XecuKyqT92h6RxNnyLHCDsS8tmab1AznDKiqmW60/
hYm7ETHs2UMcJrn1s9ihJ2ZhxfykbpHxeQ4u/LfhfadRTpKC/nKLRgVLwppm94uI
5bLsroaRtXCj9gOYzvNdLuS28yMVExypfag7OgYQ3I0KPyXK6kaC2s7vBVrFmrSy
iKgQ0s16CyGFzQ==
-----END CERTIFICATE-----