Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/ac49eb-c47a-4c5d-81bf-6d04310e342b/1/yO1EP4XQ7sZjZM11NvGIiKwfmeM.mft
File:                     yO1EP4XQ7sZjZM11NvGIiKwfmeM.mft (raw, json)
Hash identifier:          +B3gkrD+3J9AnwD1oLvPSl1Wyq0Y+BVYbTNlkBWMsXY=
Subject key identifier:   79:B9:74:6B:C9:24:D6:BB:0C:6C:6F:52:4F:8A:86:E9:A4:97:7C:3D
Authority key identifier: C8:ED:44:3F:85:D0:EE:C6:63:64:CD:75:36:F1:88:88:AC:1F:99:E3
Certificate issuer:       /CN=c8ed443f85d0eec66364cd7536f18888ac1f99e3
Certificate serial:       019D3A541835386CCA7685EF6C60FA85D2AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yO1EP4XQ7sZjZM11NvGIiKwfmeM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/ac49eb-c47a-4c5d-81bf-6d04310e342b/1/yO1EP4XQ7sZjZM11NvGIiKwfmeM.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 16:01:22 +0000
Manifest this update:     Sun 29 Mar 2026 16:01:22 +0000
Manifest next update:     Mon 30 Mar 2026 16:01:22 +0000
Files and hashes:         1: yO1EP4XQ7sZjZM11NvGIiKwfmeM.crl (hash: GEmcuWIHvjps00CT/YUCKxsoA+3shzeCXQcFPAm4rw4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/ac49eb-c47a-4c5d-81bf-6d04310e342b/1/yO1EP4XQ7sZjZM11NvGIiKwfmeM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/ac49eb-c47a-4c5d-81bf-6d04310e342b/1/yO1EP4XQ7sZjZM11NvGIiKwfmeM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yO1EP4XQ7sZjZM11NvGIiKwfmeM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:54:18:35:38:6c:ca:76:85:ef:6c:60:fa:85:d2:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8ed443f85d0eec66364cd7536f18888ac1f99e3
        Validity
            Not Before: Mar 29 16:01:22 2026 GMT
            Not After : Mar 30 16:01:22 2026 GMT
        Subject: CN=79b9746bc924d6bb0c6c6f524f8a86e9a4977c3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:3e:6d:51:ef:f6:73:ca:07:61:40:55:ae:35:
                    cb:7e:4f:f4:83:0c:5e:05:36:5e:ed:b1:17:fd:79:
                    9b:34:64:a7:d7:34:ef:5e:e3:fe:b3:1d:15:92:50:
                    37:a7:15:35:54:de:b6:26:15:0c:57:c2:2b:b6:fa:
                    ae:ec:19:3a:22:ec:2b:90:75:4d:5d:f8:90:4a:1b:
                    06:3d:5e:1e:81:81:f4:e8:7f:95:07:83:a9:29:7f:
                    c9:db:ee:8b:46:31:08:f2:c9:74:d5:9b:d8:6b:f5:
                    a2:64:9c:37:03:ab:07:53:d5:25:84:0a:6e:4d:b5:
                    98:f7:0c:38:62:2a:01:40:86:9e:6a:d8:e2:8b:e0:
                    91:3c:7b:33:f7:62:3a:68:2a:63:52:83:df:3c:52:
                    ed:6d:4b:52:17:07:6d:63:ed:61:69:ec:c0:2f:44:
                    4f:f7:b4:6b:da:3f:46:c6:a5:44:a4:6f:71:34:b4:
                    77:ed:8a:68:ee:bc:58:85:94:a6:92:46:34:b1:13:
                    81:9f:26:a3:c5:c6:37:5c:6c:99:7b:19:cb:8b:fe:
                    db:19:ec:39:90:0d:33:11:16:25:9f:ce:5f:87:88:
                    84:ed:22:e5:39:e6:eb:49:19:5d:9a:eb:26:6a:53:
                    17:cd:be:d3:82:4b:6b:f5:86:99:d6:d3:57:59:53:
                    72:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:B9:74:6B:C9:24:D6:BB:0C:6C:6F:52:4F:8A:86:E9:A4:97:7C:3D
            X509v3 Authority Key Identifier:
                keyid:C8:ED:44:3F:85:D0:EE:C6:63:64:CD:75:36:F1:88:88:AC:1F:99:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yO1EP4XQ7sZjZM11NvGIiKwfmeM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/ac49eb-c47a-4c5d-81bf-6d04310e342b/1/yO1EP4XQ7sZjZM11NvGIiKwfmeM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/ac49eb-c47a-4c5d-81bf-6d04310e342b/1/yO1EP4XQ7sZjZM11NvGIiKwfmeM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:c7:73:cf:74:a2:a7:1f:5a:66:68:74:e3:5f:44:80:87:fa:
         b4:e7:b4:6b:5d:3f:3a:c0:62:df:1a:a7:29:31:01:d2:9d:dd:
         be:1f:84:27:ee:b6:20:c5:92:c1:f9:41:28:e7:22:ea:f0:3e:
         46:e5:4d:fb:19:32:36:37:09:8a:64:71:6e:8d:5c:28:9c:f8:
         a0:88:80:2c:b2:f8:6c:9d:ac:64:f5:04:ed:b9:bb:dd:80:17:
         f7:f4:50:96:49:e0:84:56:c1:17:9d:ef:c5:5e:97:f1:5a:df:
         62:b3:0f:47:4e:35:98:9a:06:c8:8a:7c:99:b1:ef:07:24:50:
         be:57:9c:ee:83:00:6f:fe:2e:50:10:c0:08:23:95:dd:d6:89:
         91:5c:a5:86:35:27:80:7e:9d:14:66:7c:38:fb:e7:5f:81:ef:
         5e:35:97:b6:ca:d4:68:04:89:ef:4c:fe:f7:78:19:23:9e:05:
         6a:80:b7:51:60:03:c8:39:52:93:08:7c:8d:7f:c5:c8:f2:51:
         c8:b5:3d:63:50:85:82:22:2b:b4:46:6f:c7:43:be:8b:0c:58:
         8b:1f:51:34:16:7a:7b:3a:63:b2:84:df:f6:9b:a0:14:65:42:
         75:43:8a:99:ad:bc:4c:a7:42:f8:a7:77:23:dd:f8:50:6a:5e:
         05:21:f1:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VBg1OGzKdoXvbGD6hdKsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZWQ0NDNmODVkMGVlYzY2MzY0Y2Q3NTM2ZjE4ODg4YWMx
Zjk5ZTMwHhcNMjYwMzI5MTYwMTIyWhcNMjYwMzMwMTYwMTIyWjAzMTEwLwYDVQQD
Eyg3OWI5NzQ2YmM5MjRkNmJiMGM2YzZmNTI0ZjhhODZlOWE0OTc3YzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlT5tUe/2c8oHYUBVrjXLfk/0gwxe
BTZe7bEX/XmbNGSn1zTvXuP+sx0VklA3pxU1VN62JhUMV8Irtvqu7Bk6IuwrkHVN
XfiQShsGPV4egYH06H+VB4OpKX/J2+6LRjEI8sl01ZvYa/WiZJw3A6sHU9UlhApu
TbWY9ww4YioBQIaeatjii+CRPHsz92I6aCpjUoPfPFLtbUtSFwdtY+1haezAL0RP
97Rr2j9GxqVEpG9xNLR37Ypo7rxYhZSmkkY0sROBnyajxcY3XGyZexnLi/7bGew5
kA0zERYln85fh4iE7SLlOebrSRldmusmalMXzb7Tgktr9YaZ1tNXWVNyCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHm5dGvJJNa7DGxvUk+Khumkl3w9MB8GA1UdIwQY
MBaAFMjtRD+F0O7GY2TNdTbxiIisH5njMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU8xRVA0WFE3c1pqWk0xMU52R0lpS3dmbWVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9hYzQ5ZWItYzQ3YS00YzVkLTgxYmYt
NmQwNDMxMGUzNDJiLzEveU8xRVA0WFE3c1pqWk0xMU52R0lpS3dmbWVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9hYzQ5ZWItYzQ3YS00YzVkLTgxYmYtNmQwNDMxMGUzNDJi
LzEveU8xRVA0WFE3c1pqWk0xMU52R0lpS3dmbWVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhMdzz3Si
px9aZmh0419EgIf6tOe0a10/OsBi3xqnKTEB0p3dvh+EJ+62IMWSwflBKOci6vA+
RuVN+xkyNjcJimRxbo1cKJz4oIiALLL4bJ2sZPUE7bm73YAX9/RQlknghFbBF53v
xV6X8VrfYrMPR041mJoGyIp8mbHvByRQvlec7oMAb/4uUBDACCOV3daJkVylhjUn
gH6dFGZ8OPvnX4HvXjWXtsrUaASJ70z+93gZI54FaoC3UWADyDlSkwh8jX/FyPJR
yLU9Y1CFgiIrtEZvx0O+iwxYix9RNBZ6ezpjsoTf9pugFGVCdUOKma28TKdC+Kd3
I934UGpeBSHx8w==
-----END CERTIFICATE-----