Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft
File:                     YDe79svKAic6peIbuIjj4exnZ98.mft (raw, json)
Hash identifier:          aUrzPCCV8x3y/ItHFefgy3z+PmCUyR1FvMwsT/04ljc=
Subject key identifier:   E1:FA:46:B2:C0:5B:7F:DE:18:9C:EF:49:DF:EB:C1:6E:30:22:0F:05
Authority key identifier: 60:37:BB:F6:CB:CA:02:27:3A:A5:E2:1B:B8:88:E3:E1:EC:67:67:DF
Certificate issuer:       /CN=6037bbf6cbca02273aa5e21bb888e3e1ec6767df
Certificate serial:       019D382EB1DFB7000A340240A11D0C1F5354
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YDe79svKAic6peIbuIjj4exnZ98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft
Manifest number:          0DB0
Signing time:             Sun 29 Mar 2026 06:01:17 +0000
Manifest this update:     Sun 29 Mar 2026 06:01:17 +0000
Manifest next update:     Mon 30 Mar 2026 06:01:17 +0000
Files and hashes:         1: YDe79svKAic6peIbuIjj4exnZ98.crl (hash: +cZhM1ord/Me4wD2UYOTe4u0qxAJTSVgbwut38LdCWM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YDe79svKAic6peIbuIjj4exnZ98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 06:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:2e:b1:df:b7:00:0a:34:02:40:a1:1d:0c:1f:53:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6037bbf6cbca02273aa5e21bb888e3e1ec6767df
        Validity
            Not Before: Mar 29 06:01:17 2026 GMT
            Not After : Mar 30 06:01:17 2026 GMT
        Subject: CN=e1fa46b2c05b7fde189cef49dfebc16e30220f05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:3d:c5:86:6c:da:8b:4f:56:59:17:bd:a3:aa:
                    77:65:67:c8:20:a7:d5:46:95:d6:b6:2b:a4:24:dc:
                    24:25:48:7a:bd:34:78:69:cc:72:6c:cc:4f:d3:6d:
                    6b:14:fa:dc:d0:47:45:61:21:58:a6:07:e8:55:7d:
                    bc:22:1e:c6:ec:f9:af:5e:3f:c6:5b:32:40:a1:e1:
                    48:05:d9:67:d8:6f:fe:67:da:c7:70:c8:30:0a:a1:
                    d9:cf:ae:5e:11:f2:06:59:8c:38:d4:2b:59:b2:5a:
                    e8:28:2c:f5:31:84:3e:c4:d4:26:a6:f4:16:bf:24:
                    f2:0a:34:c0:d4:a2:5f:ec:bb:15:26:c9:2b:55:9e:
                    64:db:ff:a0:09:03:cb:ea:f7:f7:65:39:58:de:c7:
                    93:87:4a:9a:fa:8d:95:4f:a2:26:14:45:bf:2c:e1:
                    f2:4a:12:e1:3e:8b:69:ab:bc:0f:d5:58:d0:de:84:
                    67:a1:ad:5e:33:78:d3:7a:d6:9c:68:ca:22:a0:25:
                    e1:8a:b2:34:be:f6:16:44:75:c2:8e:5c:83:ac:16:
                    bc:57:6d:25:dd:cf:59:81:6a:51:58:00:84:ef:89:
                    e2:8c:42:0f:a1:5b:65:a8:fa:65:07:c5:59:00:06:
                    be:19:ba:e1:43:54:5a:47:d5:d7:99:09:35:49:bc:
                    97:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:FA:46:B2:C0:5B:7F:DE:18:9C:EF:49:DF:EB:C1:6E:30:22:0F:05
            X509v3 Authority Key Identifier:
                keyid:60:37:BB:F6:CB:CA:02:27:3A:A5:E2:1B:B8:88:E3:E1:EC:67:67:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDe79svKAic6peIbuIjj4exnZ98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:9e:e0:d5:00:44:dc:37:ad:dd:17:9a:7f:52:99:20:f9:65:
         05:9d:16:b5:a9:af:68:9a:32:2c:68:4f:9c:85:53:f0:1e:74:
         8f:ee:f0:45:e5:7b:4d:8c:8a:83:8c:8b:65:b4:c9:60:2f:07:
         1b:89:db:53:c6:52:62:47:5a:36:30:98:a8:2b:49:d7:03:eb:
         6a:1c:82:ea:c8:a4:c7:1f:3f:4c:e6:8c:23:57:87:c3:d1:35:
         ba:f2:7c:5f:dc:e7:4a:21:1b:c4:06:13:d7:51:c2:eb:6a:5d:
         4c:22:88:14:8c:81:01:d0:e1:05:80:09:0d:e7:e3:97:1d:a4:
         7a:f6:ad:e9:11:05:b8:41:fb:73:ca:bf:d5:79:ef:52:d2:51:
         b5:bd:7f:b3:fa:a7:6d:a6:6e:ec:b7:9b:d4:c7:2d:d9:a8:b9:
         73:4f:bc:87:8d:cc:02:84:e2:67:22:09:5c:84:ea:c1:0c:cf:
         56:4d:2c:22:31:32:a2:8a:5a:2e:cc:f9:ca:70:28:a3:f8:f7:
         85:5a:74:68:a2:d2:b0:c9:c2:d3:12:bb:4f:b2:5a:90:eb:d8:
         78:16:d4:1d:bd:25:88:c8:92:29:d5:f9:a2:81:11:9f:76:89:
         25:02:1e:f8:15:1c:2c:e9:98:0f:e2:f4:42:23:fa:bd:c3:54:
         44:61:42:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LrHftwAKNAJAoR0MH1NUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzdiYmY2Y2JjYTAyMjczYWE1ZTIxYmI4ODhlM2UxZWM2
NzY3ZGYwHhcNMjYwMzI5MDYwMTE3WhcNMjYwMzMwMDYwMTE3WjAzMTEwLwYDVQQD
EyhlMWZhNDZiMmMwNWI3ZmRlMTg5Y2VmNDlkZmViYzE2ZTMwMjIwZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6T3Fhmzai09WWRe9o6p3ZWfIIKfV
RpXWtiukJNwkJUh6vTR4acxybMxP021rFPrc0EdFYSFYpgfoVX28Ih7G7PmvXj/G
WzJAoeFIBdln2G/+Z9rHcMgwCqHZz65eEfIGWYw41CtZslroKCz1MYQ+xNQmpvQW
vyTyCjTA1KJf7LsVJskrVZ5k2/+gCQPL6vf3ZTlY3seTh0qa+o2VT6ImFEW/LOHy
ShLhPotpq7wP1VjQ3oRnoa1eM3jTetacaMoioCXhirI0vvYWRHXCjlyDrBa8V20l
3c9ZgWpRWACE74nijEIPoVtlqPplB8VZAAa+GbrhQ1RaR9XXmQk1SbyXHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOH6RrLAW3/eGJzvSd/rwW4wIg8FMB8GA1UdIwQY
MBaAFGA3u/bLygInOqXiG7iI4+HsZ2ffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURlNzlzdktBaWM2cGVJYnVJamo0ZXhuWjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC82NGUyMGMtOGY2MS00MzUxLTgwNzct
ZmMzYjNlMTExNjFkLzEvWURlNzlzdktBaWM2cGVJYnVJamo0ZXhuWjk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC82NGUyMGMtOGY2MS00MzUxLTgwNzctZmMzYjNlMTExNjFk
LzEvWURlNzlzdktBaWM2cGVJYnVJamo0ZXhuWjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATp7g1QBE
3Det3Reaf1KZIPllBZ0WtamvaJoyLGhPnIVT8B50j+7wReV7TYyKg4yLZbTJYC8H
G4nbU8ZSYkdaNjCYqCtJ1wPrahyC6sikxx8/TOaMI1eHw9E1uvJ8X9znSiEbxAYT
11HC62pdTCKIFIyBAdDhBYAJDefjlx2kevat6REFuEH7c8q/1XnvUtJRtb1/s/qn
baZu7Leb1Mct2ai5c0+8h43MAoTiZyIJXITqwQzPVk0sIjEyoopaLsz5ynAoo/j3
hVp0aKLSsMnC0xK7T7JakOvYeBbUHb0liMiSKdX5ooERn3aJJQIe+BUcLOmYD+L0
QiP6vcNURGFCFw==
-----END CERTIFICATE-----