Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
File:                     YNJSouMVOM2lhXutCYPIvfVYsXs.mft (raw, json)
Hash identifier:          YWj+SPIqekaWyZhNe4e+vJL7jmEKZRmPpf1EXycYJpM=
Subject key identifier:   26:66:FA:05:79:8E:5F:30:3C:E5:A9:B8:2A:AA:81:54:13:A2:B1:9F
Authority key identifier: 60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B
Certificate issuer:       /CN=60d252a2e31538cda5857bad0983c8bdf558b17b
Certificate serial:       019D3865E725E3678DC995BBBE7F08EC1212
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
Manifest number:          0BD0
Signing time:             Sun 29 Mar 2026 07:01:35 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:35 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:35 +0000
Files and hashes:         1: YNJSouMVOM2lhXutCYPIvfVYsXs.crl (hash: uLaGaFpzS/RPNky0oVrRvKY7JmHwyefTClcUj8ssLAo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:e7:25:e3:67:8d:c9:95:bb:be:7f:08:ec:12:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60d252a2e31538cda5857bad0983c8bdf558b17b
        Validity
            Not Before: Mar 29 07:01:35 2026 GMT
            Not After : Mar 30 07:01:35 2026 GMT
        Subject: CN=2666fa05798e5f303ce5a9b82aaa815413a2b19f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:4a:a0:bd:2b:73:82:12:0b:ec:8e:f8:f7:bf:
                    96:87:aa:f8:b2:75:c1:1d:81:fd:85:b7:a7:f1:fa:
                    7a:61:fe:6d:02:dd:ab:b1:ec:0d:8d:e8:9e:73:28:
                    52:c8:b3:d2:03:17:7b:51:96:7e:ac:66:82:71:b3:
                    ed:c3:e5:f6:08:ce:5b:26:6a:80:61:f0:22:ae:93:
                    6b:4c:35:87:95:75:5c:39:ad:fa:bc:8b:05:f8:92:
                    b3:e7:65:29:ef:ef:ba:09:3a:a5:6b:2a:f1:a5:f3:
                    98:dc:bf:b6:eb:aa:6e:90:0f:df:a6:78:38:ae:db:
                    d1:f3:5d:c4:5d:fe:f3:b7:3a:9e:b7:bb:24:14:cc:
                    53:8e:25:9c:2f:ee:10:20:49:b7:f8:e8:62:da:46:
                    c8:fe:55:4e:10:4b:8b:ab:aa:bb:5a:ae:0c:38:9c:
                    54:ed:e9:95:2c:d2:f9:d5:db:fc:68:eb:14:cc:9b:
                    a4:77:4f:93:b7:9e:f6:ae:82:37:19:fa:bb:3d:71:
                    bc:3b:20:7c:15:7a:28:71:8f:2f:65:cf:d2:42:5e:
                    7f:de:a7:e9:5f:17:4f:eb:bd:a3:ca:76:b1:11:df:
                    12:be:e6:36:07:2d:67:2a:77:19:81:51:c3:ae:fa:
                    d4:8b:3d:ab:5e:76:e6:b1:42:e0:94:78:23:08:c3:
                    48:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:66:FA:05:79:8E:5F:30:3C:E5:A9:B8:2A:AA:81:54:13:A2:B1:9F
            X509v3 Authority Key Identifier:
                keyid:60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:96:dc:80:b7:fb:1e:93:18:21:e9:68:ec:2d:d6:c8:13:f1:
         bd:97:06:2b:5f:98:5e:f5:b5:bb:11:fd:b9:19:bd:b0:93:8e:
         6f:3c:2a:ce:ef:36:0c:50:0b:7b:c0:6b:9e:e8:72:30:be:8d:
         fa:a5:2d:b1:8a:d1:81:87:72:5b:03:2d:24:6d:81:5b:a9:74:
         bb:ea:40:c4:d0:1b:03:4c:09:53:d2:67:a8:16:d3:1a:be:ce:
         76:4b:50:61:0c:f1:cb:96:18:d6:04:a0:5a:df:40:87:25:8b:
         6f:42:64:5f:2b:40:2e:a6:9b:6a:9b:e9:0d:39:e8:77:19:d4:
         b3:ee:52:c8:bc:1a:cf:f7:34:1b:d1:10:c7:cd:7c:82:bb:9d:
         f4:52:be:a9:fb:84:cd:16:a2:e7:f2:6e:ff:13:6b:2a:f7:46:
         ff:0a:94:ff:ca:37:70:d5:f7:12:7e:0b:cd:97:0a:e6:81:bc:
         2e:ea:37:53:9a:43:d7:f9:43:e0:14:50:9b:5a:8e:46:25:a4:
         53:0f:28:44:13:5a:a8:13:72:c8:2d:75:96:a5:9b:6c:6a:8e:
         c8:ce:6e:73:c2:76:7d:86:b0:a5:a4:a4:a7:77:71:de:1c:fa:
         97:3a:69:a3:02:c2:26:75:c3:67:46:b1:d3:20:ae:53:ba:ea:
         94:78:6b:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zecl42eNyZW7vn8I7BISMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZDI1MmEyZTMxNTM4Y2RhNTg1N2JhZDA5ODNjOGJkZjU1
OGIxN2IwHhcNMjYwMzI5MDcwMTM1WhcNMjYwMzMwMDcwMTM1WjAzMTEwLwYDVQQD
EygyNjY2ZmEwNTc5OGU1ZjMwM2NlNWE5YjgyYWFhODE1NDEzYTJiMTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEqgvStzghIL7I7497+Wh6r4snXB
HYH9hben8fp6Yf5tAt2rsewNjeiecyhSyLPSAxd7UZZ+rGaCcbPtw+X2CM5bJmqA
YfAirpNrTDWHlXVcOa36vIsF+JKz52Up7++6CTqlayrxpfOY3L+266pukA/fpng4
rtvR813EXf7ztzqet7skFMxTjiWcL+4QIEm3+Ohi2kbI/lVOEEuLq6q7Wq4MOJxU
7emVLNL51dv8aOsUzJukd0+Tt572roI3Gfq7PXG8OyB8FXoocY8vZc/SQl5/3qfp
XxdP672jynaxEd8SvuY2By1nKncZgVHDrvrUiz2rXnbmsULglHgjCMNI7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCZm+gV5jl8wPOWpuCqqgVQTorGfMB8GA1UdIwQY
MBaAFGDSUqLjFTjNpYV7rQmDyL31WLF7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYt
NTY2ZjZjZjQzMWMwLzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYtNTY2ZjZjZjQzMWMw
LzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGpbcgLf7
HpMYIelo7C3WyBPxvZcGK1+YXvW1uxH9uRm9sJOObzwqzu82DFALe8BrnuhyML6N
+qUtsYrRgYdyWwMtJG2BW6l0u+pAxNAbA0wJU9JnqBbTGr7OdktQYQzxy5YY1gSg
Wt9AhyWLb0JkXytALqabapvpDTnodxnUs+5SyLwaz/c0G9EQx818grud9FK+qfuE
zRai5/Ju/xNrKvdG/wqU/8o3cNX3En4LzZcK5oG8Luo3U5pD1/lD4BRQm1qORiWk
Uw8oRBNaqBNyyC11lqWbbGqOyM5uc8J2fYawpaSkp3dx3hz6lzppowLCJnXDZ0ax
0yCuU7rqlHhrCg==
-----END CERTIFICATE-----