Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.mft
File:                     yjzk270E4HrOGTf4ChWvc5m4Aw4.mft (raw, json)
Hash identifier:          YpKjmO1R8xB01h1ju/YbytzsO4cZloiAwNSuLy9LxfY=
Subject key identifier:   0D:E3:C9:4F:C0:BB:6B:9B:E6:69:9C:4E:C5:57:7A:3A:B8:01:6B:4D
Authority key identifier: CA:3C:E4:DB:BD:04:E0:7A:CE:19:37:F8:0A:15:AF:73:99:B8:03:0E
Certificate issuer:       /CN=ca3ce4dbbd04e07ace1937f80a15af7399b8030e
Certificate serial:       019D37897E36F867892531958A9FF9EBCBBC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yjzk270E4HrOGTf4ChWvc5m4Aw4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.mft
Manifest number:          0825
Signing time:             Sun 29 Mar 2026 03:00:50 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:50 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:50 +0000
Files and hashes:         1: yjzk270E4HrOGTf4ChWvc5m4Aw4.crl (hash: qg8YzA4aI67KSviAcLqb80F/MG8Yx4W53Js9XyS9gE4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yjzk270E4HrOGTf4ChWvc5m4Aw4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:7e:36:f8:67:89:25:31:95:8a:9f:f9:eb:cb:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca3ce4dbbd04e07ace1937f80a15af7399b8030e
        Validity
            Not Before: Mar 29 03:00:50 2026 GMT
            Not After : Mar 30 03:00:50 2026 GMT
        Subject: CN=0de3c94fc0bb6b9be6699c4ec5577a3ab8016b4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:cb:68:ba:cc:c6:d2:48:59:39:2d:e3:af:92:
                    1d:8a:2c:c2:e5:e1:59:f1:57:1e:2c:b9:08:91:3d:
                    16:57:10:22:cb:22:02:c1:a6:31:e2:01:9a:3f:88:
                    9a:5a:19:fc:f3:2a:83:a1:c7:41:07:01:a0:1a:e6:
                    eb:15:5c:10:dc:78:de:8c:13:ee:0c:b2:26:cc:ec:
                    72:b2:a7:70:94:c9:65:cc:c3:2b:5a:6c:63:ca:58:
                    03:db:68:ac:9f:67:68:f9:68:c2:21:0c:80:c9:5d:
                    e5:9e:44:f2:4b:59:f7:d3:59:80:f7:79:dc:71:c0:
                    c2:e6:bd:1f:26:c4:ef:b7:c8:22:b1:a6:f1:22:87:
                    55:b6:91:90:cc:b5:a9:5c:0a:0b:7f:28:bc:94:f8:
                    5e:80:c6:3a:2d:82:b1:f2:3a:e7:a3:eb:a8:04:80:
                    b5:2f:97:c4:24:84:3b:42:2a:42:46:d3:92:99:89:
                    dc:c5:3b:93:03:6c:83:4c:04:ec:61:0b:be:79:59:
                    ec:bd:a4:ac:87:e7:91:34:79:1d:d8:44:60:e2:33:
                    e4:51:e4:99:df:17:7d:cf:ab:29:7c:1f:cb:65:50:
                    9b:53:f5:1c:c5:0d:c9:bf:43:50:bc:10:15:5e:8d:
                    b2:57:e7:fb:f5:e7:0d:f8:bc:af:f2:6f:ea:f5:c5:
                    1c:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:E3:C9:4F:C0:BB:6B:9B:E6:69:9C:4E:C5:57:7A:3A:B8:01:6B:4D
            X509v3 Authority Key Identifier:
                keyid:CA:3C:E4:DB:BD:04:E0:7A:CE:19:37:F8:0A:15:AF:73:99:B8:03:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjzk270E4HrOGTf4ChWvc5m4Aw4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:13:34:a7:50:dc:9b:62:57:7d:4a:8a:77:f2:ee:a6:a3:d1:
         38:e9:c1:1e:4f:68:d1:f3:fd:76:be:41:b9:69:b7:a0:c1:22:
         98:1d:e7:9b:4f:55:a4:15:f3:bd:f6:66:08:74:6b:ec:8c:83:
         3f:ab:30:9d:c9:93:fb:f2:cf:a6:85:f4:82:43:30:41:cd:a5:
         87:22:f6:ab:aa:19:42:8b:79:4e:4e:a8:78:7f:fd:2c:fe:21:
         30:b5:5b:aa:b1:60:6c:7f:1d:4d:03:73:95:ab:23:c3:c8:a2:
         30:0a:f6:6b:74:ec:43:55:4d:38:1d:ca:c8:84:d7:7b:31:e6:
         18:31:b2:72:c0:7f:4f:e2:6b:fa:6e:dc:d4:20:a7:cf:d5:ed:
         84:e1:27:3d:9f:fc:88:23:f1:2c:91:95:fd:f0:20:48:c9:87:
         25:49:35:15:fa:ac:f0:77:53:48:3a:60:f7:09:28:ea:a4:35:
         df:f6:9c:7a:ef:6d:e4:a2:fd:95:26:c3:58:6b:91:83:15:2f:
         ba:74:1d:7c:3f:ff:c3:c5:42:0f:8c:5b:c5:4a:b5:2b:6c:1a:
         b7:cb:9a:30:d4:bb:c5:ad:0f:b3:90:60:0e:f6:06:8f:4d:d6:
         8b:1e:96:10:46:8c:ab:d1:7b:2b:0c:65:c4:9e:43:ba:05:72:
         08:ad:9e:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iX42+GeJJTGVip/568u8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhM2NlNGRiYmQwNGUwN2FjZTE5MzdmODBhMTVhZjczOTli
ODAzMGUwHhcNMjYwMzI5MDMwMDUwWhcNMjYwMzMwMDMwMDUwWjAzMTEwLwYDVQQD
EygwZGUzYzk0ZmMwYmI2YjliZTY2OTljNGVjNTU3N2EzYWI4MDE2YjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlstouszG0khZOS3jr5IdiizC5eFZ
8VceLLkIkT0WVxAiyyICwaYx4gGaP4iaWhn88yqDocdBBwGgGubrFVwQ3HjejBPu
DLImzOxysqdwlMllzMMrWmxjylgD22isn2do+WjCIQyAyV3lnkTyS1n301mA93nc
ccDC5r0fJsTvt8gisabxIodVtpGQzLWpXAoLfyi8lPhegMY6LYKx8jrno+uoBIC1
L5fEJIQ7QipCRtOSmYncxTuTA2yDTATsYQu+eVnsvaSsh+eRNHkd2ERg4jPkUeSZ
3xd9z6spfB/LZVCbU/UcxQ3Jv0NQvBAVXo2yV+f79ecN+Lyv8m/q9cUckwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA3jyU/Au2ub5mmcTsVXejq4AWtNMB8GA1UdIwQY
MBaAFMo85Nu9BOB6zhk3+AoVr3OZuAMOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWp6azI3MEU0SHJPR1RmNENoV3ZjNW00QXc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hNWQ5YTMtYzQ1NC00YjdlLTgwMGQt
NjE3Y2QzZGYzOTViLzEveWp6azI3MEU0SHJPR1RmNENoV3ZjNW00QXc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9hNWQ5YTMtYzQ1NC00YjdlLTgwMGQtNjE3Y2QzZGYzOTVi
LzEveWp6azI3MEU0SHJPR1RmNENoV3ZjNW00QXc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkxM0p1Dc
m2JXfUqKd/LupqPROOnBHk9o0fP9dr5BuWm3oMEimB3nm09VpBXzvfZmCHRr7IyD
P6swncmT+/LPpoX0gkMwQc2lhyL2q6oZQot5Tk6oeH/9LP4hMLVbqrFgbH8dTQNz
lasjw8iiMAr2a3TsQ1VNOB3KyITXezHmGDGycsB/T+Jr+m7c1CCnz9XthOEnPZ/8
iCPxLJGV/fAgSMmHJUk1Ffqs8HdTSDpg9wko6qQ13/aceu9t5KL9lSbDWGuRgxUv
unQdfD//w8VCD4xbxUq1K2wat8uaMNS7xa0Ps5BgDvYGj03Wix6WEEaMq9F7Kwxl
xJ5DugVyCK2eIA==
-----END CERTIFICATE-----