Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
File:                     _ypds7oz42wW2_UmCy_idK5_siI.mft (raw, json)
Hash identifier:          Umec6wKHpv+LlzzooucbaWLAI6dEqFnEQ6QkTZQBinA=
Subject key identifier:   F6:D8:91:A1:49:06:4E:AA:5C:F9:09:86:31:3B:DB:D6:CD:21:19:BC
Authority key identifier: FF:2A:5D:B3:BA:33:E3:6C:16:DB:F5:26:0B:2F:E2:74:AE:7F:B2:22
Certificate issuer:       /CN=ff2a5db3ba33e36c16dbf5260b2fe274ae7fb222
Certificate serial:       019D37C0D117866D1A9A42C223F7007E29ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
Manifest number:          0F6E
Signing time:             Sun 29 Mar 2026 04:01:16 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:16 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:16 +0000
Files and hashes:         1: _ypds7oz42wW2_UmCy_idK5_siI.crl (hash: MUzJits/ZRUap76kjSO7kjr+7hTuWhVTbvcQPHCQ5no=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:d1:17:86:6d:1a:9a:42:c2:23:f7:00:7e:29:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff2a5db3ba33e36c16dbf5260b2fe274ae7fb222
        Validity
            Not Before: Mar 29 04:01:16 2026 GMT
            Not After : Mar 30 04:01:16 2026 GMT
        Subject: CN=f6d891a149064eaa5cf90986313bdbd6cd2119bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:34:31:38:a9:64:b2:f3:d0:8c:ae:81:a0:a3:
                    6d:11:04:a5:11:58:8f:d6:06:4b:f7:5a:fc:d1:f2:
                    c3:d3:95:d5:8c:cf:97:2e:57:fa:94:2f:ac:85:2b:
                    20:c1:06:29:2d:92:3e:bc:db:c6:6e:f1:d4:36:c1:
                    b0:91:7f:34:60:8f:5c:4d:55:f8:37:5c:63:62:b9:
                    cb:34:27:49:f7:9e:e8:b5:e3:b0:4f:b0:40:c6:38:
                    9e:be:15:1e:30:c7:5b:31:e2:94:68:e0:82:5b:a9:
                    04:e5:f4:63:4f:9d:65:13:02:96:f4:27:0d:bc:ab:
                    02:e0:d3:03:e9:5c:e0:b6:01:ce:ce:11:6d:32:3f:
                    43:61:ad:89:e6:45:4b:8c:d7:54:81:61:66:66:47:
                    6a:90:ec:80:52:88:ee:08:d6:0a:5e:80:ef:09:e0:
                    a9:21:6d:fc:f9:fa:94:36:f1:63:a2:47:cb:83:52:
                    16:af:cf:34:97:50:04:72:2d:88:4b:5c:96:20:3e:
                    92:25:05:1c:d1:85:9d:5a:0e:68:a2:53:32:0b:52:
                    2d:2c:f8:38:93:6b:cc:2c:9c:c1:41:25:56:3f:92:
                    f5:52:83:2b:70:54:d7:39:fc:c8:02:6a:7c:21:28:
                    88:f5:f1:ac:2d:3b:44:86:1a:9e:72:a0:59:86:f6:
                    e4:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:D8:91:A1:49:06:4E:AA:5C:F9:09:86:31:3B:DB:D6:CD:21:19:BC
            X509v3 Authority Key Identifier:
                keyid:FF:2A:5D:B3:BA:33:E3:6C:16:DB:F5:26:0B:2F:E2:74:AE:7F:B2:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:8c:76:ba:47:57:76:d5:25:72:22:66:7c:16:66:4f:9d:fe:
         c4:aa:a5:e8:02:bc:7c:0f:b4:e2:75:62:f6:61:50:84:fc:9c:
         74:d1:63:c5:0b:61:3d:dc:cf:ec:0d:39:83:33:78:3f:97:cb:
         ba:6f:5e:8d:4d:8a:69:0f:79:79:2b:f8:23:c4:0c:85:2e:b0:
         06:2e:09:5d:64:23:72:d1:e3:85:9f:b0:ef:39:61:70:4b:74:
         62:dd:c2:e3:48:09:a7:f0:7b:b3:01:7e:57:09:4f:81:a6:26:
         b0:cd:e6:e3:b2:3d:31:7d:21:4b:7a:64:b5:25:94:9d:37:66:
         4c:52:c5:9f:fc:38:8a:06:a2:18:c1:51:9c:73:d9:86:ff:d0:
         22:db:06:d4:48:45:a7:e2:df:2c:b2:14:34:5f:45:61:d4:9e:
         f1:24:75:73:3a:78:be:ee:bd:2a:a7:d0:81:ee:e1:42:f2:88:
         44:25:90:a0:3c:ea:31:44:9c:92:42:29:06:7d:47:5b:e5:88:
         fb:cd:c1:f1:bf:73:9a:2b:3a:03:23:22:ce:d3:37:97:e4:d4:
         24:f7:f4:a5:1a:0d:79:6a:65:98:a6:9c:d0:43:c4:4a:07:e8:
         7e:8b:01:b6:be:e8:04:c3:52:1c:ba:c3:c1:8c:6b:19:ae:0e:
         b0:b8:18:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wNEXhm0amkLCI/cAfintMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMmE1ZGIzYmEzM2UzNmMxNmRiZjUyNjBiMmZlMjc0YWU3
ZmIyMjIwHhcNMjYwMzI5MDQwMTE2WhcNMjYwMzMwMDQwMTE2WjAzMTEwLwYDVQQD
EyhmNmQ4OTFhMTQ5MDY0ZWFhNWNmOTA5ODYzMTNiZGJkNmNkMjExOWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzQxOKlksvPQjK6BoKNtEQSlEViP
1gZL91r80fLD05XVjM+XLlf6lC+shSsgwQYpLZI+vNvGbvHUNsGwkX80YI9cTVX4
N1xjYrnLNCdJ957oteOwT7BAxjievhUeMMdbMeKUaOCCW6kE5fRjT51lEwKW9CcN
vKsC4NMD6VzgtgHOzhFtMj9DYa2J5kVLjNdUgWFmZkdqkOyAUojuCNYKXoDvCeCp
IW38+fqUNvFjokfLg1IWr880l1AEci2IS1yWID6SJQUc0YWdWg5oolMyC1ItLPg4
k2vMLJzBQSVWP5L1UoMrcFTXOfzIAmp8ISiI9fGsLTtEhhqecqBZhvbkxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPbYkaFJBk6qXPkJhjE729bNIRm8MB8GA1UdIwQY
MBaAFP8qXbO6M+NsFtv1Jgsv4nSuf7IiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC81ZGY3MTAtZGY4Ni00MmMwLThhYTIt
NTI2MGNkNWMyNGMzLzEvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC81ZGY3MTAtZGY4Ni00MmMwLThhYTItNTI2MGNkNWMyNGMz
LzEvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwox2ukdX
dtUlciJmfBZmT53+xKql6AK8fA+04nVi9mFQhPycdNFjxQthPdzP7A05gzN4P5fL
um9ejU2KaQ95eSv4I8QMhS6wBi4JXWQjctHjhZ+w7zlhcEt0Yt3C40gJp/B7swF+
VwlPgaYmsM3m47I9MX0hS3pktSWUnTdmTFLFn/w4igaiGMFRnHPZhv/QItsG1EhF
p+LfLLIUNF9FYdSe8SR1czp4vu69KqfQge7hQvKIRCWQoDzqMUSckkIpBn1HW+WI
+83B8b9zmis6AyMiztM3l+TUJPf0pRoNeWplmKac0EPESgfofosBtr7oBMNSHLrD
wYxrGa4OsLgYgg==
-----END CERTIFICATE-----