Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft
File:                     yKQR5q7CPK13xDcrTXsLH8gtXcA.mft (raw, json)
Hash identifier:          08qzjIw11WYqmaJZiJAJ2SFuv2NUMRrJuam/d3498D8=
Subject key identifier:   20:82:19:66:63:CE:9F:04:04:3C:38:82:19:FA:A4:DB:3F:3E:0F:18
Authority key identifier: C8:A4:11:E6:AE:C2:3C:AD:77:C4:37:2B:4D:7B:0B:1F:C8:2D:5D:C0
Certificate issuer:       /CN=c8a411e6aec23cad77c4372b4d7b0b1fc82d5dc0
Certificate serial:       019D39098AD1131A0389927A155A2E9C29CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yKQR5q7CPK13xDcrTXsLH8gtXcA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 10:00:19 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:19 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:19 +0000
Files and hashes:         1: yKQR5q7CPK13xDcrTXsLH8gtXcA.crl (hash: /QVCpyI9MrFJVf0K4ruR3bVjS/MZXkuyFnhdS7uD+i4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yKQR5q7CPK13xDcrTXsLH8gtXcA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:8a:d1:13:1a:03:89:92:7a:15:5a:2e:9c:29:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8a411e6aec23cad77c4372b4d7b0b1fc82d5dc0
        Validity
            Not Before: Mar 29 10:00:19 2026 GMT
            Not After : Mar 30 10:00:19 2026 GMT
        Subject: CN=2082196663ce9f04043c388219faa4db3f3e0f18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:43:86:75:bf:74:fa:29:78:b5:a1:d2:fe:d8:
                    63:1a:23:e9:85:cb:64:78:8b:7c:2e:4b:1b:74:47:
                    88:3a:13:1e:0c:96:88:34:e3:70:d1:28:71:21:ab:
                    f0:a1:c9:8a:bd:93:0a:52:40:ad:3b:16:41:c3:ea:
                    7d:54:b9:65:29:cc:6c:11:5d:0c:d5:41:66:36:3a:
                    04:7e:63:51:68:65:c8:84:1a:9d:0b:5b:aa:df:3a:
                    57:16:f5:68:20:29:9f:e4:b7:10:53:82:d5:94:f4:
                    20:96:b1:fa:e4:df:f3:4f:09:52:5d:68:43:a1:c4:
                    ac:40:fe:bb:25:1f:08:73:be:72:c5:5d:bc:7e:66:
                    85:4b:91:6c:c5:60:1f:2e:81:cf:63:fa:e7:ea:f8:
                    9e:e9:9a:d7:74:fc:bf:81:a5:03:7e:9f:f6:7f:b7:
                    82:f2:cd:8f:ae:6d:27:d7:54:d6:c9:8b:06:f6:a9:
                    17:4e:ce:15:75:09:f7:ac:a0:a2:6d:39:c6:99:db:
                    96:ee:ec:b1:b8:0e:53:37:7e:84:34:9a:3e:86:c8:
                    fb:f7:a4:24:16:db:b8:82:22:90:e7:2b:49:fe:89:
                    5c:ed:29:59:78:8c:2c:72:b1:c6:69:f3:11:a5:8f:
                    39:02:16:16:aa:dc:06:43:38:c6:90:af:87:40:68:
                    b2:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:82:19:66:63:CE:9F:04:04:3C:38:82:19:FA:A4:DB:3F:3E:0F:18
            X509v3 Authority Key Identifier:
                keyid:C8:A4:11:E6:AE:C2:3C:AD:77:C4:37:2B:4D:7B:0B:1F:C8:2D:5D:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKQR5q7CPK13xDcrTXsLH8gtXcA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:a7:10:83:fc:db:c1:f8:08:93:df:9d:6a:87:7d:24:0e:78:
         13:a0:25:ac:ef:b5:f8:c6:eb:85:e9:59:5b:76:24:5f:5a:a4:
         db:a2:c9:86:47:28:43:8f:83:ec:95:c8:94:1c:81:b9:da:f1:
         8e:3b:ff:b1:0c:18:cc:1d:42:8a:6b:25:2a:82:45:b3:7b:2c:
         5f:18:a5:bf:5c:54:13:5e:da:d3:de:11:c2:5f:ea:82:68:05:
         1b:8f:ec:36:8a:19:b5:4e:81:50:43:f5:e0:bd:7d:5c:bc:70:
         0d:85:ce:12:b6:7f:d0:f8:d6:0d:93:87:b5:67:1a:30:95:47:
         4f:1f:b6:3e:ae:6b:08:70:52:b8:18:9d:87:a0:b6:2a:fb:79:
         f7:45:c9:46:b8:42:fc:03:a1:18:a7:52:bb:1c:6f:73:f5:97:
         f0:e3:da:ce:7c:e9:8b:7b:9d:0b:b0:6f:41:7d:da:d5:17:92:
         e1:c2:b5:7d:1b:7f:6e:ea:a3:c7:18:3f:db:46:a7:fa:bb:03:
         5e:94:16:1b:56:fe:bc:d5:e7:6d:d7:64:4a:7c:61:74:8d:14:
         ba:c3:1f:0e:c9:b4:f5:a3:ee:5b:6d:e4:62:04:7b:f5:0a:18:
         fb:2c:7a:7c:47:0a:c3:d6:df:bd:2b:51:a8:86:51:13:31:b0:
         cc:b8:5e:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CYrRExoDiZJ6FVounCnMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YTQxMWU2YWVjMjNjYWQ3N2M0MzcyYjRkN2IwYjFmYzgy
ZDVkYzAwHhcNMjYwMzI5MTAwMDE5WhcNMjYwMzMwMTAwMDE5WjAzMTEwLwYDVQQD
EygyMDgyMTk2NjYzY2U5ZjA0MDQzYzM4ODIxOWZhYTRkYjNmM2UwZjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkOGdb90+il4taHS/thjGiPphctk
eIt8LksbdEeIOhMeDJaINONw0ShxIavwocmKvZMKUkCtOxZBw+p9VLllKcxsEV0M
1UFmNjoEfmNRaGXIhBqdC1uq3zpXFvVoICmf5LcQU4LVlPQglrH65N/zTwlSXWhD
ocSsQP67JR8Ic75yxV28fmaFS5FsxWAfLoHPY/rn6vie6ZrXdPy/gaUDfp/2f7eC
8s2Prm0n11TWyYsG9qkXTs4VdQn3rKCibTnGmduW7uyxuA5TN36ENJo+hsj796Qk
Ftu4giKQ5ytJ/olc7SlZeIwscrHGafMRpY85AhYWqtwGQzjGkK+HQGiywwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCCCGWZjzp8EBDw4ghn6pNs/Pg8YMB8GA1UdIwQY
MBaAFMikEeauwjytd8Q3K017Cx/ILV3AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUtRUjVxN0NQSzEzeERjclRYc0xIOGd0WGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83YjU0MGYtYjgzYS00MGI5LWFlNmQt
Y2RjZWUyM2E4M2IwLzEveUtRUjVxN0NQSzEzeERjclRYc0xIOGd0WGNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83YjU0MGYtYjgzYS00MGI5LWFlNmQtY2RjZWUyM2E4M2Iw
LzEveUtRUjVxN0NQSzEzeERjclRYc0xIOGd0WGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ6cQg/zb
wfgIk9+daod9JA54E6AlrO+1+MbrhelZW3YkX1qk26LJhkcoQ4+D7JXIlByBudrx
jjv/sQwYzB1CimslKoJFs3ssXxilv1xUE17a094Rwl/qgmgFG4/sNooZtU6BUEP1
4L19XLxwDYXOErZ/0PjWDZOHtWcaMJVHTx+2Pq5rCHBSuBidh6C2Kvt590XJRrhC
/AOhGKdSuxxvc/WX8OPaznzpi3udC7BvQX3a1ReS4cK1fRt/buqjxxg/20an+rsD
XpQWG1b+vNXnbddkSnxhdI0UusMfDsm09aPuW23kYgR79QoY+yx6fEcKw9bfvStR
qIZREzGwzLheEA==
-----END CERTIFICATE-----