Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
File:                     YA09DkcUJu84PjkRODpJg78idkQ.mft (raw, json)
Hash identifier:          WZLpYGH4/qGCUHl57Wvmfy5uuEgIwo8WRfBWCeHddos=
Subject key identifier:   7E:44:1A:91:0C:95:E0:38:34:93:DB:E0:73:54:0D:66:46:D1:A9:2A
Authority key identifier: 60:0D:3D:0E:47:14:26:EF:38:3E:39:11:38:3A:49:83:BF:22:76:44
Certificate issuer:       /CN=600d3d0e471426ef383e3911383a4983bf227644
Certificate serial:       019D37C009D518E946587140C1D112A16037
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
Manifest number:          0560
Signing time:             Sun 29 Mar 2026 04:00:25 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:25 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:25 +0000
Files and hashes:         1: YA09DkcUJu84PjkRODpJg78idkQ.crl (hash: 1M5bk+gguX+hfUtpef0ekHEeHns+q4vY6yI95qvlqUA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:09:d5:18:e9:46:58:71:40:c1:d1:12:a1:60:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=600d3d0e471426ef383e3911383a4983bf227644
        Validity
            Not Before: Mar 29 04:00:25 2026 GMT
            Not After : Mar 30 04:00:25 2026 GMT
        Subject: CN=7e441a910c95e0383493dbe073540d6646d1a92a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:ef:7e:78:c8:54:10:f0:87:4b:c8:bb:d0:b0:
                    77:0f:5c:ea:ef:f8:b9:37:f3:6a:cc:a0:d6:3d:4e:
                    27:a1:bf:f9:07:33:46:ff:65:c8:2a:f0:c3:22:32:
                    ce:74:2e:b5:eb:d6:81:f1:29:0e:e8:1d:a6:46:26:
                    36:f4:ed:f8:8a:1d:f5:b2:79:87:fe:68:3d:64:ae:
                    ef:6a:3c:07:09:64:ff:08:c0:86:0c:e3:5b:aa:4d:
                    76:dd:ee:03:dc:f3:26:76:97:16:ac:28:22:db:67:
                    67:3f:59:53:95:45:c1:7c:b4:51:b2:16:e2:9e:64:
                    e6:7b:a9:b8:88:06:57:03:d9:04:5a:26:b2:71:61:
                    61:24:94:d1:4d:36:49:5f:d1:83:77:95:e9:3b:e5:
                    07:9f:2e:1e:27:6f:79:4e:ff:e1:71:29:74:f6:68:
                    9b:84:53:65:7a:5b:61:e3:d9:d4:59:48:0f:4d:ee:
                    1e:93:1b:fd:12:77:33:35:91:0c:25:2e:e0:67:83:
                    e4:14:f1:88:a5:98:43:22:3f:dd:1a:a6:08:3f:6a:
                    51:19:a7:fa:7d:06:53:87:af:be:ce:70:86:8b:6e:
                    0a:01:73:8d:b6:d4:a1:59:7e:ab:4c:dc:58:f2:2e:
                    9c:64:1a:6d:51:72:33:26:36:3d:e9:1e:eb:32:2b:
                    14:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:44:1A:91:0C:95:E0:38:34:93:DB:E0:73:54:0D:66:46:D1:A9:2A
            X509v3 Authority Key Identifier:
                keyid:60:0D:3D:0E:47:14:26:EF:38:3E:39:11:38:3A:49:83:BF:22:76:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:da:f9:0b:26:53:02:90:8a:0d:a2:17:c0:d8:a7:71:14:90:
         7a:7b:20:2f:aa:b6:c6:5c:10:b2:76:39:c5:09:00:de:8c:6e:
         71:28:a4:9e:cd:3a:c3:57:1e:96:17:40:f8:a1:6b:6f:ce:8b:
         c2:83:9a:11:28:ee:fa:c5:12:39:95:70:16:05:f7:4f:47:a9:
         bb:32:72:5b:41:ef:e2:9b:17:9a:7f:8a:82:85:dc:28:e7:49:
         bd:9b:31:df:97:c9:66:b3:0b:23:37:33:bc:7e:3e:12:75:a3:
         fb:5b:26:66:8c:1d:4e:ba:c6:a7:c1:d7:14:e1:1b:9e:ce:0b:
         9d:34:b2:c2:e2:88:41:73:aa:53:a6:4f:4e:39:21:cc:15:e7:
         42:6d:7e:3b:76:3a:dd:06:c3:6c:cb:6a:9a:4f:6f:0a:8b:6f:
         46:37:02:cc:9f:95:82:92:7c:80:1e:60:37:a0:fd:1c:31:09:
         bf:c1:f8:93:a6:41:9c:f7:ce:06:7e:47:fa:7f:bd:d5:e1:a1:
         4a:b3:69:8c:f6:44:5d:8b:1c:6a:f5:18:fb:e5:47:c2:e8:52:
         3a:06:9a:72:6f:12:cf:3a:d1:28:1a:85:66:5e:4f:4b:92:d5:
         8c:34:ba:63:db:fc:6b:40:f2:83:d7:33:cb:dc:59:ee:cc:22:
         54:a3:91:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wAnVGOlGWHFAwdESoWA3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMGQzZDBlNDcxNDI2ZWYzODNlMzkxMTM4M2E0OTgzYmYy
Mjc2NDQwHhcNMjYwMzI5MDQwMDI1WhcNMjYwMzMwMDQwMDI1WjAzMTEwLwYDVQQD
Eyg3ZTQ0MWE5MTBjOTVlMDM4MzQ5M2RiZTA3MzU0MGQ2NjQ2ZDFhOTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzu9+eMhUEPCHS8i70LB3D1zq7/i5
N/NqzKDWPU4nob/5BzNG/2XIKvDDIjLOdC6169aB8SkO6B2mRiY29O34ih31snmH
/mg9ZK7vajwHCWT/CMCGDONbqk123e4D3PMmdpcWrCgi22dnP1lTlUXBfLRRshbi
nmTme6m4iAZXA9kEWiaycWFhJJTRTTZJX9GDd5XpO+UHny4eJ295Tv/hcSl09mib
hFNlelth49nUWUgPTe4ekxv9EnczNZEMJS7gZ4PkFPGIpZhDIj/dGqYIP2pRGaf6
fQZTh6++znCGi24KAXONttShWX6rTNxY8i6cZBptUXIzJjY96R7rMisUSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH5EGpEMleA4NJPb4HNUDWZG0akqMB8GA1UdIwQY
MBaAFGANPQ5HFCbvOD45ETg6SYO/InZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8xYWY1MWItN2IxNy00OTgwLTk4Yzct
M2MyZmE4YWFmMDMxLzEvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8xYWY1MWItN2IxNy00OTgwLTk4YzctM2MyZmE4YWFmMDMx
LzEvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAENr5CyZT
ApCKDaIXwNincRSQensgL6q2xlwQsnY5xQkA3oxucSikns06w1celhdA+KFrb86L
woOaESju+sUSOZVwFgX3T0epuzJyW0Hv4psXmn+KgoXcKOdJvZsx35fJZrMLIzcz
vH4+EnWj+1smZowdTrrGp8HXFOEbns4LnTSywuKIQXOqU6ZPTjkhzBXnQm1+O3Y6
3QbDbMtqmk9vCotvRjcCzJ+VgpJ8gB5gN6D9HDEJv8H4k6ZBnPfOBn5H+n+91eGh
SrNpjPZEXYscavUY++VHwuhSOgaacm8SzzrRKBqFZl5PS5LVjDS6Y9v8a0Dyg9cz
y9xZ7swiVKOR4w==
-----END CERTIFICATE-----