Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.mft
File:                     yYDRnDv8xARxVndvAqNJiY5GuQ0.mft (raw, json)
Hash identifier:          PY6AXROqDbTPCc6ujpNQI+QMyNhGe1eXwh9v5qw59m4=
Subject key identifier:   5C:94:19:F8:67:A5:92:C0:69:5E:6B:D3:30:7D:FE:BD:AD:D0:34:AE
Authority key identifier: C9:80:D1:9C:3B:FC:C4:04:71:56:77:6F:02:A3:49:89:8E:46:B9:0D
Certificate issuer:       /CN=c980d19c3bfcc4047156776f02a349898e46b90d
Certificate serial:       019D38665D807D0DB0C61492B8FA26D7751C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yYDRnDv8xARxVndvAqNJiY5GuQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.mft
Manifest number:          0BAA
Signing time:             Sun 29 Mar 2026 07:02:05 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:05 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:05 +0000
Files and hashes:         1: yYDRnDv8xARxVndvAqNJiY5GuQ0.crl (hash: oYazfCiRLNgYJM/D4Z2X6CSwlHwmXuEMA/EvDvXNoHA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yYDRnDv8xARxVndvAqNJiY5GuQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:5d:80:7d:0d:b0:c6:14:92:b8:fa:26:d7:75:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c980d19c3bfcc4047156776f02a349898e46b90d
        Validity
            Not Before: Mar 29 07:02:05 2026 GMT
            Not After : Mar 30 07:02:05 2026 GMT
        Subject: CN=5c9419f867a592c0695e6bd3307dfebdadd034ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:db:f2:f4:f9:66:d9:90:dc:f8:db:5a:9e:fe:
                    87:a6:6d:9a:61:8e:f1:ef:9d:02:44:9d:f8:9d:73:
                    7f:d4:da:1b:d9:6d:04:df:80:b7:d9:bb:53:09:7b:
                    19:9c:76:f0:23:da:49:45:61:a2:a6:41:80:e2:4a:
                    96:d4:47:20:d1:69:9d:0b:ff:c3:b3:5a:7d:1d:e5:
                    ca:d9:01:a9:b1:d2:ca:4d:12:29:60:28:21:b6:20:
                    59:fa:b2:6b:fd:c6:bf:6f:0f:92:f7:a4:98:8a:7e:
                    03:28:c3:a3:2e:cb:e0:35:dc:91:77:79:31:33:d5:
                    a2:a3:c3:24:4c:e2:2c:64:80:5a:20:f6:7b:08:8e:
                    52:c7:8c:83:da:c4:de:da:75:62:14:07:fa:e0:1a:
                    ab:62:17:1d:1c:5b:36:77:fd:17:1f:a0:6c:63:32:
                    77:9c:70:2d:1f:e3:db:bc:b2:e3:e4:26:43:03:4a:
                    71:fa:bb:0b:30:eb:37:25:0b:94:f9:b9:56:49:e5:
                    4c:5e:55:40:e7:34:62:86:0f:7f:83:2e:ca:cd:90:
                    e5:6d:c6:7a:16:ab:21:f4:ed:b3:a3:38:57:54:ce:
                    7d:9e:31:fb:6f:60:88:26:0e:52:28:67:e9:a5:65:
                    e6:74:e1:50:63:da:35:72:f8:ce:77:0c:5a:5f:dd:
                    c4:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:94:19:F8:67:A5:92:C0:69:5E:6B:D3:30:7D:FE:BD:AD:D0:34:AE
            X509v3 Authority Key Identifier:
                keyid:C9:80:D1:9C:3B:FC:C4:04:71:56:77:6F:02:A3:49:89:8E:46:B9:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yYDRnDv8xARxVndvAqNJiY5GuQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:91:ec:c9:f8:21:c9:90:76:a8:26:72:ce:34:6a:09:27:f1:
         5f:94:2d:8a:39:45:28:e9:f0:44:dd:37:11:d8:4b:6c:cc:97:
         38:4f:ff:47:ea:4c:d5:09:25:f1:a6:a0:6b:84:1a:95:50:81:
         41:d5:64:ec:e4:8e:f3:2b:fc:fb:13:85:59:54:ab:74:6c:37:
         54:af:06:e4:ae:47:df:7b:c5:ce:7c:4e:49:b0:ba:74:f5:29:
         5c:59:a4:f4:3d:3b:60:dc:e1:a1:98:eb:bb:ae:a8:2a:26:f7:
         05:5a:49:2c:78:30:d4:07:2e:33:64:41:21:6a:f6:64:68:55:
         50:31:78:c4:a6:e4:d7:58:09:d4:d7:37:ed:07:99:c5:1e:f3:
         59:54:bb:aa:35:17:fa:a6:a6:ed:9d:7c:2a:9a:e6:1a:47:1b:
         17:21:dc:40:c7:77:4b:4d:67:8d:9c:f4:cb:3f:f0:0e:18:1a:
         85:db:5d:cb:3e:90:98:04:3a:ab:56:34:eb:be:85:de:fd:45:
         dd:03:f5:d3:98:8a:dd:85:ec:b6:b7:59:4b:29:87:15:1f:ea:
         25:9f:53:32:46:bd:05:41:0a:a1:f0:5a:f9:23:d8:93:c9:2d:
         e9:76:bf:aa:8b:19:7b:b8:ee:10:3a:40:5b:16:95:56:5a:f1:
         90:fd:32:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zl2AfQ2wxhSSuPom13UcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ODBkMTljM2JmY2M0MDQ3MTU2Nzc2ZjAyYTM0OTg5OGU0
NmI5MGQwHhcNMjYwMzI5MDcwMjA1WhcNMjYwMzMwMDcwMjA1WjAzMTEwLwYDVQQD
Eyg1Yzk0MTlmODY3YTU5MmMwNjk1ZTZiZDMzMDdkZmViZGFkZDAzNGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9vy9Plm2ZDc+Ntanv6Hpm2aYY7x
750CRJ34nXN/1Nob2W0E34C32btTCXsZnHbwI9pJRWGipkGA4kqW1Ecg0WmdC//D
s1p9HeXK2QGpsdLKTRIpYCghtiBZ+rJr/ca/bw+S96SYin4DKMOjLsvgNdyRd3kx
M9Wio8MkTOIsZIBaIPZ7CI5Sx4yD2sTe2nViFAf64BqrYhcdHFs2d/0XH6BsYzJ3
nHAtH+PbvLLj5CZDA0px+rsLMOs3JQuU+blWSeVMXlVA5zRihg9/gy7KzZDlbcZ6
Fqsh9O2zozhXVM59njH7b2CIJg5SKGfppWXmdOFQY9o1cvjOdwxaX93ERQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFyUGfhnpZLAaV5r0zB9/r2t0DSuMB8GA1UdIwQY
MBaAFMmA0Zw7/MQEcVZ3bwKjSYmORrkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVlEUm5Edjh4QVJ4Vm5kdkFxTkppWTVHdVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy82OGMwNjMtNDAwYS00ZWQxLTlmYmYt
Yjg2NjE5NzUyMDM5LzEveVlEUm5Edjh4QVJ4Vm5kdkFxTkppWTVHdVEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy82OGMwNjMtNDAwYS00ZWQxLTlmYmYtYjg2NjE5NzUyMDM5
LzEveVlEUm5Edjh4QVJ4Vm5kdkFxTkppWTVHdVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFpHsyfgh
yZB2qCZyzjRqCSfxX5QtijlFKOnwRN03EdhLbMyXOE//R+pM1Qkl8aaga4QalVCB
QdVk7OSO8yv8+xOFWVSrdGw3VK8G5K5H33vFznxOSbC6dPUpXFmk9D07YNzhoZjr
u66oKib3BVpJLHgw1AcuM2RBIWr2ZGhVUDF4xKbk11gJ1Nc37QeZxR7zWVS7qjUX
+qam7Z18KprmGkcbFyHcQMd3S01njZz0yz/wDhgahdtdyz6QmAQ6q1Y0676F3v1F
3QP105iK3YXstrdZSymHFR/qJZ9TMka9BUEKofBa+SPYk8kt6Xa/qosZe7juEDpA
WxaVVlrxkP0yOg==
-----END CERTIFICATE-----