Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
File:                     ydD7lgitlbS_5q4unxPgAv2raA0.mft (raw, json)
Hash identifier:          R++P664wNHEHS6P42eLzHf/fArTU+7AcJOGjIKbzvfI=
Subject key identifier:   6D:45:CC:79:BA:20:45:6C:67:BC:0C:58:E1:5B:2D:82:86:61:27:C2
Authority key identifier: C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D
Certificate issuer:       /CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
Certificate serial:       019D39E568D5A965BA12430232F9683673E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
Manifest number:          0729
Signing time:             Sun 29 Mar 2026 14:00:29 +0000
Manifest this update:     Sun 29 Mar 2026 14:00:29 +0000
Manifest next update:     Mon 30 Mar 2026 14:00:29 +0000
Files and hashes:         1: ydD7lgitlbS_5q4unxPgAv2raA0.crl (hash: nJqrY23iErhZfEJFenH5rk2xgZWobPTwuohSZzPp4zg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 14:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:e5:68:d5:a9:65:ba:12:43:02:32:f9:68:36:73:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
        Validity
            Not Before: Mar 29 14:00:29 2026 GMT
            Not After : Mar 30 14:00:29 2026 GMT
        Subject: CN=6d45cc79ba20456c67bc0c58e15b2d82866127c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:ee:b6:da:3f:e5:9c:40:12:bb:7b:48:ba:fe:
                    2f:03:d3:04:ad:0a:b7:cc:0a:09:ec:27:65:4d:74:
                    a0:79:46:b7:23:50:88:e6:ca:fb:56:92:a2:c6:54:
                    f2:17:0f:9e:dc:b5:ae:bf:f7:8c:32:35:cb:bb:bf:
                    e3:70:de:78:8a:9a:f2:6e:7a:93:79:e7:d1:e9:c8:
                    85:63:0a:c7:28:dd:50:c4:1f:e6:b1:68:c5:60:ed:
                    93:2d:35:4b:21:65:fb:0a:4a:95:33:15:50:9a:d2:
                    a9:4b:eb:23:6b:78:c9:55:5e:5a:55:cc:32:5a:82:
                    ea:a3:ef:b5:1a:3b:7a:f7:86:25:2c:26:c2:c6:e6:
                    0e:0b:05:c8:ef:89:07:e9:fb:5b:c4:93:aa:f9:89:
                    d6:5c:5a:a7:69:22:10:78:c2:ac:fc:64:69:4f:7e:
                    24:e9:7b:6f:4b:61:34:8c:b5:9c:7c:f3:78:0f:c8:
                    d4:76:db:e8:f3:79:d9:64:cb:fd:fc:b7:b9:22:2c:
                    61:03:33:d9:f7:be:c3:50:7c:41:f0:a2:0a:c7:12:
                    a7:9f:db:e7:45:87:4e:9f:62:e2:11:f4:e4:b3:f9:
                    59:54:ed:69:68:cf:0e:ae:91:60:eb:66:54:d0:99:
                    86:85:db:9d:51:40:20:1b:ad:78:55:44:e1:6a:b9:
                    9f:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:45:CC:79:BA:20:45:6C:67:BC:0C:58:E1:5B:2D:82:86:61:27:C2
            X509v3 Authority Key Identifier:
                keyid:C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:6a:fd:9f:fd:69:af:a4:98:07:a3:67:43:6f:7b:cf:1e:4c:
         c3:a4:33:1a:52:77:a4:b6:da:5d:ab:7b:3d:f9:45:43:68:0b:
         57:cc:6b:95:c4:65:21:3d:84:09:8b:16:34:2b:82:60:4e:ae:
         84:c4:d7:80:09:9a:75:5a:0a:2a:2a:b3:29:d6:d2:d7:f5:fa:
         36:a9:75:66:57:5c:04:cb:0e:c7:9c:7f:4d:b8:aa:11:d7:e6:
         64:61:97:6b:94:cd:19:5d:1f:81:56:0d:c2:6c:48:34:9d:5b:
         0a:be:f3:41:5d:7e:c9:63:82:a5:79:86:b5:77:94:ef:60:40:
         ad:61:2d:1b:92:41:0f:c9:23:78:a5:17:1b:45:f7:44:41:71:
         ba:94:77:6b:1a:ae:5f:04:d9:d5:91:58:71:89:95:36:f1:f8:
         51:0f:dd:72:4a:33:fa:2f:db:81:85:62:22:98:3c:9b:e9:89:
         1b:f9:cc:a7:10:3d:75:a9:d8:6f:45:6a:35:e5:ba:e6:65:e0:
         07:be:d2:e8:5d:c0:1e:bb:19:e2:fa:42:fa:7d:da:5a:46:3e:
         09:ce:1e:d5:10:04:8f:d1:ab:e4:89:7d:85:d5:b1:cd:8c:8f:
         df:55:b2:90:35:24:7a:52:9e:88:81:29:b0:bd:a8:ea:dd:9c:
         cb:49:8e:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ055WjVqWW6EkMCMvloNnPmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDBmYjk2MDhhZDk1YjRiZmU2YWUyZTlmMTNlMDAyZmRh
YjY4MGQwHhcNMjYwMzI5MTQwMDI5WhcNMjYwMzMwMTQwMDI5WjAzMTEwLwYDVQQD
Eyg2ZDQ1Y2M3OWJhMjA0NTZjNjdiYzBjNThlMTViMmQ4Mjg2NjEyN2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+622j/lnEASu3tIuv4vA9MErQq3
zAoJ7CdlTXSgeUa3I1CI5sr7VpKixlTyFw+e3LWuv/eMMjXLu7/jcN54iprybnqT
eefR6ciFYwrHKN1QxB/msWjFYO2TLTVLIWX7CkqVMxVQmtKpS+sja3jJVV5aVcwy
WoLqo++1Gjt694YlLCbCxuYOCwXI74kH6ftbxJOq+YnWXFqnaSIQeMKs/GRpT34k
6XtvS2E0jLWcfPN4D8jUdtvo83nZZMv9/Le5IixhAzPZ977DUHxB8KIKxxKnn9vn
RYdOn2LiEfTks/lZVO1paM8OrpFg62ZU0JmGhdudUUAgG614VUTharmfXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG1FzHm6IEVsZ7wMWOFbLYKGYSfCMB8GA1UdIwQY
MBaAFMnQ+5YIrZW0v+auLp8T4AL9q2gNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjkt
MDUzNDk1ODc1OWFjLzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjktMDUzNDk1ODc1OWFj
LzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVWr9n/1p
r6SYB6NnQ297zx5Mw6QzGlJ3pLbaXat7PflFQ2gLV8xrlcRlIT2ECYsWNCuCYE6u
hMTXgAmadVoKKiqzKdbS1/X6Nql1ZldcBMsOx5x/TbiqEdfmZGGXa5TNGV0fgVYN
wmxINJ1bCr7zQV1+yWOCpXmGtXeU72BArWEtG5JBD8kjeKUXG0X3REFxupR3axqu
XwTZ1ZFYcYmVNvH4UQ/dckoz+i/bgYViIpg8m+mJG/nMpxA9danYb0VqNeW65mXg
B77S6F3AHrsZ4vpC+n3aWkY+Cc4e1RAEj9Gr5Il9hdWxzYyP31WykDUkelKeiIEp
sL2o6t2cy0mO/Q==
-----END CERTIFICATE-----