Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.mft
File:                     _yBr0QgxynN4dWteFhc4lqYLAZE.mft (raw, json)
Hash identifier:          tM3OB+EVFBX3UobJD6oOBuwkHDADK0FvCMWvNNF1Ut8=
Subject key identifier:   37:F3:FA:7B:8C:94:8C:2B:5F:EE:48:96:2B:A2:EB:CA:00:BA:AF:15
Authority key identifier: FF:20:6B:D1:08:31:CA:73:78:75:6B:5E:16:17:38:96:A6:0B:01:91
Certificate issuer:       /CN=ff206bd10831ca7378756b5e16173896a60b0191
Certificate serial:       019D382E118FDFC99E72476175D9D22AA333
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_yBr0QgxynN4dWteFhc4lqYLAZE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.mft
Manifest number:          104E
Signing time:             Sun 29 Mar 2026 06:00:36 +0000
Manifest this update:     Sun 29 Mar 2026 06:00:36 +0000
Manifest next update:     Mon 30 Mar 2026 06:00:36 +0000
Files and hashes:         1: _yBr0QgxynN4dWteFhc4lqYLAZE.crl (hash: 432tHiAnikGacaQ4nipaQbYm6cpLTSzV5xzcQ+Gwhng=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_yBr0QgxynN4dWteFhc4lqYLAZE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 06:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:2e:11:8f:df:c9:9e:72:47:61:75:d9:d2:2a:a3:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff206bd10831ca7378756b5e16173896a60b0191
        Validity
            Not Before: Mar 29 06:00:36 2026 GMT
            Not After : Mar 30 06:00:36 2026 GMT
        Subject: CN=37f3fa7b8c948c2b5fee48962ba2ebca00baaf15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:b9:5f:ef:b8:45:90:57:96:19:a5:89:70:f0:
                    15:8f:91:3c:34:76:fb:d1:b3:05:48:7e:ab:b1:c8:
                    8c:9a:84:b4:4e:4e:76:cb:9a:0a:8b:bb:6d:d6:23:
                    43:e7:00:c4:6e:ad:9c:e4:f7:70:89:0f:8d:dd:7b:
                    3f:00:f4:68:f0:ae:57:a0:ff:b4:49:77:93:90:14:
                    5f:2c:54:50:1c:06:0f:57:fe:9b:ea:55:95:10:1b:
                    9e:71:9f:6c:d5:89:c9:1c:fb:84:89:98:26:b4:c4:
                    e6:45:98:6a:7e:b3:32:2b:b2:08:3b:1e:27:75:07:
                    86:c3:2a:3d:e4:be:73:ea:79:47:31:40:6a:5a:2e:
                    c0:c4:ad:68:b9:8a:6c:72:f3:55:a7:2f:11:b7:66:
                    55:d8:0a:f3:a7:cf:40:00:b1:74:6d:03:f6:f6:c0:
                    f0:9a:02:13:bc:a7:a4:ef:2d:43:72:e9:69:c8:a9:
                    a9:a9:15:c7:de:f8:b4:5a:c1:df:1e:03:15:88:f8:
                    84:87:88:15:27:de:f6:10:29:0f:5c:06:84:c2:4c:
                    b0:3f:6d:75:57:d2:7e:4a:28:12:67:a1:2c:ef:2a:
                    e0:3f:74:27:51:ce:3b:6b:d1:16:c0:e6:76:eb:23:
                    aa:04:c2:85:cb:ac:ed:cf:0e:67:56:3e:54:9f:9d:
                    15:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:F3:FA:7B:8C:94:8C:2B:5F:EE:48:96:2B:A2:EB:CA:00:BA:AF:15
            X509v3 Authority Key Identifier:
                keyid:FF:20:6B:D1:08:31:CA:73:78:75:6B:5E:16:17:38:96:A6:0B:01:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_yBr0QgxynN4dWteFhc4lqYLAZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:db:e8:a8:b9:7c:a1:05:90:0e:99:83:4a:a1:4d:84:fa:79:
         e8:0a:dd:a7:d4:53:e7:ee:ec:17:dc:b7:09:71:a5:4e:9a:a8:
         5a:d7:33:8f:3f:b8:9c:71:05:56:5a:6d:82:df:74:1b:aa:fa:
         cc:76:a0:b7:34:1b:3f:42:2f:5a:d8:f4:a9:bc:45:f7:d3:09:
         54:70:91:c5:1d:02:21:b5:77:63:95:48:a9:80:02:a5:6b:7a:
         f7:ec:ac:d0:12:35:03:4c:09:eb:48:78:8b:cc:38:3e:5e:e9:
         45:00:0a:f8:61:e1:30:5f:9e:9d:dd:65:ff:82:af:2f:c5:e1:
         9c:b1:78:b8:fe:4a:eb:20:73:0b:e3:2e:1d:96:ab:ea:ca:ba:
         5e:88:46:52:6c:4d:d7:6c:29:c0:b0:f8:05:13:35:1b:57:f6:
         db:2e:52:e7:0a:b1:b6:94:e9:00:5d:1f:26:00:1b:25:f3:d3:
         52:8d:c0:e6:0e:b3:74:36:3a:77:9b:55:5a:c5:43:d5:97:b6:
         35:9e:2d:35:43:bc:54:ed:e9:a2:31:8d:2d:6c:b0:44:7c:27:
         8b:52:ae:8e:80:95:2e:00:3c:79:e6:ae:cd:b3:e1:a7:53:2e:
         a3:6e:81:a5:9d:3e:c2:db:6c:f9:55:56:e2:8f:9d:c9:00:23:
         d8:76:5a:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LhGP38meckdhddnSKqMzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMjA2YmQxMDgzMWNhNzM3ODc1NmI1ZTE2MTczODk2YTYw
YjAxOTEwHhcNMjYwMzI5MDYwMDM2WhcNMjYwMzMwMDYwMDM2WjAzMTEwLwYDVQQD
EygzN2YzZmE3YjhjOTQ4YzJiNWZlZTQ4OTYyYmEyZWJjYTAwYmFhZjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLlf77hFkFeWGaWJcPAVj5E8NHb7
0bMFSH6rsciMmoS0Tk52y5oKi7tt1iND5wDEbq2c5PdwiQ+N3Xs/APRo8K5XoP+0
SXeTkBRfLFRQHAYPV/6b6lWVEBuecZ9s1YnJHPuEiZgmtMTmRZhqfrMyK7IIOx4n
dQeGwyo95L5z6nlHMUBqWi7AxK1ouYpscvNVpy8Rt2ZV2Arzp89AALF0bQP29sDw
mgITvKek7y1DculpyKmpqRXH3vi0WsHfHgMViPiEh4gVJ972ECkPXAaEwkywP211
V9J+SigSZ6Es7yrgP3QnUc47a9EWwOZ26yOqBMKFy6ztzw5nVj5Un50V9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDfz+nuMlIwrX+5Iliui68oAuq8VMB8GA1UdIwQY
MBaAFP8ga9EIMcpzeHVrXhYXOJamCwGRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3lCcjBRZ3h5bk40ZFd0ZUZoYzRscVlMQVpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9hMzVkMzctNzQ0Ny00Y2Y0LTk4MmYt
NTBmMzk4YmIyNmU5LzEvX3lCcjBRZ3h5bk40ZFd0ZUZoYzRscVlMQVpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9hMzVkMzctNzQ0Ny00Y2Y0LTk4MmYtNTBmMzk4YmIyNmU5
LzEvX3lCcjBRZ3h5bk40ZFd0ZUZoYzRscVlMQVpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd9voqLl8
oQWQDpmDSqFNhPp56Ardp9RT5+7sF9y3CXGlTpqoWtczjz+4nHEFVlptgt90G6r6
zHagtzQbP0IvWtj0qbxF99MJVHCRxR0CIbV3Y5VIqYACpWt69+ys0BI1A0wJ60h4
i8w4Pl7pRQAK+GHhMF+end1l/4KvL8XhnLF4uP5K6yBzC+MuHZar6sq6XohGUmxN
12wpwLD4BRM1G1f22y5S5wqxtpTpAF0fJgAbJfPTUo3A5g6zdDY6d5tVWsVD1Ze2
NZ4tNUO8VO3pojGNLWywRHwni1KujoCVLgA8eeauzbPhp1Muo26BpZ0+wtts+VVW
4o+dyQAj2HZaOA==
-----END CERTIFICATE-----