Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
File:                     YTChAogFFzqiJUSk67mECskbyNA.mft (raw, json)
Hash identifier:          a0oaX+4VLmUngtFgBi8UQuVzZsCedAs5zUK6n2oElbE=
Subject key identifier:   0D:12:74:91:AA:27:44:2F:C0:22:7E:25:70:CE:CF:6A:37:C1:F8:76
Authority key identifier: 61:30:A1:02:88:05:17:3A:A2:25:44:A4:EB:B9:84:0A:C9:1B:C8:D0
Certificate issuer:       /CN=6130a1028805173aa22544a4ebb9840ac91bc8d0
Certificate serial:       019D9AE360368B1AF7BB376E460A6FFE289F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
Manifest number:          1022
Signing time:             Fri 17 Apr 2026 10:01:25 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:25 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:25 +0000
Files and hashes:         1: YTChAogFFzqiJUSk67mECskbyNA.crl (hash: XdjMyU8vY7FqlDRj6tNpG2bzwH5zMHEDQzvxnbedTis=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 10:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:60:36:8b:1a:f7:bb:37:6e:46:0a:6f:fe:28:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6130a1028805173aa22544a4ebb9840ac91bc8d0
        Validity
            Not Before: Apr 17 10:01:25 2026 GMT
            Not After : Apr 18 10:01:25 2026 GMT
        Subject: CN=0d127491aa27442fc0227e2570cecf6a37c1f876
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:62:3e:4e:5c:a5:53:c2:6c:67:9d:b6:a8:a1:
                    01:5a:a7:1c:0e:d6:12:9b:bb:88:21:6c:6a:63:04:
                    6a:59:54:61:5e:94:45:33:1b:5f:d9:5d:c8:7f:82:
                    98:15:33:e3:62:28:48:d4:e1:38:9b:7f:4a:50:d2:
                    e4:7f:b8:d6:40:70:ab:d4:1f:71:62:be:36:18:cc:
                    21:4c:f5:7a:7e:96:54:09:7e:c1:83:2d:ed:1f:ef:
                    87:b0:55:88:9e:b8:44:62:38:73:29:89:92:f9:45:
                    e3:96:cf:37:cd:b6:56:02:67:94:01:51:a3:05:cc:
                    55:81:fb:5a:40:31:46:5b:e2:09:7e:92:66:e1:68:
                    02:37:e1:6c:b2:cb:a7:22:21:c3:2d:31:92:87:ae:
                    60:7e:3a:43:1c:90:cb:52:92:cc:26:16:ae:c0:ee:
                    90:5c:4a:dc:c6:8a:cd:65:13:2a:5e:d0:fe:1a:6d:
                    22:48:c9:e2:c9:50:f3:1f:18:11:21:3f:7b:9d:ba:
                    51:4c:84:29:3d:a6:58:8a:67:5d:a2:0b:f1:27:ff:
                    20:2d:b0:24:c8:50:54:8f:a0:48:e6:ab:ba:30:75:
                    e5:54:db:97:e0:54:72:20:e9:5f:e9:aa:a6:10:f8:
                    d9:f2:6c:9e:d0:d9:e4:ef:fb:e0:db:29:06:dd:a1:
                    e3:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:12:74:91:AA:27:44:2F:C0:22:7E:25:70:CE:CF:6A:37:C1:F8:76
            X509v3 Authority Key Identifier:
                keyid:61:30:A1:02:88:05:17:3A:A2:25:44:A4:EB:B9:84:0A:C9:1B:C8:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:cc:f3:f1:66:18:50:71:76:99:57:d1:31:50:bd:d1:10:dc:
         0e:52:22:2a:f4:12:9f:17:fa:9d:11:a0:94:64:78:15:1d:0d:
         3b:0a:19:ff:e6:7f:85:58:80:6e:9a:dd:a5:ff:2c:57:67:ec:
         d3:3a:6f:fb:a9:ab:8f:50:10:7e:7a:20:3a:49:ef:03:0a:75:
         f9:ef:b3:42:44:bf:e8:7a:4f:ca:73:ec:1c:ea:04:81:32:78:
         b5:6a:fe:1d:ac:c6:3d:96:2e:69:d7:d8:83:d2:29:d9:56:f8:
         88:7d:63:36:4e:6b:d0:28:4f:7b:d4:ed:20:55:e6:31:68:bb:
         ae:5f:eb:8d:b3:ce:a2:cc:f2:70:58:ef:e3:75:28:16:cd:d2:
         ac:21:10:b6:8c:c9:72:e9:22:3c:c2:3e:19:71:bc:76:61:04:
         84:1d:99:df:d7:8d:02:8a:7a:38:b5:34:8f:aa:96:8a:5f:a8:
         91:cd:90:6b:bf:8a:43:8b:b9:97:5f:b5:62:c4:a2:46:e6:dc:
         cd:86:68:f6:bd:25:60:a6:76:1e:26:ee:20:69:a7:9e:cc:9a:
         d6:51:0f:88:ab:ad:aa:e7:9c:07:80:9e:be:c4:75:fb:d3:c9:
         d4:d0:c2:3d:51:7c:45:76:ab:54:5c:c1:08:f7:39:34:97:79:
         75:22:bc:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a42A2ixr3uzduRgpv/iifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMzBhMTAyODgwNTE3M2FhMjI1NDRhNGViYjk4NDBhYzkx
YmM4ZDAwHhcNMjYwNDE3MTAwMTI1WhcNMjYwNDE4MTAwMTI1WjAzMTEwLwYDVQQD
EygwZDEyNzQ5MWFhMjc0NDJmYzAyMjdlMjU3MGNlY2Y2YTM3YzFmODc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGI+TlylU8JsZ522qKEBWqccDtYS
m7uIIWxqYwRqWVRhXpRFMxtf2V3If4KYFTPjYihI1OE4m39KUNLkf7jWQHCr1B9x
Yr42GMwhTPV6fpZUCX7Bgy3tH++HsFWInrhEYjhzKYmS+UXjls83zbZWAmeUAVGj
BcxVgftaQDFGW+IJfpJm4WgCN+FsssunIiHDLTGSh65gfjpDHJDLUpLMJhauwO6Q
XErcxorNZRMqXtD+Gm0iSMniyVDzHxgRIT97nbpRTIQpPaZYimddogvxJ/8gLbAk
yFBUj6BI5qu6MHXlVNuX4FRyIOlf6aqmEPjZ8mye0Nnk7/vg2ykG3aHjpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA0SdJGqJ0QvwCJ+JXDOz2o3wfh2MB8GA1UdIwQY
MBaAFGEwoQKIBRc6oiVEpOu5hArJG8jQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8zYWU4NjMtNjkwZS00NjMxLTkxMjAt
YTUzYjVlOTc5MTMxLzEvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8zYWU4NjMtNjkwZS00NjMxLTkxMjAtYTUzYjVlOTc5MTMx
LzEvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP8zz8WYY
UHF2mVfRMVC90RDcDlIiKvQSnxf6nRGglGR4FR0NOwoZ/+Z/hViAbprdpf8sV2fs
0zpv+6mrj1AQfnogOknvAwp1+e+zQkS/6HpPynPsHOoEgTJ4tWr+HazGPZYuadfY
g9Ip2Vb4iH1jNk5r0ChPe9TtIFXmMWi7rl/rjbPOoszycFjv43UoFs3SrCEQtozJ
cukiPMI+GXG8dmEEhB2Z39eNAop6OLU0j6qWil+okc2Qa7+KQ4u5l1+1YsSiRubc
zYZo9r0lYKZ2HibuIGmnnsya1lEPiKutquecB4CevsR1+9PJ1NDCPVF8RXarVFzB
CPc5NJd5dSK87Q==
-----END CERTIFICATE-----