Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/df5c6f-bb17-42af-ab4a-12dfd5e395f9/1/yigmXgq4MyeqVJI0yrsT64_2ZDc.mft
File:                     yigmXgq4MyeqVJI0yrsT64_2ZDc.mft (raw, json)
Hash identifier:          bG7b+//xINpdYF9ToXczYVwSxfzHgZSXBiF1SJsvias=
Subject key identifier:   11:69:CA:5F:49:B0:47:87:2D:80:9D:97:ED:4B:8E:4D:F1:AD:B4:49
Authority key identifier: CA:28:26:5E:0A:B8:33:27:AA:54:92:34:CA:BB:13:EB:8F:F6:64:37
Certificate issuer:       /CN=ca28265e0ab83327aa549234cabb13eb8ff66437
Certificate serial:       019D99D0725AEF009A97A79B33D2B31E6419
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yigmXgq4MyeqVJI0yrsT64_2ZDc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/df5c6f-bb17-42af-ab4a-12dfd5e395f9/1/yigmXgq4MyeqVJI0yrsT64_2ZDc.mft
Manifest number:          1222
Signing time:             Fri 17 Apr 2026 05:01:07 +0000
Manifest this update:     Fri 17 Apr 2026 05:01:07 +0000
Manifest next update:     Sat 18 Apr 2026 05:01:07 +0000
Files and hashes:         1: yigmXgq4MyeqVJI0yrsT64_2ZDc.crl (hash: MeCHvBBW0Q+5QuuoLMLbRW9gDZxXYqWoOSK2bfmTPAU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/df5c6f-bb17-42af-ab4a-12dfd5e395f9/1/yigmXgq4MyeqVJI0yrsT64_2ZDc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/df5c6f-bb17-42af-ab4a-12dfd5e395f9/1/yigmXgq4MyeqVJI0yrsT64_2ZDc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yigmXgq4MyeqVJI0yrsT64_2ZDc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 05:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:d0:72:5a:ef:00:9a:97:a7:9b:33:d2:b3:1e:64:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca28265e0ab83327aa549234cabb13eb8ff66437
        Validity
            Not Before: Apr 17 05:01:07 2026 GMT
            Not After : Apr 18 05:01:07 2026 GMT
        Subject: CN=1169ca5f49b047872d809d97ed4b8e4df1adb449
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:e3:e2:35:2e:a2:f1:41:52:59:89:1d:4a:e3:
                    40:03:e4:eb:18:48:fe:8e:84:a2:61:58:49:17:42:
                    dd:47:93:6b:c0:21:e2:a7:9d:06:c9:35:a3:10:0c:
                    93:4a:cc:3f:64:5a:11:0d:c4:19:b3:9d:be:95:d8:
                    44:f3:bf:7f:06:3c:9e:3d:55:56:4d:9f:1f:1d:76:
                    1e:c9:7a:d6:26:ce:c7:ac:a0:32:f7:0c:65:e2:c6:
                    70:bf:f4:ed:15:a7:5b:7a:3b:fa:58:22:b6:45:5e:
                    9b:05:87:16:3c:ec:65:ea:9a:a4:79:36:9d:22:51:
                    b3:e5:63:e1:93:df:d9:46:df:d7:ba:c8:d6:e8:88:
                    77:58:8d:94:05:37:eb:56:5c:85:8e:3e:16:a6:22:
                    87:f8:3f:68:f1:f3:ad:4f:47:2d:ff:aa:f3:7a:68:
                    c9:dd:08:42:db:07:77:81:9b:15:76:a5:8b:2c:a6:
                    f9:84:f3:4d:47:6f:8f:25:52:7b:ba:c0:24:9c:5c:
                    f7:44:dd:37:fb:da:f3:dd:da:1d:8e:2f:5e:05:df:
                    ff:06:cd:a7:d0:5d:c2:c1:8a:52:de:ba:66:fd:7a:
                    ab:cb:b8:99:56:7e:1f:0b:9c:ce:40:80:79:0b:4c:
                    d0:fd:da:78:4c:43:72:30:97:79:04:7b:d6:4b:74:
                    33:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:69:CA:5F:49:B0:47:87:2D:80:9D:97:ED:4B:8E:4D:F1:AD:B4:49
            X509v3 Authority Key Identifier:
                keyid:CA:28:26:5E:0A:B8:33:27:AA:54:92:34:CA:BB:13:EB:8F:F6:64:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yigmXgq4MyeqVJI0yrsT64_2ZDc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/df5c6f-bb17-42af-ab4a-12dfd5e395f9/1/yigmXgq4MyeqVJI0yrsT64_2ZDc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/df5c6f-bb17-42af-ab4a-12dfd5e395f9/1/yigmXgq4MyeqVJI0yrsT64_2ZDc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:46:c9:6a:f1:1b:7c:05:37:fd:21:9c:cc:5f:46:ab:4d:d9:
         77:bc:5f:a3:bb:79:a2:47:05:b2:78:72:60:3e:db:cf:3c:a3:
         76:c0:2f:7d:e3:71:b2:43:15:4c:01:f6:39:da:f3:51:a8:ab:
         b7:3f:6c:03:a6:62:09:7d:3f:f5:0e:44:d0:66:21:8b:fb:56:
         7b:b6:14:29:5a:51:86:f5:32:4c:d4:f0:8f:67:70:e6:fc:d0:
         0a:27:f2:a3:42:69:1f:4c:c3:2e:ed:2c:f8:76:80:f7:7f:73:
         9c:ad:e8:b8:0e:20:5e:71:1c:fb:f5:d2:3f:1b:26:d5:7f:51:
         d9:0d:74:b8:46:8b:40:18:73:e7:2f:1a:d8:d1:7d:a6:c0:be:
         cc:ec:ff:46:f8:75:62:e3:67:35:37:c0:5d:14:ca:dd:0c:e0:
         ad:3f:1d:65:ae:9a:df:7b:ad:99:85:12:ff:b6:26:5a:b8:7b:
         0c:a0:7f:39:1b:ac:13:b6:ad:11:e3:5a:ef:82:a9:ff:6e:9c:
         74:3b:99:88:05:98:ff:af:c9:a3:a8:74:fc:59:0a:b3:15:28:
         2b:2e:f0:77:38:3a:76:28:8a:76:37:18:05:eb:ba:ea:f8:0b:
         c8:cc:05:58:e3:ee:8f:0d:dc:f6:3c:85:bf:4a:d3:ec:9e:10:
         94:98:d8:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Z0HJa7wCal6ebM9KzHmQZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMjgyNjVlMGFiODMzMjdhYTU0OTIzNGNhYmIxM2ViOGZm
NjY0MzcwHhcNMjYwNDE3MDUwMTA3WhcNMjYwNDE4MDUwMTA3WjAzMTEwLwYDVQQD
EygxMTY5Y2E1ZjQ5YjA0Nzg3MmQ4MDlkOTdlZDRiOGU0ZGYxYWRiNDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuPiNS6i8UFSWYkdSuNAA+TrGEj+
joSiYVhJF0LdR5NrwCHip50GyTWjEAyTSsw/ZFoRDcQZs52+ldhE879/BjyePVVW
TZ8fHXYeyXrWJs7HrKAy9wxl4sZwv/TtFadbejv6WCK2RV6bBYcWPOxl6pqkeTad
IlGz5WPhk9/ZRt/XusjW6Ih3WI2UBTfrVlyFjj4WpiKH+D9o8fOtT0ct/6rzemjJ
3QhC2wd3gZsVdqWLLKb5hPNNR2+PJVJ7usAknFz3RN03+9rz3dodji9eBd//Bs2n
0F3CwYpS3rpm/Xqry7iZVn4fC5zOQIB5C0zQ/dp4TENyMJd5BHvWS3QziQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBFpyl9JsEeHLYCdl+1Ljk3xrbRJMB8GA1UdIwQY
MBaAFMooJl4KuDMnqlSSNMq7E+uP9mQ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWlnbVhncTRNeWVxVkpJMHlyc1Q2NF8yWkRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kZjVjNmYtYmIxNy00MmFmLWFiNGEt
MTJkZmQ1ZTM5NWY5LzEveWlnbVhncTRNeWVxVkpJMHlyc1Q2NF8yWkRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kZjVjNmYtYmIxNy00MmFmLWFiNGEtMTJkZmQ1ZTM5NWY5
LzEveWlnbVhncTRNeWVxVkpJMHlyc1Q2NF8yWkRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQkbJavEb
fAU3/SGczF9Gq03Zd7xfo7t5okcFsnhyYD7bzzyjdsAvfeNxskMVTAH2OdrzUair
tz9sA6ZiCX0/9Q5E0GYhi/tWe7YUKVpRhvUyTNTwj2dw5vzQCifyo0JpH0zDLu0s
+HaA939znK3ouA4gXnEc+/XSPxsm1X9R2Q10uEaLQBhz5y8a2NF9psC+zOz/Rvh1
YuNnNTfAXRTK3QzgrT8dZa6a33utmYUS/7YmWrh7DKB/ORusE7atEeNa74Kp/26c
dDuZiAWY/6/Jo6h0/FkKsxUoKy7wdzg6diiKdjcYBeu66vgLyMwFWOPujw3c9jyF
v0rT7J4QlJjYbA==
-----END CERTIFICATE-----