Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/e3c390-e475-4024-ac7f-08740df87106/1/Yefv0ZrydUeUJswZJcW8Ls7ums4.mft
File:                     Yefv0ZrydUeUJswZJcW8Ls7ums4.mft (raw, json)
Hash identifier:          /gsYn9G1bG3jvEll1gBQFg9SEiFCFjQtJ+vjR0s6E1U=
Subject key identifier:   43:5D:90:5A:42:15:D9:57:EC:3B:FC:66:46:1F:04:F9:73:C2:5A:53
Authority key identifier: 61:E7:EF:D1:9A:F2:75:47:94:26:CC:19:25:C5:BC:2E:CE:EE:9A:CE
Certificate issuer:       /CN=61e7efd19af275479426cc1925c5bc2eceee9ace
Certificate serial:       019D984FF6035BC9AE5D78AB4345CE38C93D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yefv0ZrydUeUJswZJcW8Ls7ums4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/e3c390-e475-4024-ac7f-08740df87106/1/Yefv0ZrydUeUJswZJcW8Ls7ums4.mft
Manifest number:          17D2
Signing time:             Thu 16 Apr 2026 22:01:10 +0000
Manifest this update:     Thu 16 Apr 2026 22:01:10 +0000
Manifest next update:     Fri 17 Apr 2026 22:01:10 +0000
Files and hashes:         1: Yefv0ZrydUeUJswZJcW8Ls7ums4.crl (hash: 5atM6V4lQkRarOcERp4piA0hwDL1uiqlbA5woBowcmE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/e3c390-e475-4024-ac7f-08740df87106/1/Yefv0ZrydUeUJswZJcW8Ls7ums4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/e3c390-e475-4024-ac7f-08740df87106/1/Yefv0ZrydUeUJswZJcW8Ls7ums4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Yefv0ZrydUeUJswZJcW8Ls7ums4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:4f:f6:03:5b:c9:ae:5d:78:ab:43:45:ce:38:c9:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61e7efd19af275479426cc1925c5bc2eceee9ace
        Validity
            Not Before: Apr 16 22:01:10 2026 GMT
            Not After : Apr 17 22:01:10 2026 GMT
        Subject: CN=435d905a4215d957ec3bfc66461f04f973c25a53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:7d:15:3c:4d:b8:64:04:01:db:fa:bd:a2:4e:
                    b4:6e:e3:49:f1:33:b9:1b:98:07:66:6d:c0:38:6a:
                    0c:a8:f6:41:0e:3b:91:1a:12:1b:af:ae:f8:7f:9c:
                    9a:d7:49:d7:b1:61:89:0c:6c:dd:7a:20:2d:00:39:
                    ea:67:8a:81:c9:90:0c:c6:6c:c0:92:45:51:29:77:
                    24:db:0c:c2:ee:1c:7f:68:3d:ef:73:b3:19:aa:a8:
                    9e:95:9f:4f:84:2c:61:8c:ab:fe:7b:ba:23:58:0e:
                    ef:2b:12:1c:8f:40:4b:8e:08:f9:52:ed:0a:f3:25:
                    6a:f8:87:bd:61:6a:48:3d:3b:a3:3a:80:81:cf:49:
                    f2:8c:4c:49:bf:18:5a:95:f1:e0:62:03:97:8a:8f:
                    e3:a7:86:6b:1f:17:1b:89:af:39:90:cf:5a:f7:04:
                    de:20:d9:75:1c:7e:4e:8c:03:27:7e:6d:0d:1b:6e:
                    85:15:8d:c9:67:e0:23:78:1b:9d:6e:e7:73:ce:3f:
                    42:14:f1:68:d1:e2:3e:2b:c7:b6:8f:2b:7e:8e:2b:
                    bc:33:b1:44:06:6f:4e:40:ec:4b:5c:1e:24:2b:7c:
                    74:ea:45:6c:20:92:a4:93:f3:fb:4e:1c:e0:e3:b7:
                    ea:fb:dc:d6:0a:eb:2f:61:5e:f8:eb:5b:a9:df:fb:
                    a0:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:5D:90:5A:42:15:D9:57:EC:3B:FC:66:46:1F:04:F9:73:C2:5A:53
            X509v3 Authority Key Identifier:
                keyid:61:E7:EF:D1:9A:F2:75:47:94:26:CC:19:25:C5:BC:2E:CE:EE:9A:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yefv0ZrydUeUJswZJcW8Ls7ums4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/e3c390-e475-4024-ac7f-08740df87106/1/Yefv0ZrydUeUJswZJcW8Ls7ums4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/e3c390-e475-4024-ac7f-08740df87106/1/Yefv0ZrydUeUJswZJcW8Ls7ums4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:29:e0:5e:23:72:47:8e:37:66:27:64:3a:71:68:79:7a:c8:
         09:0d:46:e1:92:33:38:ab:60:03:63:e1:0b:79:86:55:33:c4:
         f6:7f:87:44:a6:82:8c:cd:92:3b:5f:de:1e:34:c0:3e:91:bc:
         de:e4:a8:d1:43:f6:a9:83:86:1b:18:8d:84:61:a6:64:9f:a0:
         d8:79:f0:92:5d:69:a5:ab:c2:e9:44:a3:46:5a:46:ae:f1:4b:
         8f:0e:e6:e5:b1:59:a5:34:df:78:3a:3d:b5:1a:0c:c2:89:3b:
         2a:db:63:5e:5a:dd:3d:04:e6:4d:cb:6f:95:f4:f0:3a:fc:62:
         71:96:3a:40:c2:d0:1c:2f:4b:8e:b3:6a:e3:48:d2:d5:8b:0e:
         71:27:e9:4b:61:59:19:58:a3:ee:3b:ea:90:87:bb:8d:79:14:
         17:63:ad:ad:4a:02:94:0b:70:f2:d8:85:0b:28:d8:5e:ff:f2:
         cf:05:1f:bd:4e:7f:b0:7d:40:5e:67:e4:60:00:6f:6b:f6:60:
         d6:e9:67:f0:9e:44:14:dd:f1:bc:b6:88:34:12:7f:25:be:3e:
         cf:07:fa:fc:a7:00:ce:c6:40:52:b2:da:cc:08:67:4d:f1:d5:
         2f:ef:3a:05:fa:bc:bf:e4:31:6c:d8:61:6f:d8:9c:0a:05:5c:
         cc:20:73:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YT/YDW8muXXirQ0XOOMk9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxZTdlZmQxOWFmMjc1NDc5NDI2Y2MxOTI1YzViYzJlY2Vl
ZTlhY2UwHhcNMjYwNDE2MjIwMTEwWhcNMjYwNDE3MjIwMTEwWjAzMTEwLwYDVQQD
Eyg0MzVkOTA1YTQyMTVkOTU3ZWMzYmZjNjY0NjFmMDRmOTczYzI1YTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz30VPE24ZAQB2/q9ok60buNJ8TO5
G5gHZm3AOGoMqPZBDjuRGhIbr674f5ya10nXsWGJDGzdeiAtADnqZ4qByZAMxmzA
kkVRKXck2wzC7hx/aD3vc7MZqqielZ9PhCxhjKv+e7ojWA7vKxIcj0BLjgj5Uu0K
8yVq+Ie9YWpIPTujOoCBz0nyjExJvxhalfHgYgOXio/jp4ZrHxcbia85kM9a9wTe
INl1HH5OjAMnfm0NG26FFY3JZ+AjeBudbudzzj9CFPFo0eI+K8e2jyt+jiu8M7FE
Bm9OQOxLXB4kK3x06kVsIJKkk/P7Thzg47fq+9zWCusvYV7461up3/ugRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFENdkFpCFdlX7Dv8ZkYfBPlzwlpTMB8GA1UdIwQY
MBaAFGHn79Ga8nVHlCbMGSXFvC7O7prOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWVmdjBacnlkVWVVSnN3WkpjVzhMczd1bXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9lM2MzOTAtZTQ3NS00MDI0LWFjN2Yt
MDg3NDBkZjg3MTA2LzEvWWVmdjBacnlkVWVVSnN3WkpjVzhMczd1bXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9lM2MzOTAtZTQ3NS00MDI0LWFjN2YtMDg3NDBkZjg3MTA2
LzEvWWVmdjBacnlkVWVVSnN3WkpjVzhMczd1bXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALyngXiNy
R443ZidkOnFoeXrICQ1G4ZIzOKtgA2PhC3mGVTPE9n+HRKaCjM2SO1/eHjTAPpG8
3uSo0UP2qYOGGxiNhGGmZJ+g2Hnwkl1ppavC6USjRlpGrvFLjw7m5bFZpTTfeDo9
tRoMwok7KttjXlrdPQTmTctvlfTwOvxicZY6QMLQHC9LjrNq40jS1YsOcSfpS2FZ
GVij7jvqkIe7jXkUF2OtrUoClAtw8tiFCyjYXv/yzwUfvU5/sH1AXmfkYABva/Zg
1uln8J5EFN3xvLaINBJ/Jb4+zwf6/KcAzsZAUrLazAhnTfHVL+86Bfq8v+QxbNhh
b9icCgVczCBznA==
-----END CERTIFICATE-----