Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft
File:                     yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft (raw, json)
Hash identifier:          GlBhtRsack3w1r/kjQ5CF+cFOiETQe/mgvZW5/DuvA8=
Subject key identifier:   B8:05:9B:F2:2E:05:74:6A:4A:BA:03:F3:D6:FA:A7:91:2F:43:1F:04
Authority key identifier: C8:DA:89:FB:15:2D:43:C6:3E:3D:A2:FD:6A:0B:0D:FB:22:A0:65:81
Certificate issuer:       /CN=c8da89fb152d43c63e3da2fd6a0b0dfb22a06581
Certificate serial:       019D99CFDF9204A81BA5B421CAB4FAF8F109
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft
Manifest number:          108F
Signing time:             Fri 17 Apr 2026 05:00:30 +0000
Manifest this update:     Fri 17 Apr 2026 05:00:30 +0000
Manifest next update:     Sat 18 Apr 2026 05:00:30 +0000
Files and hashes:         1: yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.crl (hash: OSMSPBIfUVHFfF4lSVkW8+whkSS8xuy54NiXrnrG0X8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 05:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:cf:df:92:04:a8:1b:a5:b4:21:ca:b4:fa:f8:f1:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8da89fb152d43c63e3da2fd6a0b0dfb22a06581
        Validity
            Not Before: Apr 17 05:00:30 2026 GMT
            Not After : Apr 18 05:00:30 2026 GMT
        Subject: CN=b8059bf22e05746a4aba03f3d6faa7912f431f04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:7d:aa:8e:96:b1:3b:8d:68:9b:f2:84:4a:29:
                    5e:fb:33:b6:58:c6:4a:d6:41:c9:71:4a:d3:05:73:
                    d2:3f:36:fd:68:05:46:42:9d:6b:e4:af:bd:29:80:
                    c1:c8:54:9b:23:ff:bf:06:d0:67:fa:49:a2:ed:5c:
                    41:6b:ee:f5:72:99:da:8b:a6:a1:3e:07:08:6d:5e:
                    76:ed:b8:30:e6:dd:9a:4e:b4:74:af:c6:18:9d:0c:
                    0d:0e:28:29:cc:df:9a:d3:60:d4:ef:2b:41:c6:6f:
                    b8:e8:bc:86:6a:5e:52:f4:3e:b0:be:27:d6:b8:30:
                    46:3e:15:99:f9:e7:50:94:b7:81:86:e1:54:1f:92:
                    0e:fa:a4:ec:e5:e0:6d:66:f5:e3:2c:69:79:97:e7:
                    9f:47:95:39:0d:57:b7:7c:e4:98:e8:70:c2:c7:eb:
                    bb:a1:34:e8:ca:b7:f9:9b:cc:25:11:ed:dc:38:12:
                    6c:b2:74:1c:56:b4:03:72:d2:43:7b:47:6c:ed:56:
                    c0:ca:9a:86:f1:f3:34:3a:47:51:53:e6:0d:02:71:
                    4e:4b:d5:9f:dd:f4:6c:bb:5a:e8:49:69:0a:b3:fb:
                    ba:e0:6b:fc:8b:82:34:98:86:a3:8d:95:15:96:c3:
                    58:f3:d4:45:28:c8:2f:8f:21:da:76:65:7f:46:b6:
                    f5:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:05:9B:F2:2E:05:74:6A:4A:BA:03:F3:D6:FA:A7:91:2F:43:1F:04
            X509v3 Authority Key Identifier:
                keyid:C8:DA:89:FB:15:2D:43:C6:3E:3D:A2:FD:6A:0B:0D:FB:22:A0:65:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:42:8a:2b:79:c0:1a:80:a1:ae:00:74:ba:22:b8:86:24:1d:
         58:85:db:d1:91:ee:4f:b6:12:a0:8d:1d:fd:5b:b6:8c:3c:82:
         7c:08:ad:13:c6:e2:f2:f4:cb:b6:5f:af:15:7a:d6:f4:84:19:
         93:34:40:ee:f3:11:a3:57:2b:5c:00:2c:69:11:87:69:c0:e5:
         1e:72:00:f2:99:17:0c:cc:db:52:0c:5e:5e:9c:dd:33:f6:24:
         15:49:90:61:43:d3:ee:65:1f:35:f3:30:36:38:c7:1a:f4:dd:
         44:ac:1b:82:a5:c8:2c:a5:2a:15:f3:29:24:6d:13:79:86:3e:
         26:ee:68:f2:13:6a:c8:b8:64:a4:b3:ba:3b:95:ed:b5:08:df:
         c9:50:b1:f3:08:32:4b:09:dc:c6:cb:fd:94:af:6f:0a:e7:4d:
         c7:9a:d4:d2:e9:02:a7:9d:ff:26:00:9d:bb:1d:ba:04:e4:2e:
         49:66:c3:fb:4f:71:f5:0a:f3:37:50:03:a7:18:c8:b5:36:e1:
         4b:b7:8a:0e:f3:44:24:fb:4f:d5:8d:8a:e9:7a:4d:6c:c6:43:
         32:34:2f:eb:7f:d2:75:0f:33:f5:cf:5a:c3:e5:3b:aa:a3:63:
         7c:b7:8e:47:a0:26:ac:92:a5:45:c8:6f:e8:84:9a:f5:4e:41:
         15:c5:ed:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Zz9+SBKgbpbQhyrT6+PEJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZGE4OWZiMTUyZDQzYzYzZTNkYTJmZDZhMGIwZGZiMjJh
MDY1ODEwHhcNMjYwNDE3MDUwMDMwWhcNMjYwNDE4MDUwMDMwWjAzMTEwLwYDVQQD
EyhiODA1OWJmMjJlMDU3NDZhNGFiYTAzZjNkNmZhYTc5MTJmNDMxZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArH2qjpaxO41om/KESile+zO2WMZK
1kHJcUrTBXPSPzb9aAVGQp1r5K+9KYDByFSbI/+/BtBn+kmi7VxBa+71cpnai6ah
PgcIbV527bgw5t2aTrR0r8YYnQwNDigpzN+a02DU7ytBxm+46LyGal5S9D6wvifW
uDBGPhWZ+edQlLeBhuFUH5IO+qTs5eBtZvXjLGl5l+efR5U5DVe3fOSY6HDCx+u7
oTToyrf5m8wlEe3cOBJssnQcVrQDctJDe0ds7VbAypqG8fM0OkdRU+YNAnFOS9Wf
3fRsu1roSWkKs/u64Gv8i4I0mIajjZUVlsNY89RFKMgvjyHadmV/Rrb1ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLgFm/IuBXRqSroD89b6p5EvQx8EMB8GA1UdIwQY
MBaAFMjaifsVLUPGPj2i/WoLDfsioGWBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5xSi14VXRROFktUGFMOWFnc04teUtnWllFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iNTUwMDUtMDA1ZC00YTY0LWJlMWEt
ZGQyYjA2MWJkNGYyLzEveU5xSi14VXRROFktUGFMOWFnc04teUtnWllFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iNTUwMDUtMDA1ZC00YTY0LWJlMWEtZGQyYjA2MWJkNGYy
LzEveU5xSi14VXRROFktUGFMOWFnc04teUtnWllFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABkKKK3nA
GoChrgB0uiK4hiQdWIXb0ZHuT7YSoI0d/Vu2jDyCfAitE8bi8vTLtl+vFXrW9IQZ
kzRA7vMRo1crXAAsaRGHacDlHnIA8pkXDMzbUgxeXpzdM/YkFUmQYUPT7mUfNfMw
NjjHGvTdRKwbgqXILKUqFfMpJG0TeYY+Ju5o8hNqyLhkpLO6O5XttQjfyVCx8wgy
Swncxsv9lK9vCudNx5rU0ukCp53/JgCdux26BOQuSWbD+09x9QrzN1ADpxjItTbh
S7eKDvNEJPtP1Y2K6XpNbMZDMjQv63/SdQ8z9c9aw+U7qqNjfLeOR6AmrJKlRchv
6ISa9U5BFcXthQ==
-----END CERTIFICATE-----