Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft
File:                     YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft (raw, json)
Hash identifier:          UlRWFr84nIG8z0giPt9yXEpN0wfCj2Z5p7irV07iqUQ=
Subject key identifier:   33:B1:06:67:37:E0:A1:4B:1F:B5:56:31:F2:07:51:29:54:B4:F0:13
Authority key identifier: 60:F3:1D:82:0C:32:40:0D:EC:0C:60:49:61:78:99:4D:57:75:2A:CC
Certificate issuer:       /CN=60f31d820c32400dec0c60496178994d57752acc
Certificate serial:       019D9CD1F3A71171D6605F623F5ABE9978A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YPMdggwyQA3sDGBJYXiZTVd1Ksw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft
Manifest number:          18BF
Signing time:             Fri 17 Apr 2026 19:01:38 +0000
Manifest this update:     Fri 17 Apr 2026 19:01:38 +0000
Manifest next update:     Sat 18 Apr 2026 19:01:38 +0000
Files and hashes:         1: YPMdggwyQA3sDGBJYXiZTVd1Ksw.crl (hash: 3HIiqJGV8vZgmFDBy7V7yAH9ZOL42pwg8b+3TtE9Arw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YPMdggwyQA3sDGBJYXiZTVd1Ksw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 16:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9c:d1:f3:a7:11:71:d6:60:5f:62:3f:5a:be:99:78:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60f31d820c32400dec0c60496178994d57752acc
        Validity
            Not Before: Apr 17 19:01:38 2026 GMT
            Not After : Apr 18 19:01:38 2026 GMT
        Subject: CN=33b1066737e0a14b1fb55631f207512954b4f013
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:35:f9:02:32:4f:56:3a:9a:5d:e5:6e:37:98:
                    94:fe:97:ea:5c:e1:6a:9a:9a:cb:89:03:be:ae:16:
                    d8:02:62:c4:83:0f:01:6f:11:3d:12:a3:be:cd:b0:
                    ff:02:ee:2a:f7:67:2b:97:55:ee:81:9d:d0:43:19:
                    ad:18:f6:69:68:99:f7:52:c9:b7:da:09:fb:2a:db:
                    d1:8b:02:b2:98:39:1f:76:4f:79:d1:36:ab:f5:5e:
                    c7:29:3e:63:d6:af:57:9e:12:c5:ed:60:c7:ea:4c:
                    f8:a0:9b:ac:3c:5e:9e:22:55:d6:c1:4d:0a:ac:ae:
                    99:ce:47:c7:2b:94:f6:72:4f:93:29:82:5c:f7:5a:
                    46:59:00:9c:13:9c:3f:ba:ed:76:58:5b:6a:70:4f:
                    11:16:41:2a:52:6e:e8:f0:e7:6f:80:05:00:ab:40:
                    f7:ef:ac:1a:15:bd:53:d7:fe:d7:fa:4b:d6:2e:f0:
                    a4:19:a0:d0:fe:50:7c:fe:44:ea:5b:81:7e:31:1a:
                    ab:d4:d9:0d:a6:5d:ec:31:64:ca:69:7a:3c:61:99:
                    e8:e2:e4:e0:32:e1:b1:d6:9f:0e:66:e7:dd:f0:f8:
                    ca:af:0e:db:50:e4:98:3a:8f:99:cf:c2:6c:2e:5f:
                    88:1f:34:29:92:99:d1:c3:36:70:9e:12:ca:49:8b:
                    45:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:B1:06:67:37:E0:A1:4B:1F:B5:56:31:F2:07:51:29:54:B4:F0:13
            X509v3 Authority Key Identifier:
                keyid:60:F3:1D:82:0C:32:40:0D:EC:0C:60:49:61:78:99:4D:57:75:2A:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YPMdggwyQA3sDGBJYXiZTVd1Ksw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/a28553-899c-4068-9673-ded2113b9060/1/YPMdggwyQA3sDGBJYXiZTVd1Ksw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:bf:c8:64:87:37:e5:f8:9d:ea:20:21:b9:a3:ea:b5:9b:30:
         f8:e4:5d:a0:bf:20:f6:a0:e8:70:f2:66:ae:aa:03:16:96:d3:
         55:ac:45:5b:ad:f1:39:6f:4d:42:77:56:59:f2:20:c1:d8:ca:
         9c:e6:c1:fb:cb:15:bc:20:8b:68:a5:02:35:7a:8d:d8:f1:f0:
         ce:2a:81:1a:df:66:68:3d:51:40:b0:1d:e2:98:46:f3:fa:68:
         64:72:7c:af:f1:8a:7a:e5:24:98:d4:ac:67:10:19:2f:c5:4f:
         90:f7:73:e2:9c:7f:84:c3:28:25:fa:31:36:74:c3:da:7e:dd:
         5d:0e:11:8c:27:6d:7a:26:ce:f0:4c:7d:b2:80:82:f1:5c:db:
         cd:9f:31:7d:af:d0:4b:55:e3:86:ae:d2:5d:93:2f:18:47:7d:
         fd:d4:62:b8:07:91:b8:78:88:03:55:89:0c:77:d0:24:29:7a:
         5f:a5:8b:4a:a6:88:67:1e:aa:55:17:23:38:a4:a0:9f:fe:c7:
         cf:54:d2:39:40:83:c9:61:c8:e6:ff:0e:24:a5:9f:bc:58:94:
         e8:c2:73:25:c2:b8:0e:f9:b4:76:4c:57:3a:1c:fd:8f:8f:ac:
         8d:83:ae:0e:11:60:33:39:ed:96:2a:6a:0a:23:5c:9d:20:61:
         29:3b:44:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2c0fOnEXHWYF9iP1q+mXikMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZjMxZDgyMGMzMjQwMGRlYzBjNjA0OTYxNzg5OTRkNTc3
NTJhY2MwHhcNMjYwNDE3MTkwMTM4WhcNMjYwNDE4MTkwMTM4WjAzMTEwLwYDVQQD
EygzM2IxMDY2NzM3ZTBhMTRiMWZiNTU2MzFmMjA3NTEyOTU0YjRmMDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDX5AjJPVjqaXeVuN5iU/pfqXOFq
mprLiQO+rhbYAmLEgw8BbxE9EqO+zbD/Au4q92crl1XugZ3QQxmtGPZpaJn3Usm3
2gn7KtvRiwKymDkfdk950Tar9V7HKT5j1q9XnhLF7WDH6kz4oJusPF6eIlXWwU0K
rK6ZzkfHK5T2ck+TKYJc91pGWQCcE5w/uu12WFtqcE8RFkEqUm7o8OdvgAUAq0D3
76waFb1T1/7X+kvWLvCkGaDQ/lB8/kTqW4F+MRqr1NkNpl3sMWTKaXo8YZno4uTg
MuGx1p8OZufd8PjKrw7bUOSYOo+Zz8JsLl+IHzQpkpnRwzZwnhLKSYtFxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDOxBmc34KFLH7VWMfIHUSlUtPATMB8GA1UdIwQY
MBaAFGDzHYIMMkAN7AxgSWF4mU1XdSrMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVBNZGdnd3lRQTNzREdCSllYaVpUVmQxS3N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9hMjg1NTMtODk5Yy00MDY4LTk2NzMt
ZGVkMjExM2I5MDYwLzEvWVBNZGdnd3lRQTNzREdCSllYaVpUVmQxS3N3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9hMjg1NTMtODk5Yy00MDY4LTk2NzMtZGVkMjExM2I5MDYw
LzEvWVBNZGdnd3lRQTNzREdCSllYaVpUVmQxS3N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACb/IZIc3
5fid6iAhuaPqtZsw+ORdoL8g9qDocPJmrqoDFpbTVaxFW63xOW9NQndWWfIgwdjK
nObB+8sVvCCLaKUCNXqN2PHwziqBGt9maD1RQLAd4phG8/poZHJ8r/GKeuUkmNSs
ZxAZL8VPkPdz4px/hMMoJfoxNnTD2n7dXQ4RjCdteibO8Ex9soCC8VzbzZ8xfa/Q
S1Xjhq7SXZMvGEd9/dRiuAeRuHiIA1WJDHfQJCl6X6WLSqaIZx6qVRcjOKSgn/7H
z1TSOUCDyWHI5v8OJKWfvFiU6MJzJcK4Dvm0dkxXOhz9j4+sjYOuDhFgMzntlipq
CiNcnSBhKTtE7Q==
-----END CERTIFICATE-----