Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
File:                     yO91rieylt0KS84TZH2LWJv06cM.mft (raw, json)
Hash identifier:          aBAVA3KWZPtfn0et23siNOpNyv4+VRRyITgAmrX0WSk=
Subject key identifier:   5C:7A:32:A4:17:7B:D7:B7:A8:D4:8B:DB:9F:C1:18:CC:2D:1F:38:15
Authority key identifier: C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3
Certificate issuer:       /CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
Certificate serial:       019D98BD2BB137A245E25C01E5EE54F67448
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
Manifest number:          142E
Signing time:             Fri 17 Apr 2026 00:00:27 +0000
Manifest this update:     Fri 17 Apr 2026 00:00:27 +0000
Manifest next update:     Sat 18 Apr 2026 00:00:27 +0000
Files and hashes:         1: yO91rieylt0KS84TZH2LWJv06cM.crl (hash: OCf/skfIMjkqUdLfhL7A1G6U1uDhnUsZpZ1r8br4SU0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:bd:2b:b1:37:a2:45:e2:5c:01:e5:ee:54:f6:74:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
        Validity
            Not Before: Apr 17 00:00:27 2026 GMT
            Not After : Apr 18 00:00:27 2026 GMT
        Subject: CN=5c7a32a4177bd7b7a8d48bdb9fc118cc2d1f3815
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:35:d6:47:f1:8d:29:47:90:67:57:fb:04:45:
                    0b:4d:f0:ab:5e:dc:74:bc:1c:84:03:cd:92:9d:a8:
                    76:af:c7:52:8b:90:e5:3b:35:1d:f4:ed:ab:b4:08:
                    ed:1c:bf:9d:f0:39:c2:e3:89:cf:42:11:c3:dd:fb:
                    f9:72:0d:6d:b0:2f:89:27:20:23:9d:66:67:d4:e3:
                    b4:80:c0:b3:cd:3d:d3:f2:34:aa:53:36:8e:cd:f0:
                    22:1c:2c:97:9a:34:89:6d:de:30:f0:95:f4:fb:63:
                    3e:c8:ab:6e:6b:e6:62:1f:4e:3b:17:c7:eb:65:6d:
                    28:6d:37:2b:b1:77:11:d9:51:2b:f7:87:4d:ec:86:
                    ff:f0:57:66:fe:bc:0f:b3:2c:5c:8a:af:32:88:80:
                    1a:cd:25:9a:cb:e5:2b:a8:cf:0f:e0:68:26:92:23:
                    da:c2:8e:70:06:82:66:4e:8c:dd:59:67:b8:d3:b5:
                    56:eb:75:49:a1:c3:35:61:1c:54:74:7d:28:91:91:
                    24:26:85:9d:7c:cd:fc:25:f0:4c:25:f3:f2:32:68:
                    b0:5b:a3:ba:6b:4f:fc:61:57:45:74:47:12:af:fc:
                    62:07:4d:c0:f3:fe:ad:59:52:cf:6f:df:e5:c7:6a:
                    14:a1:06:5f:48:ec:eb:7f:67:f9:7d:4e:06:64:cd:
                    2f:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:7A:32:A4:17:7B:D7:B7:A8:D4:8B:DB:9F:C1:18:CC:2D:1F:38:15
            X509v3 Authority Key Identifier:
                keyid:C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:0f:30:ba:c2:05:15:d1:ba:56:a7:81:1e:b1:84:a9:bb:3a:
         52:71:00:78:2c:a7:ab:23:8a:19:85:73:2d:63:c6:8b:75:56:
         27:b9:d8:35:3e:a7:b9:74:c2:7e:c3:f3:9a:ea:26:81:3b:64:
         2b:eb:4b:d1:98:2f:e8:5f:77:60:fc:b1:31:4f:77:69:3b:84:
         14:91:67:b1:72:49:95:0c:91:4e:18:27:72:bb:11:95:49:57:
         29:4b:f8:f0:16:3a:d3:e0:6e:47:04:93:ac:5b:7d:9d:a1:3f:
         a1:b0:4e:db:6e:89:79:83:2c:5b:d4:14:17:04:3d:3c:57:6c:
         f8:55:45:21:17:65:5d:11:45:65:e0:6d:43:28:38:2f:e9:b6:
         24:4e:e3:1c:c1:40:11:d8:50:1e:0e:b7:5a:af:76:77:3a:84:
         9b:ef:d3:f3:5e:9f:ff:74:40:fc:99:34:37:59:42:a3:5b:ff:
         a2:ad:0a:83:97:82:3a:31:02:f0:76:aa:85:c4:3f:00:a9:b9:
         ab:20:53:1d:19:75:d1:b9:1f:24:8e:af:d9:76:13:2e:8c:ac:
         c1:c8:78:c2:79:d6:4d:e6:5b:b5:95:89:47:a8:6f:84:21:74:
         82:6e:5b:c7:a0:3c:cb:23:23:e9:ab:56:d5:7b:22:35:47:0e:
         16:61:96:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YvSuxN6JF4lwB5e5U9nRIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZWY3NWFlMjdiMjk2ZGQwYTRiY2UxMzY0N2Q4YjU4OWJm
NGU5YzMwHhcNMjYwNDE3MDAwMDI3WhcNMjYwNDE4MDAwMDI3WjAzMTEwLwYDVQQD
Eyg1YzdhMzJhNDE3N2JkN2I3YThkNDhiZGI5ZmMxMThjYzJkMWYzODE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzXWR/GNKUeQZ1f7BEULTfCrXtx0
vByEA82Snah2r8dSi5DlOzUd9O2rtAjtHL+d8DnC44nPQhHD3fv5cg1tsC+JJyAj
nWZn1OO0gMCzzT3T8jSqUzaOzfAiHCyXmjSJbd4w8JX0+2M+yKtua+ZiH047F8fr
ZW0obTcrsXcR2VEr94dN7Ib/8Fdm/rwPsyxciq8yiIAazSWay+UrqM8P4GgmkiPa
wo5wBoJmTozdWWe407VW63VJocM1YRxUdH0okZEkJoWdfM38JfBMJfPyMmiwW6O6
a0/8YVdFdEcSr/xiB03A8/6tWVLPb9/lx2oUoQZfSOzrf2f5fU4GZM0vdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFx6MqQXe9e3qNSL25/BGMwtHzgVMB8GA1UdIwQY
MBaAFMjvda4nspbdCkvOE2R9i1ib9OnDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYt
NzczNTFkMDg1MGM5LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYtNzczNTFkMDg1MGM5
LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiQ8wusIF
FdG6VqeBHrGEqbs6UnEAeCynqyOKGYVzLWPGi3VWJ7nYNT6nuXTCfsPzmuomgTtk
K+tL0Zgv6F93YPyxMU93aTuEFJFnsXJJlQyRThgncrsRlUlXKUv48BY60+BuRwST
rFt9naE/obBO226JeYMsW9QUFwQ9PFds+FVFIRdlXRFFZeBtQyg4L+m2JE7jHMFA
EdhQHg63Wq92dzqEm+/T816f/3RA/Jk0N1lCo1v/oq0Kg5eCOjEC8HaqhcQ/AKm5
qyBTHRl10bkfJI6v2XYTLoyswch4wnnWTeZbtZWJR6hvhCF0gm5bx6A8yyMj6atW
1XsiNUcOFmGWwQ==
-----END CERTIFICATE-----