Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft
File:                     JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft (raw, json)
Hash identifier:          0AqOLT888D+lnYaeXe6j9itJYJhH1Z++Z//Jt+8Vab0=
Subject key identifier:   CF:0A:1C:35:70:43:D3:38:77:CB:04:14:DA:E3:0A:C5:2F:29:43:C6
Authority key identifier: 25:89:06:55:4D:8C:8B:42:8E:DE:8C:B3:50:26:86:0D:3D:77:71:DF
Certificate issuer:       /CN=258906554d8c8b428ede8cb35026860d3d7771df
Certificate serial:       019D9B50A1706307042138C02083041F218A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JYkGVU2Mi0KO3oyzUCaGDT13cd8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft
Manifest number:          0FA2
Signing time:             Fri 17 Apr 2026 12:00:45 +0000
Manifest this update:     Fri 17 Apr 2026 12:00:45 +0000
Manifest next update:     Sat 18 Apr 2026 12:00:45 +0000
Files and hashes:         1: JYkGVU2Mi0KO3oyzUCaGDT13cd8.crl (hash: 4gqZSoZ1av3I3NtbeZbZyavNMGVEy6E+ejrarRsdb80=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JYkGVU2Mi0KO3oyzUCaGDT13cd8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:50:a1:70:63:07:04:21:38:c0:20:83:04:1f:21:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=258906554d8c8b428ede8cb35026860d3d7771df
        Validity
            Not Before: Apr 17 12:00:45 2026 GMT
            Not After : Apr 18 12:00:45 2026 GMT
        Subject: CN=cf0a1c357043d33877cb0414dae30ac52f2943c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:df:c9:4c:49:f7:e6:5a:5b:f0:7f:a3:21:6e:
                    11:d9:d4:9a:a7:7c:ad:18:0a:9e:33:1a:32:7c:c1:
                    20:23:ff:ea:8b:6b:f8:7e:38:26:ca:92:e4:c4:61:
                    d9:00:dc:f2:93:c6:90:60:63:4d:7d:dc:27:fe:91:
                    63:47:c4:6a:67:a5:d5:13:e2:73:30:fc:6d:d4:da:
                    3c:aa:f2:e4:95:fe:66:df:26:71:d7:5e:25:bf:d6:
                    0a:e8:47:a8:a6:10:72:c6:36:68:4f:cf:fe:a6:d2:
                    e7:b3:f0:94:04:f5:ac:86:2f:65:f4:ae:ad:ac:43:
                    84:64:12:1b:6f:43:72:a8:fe:61:cf:3b:a4:ed:64:
                    d6:79:63:de:61:52:8a:54:c7:34:d8:63:e8:00:9b:
                    a0:06:98:b7:ca:86:75:dc:8e:fb:5e:e5:7d:08:e5:
                    6a:7d:c0:d5:3b:68:c2:7d:db:e4:bc:a4:2d:3d:56:
                    0c:f2:2e:b6:b3:bf:a4:27:d5:15:a6:1a:af:eb:e1:
                    c6:3f:98:88:11:f1:b6:b2:b0:69:15:4b:99:83:43:
                    8e:00:61:a6:2d:b9:ea:c0:47:04:4d:78:df:b5:55:
                    12:87:3d:63:24:0c:59:0f:f7:94:30:62:13:88:d5:
                    06:a9:48:00:3b:92:b5:1f:0a:6b:9a:9c:7c:9f:4f:
                    9d:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:0A:1C:35:70:43:D3:38:77:CB:04:14:DA:E3:0A:C5:2F:29:43:C6
            X509v3 Authority Key Identifier:
                keyid:25:89:06:55:4D:8C:8B:42:8E:DE:8C:B3:50:26:86:0D:3D:77:71:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JYkGVU2Mi0KO3oyzUCaGDT13cd8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9b57ab-6ca2-4aa8-8387-afdd53827e93/1/JYkGVU2Mi0KO3oyzUCaGDT13cd8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:16:25:6e:3a:6d:5b:9e:25:5f:7e:76:f0:aa:d7:73:d5:8b:
         94:49:be:59:ea:0a:0b:91:9e:20:ef:98:26:f0:97:85:33:15:
         8c:d0:94:65:68:31:d2:85:8e:18:81:af:89:22:26:d7:75:f8:
         13:9d:16:19:c9:d5:cd:4f:9f:ea:31:de:f1:8c:bb:62:84:5b:
         e5:84:38:71:59:fc:15:58:2e:28:8d:2c:02:54:d6:a8:39:55:
         f2:57:9e:30:ec:c2:2b:c6:53:bd:12:d7:4c:77:41:de:92:4a:
         ef:ba:55:e2:d1:d1:dc:ef:df:2a:c6:e8:a2:72:ee:f0:e3:db:
         bc:2a:4a:dc:4b:9f:92:e9:44:a4:47:3b:e5:c4:f7:69:5e:f7:
         56:f3:3d:e6:85:ba:93:86:a8:4b:1f:1d:b8:91:7f:f7:98:78:
         71:b5:36:af:ae:ba:3e:c0:65:1c:03:b7:82:53:98:bf:3c:21:
         d1:d8:12:60:89:d9:21:22:95:65:7e:38:15:72:32:bb:7a:34:
         28:eb:2f:33:c5:a3:46:de:f4:0c:3a:d5:32:8b:1a:28:40:09:
         d4:30:83:4f:5d:5c:51:36:c5:5f:7e:c7:90:41:61:ed:5b:78:
         bd:f4:58:81:2e:4a:8f:b2:bb:bd:af:3c:8a:6e:39:11:9d:62:
         45:4a:a6:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUKFwYwcEITjAIIMEHyGKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ODkwNjU1NGQ4YzhiNDI4ZWRlOGNiMzUwMjY4NjBkM2Q3
NzcxZGYwHhcNMjYwNDE3MTIwMDQ1WhcNMjYwNDE4MTIwMDQ1WjAzMTEwLwYDVQQD
EyhjZjBhMWMzNTcwNDNkMzM4NzdjYjA0MTRkYWUzMGFjNTJmMjk0M2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst/JTEn35lpb8H+jIW4R2dSap3yt
GAqeMxoyfMEgI//qi2v4fjgmypLkxGHZANzyk8aQYGNNfdwn/pFjR8RqZ6XVE+Jz
MPxt1No8qvLklf5m3yZx114lv9YK6EeophByxjZoT8/+ptLns/CUBPWshi9l9K6t
rEOEZBIbb0NyqP5hzzuk7WTWeWPeYVKKVMc02GPoAJugBpi3yoZ13I77XuV9COVq
fcDVO2jCfdvkvKQtPVYM8i62s7+kJ9UVphqv6+HGP5iIEfG2srBpFUuZg0OOAGGm
LbnqwEcETXjftVUShz1jJAxZD/eUMGITiNUGqUgAO5K1Hwprmpx8n0+dAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM8KHDVwQ9M4d8sEFNrjCsUvKUPGMB8GA1UdIwQY
MBaAFCWJBlVNjItCjt6Ms1Amhg09d3HfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSllrR1ZVMk1pMEtPM295elVDYUdEVDEzY2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85YjU3YWItNmNhMi00YWE4LTgzODct
YWZkZDUzODI3ZTkzLzEvSllrR1ZVMk1pMEtPM295elVDYUdEVDEzY2Q4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85YjU3YWItNmNhMi00YWE4LTgzODctYWZkZDUzODI3ZTkz
LzEvSllrR1ZVMk1pMEtPM295elVDYUdEVDEzY2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXxYlbjpt
W54lX3528KrXc9WLlEm+WeoKC5GeIO+YJvCXhTMVjNCUZWgx0oWOGIGviSIm13X4
E50WGcnVzU+f6jHe8Yy7YoRb5YQ4cVn8FVguKI0sAlTWqDlV8leeMOzCK8ZTvRLX
THdB3pJK77pV4tHR3O/fKsboonLu8OPbvCpK3EufkulEpEc75cT3aV73VvM95oW6
k4aoSx8duJF/95h4cbU2r666PsBlHAO3glOYvzwh0dgSYInZISKVZX44FXIyu3o0
KOsvM8WjRt70DDrVMosaKEAJ1DCDT11cUTbFX37HkEFh7Vt4vfRYgS5Kj7K7va88
im45EZ1iRUqmhw==
-----END CERTIFICATE-----