Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
File:                     y3yVUPThoer5UHL7G5q7JpVNJj0.mft (raw, json)
Hash identifier:          NRzKTxYPzGNUiq86E/I1zrGGKbgPnRAGsNKfF8otEmo=
Subject key identifier:   77:FA:83:12:F6:F2:89:BF:CE:76:D7:F8:DD:F3:4D:15:39:90:4A:6D
Authority key identifier: CB:7C:95:50:F4:E1:A1:EA:F9:50:72:FB:1B:9A:BB:26:95:4D:26:3D
Certificate issuer:       /CN=cb7c9550f4e1a1eaf95072fb1b9abb26954d263d
Certificate serial:       019D9BBE3F1352F68D0F5C4621418C20A21A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
Manifest number:          0F6A
Signing time:             Fri 17 Apr 2026 14:00:29 +0000
Manifest this update:     Fri 17 Apr 2026 14:00:29 +0000
Manifest next update:     Sat 18 Apr 2026 14:00:29 +0000
Files and hashes:         1: y3yVUPThoer5UHL7G5q7JpVNJj0.crl (hash: nZ17EMXpM9sCliTZac2Ckf5ad9c52yQSTFPCBXw36Js=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 14:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:be:3f:13:52:f6:8d:0f:5c:46:21:41:8c:20:a2:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb7c9550f4e1a1eaf95072fb1b9abb26954d263d
        Validity
            Not Before: Apr 17 14:00:29 2026 GMT
            Not After : Apr 18 14:00:29 2026 GMT
        Subject: CN=77fa8312f6f289bfce76d7f8ddf34d1539904a6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:9e:8e:58:18:ab:1f:b1:2b:57:49:d4:49:2a:
                    18:87:5c:36:c4:7a:cc:ea:e1:f3:63:66:a9:75:6d:
                    24:3f:bc:67:03:99:a8:93:a2:8d:db:66:ae:32:3b:
                    e7:47:e9:0a:8f:90:e5:cc:ad:4e:a8:fa:a0:45:4a:
                    1d:30:89:29:34:8c:34:77:82:6b:36:a0:d7:eb:05:
                    9e:7b:4c:6c:fe:a8:d8:8f:23:1c:5e:2e:e9:51:20:
                    f3:96:fa:3a:e6:58:e9:55:dc:98:3f:a8:e6:20:9d:
                    aa:c9:c0:be:f4:59:90:30:3f:e3:1d:e6:84:ac:30:
                    5e:fb:24:44:cb:46:31:84:96:8f:50:e1:fe:b6:ac:
                    27:f9:2c:65:1b:52:a1:5d:9e:c9:a8:b4:2d:88:81:
                    9e:fe:ec:d2:24:94:3b:1a:90:14:3f:f1:75:20:06:
                    2d:b6:95:2d:3b:44:a8:fb:88:21:c8:e9:d4:f4:8b:
                    e0:1e:11:50:d2:64:d2:36:a2:98:ca:5c:06:e8:09:
                    7d:1b:57:25:ce:9a:30:62:9e:36:16:a8:c7:6f:c3:
                    4f:be:8f:05:27:b8:b7:df:07:3e:c1:c7:52:2e:ee:
                    55:02:1c:5f:44:74:f2:e8:77:35:d8:5c:73:a2:89:
                    74:e7:db:86:bc:37:a0:73:ad:94:73:f5:2e:8e:87:
                    88:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:FA:83:12:F6:F2:89:BF:CE:76:D7:F8:DD:F3:4D:15:39:90:4A:6D
            X509v3 Authority Key Identifier:
                keyid:CB:7C:95:50:F4:E1:A1:EA:F9:50:72:FB:1B:9A:BB:26:95:4D:26:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:86:fd:27:53:aa:cb:57:8c:75:d4:f1:2e:9a:96:68:8e:c9:
         e6:f3:3d:58:6e:12:cf:47:5f:e4:98:40:2d:f6:ec:9b:39:1b:
         65:1d:c4:89:7d:9a:0c:2c:35:b7:31:54:fc:9a:bd:ed:ba:f5:
         13:83:48:45:e7:aa:87:d0:56:e7:b5:fd:2a:2c:bf:d3:11:a1:
         c7:38:93:68:5a:75:d9:13:52:e5:3b:8a:41:cd:5e:8e:74:97:
         3d:3f:87:42:b8:99:f4:37:11:81:5a:0b:23:d6:6a:9e:08:93:
         07:88:27:45:0e:29:cf:06:f5:c9:04:c0:b1:f0:52:f8:e5:de:
         09:fd:7f:32:3b:a0:71:1f:f5:47:1c:69:01:cb:70:16:3b:80:
         70:d6:e9:f0:d9:4a:da:6f:b3:a8:ec:52:40:48:46:b3:7d:38:
         87:ac:06:a6:00:ba:16:19:9c:27:4f:b7:d0:fe:f8:eb:85:7d:
         d1:57:b2:43:42:fc:64:27:8a:d5:f6:68:9b:2b:7c:1e:f3:3a:
         93:11:e1:16:39:c9:b3:23:6f:e1:63:bb:a6:75:91:a1:df:24:
         42:d9:b0:b3:13:96:46:1c:91:23:55:5f:23:d2:73:ad:cb:30:
         a8:4e:d7:cf:71:f0:f4:d7:1f:71:a2:b5:52:5a:1e:32:d2:3f:
         82:bb:e7:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bvj8TUvaND1xGIUGMIKIaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiN2M5NTUwZjRlMWExZWFmOTUwNzJmYjFiOWFiYjI2OTU0
ZDI2M2QwHhcNMjYwNDE3MTQwMDI5WhcNMjYwNDE4MTQwMDI5WjAzMTEwLwYDVQQD
Eyg3N2ZhODMxMmY2ZjI4OWJmY2U3NmQ3ZjhkZGYzNGQxNTM5OTA0YTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJ6OWBirH7ErV0nUSSoYh1w2xHrM
6uHzY2apdW0kP7xnA5mok6KN22auMjvnR+kKj5DlzK1OqPqgRUodMIkpNIw0d4Jr
NqDX6wWee0xs/qjYjyMcXi7pUSDzlvo65ljpVdyYP6jmIJ2qycC+9FmQMD/jHeaE
rDBe+yREy0YxhJaPUOH+tqwn+SxlG1KhXZ7JqLQtiIGe/uzSJJQ7GpAUP/F1IAYt
tpUtO0So+4ghyOnU9IvgHhFQ0mTSNqKYylwG6Al9G1clzpowYp42FqjHb8NPvo8F
J7i33wc+wcdSLu5VAhxfRHTy6Hc12Fxzool059uGvDegc62Uc/UujoeIdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHf6gxL28om/znbX+N3zTRU5kEptMB8GA1UdIwQY
MBaAFMt8lVD04aHq+VBy+xuauyaVTSY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82ODliMTktNDk1OC00NDIzLTg1YTkt
OTYyNmY5ZjZjZGEyLzEveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS82ODliMTktNDk1OC00NDIzLTg1YTktOTYyNmY5ZjZjZGEy
LzEveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFIb9J1Oq
y1eMddTxLpqWaI7J5vM9WG4Sz0df5JhALfbsmzkbZR3EiX2aDCw1tzFU/Jq97br1
E4NIReeqh9BW57X9Kiy/0xGhxziTaFp12RNS5TuKQc1ejnSXPT+HQriZ9DcRgVoL
I9ZqngiTB4gnRQ4pzwb1yQTAsfBS+OXeCf1/MjugcR/1RxxpActwFjuAcNbp8NlK
2m+zqOxSQEhGs304h6wGpgC6FhmcJ0+30P7464V90VeyQ0L8ZCeK1fZomyt8HvM6
kxHhFjnJsyNv4WO7pnWRod8kQtmwsxOWRhyRI1VfI9JzrcswqE7Xz3Hw9NcfcaK1
UloeMtI/grvneg==
-----END CERTIFICATE-----