Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft
File:                     YQy4N7bSF3jkw9u5aWefDxxQtIo.mft (raw, json)
Hash identifier:          /i5RKn9al5B35XfV6MITMRZTj0gbW/vf2s25tc5fBbk=
Subject key identifier:   4E:3C:D8:DF:7C:FA:AF:11:0E:F6:AD:00:0E:C3:D8:9A:52:7B:CD:11
Authority key identifier: 61:0C:B8:37:B6:D2:17:78:E4:C3:DB:B9:69:67:9F:0F:1C:50:B4:8A
Certificate issuer:       /CN=610cb837b6d21778e4c3dbb969679f0f1c50b48a
Certificate serial:       019D9AABB5AEC7A6D7979A904C9ECDD88F10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YQy4N7bSF3jkw9u5aWefDxxQtIo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft
Manifest number:          10DA
Signing time:             Fri 17 Apr 2026 09:00:37 +0000
Manifest this update:     Fri 17 Apr 2026 09:00:37 +0000
Manifest next update:     Sat 18 Apr 2026 09:00:37 +0000
Files and hashes:         1: YQy4N7bSF3jkw9u5aWefDxxQtIo.crl (hash: M13ys7a03PgIXqlroCdA6L1681brne6Idie1cCyXxfA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YQy4N7bSF3jkw9u5aWefDxxQtIo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:ab:b5:ae:c7:a6:d7:97:9a:90:4c:9e:cd:d8:8f:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=610cb837b6d21778e4c3dbb969679f0f1c50b48a
        Validity
            Not Before: Apr 17 09:00:37 2026 GMT
            Not After : Apr 18 09:00:37 2026 GMT
        Subject: CN=4e3cd8df7cfaaf110ef6ad000ec3d89a527bcd11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:57:92:a6:83:fc:b4:e6:e7:85:48:ce:ce:bd:
                    1d:12:13:99:14:f6:ac:89:3a:f3:03:ba:b7:7c:1b:
                    dd:52:4a:b8:7a:2b:e9:78:25:6c:9c:77:61:10:ea:
                    a8:e5:bb:41:bc:62:80:c7:96:35:43:b3:91:09:75:
                    66:fa:df:e3:c2:e5:91:54:85:f8:b8:d3:b7:69:9f:
                    9b:f5:ca:ac:4e:7f:c7:fc:64:6a:82:84:ec:99:36:
                    da:32:56:cc:51:77:a7:db:a6:c2:1a:0a:bf:19:2e:
                    85:e4:0d:c6:22:49:c1:57:f7:39:3c:0c:e9:8a:69:
                    5a:2e:cb:d5:90:c1:95:df:85:3f:ee:91:86:8e:90:
                    8c:1d:6b:62:9f:81:1e:8c:2d:f1:f1:f4:ca:d2:a6:
                    04:50:4e:21:85:50:d3:0a:bc:0d:50:14:b8:f2:56:
                    29:22:2c:d5:20:59:6d:13:4f:d6:17:45:a8:54:ad:
                    0a:24:34:c4:e8:72:ee:81:89:47:1f:ae:90:ba:cb:
                    94:f2:6b:cf:df:80:93:da:61:8f:a5:a8:90:f8:d5:
                    d7:e0:16:68:e0:ff:09:6a:b4:8a:2e:98:15:cf:9b:
                    72:95:cc:be:a6:1d:a6:39:85:d2:a8:fd:15:c2:a9:
                    46:54:0f:b6:a9:de:b7:4c:84:e4:87:5d:0a:b2:cb:
                    f7:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:3C:D8:DF:7C:FA:AF:11:0E:F6:AD:00:0E:C3:D8:9A:52:7B:CD:11
            X509v3 Authority Key Identifier:
                keyid:61:0C:B8:37:B6:D2:17:78:E4:C3:DB:B9:69:67:9F:0F:1C:50:B4:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YQy4N7bSF3jkw9u5aWefDxxQtIo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/98e825-b58c-456e-af28-7b35a06ab54b/1/YQy4N7bSF3jkw9u5aWefDxxQtIo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:a8:0f:df:da:50:b4:ca:f8:69:85:b8:6c:22:ea:89:53:db:
         1d:c3:2c:97:ea:54:02:d6:8e:5f:7f:f7:e3:5d:90:90:1f:40:
         82:48:ec:1a:09:6e:de:62:95:d2:4c:23:98:b5:51:ee:31:8f:
         49:10:2d:7c:01:d9:e6:08:da:24:7c:8c:ce:b8:97:44:fb:79:
         eb:78:80:1d:bb:b3:64:05:7b:74:c8:10:b6:51:d2:80:6d:d6:
         3a:b8:ca:b8:0a:43:a9:4a:df:43:44:f1:39:da:94:15:29:a4:
         c5:7a:1c:56:8b:92:69:e8:39:5d:4f:df:90:c9:d1:6b:90:15:
         66:62:7a:87:bd:c2:da:47:01:d9:27:96:f4:bb:64:90:7e:d1:
         74:28:b0:6b:a3:0c:ac:c4:8b:a2:b2:7f:68:8c:0a:e8:5d:6f:
         c3:73:61:fb:be:10:ff:5f:25:b2:06:33:92:0b:e9:c8:11:3f:
         79:c7:93:aa:45:4d:04:45:66:b5:aa:07:ab:14:25:7f:ff:b5:
         25:4d:38:9b:e5:b6:bd:87:b7:28:49:78:fc:a6:9e:95:57:f3:
         e4:77:e3:72:51:33:18:f6:78:56:82:dd:d0:d0:27:2f:d6:a2:
         23:a6:9d:c3:11:06:a9:c8:b1:34:51:d4:bf:aa:a2:29:38:f7:
         d3:fa:fd:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aq7Wux6bXl5qQTJ7N2I8QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMGNiODM3YjZkMjE3NzhlNGMzZGJiOTY5Njc5ZjBmMWM1
MGI0OGEwHhcNMjYwNDE3MDkwMDM3WhcNMjYwNDE4MDkwMDM3WjAzMTEwLwYDVQQD
Eyg0ZTNjZDhkZjdjZmFhZjExMGVmNmFkMDAwZWMzZDg5YTUyN2JjZDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1eSpoP8tObnhUjOzr0dEhOZFPas
iTrzA7q3fBvdUkq4eivpeCVsnHdhEOqo5btBvGKAx5Y1Q7ORCXVm+t/jwuWRVIX4
uNO3aZ+b9cqsTn/H/GRqgoTsmTbaMlbMUXen26bCGgq/GS6F5A3GIknBV/c5PAzp
imlaLsvVkMGV34U/7pGGjpCMHWtin4EejC3x8fTK0qYEUE4hhVDTCrwNUBS48lYp
IizVIFltE0/WF0WoVK0KJDTE6HLugYlHH66QusuU8mvP34CT2mGPpaiQ+NXX4BZo
4P8JarSKLpgVz5tylcy+ph2mOYXSqP0VwqlGVA+2qd63TITkh10Kssv39QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE482N98+q8RDvatAA7D2JpSe80RMB8GA1UdIwQY
MBaAFGEMuDe20hd45MPbuWlnnw8cULSKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVF5NE43YlNGM2prdzl1NWFXZWZEeHhRdElvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy85OGU4MjUtYjU4Yy00NTZlLWFmMjgt
N2IzNWEwNmFiNTRiLzEvWVF5NE43YlNGM2prdzl1NWFXZWZEeHhRdElvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy85OGU4MjUtYjU4Yy00NTZlLWFmMjgtN2IzNWEwNmFiNTRi
LzEvWVF5NE43YlNGM2prdzl1NWFXZWZEeHhRdElvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWqgP39pQ
tMr4aYW4bCLqiVPbHcMsl+pUAtaOX3/3412QkB9AgkjsGglu3mKV0kwjmLVR7jGP
SRAtfAHZ5gjaJHyMzriXRPt563iAHbuzZAV7dMgQtlHSgG3WOrjKuApDqUrfQ0Tx
OdqUFSmkxXocVouSaeg5XU/fkMnRa5AVZmJ6h73C2kcB2SeW9LtkkH7RdCiwa6MM
rMSLorJ/aIwK6F1vw3Nh+74Q/18lsgYzkgvpyBE/eceTqkVNBEVmtaoHqxQlf/+1
JU04m+W2vYe3KEl4/KaelVfz5HfjclEzGPZ4VoLd0NAnL9aiI6adwxEGqcixNFHU
v6qiKTj30/r92w==
-----END CERTIFICATE-----