Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
File:                     YDRE4ZlioZHv0vIWoSji9M_io94.mft (raw, json)
Hash identifier:          W5HiEfZRSl/9Ez5bBPr/m137CDbnCI/mxozOcEhaL9Y=
Subject key identifier:   42:36:2D:0C:E5:CE:0B:7B:8F:42:00:F0:DB:6F:C6:0A:F7:DC:F1:24
Authority key identifier: 60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE
Certificate issuer:       /CN=603444e19962a191efd2f216a128e2f4cfe2a3de
Certificate serial:       019DA29C35F03C24F65CFF4F0F4CCB1504D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
Manifest number:          08E0
Signing time:             Sat 18 Apr 2026 22:00:39 +0000
Manifest this update:     Sat 18 Apr 2026 22:00:39 +0000
Manifest next update:     Sun 19 Apr 2026 22:00:39 +0000
Files and hashes:         1: YDRE4ZlioZHv0vIWoSji9M_io94.crl (hash: 6PuB2Km6ViM25wYMuH5wfn9JTPgsYH6wsml1dKNIj8M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 19 Apr 2026 22:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a2:9c:35:f0:3c:24:f6:5c:ff:4f:0f:4c:cb:15:04:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=603444e19962a191efd2f216a128e2f4cfe2a3de
        Validity
            Not Before: Apr 18 22:00:39 2026 GMT
            Not After : Apr 19 22:00:39 2026 GMT
        Subject: CN=42362d0ce5ce0b7b8f4200f0db6fc60af7dcf124
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:c1:9c:e5:28:5b:93:72:df:a8:8b:bb:b9:2d:
                    2c:16:af:f0:54:fc:3e:60:c0:6d:53:81:6e:93:50:
                    8f:6e:ce:cf:a6:52:9d:86:76:36:a4:b4:b7:5d:dc:
                    d8:c9:45:b0:ad:95:4d:8e:d2:55:89:78:67:18:b1:
                    20:ad:57:7b:22:96:4c:3e:86:55:9c:8e:bb:ac:2a:
                    ae:d0:ca:23:49:9b:6e:da:b3:d2:f8:2a:b4:0b:86:
                    6d:d7:52:72:e7:6f:6b:bd:c3:04:39:d7:cb:ae:97:
                    97:7f:c5:eb:80:8e:03:0c:3f:55:7e:9e:e2:2e:0d:
                    32:81:61:4c:82:fe:33:01:65:8b:c5:bb:da:b7:09:
                    db:5a:00:31:33:6a:1f:ad:72:92:72:14:43:e2:40:
                    08:a0:d3:2a:98:ea:66:c6:e1:51:a7:01:9b:da:f0:
                    16:e4:31:e7:37:1b:3c:e1:f2:bd:de:e9:3f:47:66:
                    cc:c7:b5:4e:9d:31:42:a8:cc:85:1d:78:08:45:ef:
                    ca:cd:c5:03:bc:0b:73:fc:e1:d6:71:59:45:f4:39:
                    eb:6a:a6:9a:20:6c:51:e9:ac:84:2a:5f:23:82:8f:
                    db:43:d0:2c:33:07:82:88:f0:b5:88:80:af:00:38:
                    80:57:6f:00:05:ce:53:c7:9f:0c:4e:74:31:03:a8:
                    e5:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:36:2D:0C:E5:CE:0B:7B:8F:42:00:F0:DB:6F:C6:0A:F7:DC:F1:24
            X509v3 Authority Key Identifier:
                keyid:60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:ed:08:62:77:54:d1:07:e5:09:4b:af:b4:a3:67:93:86:d5:
         3c:50:3a:b4:d9:51:29:72:4c:b4:8e:5a:7b:46:94:97:ab:ff:
         29:92:2b:ca:2a:85:a8:db:eb:9d:e7:97:a5:50:48:ad:18:c6:
         bf:0a:71:c2:57:2c:ee:c3:0f:c4:6c:92:e8:45:c6:ea:a2:c5:
         5d:af:8e:6f:31:34:9b:80:f6:45:b8:02:4d:4a:7f:53:e2:f4:
         fc:29:e0:2e:cb:eb:e5:45:db:f1:82:68:58:5d:99:e7:92:c2:
         b1:ee:1c:6b:ed:82:fe:ab:9d:d8:53:9c:9f:67:fb:6d:ab:93:
         da:a0:44:47:19:9d:2b:fa:58:62:52:d5:05:94:b5:6e:7f:16:
         9c:a8:a9:33:fb:c2:bf:e2:ed:bb:78:b5:f3:29:a4:41:83:ad:
         bd:51:9b:bb:21:d8:f4:1e:40:8f:8c:f8:2d:d3:1e:f6:df:19:
         04:d9:1a:df:2b:e7:cb:42:fe:c0:c2:e7:4d:e8:d0:20:57:75:
         6f:a1:0c:2a:00:c5:c1:04:35:a8:9a:7a:67:78:8f:39:a9:f4:
         5c:ba:dc:c8:21:71:9d:27:8a:c0:7f:60:19:ed:09:05:78:b9:
         89:b9:a4:04:82:75:00:35:80:e6:c5:a1:1b:25:3c:7b:56:ac:
         99:cd:18:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2inDXwPCT2XP9PD0zLFQTYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzQ0NGUxOTk2MmExOTFlZmQyZjIxNmExMjhlMmY0Y2Zl
MmEzZGUwHhcNMjYwNDE4MjIwMDM5WhcNMjYwNDE5MjIwMDM5WjAzMTEwLwYDVQQD
Eyg0MjM2MmQwY2U1Y2UwYjdiOGY0MjAwZjBkYjZmYzYwYWY3ZGNmMTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3cGc5Shbk3LfqIu7uS0sFq/wVPw+
YMBtU4Fuk1CPbs7PplKdhnY2pLS3XdzYyUWwrZVNjtJViXhnGLEgrVd7IpZMPoZV
nI67rCqu0MojSZtu2rPS+Cq0C4Zt11Jy529rvcMEOdfLrpeXf8XrgI4DDD9Vfp7i
Lg0ygWFMgv4zAWWLxbvatwnbWgAxM2ofrXKSchRD4kAIoNMqmOpmxuFRpwGb2vAW
5DHnNxs84fK93uk/R2bMx7VOnTFCqMyFHXgIRe/KzcUDvAtz/OHWcVlF9Dnraqaa
IGxR6ayEKl8jgo/bQ9AsMweCiPC1iICvADiAV28ABc5Tx58MTnQxA6jlCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEI2LQzlzgt7j0IA8Ntvxgr33PEkMB8GA1UdIwQY
MBaAFGA0ROGZYqGR79LyFqEo4vTP4qPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzct
ODQ0N2UyOWMxNTI0LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzctODQ0N2UyOWMxNTI0
LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGe0IYndU
0QflCUuvtKNnk4bVPFA6tNlRKXJMtI5ae0aUl6v/KZIryiqFqNvrneeXpVBIrRjG
vwpxwlcs7sMPxGyS6EXG6qLFXa+ObzE0m4D2RbgCTUp/U+L0/CngLsvr5UXb8YJo
WF2Z55LCse4ca+2C/qud2FOcn2f7bauT2qBERxmdK/pYYlLVBZS1bn8WnKipM/vC
v+Ltu3i18ymkQYOtvVGbuyHY9B5Aj4z4LdMe9t8ZBNka3yvny0L+wMLnTejQIFd1
b6EMKgDFwQQ1qJp6Z3iPOan0XLrcyCFxnSeKwH9gGe0JBXi5ibmkBIJ1ADWA5sWh
GyU8e1asmc0YYg==
-----END CERTIFICATE-----