Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
File:                     YhcForItk4GoI8l5xvTnc0I1I20.mft (raw, json)
Hash identifier:          Qa1H2BUZO+g6aq/Iru6MwPSJAfZvspd6HU46nEBeSs0=
Subject key identifier:   79:FD:19:CC:07:58:68:06:48:1A:5D:6A:12:7D:76:05:10:67:A9:C0
Authority key identifier: 62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D
Certificate issuer:       /CN=621705a2b22d9381a823c979c6f4e7734235236d
Certificate serial:       019D99D066A6A6442AA89CE40868736E4BE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
Manifest number:          11A3
Signing time:             Fri 17 Apr 2026 05:01:04 +0000
Manifest this update:     Fri 17 Apr 2026 05:01:04 +0000
Manifest next update:     Sat 18 Apr 2026 05:01:04 +0000
Files and hashes:         1: YhcForItk4GoI8l5xvTnc0I1I20.crl (hash: V4N3bQsHaLf9kVS7uuc73xKd1xrL0PRn/+nKD15nCMY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:d0:66:a6:a6:44:2a:a8:9c:e4:08:68:73:6e:4b:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=621705a2b22d9381a823c979c6f4e7734235236d
        Validity
            Not Before: Apr 17 05:01:04 2026 GMT
            Not After : Apr 18 05:01:04 2026 GMT
        Subject: CN=79fd19cc07586806481a5d6a127d76051067a9c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:80:21:90:1c:ef:59:59:de:d4:7c:f0:f2:13:
                    34:a0:bf:20:91:96:a0:e7:ed:34:d8:b5:da:d8:58:
                    cb:e8:cc:1f:bb:06:29:30:49:b1:3b:5c:d0:b9:86:
                    95:c4:c0:d4:78:d2:01:37:c4:e3:20:82:d6:16:1c:
                    e8:45:0e:2c:a7:5e:be:03:8b:bf:4f:a0:23:2e:27:
                    03:da:6f:52:6f:81:56:09:92:12:3f:46:bf:e9:7b:
                    ca:b7:63:50:17:02:45:f1:39:d7:87:e3:7d:a0:f4:
                    23:04:9c:f5:00:31:7c:c7:47:21:01:8f:ff:9b:0c:
                    18:10:83:2f:9a:74:8b:68:b4:a5:c3:12:44:d1:70:
                    c7:bf:f1:a3:2f:07:46:00:10:57:ae:64:a1:b2:f9:
                    81:0d:c7:25:91:e2:cc:1c:61:12:eb:bf:9e:b2:2e:
                    42:b6:00:86:e3:29:33:f2:bd:3d:30:be:c6:43:17:
                    75:e0:14:fb:a1:81:02:ea:c0:02:4a:33:73:4e:18:
                    a6:4e:fb:fb:82:99:d7:8c:00:98:dd:5d:6f:8f:e1:
                    92:88:ba:34:5b:56:23:69:11:fb:ae:e5:04:35:f2:
                    8a:3d:dc:8d:a9:eb:65:d6:f8:48:83:b9:33:e6:4d:
                    ec:46:77:c5:b0:1f:ba:b7:17:aa:02:85:db:a0:2e:
                    bf:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:FD:19:CC:07:58:68:06:48:1A:5D:6A:12:7D:76:05:10:67:A9:C0
            X509v3 Authority Key Identifier:
                keyid:62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:dc:40:78:4c:1f:1b:66:01:02:e2:c5:93:02:de:16:e7:df:
         6c:7e:3a:3a:1f:76:bc:7e:95:a6:c9:8c:18:3a:fe:ba:7b:72:
         6f:c1:8a:6c:11:35:94:c6:10:d7:c1:b4:48:1b:ac:91:97:21:
         c0:3d:c9:62:b5:f3:81:5c:13:e6:d7:74:9e:4e:3f:10:f1:64:
         9a:68:df:3d:df:83:f3:42:cb:3c:be:ac:71:0c:d3:46:b5:01:
         b3:98:8e:21:00:0f:7d:f0:43:7e:62:45:df:45:e9:5c:5c:c7:
         93:61:6c:48:7c:26:96:ea:d0:2f:fb:ff:8b:63:a5:d1:60:12:
         a0:72:9c:51:61:e4:88:31:b0:9d:8b:4e:3e:f4:06:4c:e2:96:
         e1:85:6c:12:60:74:d7:8c:9d:17:3f:25:68:3b:f5:27:dc:57:
         7c:9b:d3:e4:db:97:09:b3:1b:f1:1a:d5:cb:9d:a9:d7:fd:04:
         2c:9c:c3:a1:00:58:9e:cc:41:b4:9a:d2:00:ee:e1:17:00:6b:
         cb:69:21:9d:54:32:b0:57:f0:34:81:f5:f7:94:87:94:30:3a:
         44:09:22:63:26:7e:d0:40:40:b9:f0:cc:59:e4:db:37:4e:ca:
         85:56:a3:95:60:d2:a1:95:bc:a3:07:29:a3:83:4d:38:aa:53:
         d8:8c:49:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Z0GampkQqqJzkCGhzbkvlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMTcwNWEyYjIyZDkzODFhODIzYzk3OWM2ZjRlNzczNDIz
NTIzNmQwHhcNMjYwNDE3MDUwMTA0WhcNMjYwNDE4MDUwMTA0WjAzMTEwLwYDVQQD
Eyg3OWZkMTljYzA3NTg2ODA2NDgxYTVkNmExMjdkNzYwNTEwNjdhOWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoAhkBzvWVne1Hzw8hM0oL8gkZag
5+002LXa2FjL6MwfuwYpMEmxO1zQuYaVxMDUeNIBN8TjIILWFhzoRQ4sp16+A4u/
T6AjLicD2m9Sb4FWCZISP0a/6XvKt2NQFwJF8TnXh+N9oPQjBJz1ADF8x0chAY//
mwwYEIMvmnSLaLSlwxJE0XDHv/GjLwdGABBXrmShsvmBDcclkeLMHGES67+esi5C
tgCG4ykz8r09ML7GQxd14BT7oYEC6sACSjNzThimTvv7gpnXjACY3V1vj+GSiLo0
W1YjaRH7ruUENfKKPdyNqetl1vhIg7kz5k3sRnfFsB+6txeqAoXboC6/YwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHn9GcwHWGgGSBpdahJ9dgUQZ6nAMB8GA1UdIwQY
MBaAFGIXBaKyLZOBqCPJecb053NCNSNtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMt
NzFhMzlkYjg4YTIzLzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMtNzFhMzlkYjg4YTIz
LzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbdxAeEwf
G2YBAuLFkwLeFuffbH46Oh92vH6VpsmMGDr+untyb8GKbBE1lMYQ18G0SBuskZch
wD3JYrXzgVwT5td0nk4/EPFkmmjfPd+D80LLPL6scQzTRrUBs5iOIQAPffBDfmJF
30XpXFzHk2FsSHwmlurQL/v/i2Ol0WASoHKcUWHkiDGwnYtOPvQGTOKW4YVsEmB0
14ydFz8laDv1J9xXfJvT5NuXCbMb8RrVy52p1/0ELJzDoQBYnsxBtJrSAO7hFwBr
y2khnVQysFfwNIH195SHlDA6RAkiYyZ+0EBAufDMWeTbN07KhVajlWDSoZW8owcp
o4NNOKpT2IxJxg==
-----END CERTIFICATE-----