Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
File:                     YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft (raw, json)
Hash identifier:          +aDOcViYKvXD8ZGMlrmnR83ohCXYWFSMPrh6Gm+jn+g=
Subject key identifier:   0D:3F:3E:79:6B:5C:79:6D:E6:BE:FD:86:45:C7:51:2F:18:AA:20:05
Authority key identifier: 60:A4:34:FD:6B:FF:8B:6F:BB:0D:52:F8:DA:42:E9:1F:8A:5A:29:2F
Certificate issuer:       /CN=60a434fd6bff8b6fbb0d52f8da42e91f8a5a292f
Certificate serial:       019D9A3DF21DDCD97B4F4E68F4525E8042F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
Manifest number:          0A5B
Signing time:             Fri 17 Apr 2026 07:00:44 +0000
Manifest this update:     Fri 17 Apr 2026 07:00:44 +0000
Manifest next update:     Sat 18 Apr 2026 07:00:44 +0000
Files and hashes:         1: YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl (hash: z0yWliZ0b5A6iWGv1duU6fKin4+hCxKzwz1bIhsKmGQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:3d:f2:1d:dc:d9:7b:4f:4e:68:f4:52:5e:80:42:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60a434fd6bff8b6fbb0d52f8da42e91f8a5a292f
        Validity
            Not Before: Apr 17 07:00:44 2026 GMT
            Not After : Apr 18 07:00:44 2026 GMT
        Subject: CN=0d3f3e796b5c796de6befd8645c7512f18aa2005
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:84:d9:fa:c4:06:ac:15:27:5b:2a:01:85:ee:
                    7e:9a:d4:14:00:9c:d8:40:09:5a:75:ad:f2:3e:0c:
                    4a:16:ad:f6:43:7f:4d:44:d4:95:c2:e7:91:d9:d6:
                    69:7c:1a:d1:e1:5d:15:8b:11:7b:6d:83:3e:7b:81:
                    ec:da:83:e3:1e:39:e5:32:7c:0c:a6:38:45:96:c3:
                    e9:30:4f:37:47:71:77:4e:fc:7c:6e:12:84:c4:10:
                    e8:5d:d2:6d:e9:a1:5f:29:2c:e4:0e:bc:7b:a7:dd:
                    9d:44:16:9b:05:fb:5e:82:d8:5f:f0:ca:6e:8c:5a:
                    4c:98:22:8d:cb:96:01:85:c5:99:45:25:79:dd:bf:
                    89:ad:76:e2:61:98:13:5b:c8:24:68:38:25:fd:62:
                    72:26:d9:38:32:c1:be:e3:f9:df:fc:59:6e:bc:70:
                    19:ba:d6:68:e1:cb:0e:42:89:32:5c:46:03:3b:b9:
                    64:ef:31:94:54:73:a0:d7:58:a2:67:a7:b5:22:9c:
                    0c:9f:d8:e3:c4:7e:a3:c8:92:ad:3f:99:43:51:a7:
                    c8:f8:63:52:ac:8d:be:fc:4b:f0:f8:bc:2c:2c:07:
                    64:f4:ef:99:aa:b2:df:18:0c:64:0b:3b:91:b5:cd:
                    e5:07:b9:ad:73:d2:a0:67:1b:47:15:9e:cb:42:3a:
                    fd:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:3F:3E:79:6B:5C:79:6D:E6:BE:FD:86:45:C7:51:2F:18:AA:20:05
            X509v3 Authority Key Identifier:
                keyid:60:A4:34:FD:6B:FF:8B:6F:BB:0D:52:F8:DA:42:E9:1F:8A:5A:29:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:bf:74:7e:46:44:46:c9:ff:1c:b7:98:02:e7:c7:28:7f:2d:
         15:4e:0f:25:94:75:8d:eb:7f:82:dd:4e:99:a2:b5:e3:f4:55:
         b3:2b:06:f3:ec:c4:f1:ef:18:9b:03:12:e0:7d:25:39:39:38:
         6b:97:29:db:63:62:bd:2b:06:8b:cf:4a:c5:36:1c:76:de:9a:
         a6:23:d7:f2:a7:4d:ef:b5:fe:98:45:7a:a9:dc:dc:46:e7:98:
         33:68:d5:25:12:4f:0c:b4:64:3d:4e:31:e9:02:80:cf:f1:90:
         8c:b5:68:62:77:48:21:56:7e:a8:fe:e9:6b:0c:0d:c4:d3:56:
         2c:73:2a:92:48:cb:8b:a0:69:e1:28:89:93:16:86:2a:39:87:
         74:d1:b6:e1:26:b1:0c:82:31:19:06:ac:dd:73:90:c4:99:b5:
         82:d4:75:21:0f:6d:91:87:18:80:bb:b7:31:f5:55:dd:13:2d:
         51:b8:81:06:0f:f9:39:04:5e:5a:4f:04:ed:b4:4a:9a:18:e9:
         ca:e3:1d:b7:38:05:db:34:ad:41:f5:27:ff:87:3d:39:e0:b1:
         40:70:b2:2f:2e:49:4c:41:c2:ce:a2:f3:4c:30:1a:e2:2f:8c:
         b4:c9:ea:8f:30:c1:b3:41:5c:21:38:49:da:85:64:c6:16:e9:
         13:05:62:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPfId3Nl7T05o9FJegELxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYTQzNGZkNmJmZjhiNmZiYjBkNTJmOGRhNDJlOTFmOGE1
YTI5MmYwHhcNMjYwNDE3MDcwMDQ0WhcNMjYwNDE4MDcwMDQ0WjAzMTEwLwYDVQQD
EygwZDNmM2U3OTZiNWM3OTZkZTZiZWZkODY0NWM3NTEyZjE4YWEyMDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24TZ+sQGrBUnWyoBhe5+mtQUAJzY
QAlada3yPgxKFq32Q39NRNSVwueR2dZpfBrR4V0VixF7bYM+e4Hs2oPjHjnlMnwM
pjhFlsPpME83R3F3Tvx8bhKExBDoXdJt6aFfKSzkDrx7p92dRBabBftegthf8Mpu
jFpMmCKNy5YBhcWZRSV53b+JrXbiYZgTW8gkaDgl/WJyJtk4MsG+4/nf/FluvHAZ
utZo4csOQokyXEYDO7lk7zGUVHOg11iiZ6e1IpwMn9jjxH6jyJKtP5lDUafI+GNS
rI2+/Evw+LwsLAdk9O+ZqrLfGAxkCzuRtc3lB7mtc9KgZxtHFZ7LQjr9yQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA0/PnlrXHlt5r79hkXHUS8YqiAFMB8GA1UdIwQY
MBaAFGCkNP1r/4tvuw1S+NpC6R+KWikvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82ODAxYzktZGQxNy00ZGNhLTgxMDAt
NmEzZjAxZDljYjUwLzEvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82ODAxYzktZGQxNy00ZGNhLTgxMDAtNmEzZjAxZDljYjUw
LzEvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC790fkZE
Rsn/HLeYAufHKH8tFU4PJZR1jet/gt1OmaK14/RVsysG8+zE8e8YmwMS4H0lOTk4
a5cp22NivSsGi89KxTYcdt6apiPX8qdN77X+mEV6qdzcRueYM2jVJRJPDLRkPU4x
6QKAz/GQjLVoYndIIVZ+qP7pawwNxNNWLHMqkkjLi6Bp4SiJkxaGKjmHdNG24Sax
DIIxGQas3XOQxJm1gtR1IQ9tkYcYgLu3MfVV3RMtUbiBBg/5OQReWk8E7bRKmhjp
yuMdtzgF2zStQfUn/4c9OeCxQHCyLy5JTEHCzqLzTDAa4i+MtMnqjzDBs0FcIThJ
2oVkxhbpEwVixg==
-----END CERTIFICATE-----