Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
File:                     YNJSouMVOM2lhXutCYPIvfVYsXs.mft (raw, json)
Hash identifier:          TS6G16GbKVKzuXVqhJerfyw0kWBr/SktL0G0UML37Pk=
Subject key identifier:   30:03:B6:E4:63:93:28:6B:47:8C:EC:B3:DD:DB:4A:DE:D7:3A:3C:BD
Authority key identifier: 60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B
Certificate issuer:       /CN=60d252a2e31538cda5857bad0983c8bdf558b17b
Certificate serial:       019D98F413AB8FA753A69878DE2881F9E207
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
Manifest number:          0C02
Signing time:             Fri 17 Apr 2026 01:00:25 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:25 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:25 +0000
Files and hashes:         1: YNJSouMVOM2lhXutCYPIvfVYsXs.crl (hash: I73S1UK0lmL8REy7OmhwbeR2cgRN/Ty0Z0WkoxHy+7U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:13:ab:8f:a7:53:a6:98:78:de:28:81:f9:e2:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60d252a2e31538cda5857bad0983c8bdf558b17b
        Validity
            Not Before: Apr 17 01:00:25 2026 GMT
            Not After : Apr 18 01:00:25 2026 GMT
        Subject: CN=3003b6e46393286b478cecb3dddb4aded73a3cbd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:e4:99:53:78:72:b1:19:8a:31:dc:01:8f:ad:
                    0b:3e:85:41:bc:b9:01:04:30:ca:09:6b:40:2c:a4:
                    bc:9f:49:c5:08:35:6c:34:4c:ca:16:e7:2d:d1:20:
                    71:b8:53:9c:08:18:1e:94:c5:2d:54:7f:d4:a7:9b:
                    d7:73:03:ef:55:6e:73:4b:1a:b6:9b:36:3c:c0:03:
                    78:09:eb:8c:aa:ea:f6:0a:a8:23:63:8f:c7:67:f3:
                    bd:80:34:94:b5:84:f8:e6:80:68:45:b4:12:54:55:
                    d8:5f:03:57:8a:5b:db:2a:8b:f6:e0:a6:89:93:9b:
                    4b:3f:88:78:e0:41:c0:84:03:a3:11:7c:35:8b:cc:
                    7d:a6:d3:1c:b3:05:b9:db:4b:41:82:5b:5d:72:27:
                    eb:e2:9b:e0:6f:23:7a:ec:a8:ef:7d:40:3a:b5:30:
                    53:85:63:59:eb:8c:0f:ac:b1:e2:79:95:cd:5d:13:
                    cb:66:70:ef:43:5a:49:3c:f2:0a:a3:3c:ce:d4:f7:
                    c1:b3:36:0b:0d:5c:8c:8d:8c:02:e7:5c:73:12:76:
                    80:76:7e:7c:2b:c1:0c:8b:83:43:39:41:d3:79:ce:
                    93:0c:4f:0b:73:52:90:10:36:ce:7c:34:5b:5d:15:
                    c0:33:c0:c4:0b:98:68:b0:dc:97:77:f7:c1:dd:6c:
                    a3:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:03:B6:E4:63:93:28:6B:47:8C:EC:B3:DD:DB:4A:DE:D7:3A:3C:BD
            X509v3 Authority Key Identifier:
                keyid:60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:5e:99:74:c2:10:ce:4d:1d:5a:c8:f2:eb:a5:3b:73:fc:e6:
         71:19:fe:77:d7:bf:f4:20:5e:20:92:f2:42:5a:d9:51:65:b9:
         4a:80:e4:0e:73:b9:1d:b3:4c:a1:4c:e2:c6:54:7d:08:2b:a2:
         28:1b:4b:8c:00:4a:e3:fc:79:70:6f:3a:5e:b0:bb:b2:ea:50:
         c4:25:12:90:40:62:66:b6:d0:6d:23:19:f5:54:81:77:ae:35:
         33:ce:c4:99:e9:e1:a0:cd:b2:c8:81:c8:c6:8c:aa:4f:10:a2:
         18:a5:7d:10:fe:da:77:4c:c7:5f:4f:8d:e0:01:9a:b9:30:5a:
         d1:c2:03:06:18:38:1d:70:7e:5d:4a:9b:a8:ae:b8:ed:ec:f0:
         48:aa:7f:40:10:53:b7:c1:15:fc:85:de:3b:fc:85:21:3d:89:
         05:00:c3:1a:82:ef:85:a2:e9:12:dd:91:ee:19:50:7c:cb:c3:
         8f:33:6e:40:af:90:00:6e:d0:32:b7:85:fd:07:43:02:35:b7:
         09:26:70:30:a7:65:d7:ad:23:ab:ee:c7:a2:94:73:c4:d7:0e:
         0a:14:db:49:66:de:e2:f1:65:b6:38:7d:08:c0:de:4c:35:28:
         64:74:2f:6d:d2:8a:45:28:94:98:7d:f8:85:21:5c:46:77:e7:
         89:4f:e9:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9BOrj6dTpph43iiB+eIHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZDI1MmEyZTMxNTM4Y2RhNTg1N2JhZDA5ODNjOGJkZjU1
OGIxN2IwHhcNMjYwNDE3MDEwMDI1WhcNMjYwNDE4MDEwMDI1WjAzMTEwLwYDVQQD
EygzMDAzYjZlNDYzOTMyODZiNDc4Y2VjYjNkZGRiNGFkZWQ3M2EzY2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+SZU3hysRmKMdwBj60LPoVBvLkB
BDDKCWtALKS8n0nFCDVsNEzKFuct0SBxuFOcCBgelMUtVH/Up5vXcwPvVW5zSxq2
mzY8wAN4CeuMqur2CqgjY4/HZ/O9gDSUtYT45oBoRbQSVFXYXwNXilvbKov24KaJ
k5tLP4h44EHAhAOjEXw1i8x9ptMcswW520tBgltdcifr4pvgbyN67KjvfUA6tTBT
hWNZ64wPrLHieZXNXRPLZnDvQ1pJPPIKozzO1PfBszYLDVyMjYwC51xzEnaAdn58
K8EMi4NDOUHTec6TDE8Lc1KQEDbOfDRbXRXAM8DEC5hosNyXd/fB3WyjlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDADtuRjkyhrR4zss93bSt7XOjy9MB8GA1UdIwQY
MBaAFGDSUqLjFTjNpYV7rQmDyL31WLF7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYt
NTY2ZjZjZjQzMWMwLzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYtNTY2ZjZjZjQzMWMw
LzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWF6ZdMIQ
zk0dWsjy66U7c/zmcRn+d9e/9CBeIJLyQlrZUWW5SoDkDnO5HbNMoUzixlR9CCui
KBtLjABK4/x5cG86XrC7supQxCUSkEBiZrbQbSMZ9VSBd641M87EmenhoM2yyIHI
xoyqTxCiGKV9EP7ad0zHX0+N4AGauTBa0cIDBhg4HXB+XUqbqK647ezwSKp/QBBT
t8EV/IXeO/yFIT2JBQDDGoLvhaLpEt2R7hlQfMvDjzNuQK+QAG7QMreF/QdDAjW3
CSZwMKdl160jq+7HopRzxNcOChTbSWbe4vFltjh9CMDeTDUoZHQvbdKKRSiUmH34
hSFcRnfniU/pPw==
-----END CERTIFICATE-----