Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.mft
File:                     yjzk270E4HrOGTf4ChWvc5m4Aw4.mft (raw, json)
Hash identifier:          O/iTMrbRoEfA7OdS6QXo/4HHLP1fd755kdWEFDZljuo=
Subject key identifier:   07:C4:EA:39:AA:35:B2:90:19:B8:8E:85:42:A2:40:46:09:C2:58:C3
Authority key identifier: CA:3C:E4:DB:BD:04:E0:7A:CE:19:37:F8:0A:15:AF:73:99:B8:03:0E
Certificate issuer:       /CN=ca3ce4dbbd04e07ace1937f80a15af7399b8030e
Certificate serial:       019D98190FE8C6A04442A7EDFB747309A5D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yjzk270E4HrOGTf4ChWvc5m4Aw4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.mft
Manifest number:          0857
Signing time:             Thu 16 Apr 2026 21:01:12 +0000
Manifest this update:     Thu 16 Apr 2026 21:01:12 +0000
Manifest next update:     Fri 17 Apr 2026 21:01:12 +0000
Files and hashes:         1: yjzk270E4HrOGTf4ChWvc5m4Aw4.crl (hash: vC3RL+mqc7Cpe+TQWlZpm+6GT/F8Qb6rkhPMEuvxYUk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yjzk270E4HrOGTf4ChWvc5m4Aw4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 21:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:19:0f:e8:c6:a0:44:42:a7:ed:fb:74:73:09:a5:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca3ce4dbbd04e07ace1937f80a15af7399b8030e
        Validity
            Not Before: Apr 16 21:01:12 2026 GMT
            Not After : Apr 17 21:01:12 2026 GMT
        Subject: CN=07c4ea39aa35b29019b88e8542a2404609c258c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:9e:10:50:c2:fc:ea:51:eb:10:4e:d2:69:9d:
                    ee:69:b9:d3:6a:0f:2c:48:6b:79:99:47:bb:c3:6c:
                    19:71:17:86:48:b8:88:4f:d0:fe:64:4b:64:dc:cd:
                    ad:d8:21:64:65:78:61:90:a1:ae:68:92:fe:64:8a:
                    e7:d1:c0:0a:d4:a9:2c:94:21:78:a6:7e:bd:9d:52:
                    a5:b3:32:df:22:e6:ab:0d:ad:67:9d:10:f6:0f:23:
                    09:9a:54:36:16:8d:86:7b:3e:ea:3a:4e:f2:10:22:
                    f7:76:be:d8:bc:a0:4e:ad:df:2b:73:51:c7:4f:02:
                    88:60:11:94:2b:d7:d3:ea:14:5b:14:3c:da:73:e2:
                    ec:2f:54:32:d8:84:fe:61:5b:b9:ed:3b:dc:ec:bb:
                    d1:b9:4d:97:37:c6:1e:38:74:ff:45:ce:5e:9e:06:
                    09:4d:cf:c4:00:0b:4d:ee:fd:49:d1:1d:77:62:d1:
                    f8:0f:9e:72:95:83:7c:ee:c1:32:d6:7b:24:12:c8:
                    05:5a:4f:9e:91:7c:a4:3e:65:d0:62:48:83:2a:f1:
                    db:9e:31:01:7e:01:ad:4c:0e:c5:a1:73:75:33:fd:
                    81:6b:cd:5b:6f:4f:11:a4:70:f1:63:7c:6e:e4:fe:
                    8d:af:13:55:94:01:fc:32:47:a6:68:61:71:57:77:
                    c2:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:C4:EA:39:AA:35:B2:90:19:B8:8E:85:42:A2:40:46:09:C2:58:C3
            X509v3 Authority Key Identifier:
                keyid:CA:3C:E4:DB:BD:04:E0:7A:CE:19:37:F8:0A:15:AF:73:99:B8:03:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjzk270E4HrOGTf4ChWvc5m4Aw4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:d1:b4:ba:62:71:2a:0e:0a:0c:12:b5:c1:f1:b4:d4:b3:25:
         2a:ca:90:4a:5d:30:33:2b:d8:fa:67:8a:23:e8:69:0a:c0:14:
         69:48:32:05:74:4e:9b:12:0a:21:a8:5d:b1:93:e8:68:cb:54:
         e6:79:51:32:09:1a:5d:13:28:15:c0:40:eb:d2:69:c9:85:fe:
         b4:e5:6a:18:88:2b:35:5f:d0:3a:34:83:1e:8c:d9:9f:57:73:
         2b:24:3f:97:e9:57:0e:59:59:41:b9:5a:aa:6c:dc:d3:f0:95:
         d3:0d:7e:73:56:a2:85:30:b3:66:24:aa:01:59:b9:8d:4b:9b:
         26:71:81:48:84:a6:1e:cd:28:43:35:4d:0b:8b:5d:22:86:31:
         20:fd:05:18:26:ab:0e:6d:1f:44:ae:20:b2:b3:1b:48:42:7a:
         82:0d:05:ad:1c:ec:17:6f:9a:c4:4a:b5:6f:4e:d7:73:d1:69:
         13:75:fb:b6:c4:d7:6e:5b:af:65:41:c8:a3:54:f0:3e:08:1e:
         84:91:73:24:c2:5e:85:f4:d9:0e:c0:67:5e:03:79:96:ff:74:
         0c:51:f6:71:8d:b7:c2:84:b6:16:e1:8f:79:55:df:dd:f3:ec:
         a9:7e:5f:a7:ba:7a:85:3f:06:fc:5b:c3:08:bb:f0:0c:19:a6:
         87:72:18:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YGQ/oxqBEQqft+3RzCaXTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhM2NlNGRiYmQwNGUwN2FjZTE5MzdmODBhMTVhZjczOTli
ODAzMGUwHhcNMjYwNDE2MjEwMTEyWhcNMjYwNDE3MjEwMTEyWjAzMTEwLwYDVQQD
EygwN2M0ZWEzOWFhMzViMjkwMTliODhlODU0MmEyNDA0NjA5YzI1OGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJ4QUML86lHrEE7SaZ3uabnTag8s
SGt5mUe7w2wZcReGSLiIT9D+ZEtk3M2t2CFkZXhhkKGuaJL+ZIrn0cAK1KkslCF4
pn69nVKlszLfIuarDa1nnRD2DyMJmlQ2Fo2Gez7qOk7yECL3dr7YvKBOrd8rc1HH
TwKIYBGUK9fT6hRbFDzac+LsL1Qy2IT+YVu57Tvc7LvRuU2XN8YeOHT/Rc5engYJ
Tc/EAAtN7v1J0R13YtH4D55ylYN87sEy1nskEsgFWk+ekXykPmXQYkiDKvHbnjEB
fgGtTA7FoXN1M/2Ba81bb08RpHDxY3xu5P6NrxNVlAH8MkemaGFxV3fCwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAfE6jmqNbKQGbiOhUKiQEYJwljDMB8GA1UdIwQY
MBaAFMo85Nu9BOB6zhk3+AoVr3OZuAMOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWp6azI3MEU0SHJPR1RmNENoV3ZjNW00QXc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hNWQ5YTMtYzQ1NC00YjdlLTgwMGQt
NjE3Y2QzZGYzOTViLzEveWp6azI3MEU0SHJPR1RmNENoV3ZjNW00QXc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9hNWQ5YTMtYzQ1NC00YjdlLTgwMGQtNjE3Y2QzZGYzOTVi
LzEveWp6azI3MEU0SHJPR1RmNENoV3ZjNW00QXc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA9G0umJx
Kg4KDBK1wfG01LMlKsqQSl0wMyvY+meKI+hpCsAUaUgyBXROmxIKIahdsZPoaMtU
5nlRMgkaXRMoFcBA69JpyYX+tOVqGIgrNV/QOjSDHozZn1dzKyQ/l+lXDllZQbla
qmzc0/CV0w1+c1aihTCzZiSqAVm5jUubJnGBSISmHs0oQzVNC4tdIoYxIP0FGCar
Dm0fRK4gsrMbSEJ6gg0FrRzsF2+axEq1b07Xc9FpE3X7tsTXbluvZUHIo1TwPgge
hJFzJMJehfTZDsBnXgN5lv90DFH2cY23woS2FuGPeVXf3fPsqX5fp7p6hT8G/FvD
CLvwDBmmh3IYOA==
-----END CERTIFICATE-----