Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
File:                     _ypds7oz42wW2_UmCy_idK5_siI.mft (raw, json)
Hash identifier:          /tlpNPJDcOS5Fk/GwJVpRrYR64arDjIeDBO4Ifa5gB8=
Subject key identifier:   C3:CB:54:81:A0:E3:B7:7F:4A:39:BC:99:3A:23:03:84:A9:8F:D1:CD
Authority key identifier: FF:2A:5D:B3:BA:33:E3:6C:16:DB:F5:26:0B:2F:E2:74:AE:7F:B2:22
Certificate issuer:       /CN=ff2a5db3ba33e36c16dbf5260b2fe274ae7fb222
Certificate serial:       019D985075B94B718E3AB18C0A04A33A0C8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
Manifest number:          0FA0
Signing time:             Thu 16 Apr 2026 22:01:42 +0000
Manifest this update:     Thu 16 Apr 2026 22:01:42 +0000
Manifest next update:     Fri 17 Apr 2026 22:01:42 +0000
Files and hashes:         1: _ypds7oz42wW2_UmCy_idK5_siI.crl (hash: sC9kKhpwawUMvo+UMwcJkBBDWxY/d3RkgNNeGe/fLoM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:50:75:b9:4b:71:8e:3a:b1:8c:0a:04:a3:3a:0c:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff2a5db3ba33e36c16dbf5260b2fe274ae7fb222
        Validity
            Not Before: Apr 16 22:01:42 2026 GMT
            Not After : Apr 17 22:01:42 2026 GMT
        Subject: CN=c3cb5481a0e3b77f4a39bc993a230384a98fd1cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:8a:97:f2:fe:9c:8d:d9:f1:02:9c:3c:e0:d0:
                    5e:58:12:0d:82:33:e4:2d:a7:32:34:05:f6:4b:5b:
                    81:dc:b0:68:40:5f:de:1e:cb:db:21:2e:ca:b8:57:
                    6f:22:73:95:19:c2:32:e2:3c:3c:45:a9:8f:b5:7c:
                    87:d6:12:b7:16:c0:69:be:4c:4c:1c:b5:3c:e0:f0:
                    3a:fe:9a:b6:96:b6:59:2b:d2:c2:07:91:e6:e9:12:
                    f2:e4:a1:9f:a3:e9:a4:25:48:29:86:16:28:43:89:
                    41:9c:55:6b:d9:cb:08:84:37:ae:d1:22:fe:5f:dd:
                    4c:42:eb:fb:33:8e:30:14:09:42:6b:20:a9:4b:a8:
                    9e:8d:d1:2e:53:75:dc:89:68:f0:e9:f5:14:8c:60:
                    a4:24:86:f9:e6:22:70:65:e7:c2:6c:67:1c:b0:f7:
                    29:58:6a:e9:a6:66:e9:86:98:56:7a:ec:4e:88:65:
                    f6:3a:f7:0f:83:c3:41:26:9e:3f:cb:f9:31:fc:45:
                    5b:29:53:cd:14:0b:a8:72:0c:6d:93:c7:21:4b:77:
                    72:b5:2d:13:17:90:64:e9:e2:a3:ed:aa:a9:f7:99:
                    25:d0:1a:53:85:22:c8:c0:2d:58:01:ee:38:35:34:
                    49:aa:a2:1a:d4:de:c9:79:19:d8:05:85:2a:8b:67:
                    3e:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:CB:54:81:A0:E3:B7:7F:4A:39:BC:99:3A:23:03:84:A9:8F:D1:CD
            X509v3 Authority Key Identifier:
                keyid:FF:2A:5D:B3:BA:33:E3:6C:16:DB:F5:26:0B:2F:E2:74:AE:7F:B2:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:c6:cc:88:08:6b:03:5d:a7:5d:39:56:35:7e:d9:d9:51:19:
         f1:e2:36:67:49:56:71:24:2c:a0:61:a0:a5:33:04:b9:17:99:
         f4:7e:b1:e8:94:0d:18:78:04:50:ff:69:91:b7:f1:31:de:96:
         7a:ca:e3:cd:c6:d7:5d:dd:1a:e5:20:68:6c:e6:5b:9d:0f:76:
         bb:c6:82:e8:f4:71:16:27:a0:33:64:e4:6c:8d:46:38:17:03:
         f5:48:b8:93:45:37:3b:be:0a:b4:d9:ca:5a:2e:aa:71:b8:5a:
         01:43:05:b6:11:42:d5:04:f5:87:48:5d:91:b3:24:7a:9f:5c:
         c3:f0:a7:94:4f:af:bf:11:b7:cb:42:eb:2c:49:1e:3e:7f:b7:
         aa:6f:d0:aa:d5:0f:cd:48:72:cd:31:d5:db:01:68:0f:bd:97:
         da:0e:e2:db:92:e9:fb:02:4d:4a:7d:ce:88:59:45:b3:8a:db:
         29:d0:27:94:bd:f1:6f:d6:ff:a1:2a:16:47:3a:2f:73:a1:fb:
         0d:42:9d:c0:76:45:ab:64:97:44:ec:f0:c4:2f:22:88:7c:7f:
         59:d3:7e:a8:2d:5a:ff:c6:46:c5:b4:9b:78:c3:be:37:a5:93:
         95:33:e2:cf:ed:10:3c:85:d9:eb:ea:15:1d:d0:f8:67:de:27:
         4e:e2:01:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YUHW5S3GOOrGMCgSjOgyLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMmE1ZGIzYmEzM2UzNmMxNmRiZjUyNjBiMmZlMjc0YWU3
ZmIyMjIwHhcNMjYwNDE2MjIwMTQyWhcNMjYwNDE3MjIwMTQyWjAzMTEwLwYDVQQD
EyhjM2NiNTQ4MWEwZTNiNzdmNGEzOWJjOTkzYTIzMDM4NGE5OGZkMWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4qX8v6cjdnxApw84NBeWBINgjPk
LacyNAX2S1uB3LBoQF/eHsvbIS7KuFdvInOVGcIy4jw8RamPtXyH1hK3FsBpvkxM
HLU84PA6/pq2lrZZK9LCB5Hm6RLy5KGfo+mkJUgphhYoQ4lBnFVr2csIhDeu0SL+
X91MQuv7M44wFAlCayCpS6iejdEuU3XciWjw6fUUjGCkJIb55iJwZefCbGccsPcp
WGrppmbphphWeuxOiGX2OvcPg8NBJp4/y/kx/EVbKVPNFAuocgxtk8chS3dytS0T
F5Bk6eKj7aqp95kl0BpThSLIwC1YAe44NTRJqqIa1N7JeRnYBYUqi2c+QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMPLVIGg47d/Sjm8mTojA4Spj9HNMB8GA1UdIwQY
MBaAFP8qXbO6M+NsFtv1Jgsv4nSuf7IiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC81ZGY3MTAtZGY4Ni00MmMwLThhYTIt
NTI2MGNkNWMyNGMzLzEvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC81ZGY3MTAtZGY4Ni00MmMwLThhYTItNTI2MGNkNWMyNGMz
LzEvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARsbMiAhr
A12nXTlWNX7Z2VEZ8eI2Z0lWcSQsoGGgpTMEuReZ9H6x6JQNGHgEUP9pkbfxMd6W
esrjzcbXXd0a5SBobOZbnQ92u8aC6PRxFiegM2TkbI1GOBcD9Ui4k0U3O74KtNnK
Wi6qcbhaAUMFthFC1QT1h0hdkbMkep9cw/CnlE+vvxG3y0LrLEkePn+3qm/QqtUP
zUhyzTHV2wFoD72X2g7i25Lp+wJNSn3OiFlFs4rbKdAnlL3xb9b/oSoWRzovc6H7
DUKdwHZFq2SXROzwxC8iiHx/WdN+qC1a/8ZGxbSbeMO+N6WTlTPiz+0QPIXZ6+oV
HdD4Z94nTuIBYQ==
-----END CERTIFICATE-----