Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft
File:                     yKQR5q7CPK13xDcrTXsLH8gtXcA.mft (raw, json)
Hash identifier:          Sw8CYvT3MbLfKmgVcsJVzpwtUF5MFUNDUOgdKT59U6M=
Subject key identifier:   E9:A6:F2:CB:3B:B3:ED:D2:19:AC:AA:3F:03:2C:F3:77:79:35:D7:1D
Authority key identifier: C8:A4:11:E6:AE:C2:3C:AD:77:C4:37:2B:4D:7B:0B:1F:C8:2D:5D:C0
Certificate issuer:       /CN=c8a411e6aec23cad77c4372b4d7b0b1fc82d5dc0
Certificate serial:       019D999915D0C40B58FED188D1F468CE59E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yKQR5q7CPK13xDcrTXsLH8gtXcA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft
Manifest number:          18BF
Signing time:             Fri 17 Apr 2026 04:00:39 +0000
Manifest this update:     Fri 17 Apr 2026 04:00:39 +0000
Manifest next update:     Sat 18 Apr 2026 04:00:39 +0000
Files and hashes:         1: yKQR5q7CPK13xDcrTXsLH8gtXcA.crl (hash: K4rBkXC53579aL4RypDHHjuGAZN8yjZa7urhQNB/4UA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yKQR5q7CPK13xDcrTXsLH8gtXcA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:99:15:d0:c4:0b:58:fe:d1:88:d1:f4:68:ce:59:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8a411e6aec23cad77c4372b4d7b0b1fc82d5dc0
        Validity
            Not Before: Apr 17 04:00:39 2026 GMT
            Not After : Apr 18 04:00:39 2026 GMT
        Subject: CN=e9a6f2cb3bb3edd219acaa3f032cf3777935d71d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:81:a5:48:54:e3:a1:52:df:be:11:05:6a:52:
                    98:7c:76:25:fa:aa:3c:6a:54:64:b1:ae:31:e1:36:
                    b8:e2:ce:d1:c2:3c:e7:38:91:47:c3:f5:ea:2e:2a:
                    7c:2d:89:22:78:a9:9f:5f:7e:ef:34:b5:63:66:67:
                    75:3a:3e:44:95:65:b8:a9:b1:18:89:bd:05:99:05:
                    99:d8:32:b4:8e:28:3b:ab:ec:f8:b4:7e:a5:49:6f:
                    ac:08:b8:27:91:51:89:54:6c:85:38:a8:2e:21:6f:
                    e0:ad:aa:58:75:3b:68:dd:47:83:4d:db:3b:fd:f2:
                    b5:71:db:84:66:6a:c7:35:58:ff:e9:58:d2:11:2f:
                    20:4b:2d:50:88:bc:51:93:c2:6f:4e:2b:fa:fa:19:
                    7f:e0:1e:af:a6:f9:f2:94:a9:94:57:da:cc:75:2b:
                    e3:f5:d5:57:c1:89:f2:e9:86:9a:22:d3:45:20:40:
                    1d:3a:92:13:6a:cd:89:35:65:3d:3d:29:cf:f5:f8:
                    cc:28:ba:f9:1e:7a:75:56:68:71:0b:c3:6c:43:90:
                    5a:5a:11:7c:5c:d6:76:4b:58:ae:4d:26:5c:6b:d1:
                    c1:bf:e8:bb:e7:14:7f:c3:32:80:5a:93:70:69:ca:
                    d9:b5:8c:a7:29:19:13:d8:8d:3d:4d:d3:46:5f:63:
                    de:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:A6:F2:CB:3B:B3:ED:D2:19:AC:AA:3F:03:2C:F3:77:79:35:D7:1D
            X509v3 Authority Key Identifier:
                keyid:C8:A4:11:E6:AE:C2:3C:AD:77:C4:37:2B:4D:7B:0B:1F:C8:2D:5D:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKQR5q7CPK13xDcrTXsLH8gtXcA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7b540f-b83a-40b9-ae6d-cdcee23a83b0/1/yKQR5q7CPK13xDcrTXsLH8gtXcA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:9c:1a:de:37:32:db:90:64:85:ce:f0:9b:44:1a:f6:6d:c7:
         23:63:82:45:f2:35:c2:69:fc:d9:f5:43:67:28:7d:3e:d9:68:
         42:f7:e0:ac:d6:1c:1f:23:6c:fa:a4:90:f7:cc:15:09:69:6f:
         62:a0:d9:22:84:37:63:d2:5c:e6:07:5f:78:5e:fa:8f:6d:97:
         8f:af:35:7e:75:98:03:4e:e6:0d:b8:48:07:ac:9d:0f:e0:77:
         0a:07:5c:81:38:3a:64:28:d2:7f:bd:8e:46:63:a5:c5:b0:98:
         2f:42:eb:e3:83:a9:b3:41:8c:8b:f3:ba:e7:22:9b:e7:eb:9c:
         31:a8:55:23:a1:bb:23:20:dd:20:36:4c:9a:b5:ee:2b:1c:8e:
         5e:73:10:9f:ac:c3:bd:a3:7f:01:87:ec:89:8d:38:40:c0:36:
         5d:fd:38:49:ef:64:3e:7c:b7:1a:8c:ef:e7:6d:f7:da:b2:b5:
         5e:76:80:77:d4:e7:bb:68:95:57:76:92:78:3c:5f:d3:f6:20:
         f8:38:3a:8f:87:10:1c:ba:ea:f7:f3:4a:ae:aa:b8:db:2a:a2:
         3a:95:f4:a5:41:f7:f2:df:00:4d:30:c6:c8:c7:91:9f:7d:3f:
         84:67:2c:cc:d9:3d:7a:98:9e:d7:99:f0:98:0f:0a:13:b4:02:
         1c:96:d4:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmRXQxAtY/tGI0fRozlngMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YTQxMWU2YWVjMjNjYWQ3N2M0MzcyYjRkN2IwYjFmYzgy
ZDVkYzAwHhcNMjYwNDE3MDQwMDM5WhcNMjYwNDE4MDQwMDM5WjAzMTEwLwYDVQQD
EyhlOWE2ZjJjYjNiYjNlZGQyMTlhY2FhM2YwMzJjZjM3Nzc5MzVkNzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYGlSFTjoVLfvhEFalKYfHYl+qo8
alRksa4x4Ta44s7RwjznOJFHw/XqLip8LYkieKmfX37vNLVjZmd1Oj5ElWW4qbEY
ib0FmQWZ2DK0jig7q+z4tH6lSW+sCLgnkVGJVGyFOKguIW/grapYdTto3UeDTds7
/fK1cduEZmrHNVj/6VjSES8gSy1QiLxRk8JvTiv6+hl/4B6vpvnylKmUV9rMdSvj
9dVXwYny6YaaItNFIEAdOpITas2JNWU9PSnP9fjMKLr5Hnp1VmhxC8NsQ5BaWhF8
XNZ2S1iuTSZca9HBv+i75xR/wzKAWpNwacrZtYynKRkT2I09TdNGX2PeoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOmm8ss7s+3SGayqPwMs83d5NdcdMB8GA1UdIwQY
MBaAFMikEeauwjytd8Q3K017Cx/ILV3AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUtRUjVxN0NQSzEzeERjclRYc0xIOGd0WGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83YjU0MGYtYjgzYS00MGI5LWFlNmQt
Y2RjZWUyM2E4M2IwLzEveUtRUjVxN0NQSzEzeERjclRYc0xIOGd0WGNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83YjU0MGYtYjgzYS00MGI5LWFlNmQtY2RjZWUyM2E4M2Iw
LzEveUtRUjVxN0NQSzEzeERjclRYc0xIOGd0WGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiJwa3jcy
25Bkhc7wm0Qa9m3HI2OCRfI1wmn82fVDZyh9PtloQvfgrNYcHyNs+qSQ98wVCWlv
YqDZIoQ3Y9Jc5gdfeF76j22Xj681fnWYA07mDbhIB6ydD+B3CgdcgTg6ZCjSf72O
RmOlxbCYL0Lr44Ops0GMi/O65yKb5+ucMahVI6G7IyDdIDZMmrXuKxyOXnMQn6zD
vaN/AYfsiY04QMA2Xf04Se9kPny3Gozv52332rK1XnaAd9Tnu2iVV3aSeDxf0/Yg
+Dg6j4cQHLrq9/NKrqq42yqiOpX0pUH38t8ATTDGyMeRn30/hGcszNk9epie15nw
mA8KE7QCHJbUrw==
-----END CERTIFICATE-----