Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
File:                     YA09DkcUJu84PjkRODpJg78idkQ.mft (raw, json)
Hash identifier:          Dwk6C1+guDfHDCygxb8wX3Fm0YDeXv97iyqB3Ai38SI=
Subject key identifier:   CE:A8:E5:6E:26:0F:FE:CE:D0:A4:82:DE:6B:54:8B:B4:1D:44:3E:80
Authority key identifier: 60:0D:3D:0E:47:14:26:EF:38:3E:39:11:38:3A:49:83:BF:22:76:44
Certificate issuer:       /CN=600d3d0e471426ef383e3911383a4983bf227644
Certificate serial:       019DA3E6129B86186A74F3A857D5AC0B03E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
Manifest number:          0598
Signing time:             Sun 19 Apr 2026 04:00:57 +0000
Manifest this update:     Sun 19 Apr 2026 04:00:57 +0000
Manifest next update:     Mon 20 Apr 2026 04:00:57 +0000
Files and hashes:         1: YA09DkcUJu84PjkRODpJg78idkQ.crl (hash: RYlJDTPK9vOHWbv5SHH8T23nqilZR9L2ySITUacTvuk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:e6:12:9b:86:18:6a:74:f3:a8:57:d5:ac:0b:03:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=600d3d0e471426ef383e3911383a4983bf227644
        Validity
            Not Before: Apr 19 04:00:57 2026 GMT
            Not After : Apr 20 04:00:57 2026 GMT
        Subject: CN=cea8e56e260ffeced0a482de6b548bb41d443e80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:9e:6e:3d:80:a3:00:a9:02:a3:28:31:c4:15:
                    cc:c0:cf:8a:3d:27:35:fb:54:86:15:b6:bb:4b:0f:
                    c8:a2:ed:9f:03:e0:0f:e0:78:9e:24:46:92:ef:cb:
                    46:40:88:da:5f:3a:e9:a0:a6:81:16:4b:d3:cb:41:
                    ee:10:66:b4:c3:2d:fc:d5:84:e6:40:c1:07:10:1e:
                    17:44:a7:77:86:cf:0e:e8:ef:47:02:88:ac:7e:20:
                    ea:12:c9:ba:02:3b:71:65:d1:40:1e:14:9b:75:73:
                    d0:4f:55:ae:d4:9f:a4:1f:a8:48:4e:ba:c5:15:ee:
                    c2:bd:43:6d:ff:ca:70:d7:d8:c0:2c:59:ac:71:28:
                    0c:c4:a5:2a:6d:b7:ef:cf:27:82:1b:92:18:b8:b8:
                    4c:09:b0:1f:8d:ef:92:a2:ef:88:59:eb:7e:4f:ee:
                    70:39:f1:6b:61:22:17:d4:6e:df:56:7b:59:f4:c2:
                    c6:eb:5d:fe:93:f5:28:2a:ec:67:0a:d7:c3:fb:18:
                    8c:d3:ea:a6:b5:0d:ff:5c:89:38:ec:1d:fc:0a:55:
                    0b:d3:66:25:d1:63:4b:44:7e:da:6d:96:be:31:1b:
                    65:8d:d5:c2:2e:5f:7f:da:98:c9:64:01:ef:7e:f7:
                    af:7b:8a:c0:77:6c:4e:a0:f6:5b:9c:20:39:68:6d:
                    de:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:A8:E5:6E:26:0F:FE:CE:D0:A4:82:DE:6B:54:8B:B4:1D:44:3E:80
            X509v3 Authority Key Identifier:
                keyid:60:0D:3D:0E:47:14:26:EF:38:3E:39:11:38:3A:49:83:BF:22:76:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:ff:37:9a:ab:5a:42:79:3c:58:53:cb:21:cf:95:5e:1c:0e:
         6f:2c:9d:c7:9d:bc:62:ab:2f:10:e8:0a:d9:c2:46:4b:be:09:
         0f:86:67:27:e5:9a:bd:3d:45:56:75:5f:a3:ee:40:95:da:e5:
         8b:66:52:c7:2f:2d:ae:ba:c9:8e:0d:c4:5b:27:f9:33:ce:81:
         2f:cb:39:bc:4f:be:e0:97:f8:32:9b:88:2e:86:e3:48:0b:5f:
         dc:69:c4:26:7c:5f:5f:9c:f6:fd:f5:34:7e:68:63:d9:40:5a:
         cb:98:6e:ff:3e:eb:36:23:8d:ea:2d:fc:a1:1c:b5:31:9b:41:
         d9:2e:5e:20:bf:03:d7:f6:62:73:f1:ef:b3:80:3d:6d:35:57:
         c3:e0:b0:86:b8:c8:71:5b:4d:68:f2:1c:43:65:e0:76:f8:3a:
         56:d2:6b:df:ea:f7:0f:50:07:a8:d9:28:4f:ea:60:0f:7a:be:
         34:26:cd:2d:79:d7:58:ce:a7:85:2b:13:26:f7:79:75:07:c8:
         55:74:aa:18:ca:9e:16:3f:0a:ca:80:68:03:47:13:30:49:76:
         bf:eb:4b:26:6e:e3:2b:65:07:fa:c1:e2:1a:d5:30:18:8f:2d:
         1c:36:9f:d5:d2:d9:ef:a5:7a:0f:df:49:e8:1b:6b:2f:92:8f:
         7a:c5:98:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2j5hKbhhhqdPOoV9WsCwPgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMGQzZDBlNDcxNDI2ZWYzODNlMzkxMTM4M2E0OTgzYmYy
Mjc2NDQwHhcNMjYwNDE5MDQwMDU3WhcNMjYwNDIwMDQwMDU3WjAzMTEwLwYDVQQD
EyhjZWE4ZTU2ZTI2MGZmZWNlZDBhNDgyZGU2YjU0OGJiNDFkNDQzZTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0J5uPYCjAKkCoygxxBXMwM+KPSc1
+1SGFba7Sw/Iou2fA+AP4HieJEaS78tGQIjaXzrpoKaBFkvTy0HuEGa0wy381YTm
QMEHEB4XRKd3hs8O6O9HAoisfiDqEsm6AjtxZdFAHhSbdXPQT1Wu1J+kH6hITrrF
Fe7CvUNt/8pw19jALFmscSgMxKUqbbfvzyeCG5IYuLhMCbAfje+Sou+IWet+T+5w
OfFrYSIX1G7fVntZ9MLG613+k/UoKuxnCtfD+xiM0+qmtQ3/XIk47B38ClUL02Yl
0WNLRH7abZa+MRtljdXCLl9/2pjJZAHvfveve4rAd2xOoPZbnCA5aG3eZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM6o5W4mD/7O0KSC3mtUi7QdRD6AMB8GA1UdIwQY
MBaAFGANPQ5HFCbvOD45ETg6SYO/InZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8xYWY1MWItN2IxNy00OTgwLTk4Yzct
M2MyZmE4YWFmMDMxLzEvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8xYWY1MWItN2IxNy00OTgwLTk4YzctM2MyZmE4YWFmMDMx
LzEvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA/83mqta
Qnk8WFPLIc+VXhwObyydx528YqsvEOgK2cJGS74JD4ZnJ+WavT1FVnVfo+5Aldrl
i2ZSxy8trrrJjg3EWyf5M86BL8s5vE++4Jf4MpuILobjSAtf3GnEJnxfX5z2/fU0
fmhj2UBay5hu/z7rNiON6i38oRy1MZtB2S5eIL8D1/Zic/Hvs4A9bTVXw+CwhrjI
cVtNaPIcQ2Xgdvg6VtJr3+r3D1AHqNkoT+pgD3q+NCbNLXnXWM6nhSsTJvd5dQfI
VXSqGMqeFj8KyoBoA0cTMEl2v+tLJm7jK2UH+sHiGtUwGI8tHDaf1dLZ76V6D99J
6BtrL5KPesWYvA==
-----END CERTIFICATE-----