Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.mft
File:                     yGdv_eMX8uwbgQDS2dRKPn2PeNY.mft (raw, json)
Hash identifier:          MurB70DE0ZfAZ8wA88FtQX2T9TmhOWdiSBpq+JVN0L4=
Subject key identifier:   66:91:75:0E:D8:9C:69:B0:10:8C:FC:D5:62:51:7D:34:35:D3:54:C9
Authority key identifier: C8:67:6F:FD:E3:17:F2:EC:1B:81:00:D2:D9:D4:4A:3E:7D:8F:78:D6
Certificate issuer:       /CN=c8676ffde317f2ec1b8100d2d9d44a3e7d8f78d6
Certificate serial:       019D9A3E766AFB7AA432754A9D550CA3049C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yGdv_eMX8uwbgQDS2dRKPn2PeNY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.mft
Manifest number:          0F7A
Signing time:             Fri 17 Apr 2026 07:01:17 +0000
Manifest this update:     Fri 17 Apr 2026 07:01:17 +0000
Manifest next update:     Sat 18 Apr 2026 07:01:17 +0000
Files and hashes:         1: yGdv_eMX8uwbgQDS2dRKPn2PeNY.crl (hash: b6ac22SYJSB53XH6SZ2tkmF9PQnFLDkW/sExWVfHubc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yGdv_eMX8uwbgQDS2dRKPn2PeNY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:3e:76:6a:fb:7a:a4:32:75:4a:9d:55:0c:a3:04:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8676ffde317f2ec1b8100d2d9d44a3e7d8f78d6
        Validity
            Not Before: Apr 17 07:01:17 2026 GMT
            Not After : Apr 18 07:01:17 2026 GMT
        Subject: CN=6691750ed89c69b0108cfcd562517d3435d354c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:83:51:02:d5:75:c3:f0:c7:9e:41:2d:ed:d0:
                    2c:8f:8c:0a:00:83:16:5d:62:9a:23:cc:49:06:30:
                    a5:1b:5e:1e:14:d4:5c:9c:44:c0:37:43:8e:9c:a5:
                    81:0a:34:68:06:4b:ef:4f:19:25:cb:a1:8b:b0:09:
                    45:54:a1:fd:e2:28:94:cb:83:26:b1:87:99:5f:a7:
                    cd:68:e7:9f:99:07:4e:a0:07:49:8b:d3:8d:3e:d8:
                    b1:9c:4e:47:63:99:a3:68:39:a1:b9:a0:08:bb:4d:
                    8f:6c:cf:7b:9c:b0:7e:ea:03:78:ae:e1:34:74:e4:
                    5f:e3:16:e6:26:b3:4a:44:b5:29:22:3c:0c:58:b7:
                    a5:4b:0e:60:79:31:01:6a:46:43:bc:89:94:c0:09:
                    82:02:bf:16:16:21:1a:40:76:c3:78:08:cd:db:96:
                    8d:8d:ac:9a:99:3c:12:f3:cf:64:d5:43:7c:5b:da:
                    e5:25:e7:f7:26:00:52:91:68:f6:cc:bb:bd:34:88:
                    85:3e:a2:8a:36:fb:c2:08:53:f1:29:72:c1:3b:b3:
                    10:f8:16:dc:2f:53:e0:ff:b1:75:19:0d:b0:92:47:
                    4e:94:90:bf:84:f1:5e:a4:60:3b:15:bf:29:9d:dd:
                    dd:48:c4:4c:56:b3:22:a3:e9:c5:ea:4b:73:1b:a0:
                    5d:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:91:75:0E:D8:9C:69:B0:10:8C:FC:D5:62:51:7D:34:35:D3:54:C9
            X509v3 Authority Key Identifier:
                keyid:C8:67:6F:FD:E3:17:F2:EC:1B:81:00:D2:D9:D4:4A:3E:7D:8F:78:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGdv_eMX8uwbgQDS2dRKPn2PeNY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:38:bf:16:fa:be:0d:d1:88:2e:54:5f:ed:ca:67:76:c6:53:
         69:44:35:1e:5f:42:d7:f6:05:6f:b4:d7:66:6d:78:e6:29:60:
         b7:9c:d4:cf:82:ea:00:43:1f:1e:19:66:5f:33:16:25:b2:9f:
         3a:03:0a:5f:c8:ed:bf:f9:da:91:44:c6:71:ec:30:25:b3:da:
         55:93:c4:76:c7:b1:06:27:a5:a3:1d:fe:9d:1b:a0:1f:c1:94:
         65:cc:73:9e:e0:da:6c:68:21:7d:06:b7:25:00:2e:35:92:93:
         e7:a3:38:45:8f:b9:2a:2f:74:c0:f5:d3:48:06:0e:9e:cf:cb:
         89:a6:46:64:d6:22:4d:a1:a6:9d:c1:58:67:b3:9d:8c:a5:06:
         cf:bd:51:a6:1c:02:06:e8:dc:60:8e:76:43:b4:0c:3f:bd:27:
         33:2c:47:e3:4a:9c:26:56:ac:0e:50:66:9c:8e:c9:6f:59:47:
         d7:6b:b6:0d:57:77:46:d6:11:37:16:d8:4f:69:b0:25:bc:67:
         7e:4c:28:45:c4:9d:bd:3c:dd:75:ed:27:e2:c0:60:59:1c:01:
         99:70:53:2f:ac:b7:79:b3:91:fc:89:1e:bd:b1:96:a1:fa:0c:
         c6:34:6d:c5:24:16:f8:68:a3:ea:db:b4:45:1e:7c:45:63:cc:
         f4:18:dd:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPnZq+3qkMnVKnVUMowScMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4Njc2ZmZkZTMxN2YyZWMxYjgxMDBkMmQ5ZDQ0YTNlN2Q4
Zjc4ZDYwHhcNMjYwNDE3MDcwMTE3WhcNMjYwNDE4MDcwMTE3WjAzMTEwLwYDVQQD
Eyg2NjkxNzUwZWQ4OWM2OWIwMTA4Y2ZjZDU2MjUxN2QzNDM1ZDM1NGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYNRAtV1w/DHnkEt7dAsj4wKAIMW
XWKaI8xJBjClG14eFNRcnETAN0OOnKWBCjRoBkvvTxkly6GLsAlFVKH94iiUy4Mm
sYeZX6fNaOefmQdOoAdJi9ONPtixnE5HY5mjaDmhuaAIu02PbM97nLB+6gN4ruE0
dORf4xbmJrNKRLUpIjwMWLelSw5geTEBakZDvImUwAmCAr8WFiEaQHbDeAjN25aN
jayamTwS889k1UN8W9rlJef3JgBSkWj2zLu9NIiFPqKKNvvCCFPxKXLBO7MQ+Bbc
L1Pg/7F1GQ2wkkdOlJC/hPFepGA7Fb8pnd3dSMRMVrMio+nF6ktzG6BdGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGaRdQ7YnGmwEIz81WJRfTQ101TJMB8GA1UdIwQY
MBaAFMhnb/3jF/LsG4EA0tnUSj59j3jWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUdkdl9lTVg4dXdiZ1FEUzJkUktQbjJQZU5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS80OWIzMDctZmRjYS00YzU3LWFmZGYt
NzA5NzkzY2QwMTIzLzEveUdkdl9lTVg4dXdiZ1FEUzJkUktQbjJQZU5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS80OWIzMDctZmRjYS00YzU3LWFmZGYtNzA5NzkzY2QwMTIz
LzEveUdkdl9lTVg4dXdiZ1FEUzJkUktQbjJQZU5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARDi/Fvq+
DdGILlRf7cpndsZTaUQ1Hl9C1/YFb7TXZm145ilgt5zUz4LqAEMfHhlmXzMWJbKf
OgMKX8jtv/nakUTGcewwJbPaVZPEdsexBielox3+nRugH8GUZcxznuDabGghfQa3
JQAuNZKT56M4RY+5Ki90wPXTSAYOns/LiaZGZNYiTaGmncFYZ7OdjKUGz71RphwC
BujcYI52Q7QMP70nMyxH40qcJlasDlBmnI7Jb1lH12u2DVd3RtYRNxbYT2mwJbxn
fkwoRcSdvTzdde0n4sBgWRwBmXBTL6y3ebOR/IkevbGWofoMxjRtxSQW+Gij6tu0
RR58RWPM9Bjdew==
-----END CERTIFICATE-----