Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.mft
File:                     yYDRnDv8xARxVndvAqNJiY5GuQ0.mft (raw, json)
Hash identifier:          TL4hhkBsW93Q7unESd+8uiIHNxomR1Ohc5UqvvEQ3YM=
Subject key identifier:   BA:39:D7:70:C7:45:5B:A0:7E:F3:B8:9B:A1:CB:42:8D:48:49:44:E8
Authority key identifier: C9:80:D1:9C:3B:FC:C4:04:71:56:77:6F:02:A3:49:89:8E:46:B9:0D
Certificate issuer:       /CN=c980d19c3bfcc4047156776f02a349898e46b90d
Certificate serial:       019D98F4E46143BCC62BA92CAF097C9A5385
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yYDRnDv8xARxVndvAqNJiY5GuQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.mft
Manifest number:          0BDC
Signing time:             Fri 17 Apr 2026 01:01:19 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:19 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:19 +0000
Files and hashes:         1: yYDRnDv8xARxVndvAqNJiY5GuQ0.crl (hash: cOG4j92f4f6gQlPSw/2zYbdMLsown+LCa9XXNpDwTRo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yYDRnDv8xARxVndvAqNJiY5GuQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:e4:61:43:bc:c6:2b:a9:2c:af:09:7c:9a:53:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c980d19c3bfcc4047156776f02a349898e46b90d
        Validity
            Not Before: Apr 17 01:01:19 2026 GMT
            Not After : Apr 18 01:01:19 2026 GMT
        Subject: CN=ba39d770c7455ba07ef3b89ba1cb428d484944e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:41:b9:05:b8:4e:05:25:db:3c:2a:34:d6:00:
                    5f:8e:a3:c2:4e:6d:f4:18:64:2d:3e:5b:ce:9f:cc:
                    26:40:ec:61:cf:55:c5:36:31:9a:45:11:aa:13:67:
                    d5:ea:cb:cd:74:4a:62:64:44:14:98:87:78:fa:fc:
                    1b:c7:27:d2:a5:82:f6:99:1f:07:ed:b7:e4:48:f5:
                    6b:3d:cd:78:3d:ef:09:29:ee:be:22:25:cf:a3:50:
                    39:1c:a3:19:5a:d1:0e:61:3a:2d:07:bc:2f:7d:30:
                    23:85:a9:f7:65:09:f8:9f:a6:a6:ba:fe:02:73:07:
                    69:13:27:8e:dd:b1:dc:08:ec:8d:e0:5b:3a:6c:26:
                    42:81:53:1f:7b:f3:b5:3e:ed:98:b5:b3:34:75:2a:
                    ab:d8:6e:0d:31:76:16:1f:d5:a8:4b:97:85:6b:ad:
                    03:70:5a:46:67:62:26:3a:ce:35:9f:bf:9f:cb:a8:
                    a8:9e:16:06:2c:4f:c8:01:9b:c6:6d:bd:92:b6:74:
                    40:9a:2a:56:6a:50:0f:2e:60:e3:e6:06:a6:aa:cb:
                    d3:09:8a:4b:41:3b:aa:c2:ec:9a:ab:4c:cb:4b:70:
                    a8:04:83:86:cd:2c:49:2a:00:60:eb:b2:ff:57:30:
                    13:14:97:7b:2e:06:e7:69:97:b7:df:1e:d5:31:2f:
                    a6:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:39:D7:70:C7:45:5B:A0:7E:F3:B8:9B:A1:CB:42:8D:48:49:44:E8
            X509v3 Authority Key Identifier:
                keyid:C9:80:D1:9C:3B:FC:C4:04:71:56:77:6F:02:A3:49:89:8E:46:B9:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yYDRnDv8xARxVndvAqNJiY5GuQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:8d:8c:c7:ef:3d:66:bd:1b:45:32:8e:74:4f:ca:0a:91:63:
         f6:39:a3:7e:6f:e2:6f:6f:54:84:a4:fb:da:61:ea:90:a2:38:
         72:ca:f6:e4:de:08:c3:3a:dc:36:68:f2:9e:5f:a8:8f:12:46:
         4d:ab:b5:9b:6a:85:f5:f7:8f:72:eb:07:80:80:f5:1f:68:2c:
         9d:51:52:ed:77:06:0a:f7:b9:4f:ba:19:1d:b3:90:4f:75:5b:
         ed:16:b7:51:03:f2:73:05:5f:da:6a:9a:19:ea:21:33:56:79:
         28:7f:42:53:67:85:11:50:f5:85:7f:ea:66:99:76:91:a3:73:
         17:26:bd:4b:66:ee:cc:b8:7b:a8:cd:53:34:51:3b:41:27:c9:
         a0:6d:2c:32:23:0e:ba:63:aa:0d:9d:e6:70:da:88:25:14:22:
         b7:e9:ca:20:ed:d4:c5:19:9d:c3:2e:80:d5:34:ab:88:08:46:
         24:1f:77:fd:1f:cf:18:5c:d6:fc:7b:04:45:21:84:f3:b5:6e:
         17:57:49:c8:4a:b2:9b:a3:f0:51:a9:45:93:52:56:b6:2a:48:
         74:b0:f0:63:38:81:78:f7:c8:c1:f9:58:7d:e7:11:87:e5:86:
         e9:74:f3:e7:c1:91:8a:bb:e5:d2:53:be:b8:de:99:f2:71:32:
         6f:65:13:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9ORhQ7zGK6ksrwl8mlOFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ODBkMTljM2JmY2M0MDQ3MTU2Nzc2ZjAyYTM0OTg5OGU0
NmI5MGQwHhcNMjYwNDE3MDEwMTE5WhcNMjYwNDE4MDEwMTE5WjAzMTEwLwYDVQQD
EyhiYTM5ZDc3MGM3NDU1YmEwN2VmM2I4OWJhMWNiNDI4ZDQ4NDk0NGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UG5BbhOBSXbPCo01gBfjqPCTm30
GGQtPlvOn8wmQOxhz1XFNjGaRRGqE2fV6svNdEpiZEQUmId4+vwbxyfSpYL2mR8H
7bfkSPVrPc14Pe8JKe6+IiXPo1A5HKMZWtEOYTotB7wvfTAjhan3ZQn4n6amuv4C
cwdpEyeO3bHcCOyN4Fs6bCZCgVMfe/O1Pu2YtbM0dSqr2G4NMXYWH9WoS5eFa60D
cFpGZ2ImOs41n7+fy6ionhYGLE/IAZvGbb2StnRAmipWalAPLmDj5gamqsvTCYpL
QTuqwuyaq0zLS3CoBIOGzSxJKgBg67L/VzATFJd7LgbnaZe33x7VMS+mXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLo513DHRVugfvO4m6HLQo1ISUToMB8GA1UdIwQY
MBaAFMmA0Zw7/MQEcVZ3bwKjSYmORrkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVlEUm5Edjh4QVJ4Vm5kdkFxTkppWTVHdVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy82OGMwNjMtNDAwYS00ZWQxLTlmYmYt
Yjg2NjE5NzUyMDM5LzEveVlEUm5Edjh4QVJ4Vm5kdkFxTkppWTVHdVEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy82OGMwNjMtNDAwYS00ZWQxLTlmYmYtYjg2NjE5NzUyMDM5
LzEveVlEUm5Edjh4QVJ4Vm5kdkFxTkppWTVHdVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG42Mx+89
Zr0bRTKOdE/KCpFj9jmjfm/ib29UhKT72mHqkKI4csr25N4IwzrcNmjynl+ojxJG
Tau1m2qF9fePcusHgID1H2gsnVFS7XcGCve5T7oZHbOQT3Vb7Ra3UQPycwVf2mqa
GeohM1Z5KH9CU2eFEVD1hX/qZpl2kaNzFya9S2buzLh7qM1TNFE7QSfJoG0sMiMO
umOqDZ3mcNqIJRQit+nKIO3UxRmdwy6A1TSriAhGJB93/R/PGFzW/HsERSGE87Vu
F1dJyEqym6PwUalFk1JWtipIdLDwYziBePfIwflYfecRh+WG6XTz58GRirvl0lO+
uN6Z8nEyb2UTvQ==
-----END CERTIFICATE-----