Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.mft
File:                     YE1FsSrOCsIjA-08d5S4MGpqtbA.mft (raw, json)
Hash identifier:          k4qwuM5s0IsMzMsLs8pUfshe7Yw616LrgsNkLC6kA6Q=
Subject key identifier:   2A:FA:7E:74:96:5F:23:67:82:BD:FF:98:F4:2E:32:6D:7E:4F:DC:10
Authority key identifier: 60:4D:45:B1:2A:CE:0A:C2:23:03:ED:3C:77:94:B8:30:6A:6A:B5:B0
Certificate issuer:       /CN=604d45b12ace0ac22303ed3c7794b8306a6ab5b0
Certificate serial:       019DA48AE375ECBEDF0200F2EACD84DF1063
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YE1FsSrOCsIjA-08d5S4MGpqtbA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.mft
Manifest number:          1857
Signing time:             Sun 19 Apr 2026 07:00:58 +0000
Manifest this update:     Sun 19 Apr 2026 07:00:58 +0000
Manifest next update:     Mon 20 Apr 2026 07:00:58 +0000
Files and hashes:         1: YE1FsSrOCsIjA-08d5S4MGpqtbA.crl (hash: K0t6PZdZ9M3yP7RAHTb6EPvZRF882cmKHhxotsqOJfk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YE1FsSrOCsIjA-08d5S4MGpqtbA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:8a:e3:75:ec:be:df:02:00:f2:ea:cd:84:df:10:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=604d45b12ace0ac22303ed3c7794b8306a6ab5b0
        Validity
            Not Before: Apr 19 07:00:58 2026 GMT
            Not After : Apr 20 07:00:58 2026 GMT
        Subject: CN=2afa7e74965f236782bdff98f42e326d7e4fdc10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:ba:d7:cd:f0:a5:c0:19:d2:0e:53:6d:b2:53:
                    cf:8e:3b:3b:1b:2d:ae:63:6b:e9:66:83:87:0a:ae:
                    c8:6e:3b:41:e8:ad:e2:cc:90:6d:9e:16:bb:8d:92:
                    35:56:e8:12:49:a8:92:94:b7:bd:2a:5a:b7:1b:65:
                    f4:fd:2f:f2:8e:66:77:61:a7:a0:22:bd:c7:95:75:
                    60:0e:97:cc:68:aa:bb:3a:00:09:49:09:e9:dc:42:
                    60:b7:8b:8f:47:0c:93:ab:6c:e0:fd:3c:54:1d:16:
                    b4:35:33:ef:45:8c:fa:74:08:98:6e:e2:87:17:85:
                    f6:4b:e4:37:e8:2f:62:06:9f:f8:6b:26:9f:e5:73:
                    63:6e:4f:bc:67:2e:02:21:49:bc:92:9d:7c:25:7c:
                    73:71:6f:69:e8:51:9d:2e:3b:dc:dc:7f:63:b7:3d:
                    5a:76:19:af:f7:e1:19:be:8b:76:f0:01:55:85:09:
                    44:16:eb:dd:33:6e:2d:c6:68:21:0b:0e:17:70:6c:
                    c5:bf:65:8d:bb:b1:87:13:d0:09:29:a0:18:5b:c8:
                    3d:49:2d:25:65:b8:d1:3f:b4:87:2c:2b:e2:95:82:
                    cb:93:2c:4b:9b:6f:ae:1a:be:10:35:2c:d3:18:a0:
                    b1:2c:0a:a2:30:89:09:1b:8a:e0:79:8a:ba:14:59:
                    f0:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:FA:7E:74:96:5F:23:67:82:BD:FF:98:F4:2E:32:6D:7E:4F:DC:10
            X509v3 Authority Key Identifier:
                keyid:60:4D:45:B1:2A:CE:0A:C2:23:03:ED:3C:77:94:B8:30:6A:6A:B5:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YE1FsSrOCsIjA-08d5S4MGpqtbA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:7c:88:af:45:2a:95:da:18:66:bd:e7:76:f1:f7:ef:ee:ed:
         92:d3:b2:aa:3d:6b:e6:57:94:d9:bf:8f:2a:9d:47:f1:a7:25:
         71:2c:cd:2a:f9:ac:5f:04:b5:71:d1:12:a6:64:20:df:47:36:
         98:0d:9e:88:20:69:b1:cf:78:df:be:f3:72:72:e8:93:25:e5:
         9f:fa:89:e7:aa:f0:12:e8:d7:42:88:fc:f2:25:e5:5f:c1:e6:
         7f:39:04:2c:e4:10:7b:16:19:5f:a3:c8:20:79:a5:82:fb:d5:
         45:35:51:bd:98:74:7b:98:a1:3f:1b:c8:10:ff:b9:6c:da:ba:
         c7:00:57:06:6a:95:bf:79:cb:d8:c0:9b:d1:20:4c:09:eb:b1:
         97:c2:ca:e7:77:a6:54:a5:c7:06:e6:c1:b2:30:2e:01:06:89:
         c4:2a:3a:6b:24:c5:05:13:93:7d:87:1f:be:05:5c:6f:d1:97:
         ba:5f:c1:05:a2:5c:75:d1:7d:ff:91:f6:b8:b7:c6:4b:f1:62:
         ea:f7:85:e1:0b:b7:4e:ad:d7:fe:c8:03:76:7e:82:4d:87:11:
         7d:ae:5d:49:61:45:42:a1:a6:32:18:06:c2:8d:b2:ca:70:5b:
         a7:a8:1a:af:00:1c:f2:b9:b7:03:19:ef:94:7e:82:3c:71:8b:
         d5:a4:ae:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kiuN17L7fAgDy6s2E3xBjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNGQ0NWIxMmFjZTBhYzIyMzAzZWQzYzc3OTRiODMwNmE2
YWI1YjAwHhcNMjYwNDE5MDcwMDU4WhcNMjYwNDIwMDcwMDU4WjAzMTEwLwYDVQQD
EygyYWZhN2U3NDk2NWYyMzY3ODJiZGZmOThmNDJlMzI2ZDdlNGZkYzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3rrXzfClwBnSDlNtslPPjjs7Gy2u
Y2vpZoOHCq7IbjtB6K3izJBtnha7jZI1VugSSaiSlLe9Klq3G2X0/S/yjmZ3Yaeg
Ir3HlXVgDpfMaKq7OgAJSQnp3EJgt4uPRwyTq2zg/TxUHRa0NTPvRYz6dAiYbuKH
F4X2S+Q36C9iBp/4ayaf5XNjbk+8Zy4CIUm8kp18JXxzcW9p6FGdLjvc3H9jtz1a
dhmv9+EZvot28AFVhQlEFuvdM24txmghCw4XcGzFv2WNu7GHE9AJKaAYW8g9SS0l
ZbjRP7SHLCvilYLLkyxLm2+uGr4QNSzTGKCxLAqiMIkJG4rgeYq6FFnwkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCr6fnSWXyNngr3/mPQuMm1+T9wQMB8GA1UdIwQY
MBaAFGBNRbEqzgrCIwPtPHeUuDBqarWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUUxRnNTck9Dc0lqQS0wOGQ1UzRNR3BxdGJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jYTY4NTUtMThmNi00YmMwLThmYWIt
Mzc1N2Y5MzA4YWNjLzEvWUUxRnNTck9Dc0lqQS0wOGQ1UzRNR3BxdGJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jYTY4NTUtMThmNi00YmMwLThmYWItMzc1N2Y5MzA4YWNj
LzEvWUUxRnNTck9Dc0lqQS0wOGQ1UzRNR3BxdGJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFXyIr0Uq
ldoYZr3ndvH37+7tktOyqj1r5leU2b+PKp1H8aclcSzNKvmsXwS1cdESpmQg30c2
mA2eiCBpsc94377zcnLokyXln/qJ56rwEujXQoj88iXlX8HmfzkELOQQexYZX6PI
IHmlgvvVRTVRvZh0e5ihPxvIEP+5bNq6xwBXBmqVv3nL2MCb0SBMCeuxl8LK53em
VKXHBubBsjAuAQaJxCo6ayTFBROTfYcfvgVcb9GXul/BBaJcddF9/5H2uLfGS/Fi
6veF4Qu3Tq3X/sgDdn6CTYcRfa5dSWFFQqGmMhgGwo2yynBbp6garwAc8rm3Axnv
lH6CPHGL1aSumw==
-----END CERTIFICATE-----