Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
File:                     YTChAogFFzqiJUSk67mECskbyNA.mft (raw, json)
Hash identifier:          1wOaqcPSVxcOoUOsDapRX8qqvNCrZvnLazCCBqo/x8k=
Subject key identifier:   8D:4B:DF:4E:4F:0B:0D:8D:C4:FF:DB:32:1A:CC:70:D1:7D:BF:70:A9
Authority key identifier: 61:30:A1:02:88:05:17:3A:A2:25:44:A4:EB:B9:84:0A:C9:1B:C8:D0
Certificate issuer:       /CN=6130a1028805173aa22544a4ebb9840ac91bc8d0
Certificate serial:       019CAD5A362E37ABB3DEB0FD01B5B9B3A822
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
Manifest number:          0FA7
Signing time:             Mon 02 Mar 2026 07:01:36 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:36 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:36 +0000
Files and hashes:         1: YTChAogFFzqiJUSk67mECskbyNA.crl (hash: ckspYE52uITFS5moB//QM8Od339RhHGQuWlz7Rp9XUE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:5a:36:2e:37:ab:b3:de:b0:fd:01:b5:b9:b3:a8:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6130a1028805173aa22544a4ebb9840ac91bc8d0
        Validity
            Not Before: Mar  2 07:01:36 2026 GMT
            Not After : Mar  3 07:01:36 2026 GMT
        Subject: CN=8d4bdf4e4f0b0d8dc4ffdb321acc70d17dbf70a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:55:b8:3b:0f:78:8b:5b:df:42:6b:fd:5d:df:
                    93:e5:53:aa:0e:48:c6:77:d0:8e:5d:a8:c0:9d:9f:
                    fa:ae:34:fa:ba:5c:36:62:35:25:d7:c3:b4:15:70:
                    82:d4:02:89:26:9f:7c:0f:29:7f:d7:d7:58:cc:b5:
                    f9:24:2b:82:44:79:e0:27:92:dc:fb:9e:8f:d4:83:
                    9e:71:9c:67:e8:bd:76:78:17:a6:ef:d2:2b:d9:8a:
                    54:ad:5b:17:78:84:1a:13:6f:51:9c:18:b4:14:e1:
                    37:d5:d4:c9:57:ed:43:d7:0c:a4:ae:df:cd:a1:16:
                    9f:19:14:29:a2:5d:77:5a:57:af:ae:21:7f:d0:7c:
                    44:87:12:a9:2c:87:de:cb:c9:80:c8:b4:96:86:9f:
                    c2:1d:d9:09:8c:4e:1c:b8:f8:4d:dc:8b:3c:a0:f6:
                    64:9a:5d:15:22:2e:8f:d9:74:30:23:b5:3f:f5:c3:
                    0a:d1:51:f1:ad:07:e2:e5:4b:63:c6:03:21:c1:28:
                    85:ac:60:a6:34:bb:10:93:41:0d:b1:ec:4a:1c:38:
                    b5:3a:12:d7:66:82:fb:63:fa:5d:b0:2d:bb:81:8e:
                    22:84:7e:a2:8d:79:75:f3:4c:a2:61:b6:53:d7:f0:
                    be:68:41:65:6d:62:22:c1:d3:8d:f7:c3:61:a6:a3:
                    4c:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:4B:DF:4E:4F:0B:0D:8D:C4:FF:DB:32:1A:CC:70:D1:7D:BF:70:A9
            X509v3 Authority Key Identifier:
                keyid:61:30:A1:02:88:05:17:3A:A2:25:44:A4:EB:B9:84:0A:C9:1B:C8:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YTChAogFFzqiJUSk67mECskbyNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/3ae863-690e-4631-9120-a53b5e979131/1/YTChAogFFzqiJUSk67mECskbyNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:fe:7d:8d:4b:86:5c:d5:d9:65:b4:8e:5c:35:69:9b:7b:f0:
         3c:76:03:9d:03:15:0f:b4:d5:ac:6b:cd:2a:75:75:1e:cc:20:
         35:dd:c5:73:6a:be:49:52:56:88:fc:4d:b4:7f:0a:cf:62:f1:
         3d:07:28:cf:7c:aa:76:d3:23:0f:e8:5e:a2:1d:95:61:08:84:
         99:8b:5a:ee:a7:98:4a:51:be:08:91:39:c2:19:cb:d3:2b:09:
         ca:bc:da:6d:2f:29:58:4d:75:d2:59:fb:d0:34:dd:4a:a9:cb:
         0b:53:2c:e5:da:9f:5f:8f:4d:02:37:8f:7d:e0:0d:1b:34:75:
         cb:1c:5b:f8:b2:17:53:24:d7:ac:37:cb:69:2b:d0:1b:f8:68:
         6c:0b:7d:f7:7a:2b:4b:75:a9:ad:19:1e:f8:36:f9:b1:bf:c8:
         79:d2:95:81:05:b0:74:51:6d:af:05:65:bd:4f:5c:de:98:cf:
         23:de:e8:67:a6:bd:f4:15:11:c9:3f:cc:e0:0f:e5:cc:a2:26:
         e0:75:98:2b:c7:e0:f0:f4:bd:66:4e:eb:3d:6c:9a:e5:50:a7:
         e7:34:c8:7d:f0:d2:07:f5:1c:7c:a2:9d:3f:57:8e:e7:4b:43:
         0e:44:00:09:64:d8:c3:28:90:35:b8:2c:71:87:45:bc:5f:53:
         19:0c:13:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWjYuN6uz3rD9AbW5s6giMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMzBhMTAyODgwNTE3M2FhMjI1NDRhNGViYjk4NDBhYzkx
YmM4ZDAwHhcNMjYwMzAyMDcwMTM2WhcNMjYwMzAzMDcwMTM2WjAzMTEwLwYDVQQD
Eyg4ZDRiZGY0ZTRmMGIwZDhkYzRmZmRiMzIxYWNjNzBkMTdkYmY3MGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVW4Ow94i1vfQmv9Xd+T5VOqDkjG
d9COXajAnZ/6rjT6ulw2YjUl18O0FXCC1AKJJp98Dyl/19dYzLX5JCuCRHngJ5Lc
+56P1IOecZxn6L12eBem79Ir2YpUrVsXeIQaE29RnBi0FOE31dTJV+1D1wykrt/N
oRafGRQpol13WlevriF/0HxEhxKpLIfey8mAyLSWhp/CHdkJjE4cuPhN3Is8oPZk
ml0VIi6P2XQwI7U/9cMK0VHxrQfi5UtjxgMhwSiFrGCmNLsQk0ENsexKHDi1OhLX
ZoL7Y/pdsC27gY4ihH6ijXl180yiYbZT1/C+aEFlbWIiwdON98NhpqNMGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI1L305PCw2NxP/bMhrMcNF9v3CpMB8GA1UdIwQY
MBaAFGEwoQKIBRc6oiVEpOu5hArJG8jQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8zYWU4NjMtNjkwZS00NjMxLTkxMjAt
YTUzYjVlOTc5MTMxLzEvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8zYWU4NjMtNjkwZS00NjMxLTkxMjAtYTUzYjVlOTc5MTMx
LzEvWVRDaEFvZ0ZGenFpSlVTazY3bUVDc2tieU5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQf59jUuG
XNXZZbSOXDVpm3vwPHYDnQMVD7TVrGvNKnV1HswgNd3Fc2q+SVJWiPxNtH8Kz2Lx
PQcoz3yqdtMjD+heoh2VYQiEmYta7qeYSlG+CJE5whnL0ysJyrzabS8pWE110ln7
0DTdSqnLC1Ms5dqfX49NAjePfeANGzR1yxxb+LIXUyTXrDfLaSvQG/hobAt993or
S3WprRke+Db5sb/IedKVgQWwdFFtrwVlvU9c3pjPI97oZ6a99BURyT/M4A/lzKIm
4HWYK8fg8PS9Zk7rPWya5VCn5zTIffDSB/UcfKKdP1eO50tDDkQACWTYwyiQNbgs
cYdFvF9TGQwT8Q==
-----END CERTIFICATE-----