Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.mft
File:                     y_sCefzSOo5YPzRauQRyjm0OTGI.mft (raw, json)
Hash identifier:          TBiDW660sb97x+Jsd3YRLI7w/W7PEsMHdxYdRxpkSGk=
Subject key identifier:   D4:0A:66:84:73:7F:06:64:DD:6D:66:71:6E:12:94:1E:60:00:03:4C
Authority key identifier: CB:FB:02:79:FC:D2:3A:8E:58:3F:34:5A:B9:04:72:8E:6D:0E:4C:62
Certificate issuer:       /CN=cbfb0279fcd23a8e583f345ab904728e6d0e4c62
Certificate serial:       019CAC47857C22F970727B2C4B05A0327770
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y_sCefzSOo5YPzRauQRyjm0OTGI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.mft
Manifest number:          0870
Signing time:             Mon 02 Mar 2026 02:01:34 +0000
Manifest this update:     Mon 02 Mar 2026 02:01:34 +0000
Manifest next update:     Tue 03 Mar 2026 02:01:34 +0000
Files and hashes:         1: y_sCefzSOo5YPzRauQRyjm0OTGI.crl (hash: 4fGBV0oiX96TkzsxPygoe5WdCuokZ4q5kdOoEJi9TqU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y_sCefzSOo5YPzRauQRyjm0OTGI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:47:85:7c:22:f9:70:72:7b:2c:4b:05:a0:32:77:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbfb0279fcd23a8e583f345ab904728e6d0e4c62
        Validity
            Not Before: Mar  2 02:01:34 2026 GMT
            Not After : Mar  3 02:01:34 2026 GMT
        Subject: CN=d40a6684737f0664dd6d66716e12941e6000034c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:8f:fa:79:1c:c4:03:75:62:0f:02:6f:d6:7a:
                    6e:7a:91:c9:89:e4:ac:40:42:d1:ec:42:4d:69:76:
                    d6:34:4d:cb:be:60:7d:87:ce:ce:4d:6b:09:ee:7f:
                    8e:66:8e:fd:d9:ee:dd:f3:5d:8d:e8:30:79:10:7a:
                    2c:47:14:d3:5c:89:eb:81:85:96:30:14:5f:38:84:
                    f5:ac:66:d2:22:d2:e2:34:b8:c4:f7:aa:35:c2:37:
                    e4:c0:64:c7:17:03:f8:2a:7a:46:37:8e:af:a3:02:
                    76:46:53:51:6d:c9:02:e6:41:bf:80:c4:41:f7:fe:
                    b4:e7:0c:97:0a:c8:e2:bc:f2:eb:44:b0:f0:46:85:
                    0d:79:7e:70:47:3e:24:4a:41:38:b1:4d:46:cc:e5:
                    df:43:1f:e7:ee:a0:ab:41:f1:91:16:c4:a3:83:60:
                    46:74:0f:89:6b:00:06:17:cb:9e:56:19:03:b9:04:
                    d9:b6:13:b3:3f:05:d1:a0:00:5a:fe:07:c6:7f:ad:
                    89:da:1c:dc:4f:ed:11:06:aa:30:f4:83:d4:76:e4:
                    6a:7d:a9:14:36:2f:93:9b:12:83:e6:14:e6:b1:44:
                    d1:5d:54:94:28:47:96:78:fc:87:55:1b:d3:71:ff:
                    ab:42:1d:00:7a:c0:1a:7c:b2:33:ff:93:df:eb:72:
                    23:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:0A:66:84:73:7F:06:64:DD:6D:66:71:6E:12:94:1E:60:00:03:4C
            X509v3 Authority Key Identifier:
                keyid:CB:FB:02:79:FC:D2:3A:8E:58:3F:34:5A:B9:04:72:8E:6D:0E:4C:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_sCefzSOo5YPzRauQRyjm0OTGI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9677b1-d43e-466e-9bf8-80f8202714da/1/y_sCefzSOo5YPzRauQRyjm0OTGI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e6:7b:8c:ca:60:57:9d:4c:7c:2c:86:0b:97:20:4a:4d:49:a7:
         50:dc:95:5b:d6:11:c4:79:a6:b4:5d:a5:77:dd:60:a9:3c:ca:
         c8:7f:76:48:e3:89:88:c0:fc:ee:29:48:8e:5b:8d:c0:89:5d:
         9e:ac:da:21:15:42:f9:74:a9:dc:67:99:4b:51:3f:0a:d1:17:
         43:90:04:bc:20:65:8a:99:20:ec:dd:87:ed:e1:8d:fa:69:be:
         71:73:96:67:58:b7:ca:cc:c1:ab:03:a5:e2:a1:6b:e6:f8:7a:
         1e:33:80:77:7c:d3:55:3b:01:a6:c1:d4:c4:7f:ce:c7:72:90:
         40:7a:78:3b:cb:f1:13:88:eb:6c:be:87:9a:4a:06:a7:f0:67:
         a8:6b:d7:37:11:12:3e:39:17:d2:80:80:17:67:de:43:e6:1c:
         1c:c2:6a:73:46:44:f0:af:31:8e:46:6b:4b:fc:ef:e8:d7:f8:
         c3:48:ad:88:c7:42:ec:40:af:46:6a:03:08:41:8d:bc:5f:ea:
         46:ef:60:c3:34:73:ce:c6:c0:5a:70:bc:bd:0c:19:a6:f4:33:
         ad:fb:fe:35:ed:74:ce:06:dd:10:ad:71:4c:09:7c:86:60:99:
         dc:52:a5:39:5b:87:ac:ca:33:e2:78:1b:78:4d:17:27:e9:8c:
         d6:67:9a:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysR4V8IvlwcnssSwWgMndwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZmIwMjc5ZmNkMjNhOGU1ODNmMzQ1YWI5MDQ3MjhlNmQw
ZTRjNjIwHhcNMjYwMzAyMDIwMTM0WhcNMjYwMzAzMDIwMTM0WjAzMTEwLwYDVQQD
EyhkNDBhNjY4NDczN2YwNjY0ZGQ2ZDY2NzE2ZTEyOTQxZTYwMDAwMzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsI/6eRzEA3ViDwJv1npuepHJieSs
QELR7EJNaXbWNE3LvmB9h87OTWsJ7n+OZo792e7d812N6DB5EHosRxTTXInrgYWW
MBRfOIT1rGbSItLiNLjE96o1wjfkwGTHFwP4KnpGN46vowJ2RlNRbckC5kG/gMRB
9/605wyXCsjivPLrRLDwRoUNeX5wRz4kSkE4sU1GzOXfQx/n7qCrQfGRFsSjg2BG
dA+JawAGF8ueVhkDuQTZthOzPwXRoABa/gfGf62J2hzcT+0RBqow9IPUduRqfakU
Ni+TmxKD5hTmsUTRXVSUKEeWePyHVRvTcf+rQh0AesAafLIz/5Pf63IjHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNQKZoRzfwZk3W1mcW4SlB5gAANMMB8GA1UdIwQY
MBaAFMv7Ann80jqOWD80WrkEco5tDkxiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9zQ2VmelNPbzVZUHpSYXVRUnlqbTBPVEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi85Njc3YjEtZDQzZS00NjZlLTliZjgt
ODBmODIwMjcxNGRhLzEveV9zQ2VmelNPbzVZUHpSYXVRUnlqbTBPVEdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi85Njc3YjEtZDQzZS00NjZlLTliZjgtODBmODIwMjcxNGRh
LzEveV9zQ2VmelNPbzVZUHpSYXVRUnlqbTBPVEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA5nuMymBX
nUx8LIYLlyBKTUmnUNyVW9YRxHmmtF2ld91gqTzKyH92SOOJiMD87ilIjluNwIld
nqzaIRVC+XSp3GeZS1E/CtEXQ5AEvCBlipkg7N2H7eGN+mm+cXOWZ1i3yszBqwOl
4qFr5vh6HjOAd3zTVTsBpsHUxH/Ox3KQQHp4O8vxE4jrbL6HmkoGp/BnqGvXNxES
PjkX0oCAF2feQ+YcHMJqc0ZE8K8xjkZrS/zv6Nf4w0itiMdC7ECvRmoDCEGNvF/q
Ru9gwzRzzsbAWnC8vQwZpvQzrfv+Ne10zgbdEK1xTAl8hmCZ3FKlOVuHrMoz4ngb
eE0XJ+mM1mearA==
-----END CERTIFICATE-----