Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
File:                     Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft (raw, json)
Hash identifier:          vtSeOM9gKAYRz+5hIdAaGRjCjzu80ZLYtnfSztRaZtM=
Subject key identifier:   9F:97:20:94:8A:B4:88:AD:1E:20:A3:A7:54:2D:0E:99:F1:92:CC:66
Authority key identifier: 63:A8:CA:16:66:20:6D:2C:F1:2B:50:78:72:EA:D0:F5:A7:93:D0:E0
Certificate issuer:       /CN=63a8ca1666206d2cf12b507872ead0f5a793d0e0
Certificate serial:       019CAA216125DE5C4F99D28F3B7374526274
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
Manifest number:          09D0
Signing time:             Sun 01 Mar 2026 16:00:40 +0000
Manifest this update:     Sun 01 Mar 2026 16:00:40 +0000
Manifest next update:     Mon 02 Mar 2026 16:00:40 +0000
Files and hashes:         1: Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl (hash: xRuXEiDJ6O+C1HXqmK0puDZieywBXtKIqFMw7Trw0g4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:21:61:25:de:5c:4f:99:d2:8f:3b:73:74:52:62:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63a8ca1666206d2cf12b507872ead0f5a793d0e0
        Validity
            Not Before: Mar  1 16:00:40 2026 GMT
            Not After : Mar  2 16:00:40 2026 GMT
        Subject: CN=9f9720948ab488ad1e20a3a7542d0e99f192cc66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:3b:ff:78:71:8e:0b:25:1a:08:dc:7d:1d:2a:
                    53:cb:f1:41:5a:ab:80:ec:ba:52:30:90:cc:eb:a7:
                    4d:eb:7b:09:29:ab:e9:0f:6f:8e:fa:09:88:a6:42:
                    03:4c:1a:32:19:97:61:58:f6:0b:54:08:17:72:4f:
                    28:8d:f6:39:27:f2:b7:9b:49:b6:c1:5c:70:4d:7b:
                    c6:1a:0c:bf:0a:ca:72:9e:40:93:6b:6f:73:81:0c:
                    93:16:e0:fc:e6:f9:b3:c0:98:b2:e1:d6:60:5c:87:
                    c4:67:fc:6d:d9:ed:7e:11:f3:74:0d:1b:14:32:06:
                    9c:ac:e6:03:c2:b2:fb:43:1b:fe:2e:3e:1d:cd:64:
                    ea:80:ff:64:93:93:71:7e:be:79:0a:96:9f:44:03:
                    11:53:d7:3c:2e:2c:26:02:98:01:7b:a5:3c:32:02:
                    c3:b8:9a:ab:82:bf:cd:b5:40:13:0a:90:5c:d7:f1:
                    73:eb:5a:04:4e:54:89:57:bc:cd:ff:e2:dc:7a:8a:
                    34:a8:58:f0:ff:e3:20:02:ff:79:11:49:34:44:ce:
                    7d:85:69:e4:1b:8f:89:9a:d8:7e:73:04:3f:a1:e1:
                    a6:a5:bb:b4:91:93:72:8f:60:63:65:da:7e:23:e4:
                    be:83:5a:d5:11:e1:a4:b1:c4:7e:62:b4:68:a6:7e:
                    aa:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:97:20:94:8A:B4:88:AD:1E:20:A3:A7:54:2D:0E:99:F1:92:CC:66
            X509v3 Authority Key Identifier:
                keyid:63:A8:CA:16:66:20:6D:2C:F1:2B:50:78:72:EA:D0:F5:A7:93:D0:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:24:2e:fe:cb:2c:14:ad:eb:89:77:04:fe:11:8a:76:cf:be:
         b4:bf:ac:56:d9:ea:28:ad:5a:44:b1:8d:77:f5:9a:23:28:28:
         dc:b7:d0:fb:8f:d9:cc:a1:9c:af:9d:2a:38:a4:93:ed:42:25:
         06:91:ff:11:8b:59:30:bf:17:b7:5b:d3:5d:36:38:66:5b:e5:
         d5:09:c2:7a:52:b8:78:8a:1a:d9:9c:10:53:63:a1:57:3d:33:
         e3:7f:74:6b:62:9d:f2:18:04:27:c3:4e:5a:61:5b:da:73:5d:
         ad:c9:8d:79:29:05:e2:5f:16:67:43:bf:d4:e8:97:61:3c:eb:
         90:75:63:68:cd:3a:e8:6a:46:40:29:54:b9:bd:ff:42:5b:7e:
         dd:2e:5a:ce:4b:97:b6:e5:02:a7:41:74:8d:41:e7:2d:f8:d8:
         d5:03:7b:22:2a:b0:c4:84:62:9f:3c:72:cc:09:d5:30:49:aa:
         da:ad:2c:4b:f5:e6:6d:44:24:0c:8c:3c:27:47:04:fc:bc:0c:
         6f:5e:63:40:2f:c7:55:41:be:0b:03:26:2c:02:1c:51:42:86:
         da:ae:80:c1:81:1b:e2:74:a0:60:79:08:28:8b:1d:40:b4:8a:
         94:eb:35:cf:f8:5d:fa:a1:00:1c:a5:c9:c0:38:45:7e:41:bf:
         71:8b:f2:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIWEl3lxPmdKPO3N0UmJ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYThjYTE2NjYyMDZkMmNmMTJiNTA3ODcyZWFkMGY1YTc5
M2QwZTAwHhcNMjYwMzAxMTYwMDQwWhcNMjYwMzAyMTYwMDQwWjAzMTEwLwYDVQQD
Eyg5Zjk3MjA5NDhhYjQ4OGFkMWUyMGEzYTc1NDJkMGU5OWYxOTJjYzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Dv/eHGOCyUaCNx9HSpTy/FBWquA
7LpSMJDM66dN63sJKavpD2+O+gmIpkIDTBoyGZdhWPYLVAgXck8ojfY5J/K3m0m2
wVxwTXvGGgy/CspynkCTa29zgQyTFuD85vmzwJiy4dZgXIfEZ/xt2e1+EfN0DRsU
MgacrOYDwrL7Qxv+Lj4dzWTqgP9kk5Nxfr55CpafRAMRU9c8LiwmApgBe6U8MgLD
uJqrgr/NtUATCpBc1/Fz61oETlSJV7zN/+Lceoo0qFjw/+MgAv95EUk0RM59hWnk
G4+Jmth+cwQ/oeGmpbu0kZNyj2BjZdp+I+S+g1rVEeGkscR+YrRopn6quQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ+XIJSKtIitHiCjp1QtDpnxksxmMB8GA1UdIwQY
MBaAFGOoyhZmIG0s8StQeHLq0PWnk9DgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8wNDQ2YjEtZGYyZi00MjYxLWExYmEt
NzVhYjIxZjNiM2QwLzEvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8wNDQ2YjEtZGYyZi00MjYxLWExYmEtNzVhYjIxZjNiM2Qw
LzEvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiSQu/sss
FK3riXcE/hGKds++tL+sVtnqKK1aRLGNd/WaIygo3LfQ+4/ZzKGcr50qOKST7UIl
BpH/EYtZML8Xt1vTXTY4Zlvl1QnCelK4eIoa2ZwQU2OhVz0z4390a2Kd8hgEJ8NO
WmFb2nNdrcmNeSkF4l8WZ0O/1OiXYTzrkHVjaM066GpGQClUub3/Qlt+3S5azkuX
tuUCp0F0jUHnLfjY1QN7IiqwxIRinzxyzAnVMEmq2q0sS/XmbUQkDIw8J0cE/LwM
b15jQC/HVUG+CwMmLAIcUUKG2q6AwYEb4nSgYHkIKIsdQLSKlOs1z/hd+qEAHKXJ
wDhFfkG/cYvytA==
-----END CERTIFICATE-----