Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft
File:                     yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft (raw, json)
Hash identifier:          dYBBSddyINt4Z3XMGhX4A2P/8AIUBA9quk7tjTxlKt4=
Subject key identifier:   23:ED:44:81:0F:6A:C9:19:6B:28:E9:45:2C:54:3A:F7:CE:62:E7:D7
Authority key identifier: C8:DA:89:FB:15:2D:43:C6:3E:3D:A2:FD:6A:0B:0D:FB:22:A0:65:81
Certificate issuer:       /CN=c8da89fb152d43c63e3da2fd6a0b0dfb22a06581
Certificate serial:       019CAA590C77FF1013C5DDD2CAF38E8E54E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft
Manifest number:          1013
Signing time:             Sun 01 Mar 2026 17:01:28 +0000
Manifest this update:     Sun 01 Mar 2026 17:01:28 +0000
Manifest next update:     Mon 02 Mar 2026 17:01:28 +0000
Files and hashes:         1: yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.crl (hash: 9c4Agyy6JwgiPMUf+ney7w3mQ0usHbNT9CbedUJDocE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 17:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:59:0c:77:ff:10:13:c5:dd:d2:ca:f3:8e:8e:54:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8da89fb152d43c63e3da2fd6a0b0dfb22a06581
        Validity
            Not Before: Mar  1 17:01:28 2026 GMT
            Not After : Mar  2 17:01:28 2026 GMT
        Subject: CN=23ed44810f6ac9196b28e9452c543af7ce62e7d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:80:bf:08:e3:c2:b5:7c:9b:62:c7:3b:25:34:
                    2d:95:e0:05:6a:6b:df:ce:f6:9a:5f:d7:24:9f:1e:
                    5f:a6:d5:c2:0b:db:9c:0f:7e:2b:45:58:96:b9:81:
                    f9:aa:d0:bb:0f:d0:db:93:3a:46:a2:41:de:77:a8:
                    9a:f6:89:9a:37:79:4a:34:4f:cf:8a:f2:24:44:7f:
                    c0:87:10:d7:7e:f9:18:76:ca:4a:47:6c:74:16:b5:
                    3c:69:c0:23:42:c2:40:6b:34:d5:18:ba:25:bb:c3:
                    3f:a1:7a:1a:2e:6c:b2:2a:fb:04:fc:fc:62:25:bd:
                    ae:de:8b:d6:27:c1:0f:16:3c:c5:ea:02:54:da:c1:
                    4c:41:de:f8:24:f6:76:f9:65:24:5c:2f:7f:a2:1f:
                    12:af:f2:eb:20:66:3d:34:68:ff:35:f4:34:df:b5:
                    73:22:04:26:1f:55:0e:4e:88:e5:d0:13:5c:c9:f8:
                    ea:ba:bc:bb:81:86:da:63:0c:bd:e2:39:56:f1:26:
                    74:df:02:9a:55:6b:11:c9:fe:fe:e7:f6:82:16:71:
                    e8:f2:67:9b:c8:1b:7e:28:82:7b:27:c5:31:34:67:
                    1f:1d:46:e1:69:75:83:5e:49:da:cc:f3:a9:bd:39:
                    75:07:c0:7e:dd:2c:ae:78:f4:45:62:97:20:b8:7e:
                    a6:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:ED:44:81:0F:6A:C9:19:6B:28:E9:45:2C:54:3A:F7:CE:62:E7:D7
            X509v3 Authority Key Identifier:
                keyid:C8:DA:89:FB:15:2D:43:C6:3E:3D:A2:FD:6A:0B:0D:FB:22:A0:65:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b55005-005d-4a64-be1a-dd2b061bd4f2/1/yNqJ-xUtQ8Y-PaL9agsN-yKgZYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:35:bb:1a:02:eb:39:15:39:5b:75:98:3f:a9:12:ca:c5:22:
         63:7b:f6:fd:57:65:8a:f5:57:2b:c1:4a:02:41:60:46:a2:35:
         4c:c3:d6:83:cc:a9:77:9f:17:e9:23:6b:25:5e:5c:37:76:01:
         ec:98:98:b9:4c:b4:40:e0:b3:39:23:5c:73:44:56:b7:7d:67:
         ad:e0:92:69:f0:9c:92:36:32:a0:35:a5:75:49:41:a6:ec:af:
         ff:79:83:bd:30:cb:1f:74:fd:37:c1:03:28:df:80:82:25:f6:
         9a:11:51:46:bc:6f:b2:ee:39:54:8c:05:8d:4e:78:3f:8d:d3:
         4f:16:1c:23:8a:8a:3a:93:b3:bd:91:80:96:8f:3b:9a:c3:f6:
         f5:d7:cb:c5:ab:4f:0e:94:13:25:c6:f4:ea:b0:18:50:13:f7:
         4a:1c:df:72:d4:5d:8f:b0:99:46:92:14:5b:99:e4:26:9d:ef:
         26:c1:c6:80:a4:4a:5f:d4:0c:4e:57:e8:3a:be:ff:06:9d:11:
         3a:31:d3:f9:c2:54:a7:87:29:f8:3d:0a:4e:9c:d8:96:d9:45:
         73:55:a9:68:e9:7a:fc:e8:82:c9:dc:9a:c7:4b:43:53:aa:71:
         ff:9b:60:94:63:db:89:ad:c2:15:28:1f:40:65:77:74:f0:77:
         1c:82:7f:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWQx3/xATxd3SyvOOjlTkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZGE4OWZiMTUyZDQzYzYzZTNkYTJmZDZhMGIwZGZiMjJh
MDY1ODEwHhcNMjYwMzAxMTcwMTI4WhcNMjYwMzAyMTcwMTI4WjAzMTEwLwYDVQQD
EygyM2VkNDQ4MTBmNmFjOTE5NmIyOGU5NDUyYzU0M2FmN2NlNjJlN2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYC/COPCtXybYsc7JTQtleAFamvf
zvaaX9cknx5fptXCC9ucD34rRViWuYH5qtC7D9DbkzpGokHed6ia9omaN3lKNE/P
ivIkRH/AhxDXfvkYdspKR2x0FrU8acAjQsJAazTVGLolu8M/oXoaLmyyKvsE/Pxi
Jb2u3ovWJ8EPFjzF6gJU2sFMQd74JPZ2+WUkXC9/oh8Sr/LrIGY9NGj/NfQ037Vz
IgQmH1UOTojl0BNcyfjqury7gYbaYwy94jlW8SZ03wKaVWsRyf7+5/aCFnHo8meb
yBt+KIJ7J8UxNGcfHUbhaXWDXknazPOpvTl1B8B+3SyuePRFYpcguH6mJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCPtRIEPaskZayjpRSxUOvfOYufXMB8GA1UdIwQY
MBaAFMjaifsVLUPGPj2i/WoLDfsioGWBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5xSi14VXRROFktUGFMOWFnc04teUtnWllFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iNTUwMDUtMDA1ZC00YTY0LWJlMWEt
ZGQyYjA2MWJkNGYyLzEveU5xSi14VXRROFktUGFMOWFnc04teUtnWllFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iNTUwMDUtMDA1ZC00YTY0LWJlMWEtZGQyYjA2MWJkNGYy
LzEveU5xSi14VXRROFktUGFMOWFnc04teUtnWllFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALzW7GgLr
ORU5W3WYP6kSysUiY3v2/VdlivVXK8FKAkFgRqI1TMPWg8ypd58X6SNrJV5cN3YB
7JiYuUy0QOCzOSNcc0RWt31nreCSafCckjYyoDWldUlBpuyv/3mDvTDLH3T9N8ED
KN+AgiX2mhFRRrxvsu45VIwFjU54P43TTxYcI4qKOpOzvZGAlo87msP29dfLxatP
DpQTJcb06rAYUBP3ShzfctRdj7CZRpIUW5nkJp3vJsHGgKRKX9QMTlfoOr7/Bp0R
OjHT+cJUp4cp+D0KTpzYltlFc1WpaOl6/OiCydyax0tDU6px/5tglGPbia3CFSgf
QGV3dPB3HIJ/2Q==
-----END CERTIFICATE-----