Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
File:                     YcGgEMsk-ZbneJixJHJbVbY0OOA.mft (raw, json)
Hash identifier:          kBi1MkFhL58yIjapGZQao2tPinPSD/bYPJXdVZleUXM=
Subject key identifier:   4E:70:22:EC:DF:65:EB:3F:5B:E0:58:D6:86:AF:EC:65:2F:2A:2E:C2
Authority key identifier: 61:C1:A0:10:CB:24:F9:96:E7:78:98:B1:24:72:5B:55:B6:34:38:E0
Certificate issuer:       /CN=61c1a010cb24f996e77898b124725b55b63438e0
Certificate serial:       019CAB6BA4EB8B4396D5A6E3B42BA4C7198F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
Manifest number:          1842
Signing time:             Sun 01 Mar 2026 22:01:24 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:24 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:24 +0000
Files and hashes:         1: YcGgEMsk-ZbneJixJHJbVbY0OOA.crl (hash: r0+ezUpXwEauQFCyp2ymxCkAdQtZci6dB61o8ptQ8vs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:a4:eb:8b:43:96:d5:a6:e3:b4:2b:a4:c7:19:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61c1a010cb24f996e77898b124725b55b63438e0
        Validity
            Not Before: Mar  1 22:01:24 2026 GMT
            Not After : Mar  2 22:01:24 2026 GMT
        Subject: CN=4e7022ecdf65eb3f5be058d686afec652f2a2ec2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:de:94:33:df:d0:84:1a:d5:94:20:2d:1b:3f:
                    29:22:f8:d0:8c:36:15:4a:58:5e:30:eb:88:f2:40:
                    cd:a1:32:72:52:c7:9d:38:1f:9c:13:11:eb:49:57:
                    9d:47:1a:26:f6:97:a0:5f:4b:93:07:e6:7e:9d:4d:
                    e6:c4:88:bf:80:09:eb:7e:7e:bd:6e:4c:8c:1f:0a:
                    f3:bd:73:fa:38:6f:15:03:21:ca:c3:c7:b0:38:c9:
                    22:1d:8a:0f:42:59:4e:ec:0e:8e:cd:f2:2b:6e:43:
                    ab:2c:ba:40:01:79:a7:cc:a6:0e:23:43:55:3c:09:
                    a2:95:52:53:c4:ad:a7:f2:55:7a:a8:8b:5e:f2:6e:
                    c2:06:fd:a3:db:6a:55:8a:14:b5:60:3d:51:65:8c:
                    a1:bc:92:81:2f:16:70:42:79:a2:30:72:7b:2b:f6:
                    3d:7c:0b:28:ee:c7:47:70:04:ca:51:10:ae:24:29:
                    c2:b7:08:92:77:dc:14:a3:7c:2b:69:5a:fb:8f:7a:
                    4d:d3:87:77:bf:66:c6:77:8d:a5:1a:32:f5:73:93:
                    8c:1b:b8:b9:bf:8b:81:b7:ce:76:31:10:13:8c:2c:
                    f9:be:cd:20:82:9b:6e:56:7c:24:4f:10:6c:97:c9:
                    f2:fa:e6:2e:ee:27:66:8e:48:8f:64:3b:24:c3:5f:
                    f1:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:70:22:EC:DF:65:EB:3F:5B:E0:58:D6:86:AF:EC:65:2F:2A:2E:C2
            X509v3 Authority Key Identifier:
                keyid:61:C1:A0:10:CB:24:F9:96:E7:78:98:B1:24:72:5B:55:B6:34:38:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d1:cc:e6:35:7f:2b:1c:50:91:7f:2b:b6:a6:59:6a:25:56:7b:
         26:c9:29:c6:9c:39:c9:65:32:76:c1:ed:4a:79:6d:b5:74:3a:
         66:3b:8e:df:7e:b4:08:8b:d2:ec:b1:66:b2:2f:ca:7e:fd:46:
         86:71:48:21:4f:1e:69:1c:ca:ba:13:4f:6c:dd:59:ae:8c:92:
         cd:d1:fb:2f:7c:e2:58:79:b3:0d:49:61:66:43:44:3e:b2:a6:
         f8:bb:60:26:7e:88:32:44:85:43:6b:d2:a3:a5:7b:95:b9:44:
         f4:04:04:1b:ca:be:4b:f7:a0:c1:5e:84:78:6e:98:0f:b1:fe:
         0e:0e:6a:18:6b:33:f0:7d:88:3c:4d:8a:e0:06:f8:0f:76:f7:
         5c:f7:66:9a:3f:89:7c:dd:4b:b2:22:d9:7f:5e:07:da:02:1a:
         ac:61:14:79:1b:83:a4:32:e3:3b:53:b6:f4:e6:4e:f1:b7:0d:
         b7:1a:0a:ea:b2:9f:d6:6c:e4:51:1e:82:80:21:3f:46:de:f9:
         22:e4:9a:2d:d5:67:eb:b3:74:d2:79:a4:a5:ab:51:c5:2b:c4:
         49:4c:eb:4f:53:ff:cb:4d:cc:34:1f:9a:9f:dd:4c:af:df:08:
         d6:13:75:85:0c:17:c7:46:c6:98:b5:a2:a5:77:8a:05:9e:f3:
         64:93:aa:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra6Tri0OW1abjtCukxxmPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzFhMDEwY2IyNGY5OTZlNzc4OThiMTI0NzI1YjU1YjYz
NDM4ZTAwHhcNMjYwMzAxMjIwMTI0WhcNMjYwMzAyMjIwMTI0WjAzMTEwLwYDVQQD
Eyg0ZTcwMjJlY2RmNjVlYjNmNWJlMDU4ZDY4NmFmZWM2NTJmMmEyZWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA896UM9/QhBrVlCAtGz8pIvjQjDYV
SlheMOuI8kDNoTJyUsedOB+cExHrSVedRxom9pegX0uTB+Z+nU3mxIi/gAnrfn69
bkyMHwrzvXP6OG8VAyHKw8ewOMkiHYoPQllO7A6OzfIrbkOrLLpAAXmnzKYOI0NV
PAmilVJTxK2n8lV6qIte8m7CBv2j22pVihS1YD1RZYyhvJKBLxZwQnmiMHJ7K/Y9
fAso7sdHcATKURCuJCnCtwiSd9wUo3wraVr7j3pN04d3v2bGd42lGjL1c5OMG7i5
v4uBt852MRATjCz5vs0ggptuVnwkTxBsl8ny+uYu7idmjkiPZDskw1/xEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE5wIuzfZes/W+BY1oav7GUvKi7CMB8GA1UdIwQY
MBaAFGHBoBDLJPmW53iYsSRyW1W2NDjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8zM2MxYzAtNGNiOC00NGI5LWEzZTkt
ZTllOTkzN2I4ZGNlLzEvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8zM2MxYzAtNGNiOC00NGI5LWEzZTktZTllOTkzN2I4ZGNl
LzEvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0czmNX8r
HFCRfyu2pllqJVZ7Jskpxpw5yWUydsHtSnlttXQ6ZjuO3360CIvS7LFmsi/Kfv1G
hnFIIU8eaRzKuhNPbN1ZroySzdH7L3ziWHmzDUlhZkNEPrKm+LtgJn6IMkSFQ2vS
o6V7lblE9AQEG8q+S/egwV6EeG6YD7H+Dg5qGGsz8H2IPE2K4Ab4D3b3XPdmmj+J
fN1LsiLZf14H2gIarGEUeRuDpDLjO1O29OZO8bcNtxoK6rKf1mzkUR6CgCE/Rt75
IuSaLdVn67N00nmkpatRxSvESUzrT1P/y03MNB+an91Mr98I1hN1hQwXx0bGmLWi
pXeKBZ7zZJOqHg==
-----END CERTIFICATE-----