Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
File:                     yO91rieylt0KS84TZH2LWJv06cM.mft (raw, json)
Hash identifier:          9PIUFymOTaZHBFY40z3aZ1iz7dNnXFjnnjpEkowhiH0=
Subject key identifier:   B1:C3:71:4D:29:6E:78:5B:61:F0:DF:F3:03:94:F3:E8:BF:8C:A3:D6
Authority key identifier: C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3
Certificate issuer:       /CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
Certificate serial:       019CAD2243CBEC23F40D68882843737BBC50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
Manifest number:          13B4
Signing time:             Mon 02 Mar 2026 06:00:29 +0000
Manifest this update:     Mon 02 Mar 2026 06:00:29 +0000
Manifest next update:     Tue 03 Mar 2026 06:00:29 +0000
Files and hashes:         1: yO91rieylt0KS84TZH2LWJv06cM.crl (hash: jEFwwnew90i4kxVaA7PgqFIk+r1li8fHvHhsmXNrRoU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 06:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:22:43:cb:ec:23:f4:0d:68:88:28:43:73:7b:bc:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
        Validity
            Not Before: Mar  2 06:00:29 2026 GMT
            Not After : Mar  3 06:00:29 2026 GMT
        Subject: CN=b1c3714d296e785b61f0dff30394f3e8bf8ca3d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:13:8b:45:15:3c:af:00:96:2d:1a:f1:47:fa:
                    93:81:09:ab:f1:33:df:1e:af:94:f6:e2:86:b7:46:
                    7b:0f:5b:2a:ef:47:9f:9c:5c:ed:ec:30:89:e2:19:
                    73:cf:86:1c:76:cc:08:3a:4a:63:21:60:ee:49:ef:
                    ae:e9:33:74:85:6b:e3:0a:a3:b1:e7:3c:f9:f1:6d:
                    02:85:5a:9c:85:6b:df:d6:31:67:00:13:21:98:cc:
                    49:6a:14:56:17:ce:7e:4d:2a:af:de:b4:ee:59:4a:
                    03:d1:52:8c:8d:1b:eb:36:f5:74:7b:d1:27:b7:fd:
                    3e:d8:e8:0b:b1:af:ca:41:c5:dd:3e:11:db:7b:9d:
                    32:83:e3:48:b9:f5:55:6f:a4:7d:80:d8:f4:eb:5a:
                    37:d5:53:39:7d:1a:b9:ea:63:d1:c4:e6:58:3f:5f:
                    f4:63:b3:c1:a0:72:c5:42:0c:84:d9:8c:4a:9f:1b:
                    cd:64:bb:66:fa:c3:2a:c6:40:9f:7b:fa:41:a4:71:
                    3d:1c:04:d7:65:b6:a5:0c:6d:de:73:d9:a6:2b:b2:
                    ac:ea:67:3e:ee:49:61:98:61:84:bd:f5:11:f1:7d:
                    19:51:b6:d8:30:20:bd:7b:b2:07:35:03:a8:c0:a5:
                    36:0d:ea:2d:01:bc:04:37:2d:a3:b7:f8:59:95:ba:
                    d7:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:C3:71:4D:29:6E:78:5B:61:F0:DF:F3:03:94:F3:E8:BF:8C:A3:D6
            X509v3 Authority Key Identifier:
                keyid:C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:7a:aa:bb:1c:69:56:35:b2:09:5c:b5:d9:d5:57:2d:b0:fd:
         64:92:d7:96:b3:dd:c1:44:b3:15:e2:dd:ad:cc:d1:e5:4e:c2:
         0d:39:54:52:1d:64:ac:a8:aa:7e:8f:0f:6c:8d:12:9e:4c:c7:
         78:7c:3d:23:5d:f5:b6:c2:bc:b6:fa:63:a5:c1:2a:28:4a:8c:
         4f:05:50:b5:aa:c8:5f:71:7c:74:d2:f8:ba:74:ec:ff:08:67:
         60:1f:8d:02:09:b5:96:87:e0:e0:fe:1a:38:0d:42:62:ac:2e:
         88:52:dd:b6:05:33:76:10:cd:d3:b9:6d:6f:8c:a6:2a:4d:e4:
         f3:c4:c5:f9:4f:9e:ce:79:68:0a:ac:78:2a:7c:c1:17:bf:69:
         a2:d1:31:6a:1b:99:e9:f2:24:65:51:0a:dd:19:23:e1:80:38:
         d4:68:bc:6e:dd:0c:5f:e4:e2:f1:56:65:ba:32:9e:fa:0d:f3:
         22:94:af:c6:28:7b:93:58:25:73:b5:33:7a:22:9a:34:7a:9f:
         74:28:bb:cd:29:34:7a:dc:5b:4a:9c:83:0c:51:1d:27:c6:49:
         c4:9d:5f:b3:d5:a9:5a:4f:ed:a0:84:d9:2d:85:e9:1b:46:a0:
         d8:35:b2:4b:15:4d:b7:4e:fc:07:83:44:00:b3:8b:94:ee:0c:
         77:a6:7b:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytIkPL7CP0DWiIKENze7xQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZWY3NWFlMjdiMjk2ZGQwYTRiY2UxMzY0N2Q4YjU4OWJm
NGU5YzMwHhcNMjYwMzAyMDYwMDI5WhcNMjYwMzAzMDYwMDI5WjAzMTEwLwYDVQQD
EyhiMWMzNzE0ZDI5NmU3ODViNjFmMGRmZjMwMzk0ZjNlOGJmOGNhM2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnROLRRU8rwCWLRrxR/qTgQmr8TPf
Hq+U9uKGt0Z7D1sq70efnFzt7DCJ4hlzz4YcdswIOkpjIWDuSe+u6TN0hWvjCqOx
5zz58W0ChVqchWvf1jFnABMhmMxJahRWF85+TSqv3rTuWUoD0VKMjRvrNvV0e9En
t/0+2OgLsa/KQcXdPhHbe50yg+NIufVVb6R9gNj061o31VM5fRq56mPRxOZYP1/0
Y7PBoHLFQgyE2YxKnxvNZLtm+sMqxkCfe/pBpHE9HATXZbalDG3ec9mmK7Ks6mc+
7klhmGGEvfUR8X0ZUbbYMCC9e7IHNQOowKU2DeotAbwENy2jt/hZlbrXswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLHDcU0pbnhbYfDf8wOU8+i/jKPWMB8GA1UdIwQY
MBaAFMjvda4nspbdCkvOE2R9i1ib9OnDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYt
NzczNTFkMDg1MGM5LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYtNzczNTFkMDg1MGM5
LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW3qquxxp
VjWyCVy12dVXLbD9ZJLXlrPdwUSzFeLdrczR5U7CDTlUUh1krKiqfo8PbI0SnkzH
eHw9I131tsK8tvpjpcEqKEqMTwVQtarIX3F8dNL4unTs/whnYB+NAgm1lofg4P4a
OA1CYqwuiFLdtgUzdhDN07ltb4ymKk3k88TF+U+eznloCqx4KnzBF79potExahuZ
6fIkZVEK3Rkj4YA41Gi8bt0MX+Ti8VZlujKe+g3zIpSvxih7k1glc7UzeiKaNHqf
dCi7zSk0etxbSpyDDFEdJ8ZJxJ1fs9WpWk/toITZLYXpG0ag2DWySxVNt078B4NE
ALOLlO4Md6Z7ew==
-----END CERTIFICATE-----