Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
File:                     y_nNJDztaTe2vqVxAoFP-bpCZiE.mft (raw, json)
Hash identifier:          nsGj9MdWTYgdwwqTaPfV9Fzs6qBoSyJTuGYUtIgGVYY=
Subject key identifier:   0B:6B:63:69:8E:03:CE:70:68:FF:97:97:01:F6:9D:AC:BC:5E:9A:EE
Authority key identifier: CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21
Certificate issuer:       /CN=cbf9cd243ced6937b6bea57102814ff9ba426621
Certificate serial:       019CABDA09BAC21A371EE8FFDE43A67DDD0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
Manifest number:          1843
Signing time:             Mon 02 Mar 2026 00:01:59 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:59 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:59 +0000
Files and hashes:         1: y_nNJDztaTe2vqVxAoFP-bpCZiE.crl (hash: xe25e9/9OR6OJrth8RynyQjpw1zdSzM06bDOcBxU1z8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:da:09:ba:c2:1a:37:1e:e8:ff:de:43:a6:7d:dd:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbf9cd243ced6937b6bea57102814ff9ba426621
        Validity
            Not Before: Mar  2 00:01:59 2026 GMT
            Not After : Mar  3 00:01:59 2026 GMT
        Subject: CN=0b6b63698e03ce7068ff979701f69dacbc5e9aee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:d4:1c:96:89:6d:0d:4f:86:cf:d3:99:a9:92:
                    99:91:ac:b5:3f:b1:6d:56:7f:80:3d:0d:76:74:9c:
                    07:12:d6:42:6c:91:39:dc:0c:e2:9f:21:e6:ab:d3:
                    b8:a6:9b:b3:e6:4e:83:3f:7f:b2:e6:f9:bb:46:f5:
                    fb:ac:15:5d:e3:3d:25:74:78:ed:43:86:83:12:cc:
                    c3:af:93:1b:71:d6:a0:a2:34:b2:42:b9:a4:69:ba:
                    ae:d7:3c:6a:85:e3:b3:7c:a1:3b:b1:5a:2a:07:42:
                    15:14:bb:2a:d8:76:3d:49:e3:0a:a6:f9:6f:95:b6:
                    88:6a:f7:85:0e:5e:ed:ba:7c:93:13:49:e4:a2:cc:
                    22:34:cd:81:32:74:56:67:bd:e2:5c:19:c6:bf:02:
                    1d:96:94:d6:7f:a8:9d:b4:44:ca:4f:78:ac:ed:82:
                    38:46:45:f4:44:38:af:de:4c:1f:3a:19:87:d8:0f:
                    77:fa:72:9e:8d:f7:f4:da:ec:5a:47:c0:9d:0c:ca:
                    ef:7f:9e:8d:ec:d3:8c:61:32:5c:71:45:23:2d:a1:
                    a6:47:34:fe:7a:ac:43:5b:62:3a:bc:4d:ca:7f:f3:
                    8b:a6:f0:f7:00:22:e7:c2:2c:65:12:10:6d:42:21:
                    90:7d:fb:35:ef:11:96:64:bb:ad:fb:44:cf:a4:0b:
                    49:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:6B:63:69:8E:03:CE:70:68:FF:97:97:01:F6:9D:AC:BC:5E:9A:EE
            X509v3 Authority Key Identifier:
                keyid:CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:dc:03:0b:8e:c5:8e:4e:d8:36:36:5a:aa:c4:65:5b:7f:30:
         e7:ff:02:32:0e:b2:2d:d6:26:16:f5:b7:2e:2f:ac:3e:03:80:
         a2:c7:e5:45:c3:d9:53:2c:b9:27:69:97:eb:83:ab:3e:62:ff:
         05:cc:ff:90:e2:74:f6:5a:51:48:a7:92:85:b8:ca:5f:a0:88:
         51:2a:20:fe:e7:af:51:1c:87:4c:56:2d:eb:5f:14:c7:38:93:
         10:bc:99:1a:6b:02:14:90:ef:6c:03:e6:91:1b:6e:70:aa:d7:
         01:58:71:51:67:d7:44:50:29:65:35:dd:a3:15:43:73:0a:e5:
         31:06:03:35:6a:1c:47:ce:9f:a4:d4:bd:de:a9:82:16:c8:c5:
         b5:48:9f:09:9b:85:d3:0b:e8:45:ef:eb:2e:80:58:5d:9a:e9:
         c8:e7:ca:11:d7:df:cd:88:cc:ea:1d:5d:ae:2c:3f:aa:0f:27:
         e2:7b:7e:12:a5:7c:f7:29:12:a9:84:9e:c3:7b:51:0b:dd:b5:
         73:23:dc:a9:3c:f0:3f:30:9e:4f:e1:ad:b8:e3:6f:f5:dc:0e:
         79:6c:57:a7:af:49:a2:1f:61:12:58:c9:54:5a:ae:c9:a8:d2:
         5c:74:57:77:d5:8f:c3:98:3c:a7:98:7e:a5:f1:c0:9a:62:b8:
         f9:cf:1c:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2gm6who3Huj/3kOmfd0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZjljZDI0M2NlZDY5MzdiNmJlYTU3MTAyODE0ZmY5YmE0
MjY2MjEwHhcNMjYwMzAyMDAwMTU5WhcNMjYwMzAzMDAwMTU5WjAzMTEwLwYDVQQD
EygwYjZiNjM2OThlMDNjZTcwNjhmZjk3OTcwMWY2OWRhY2JjNWU5YWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9QcloltDU+Gz9OZqZKZkay1P7Ft
Vn+APQ12dJwHEtZCbJE53AzinyHmq9O4ppuz5k6DP3+y5vm7RvX7rBVd4z0ldHjt
Q4aDEszDr5MbcdagojSyQrmkabqu1zxqheOzfKE7sVoqB0IVFLsq2HY9SeMKpvlv
lbaIaveFDl7tunyTE0nkoswiNM2BMnRWZ73iXBnGvwIdlpTWf6idtETKT3is7YI4
RkX0RDiv3kwfOhmH2A93+nKejff02uxaR8CdDMrvf56N7NOMYTJccUUjLaGmRzT+
eqxDW2I6vE3Kf/OLpvD3ACLnwixlEhBtQiGQffs17xGWZLut+0TPpAtJIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAtrY2mOA85waP+XlwH2nay8XpruMB8GA1UdIwQY
MBaAFMv5zSQ87Wk3tr6lcQKBT/m6QmYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQt
MWMxMzI1MGE2YTNjLzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQtMWMxMzI1MGE2YTNj
LzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbtwDC47F
jk7YNjZaqsRlW38w5/8CMg6yLdYmFvW3Li+sPgOAosflRcPZUyy5J2mX64OrPmL/
Bcz/kOJ09lpRSKeShbjKX6CIUSog/uevURyHTFYt618UxziTELyZGmsCFJDvbAPm
kRtucKrXAVhxUWfXRFApZTXdoxVDcwrlMQYDNWocR86fpNS93qmCFsjFtUifCZuF
0wvoRe/rLoBYXZrpyOfKEdffzYjM6h1driw/qg8n4nt+EqV89ykSqYSew3tRC921
cyPcqTzwPzCeT+GtuONv9dwOeWxXp69Joh9hEljJVFquyajSXHRXd9WPw5g8p5h+
pfHAmmK4+c8cpg==
-----END CERTIFICATE-----