Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
File:                     YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft (raw, json)
Hash identifier:          O5fu13jGX0SKi01whgATDO6oKn+Dfrx+K0x7apDLA/U=
Subject key identifier:   4C:5E:F9:57:AA:42:9D:65:8D:E8:19:95:71:28:51:E4:F1:13:1B:51
Authority key identifier: 60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30
Certificate issuer:       /CN=6062b21fb6655b897923e29d6fcb644ab10ac530
Certificate serial:       019CAC470A2A32E3EDA54F48BF7234B29CFA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
Manifest number:          1843
Signing time:             Mon 02 Mar 2026 02:01:02 +0000
Manifest this update:     Mon 02 Mar 2026 02:01:02 +0000
Manifest next update:     Tue 03 Mar 2026 02:01:02 +0000
Files and hashes:         1: YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl (hash: Jbvc2PwBNEOwAJDdgS71ZmZldCzdEcGMeory2MlxpPs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:47:0a:2a:32:e3:ed:a5:4f:48:bf:72:34:b2:9c:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6062b21fb6655b897923e29d6fcb644ab10ac530
        Validity
            Not Before: Mar  2 02:01:02 2026 GMT
            Not After : Mar  3 02:01:02 2026 GMT
        Subject: CN=4c5ef957aa429d658de81995712851e4f1131b51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:0b:dc:cf:dd:b2:8a:cb:f9:70:40:f2:88:20:
                    47:48:40:04:d1:fb:be:9f:94:b5:03:13:16:01:cf:
                    08:e5:8b:0b:7c:bc:a3:7a:9a:b4:c2:4c:4f:85:26:
                    6c:f4:62:ed:20:71:bb:b7:8d:e8:f6:5e:5a:db:7b:
                    78:d2:50:ca:8a:9c:a9:0c:e2:fc:f5:54:5d:60:0d:
                    ec:8f:9a:d1:49:d8:89:f4:f4:1f:9e:ac:48:df:07:
                    1f:89:c6:f1:71:89:df:59:27:1a:d8:5f:00:cb:16:
                    23:20:e3:4c:fe:cb:6f:9e:e0:be:33:ac:d9:df:46:
                    93:6b:55:fd:c4:0f:87:19:69:43:99:30:83:99:7f:
                    9d:02:e2:f2:ef:de:1f:85:e4:b4:ff:ab:8e:e6:c2:
                    78:ee:20:af:c0:a2:06:ba:59:58:ae:4d:e4:14:12:
                    f4:24:9c:23:bd:ac:43:97:e5:f5:c1:a4:bd:19:de:
                    d1:52:2f:e8:4a:9e:c5:a0:ed:b4:6d:71:c8:fb:c4:
                    ba:1d:75:0a:a6:b0:07:ba:91:1f:4e:ac:a1:c8:cc:
                    43:eb:ea:bf:69:9b:f1:22:fe:6b:fd:61:24:96:ed:
                    67:5a:dd:cc:e8:72:50:c3:13:8f:24:37:93:86:69:
                    12:d8:22:d4:9f:72:9e:03:2b:f9:e5:e3:a5:06:d2:
                    f1:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:5E:F9:57:AA:42:9D:65:8D:E8:19:95:71:28:51:E4:F1:13:1B:51
            X509v3 Authority Key Identifier:
                keyid:60:62:B2:1F:B6:65:5B:89:79:23:E2:9D:6F:CB:64:4A:B1:0A:C5:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/05b974-fb18-40af-afa6-b520beda6626/1/YGKyH7ZlW4l5I-Kdb8tkSrEKxTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:45:e8:de:54:4a:ba:ef:2a:9e:17:07:f5:2b:d7:91:ff:75:
         2b:7c:7c:bc:69:a8:fd:81:57:96:a2:b2:21:0a:7d:84:f2:39:
         b8:2f:d8:2a:cd:51:cd:24:81:29:69:9f:05:64:95:98:87:c2:
         4a:d7:75:67:2a:c4:13:67:8f:6b:ea:cc:23:df:10:d4:1e:55:
         6d:35:e2:33:8b:f0:4e:3e:73:47:79:9c:e8:8e:5d:3e:cd:0e:
         af:e8:88:31:85:a0:46:da:af:5e:cd:b9:39:96:ec:d6:f5:21:
         23:b7:a1:76:b8:86:ba:ee:1a:d5:70:7b:12:b1:3b:6f:ae:f6:
         4e:cc:2f:cd:45:14:cc:53:c4:61:36:7c:47:fa:f4:99:12:d5:
         d3:93:fe:de:cd:13:70:0c:25:09:ba:2a:38:0b:dc:53:ea:34:
         88:d2:d0:6e:56:97:da:d3:10:b9:d8:7b:44:85:06:92:7e:4a:
         64:90:68:53:3a:f1:35:bf:6e:57:aa:cc:fe:66:59:59:71:fc:
         eb:25:ef:f4:05:e7:33:3d:d6:09:e1:63:4c:be:34:2d:b2:22:
         6f:b0:b7:2b:f3:74:a6:7c:2f:0d:0a:3f:29:31:34:08:41:b2:
         5c:9e:c5:bf:59:aa:f3:3d:b4:dd:51:b2:9f:a1:22:83:0c:b7:
         77:c7:c7:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRwoqMuPtpU9Iv3I0spz6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjJiMjFmYjY2NTViODk3OTIzZTI5ZDZmY2I2NDRhYjEw
YWM1MzAwHhcNMjYwMzAyMDIwMTAyWhcNMjYwMzAzMDIwMTAyWjAzMTEwLwYDVQQD
Eyg0YzVlZjk1N2FhNDI5ZDY1OGRlODE5OTU3MTI4NTFlNGYxMTMxYjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgvcz92yisv5cEDyiCBHSEAE0fu+
n5S1AxMWAc8I5YsLfLyjepq0wkxPhSZs9GLtIHG7t43o9l5a23t40lDKipypDOL8
9VRdYA3sj5rRSdiJ9PQfnqxI3wcficbxcYnfWSca2F8AyxYjIONM/stvnuC+M6zZ
30aTa1X9xA+HGWlDmTCDmX+dAuLy794fheS0/6uO5sJ47iCvwKIGullYrk3kFBL0
JJwjvaxDl+X1waS9Gd7RUi/oSp7FoO20bXHI+8S6HXUKprAHupEfTqyhyMxD6+q/
aZvxIv5r/WEklu1nWt3M6HJQwxOPJDeThmkS2CLUn3KeAyv55eOlBtLx7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFExe+VeqQp1ljegZlXEoUeTxExtRMB8GA1UdIwQY
MBaAFGBish+2ZVuJeSPinW/LZEqxCsUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYt
YjUyMGJlZGE2NjI2LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wNWI5NzQtZmIxOC00MGFmLWFmYTYtYjUyMGJlZGE2NjI2
LzEvWUdLeUg3WmxXNGw1SS1LZGI4dGtTckVLeFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbkXo3lRK
uu8qnhcH9SvXkf91K3x8vGmo/YFXlqKyIQp9hPI5uC/YKs1RzSSBKWmfBWSVmIfC
Std1ZyrEE2ePa+rMI98Q1B5VbTXiM4vwTj5zR3mc6I5dPs0Or+iIMYWgRtqvXs25
OZbs1vUhI7ehdriGuu4a1XB7ErE7b672TswvzUUUzFPEYTZ8R/r0mRLV05P+3s0T
cAwlCboqOAvcU+o0iNLQblaX2tMQudh7RIUGkn5KZJBoUzrxNb9uV6rM/mZZWXH8
6yXv9AXnMz3WCeFjTL40LbIib7C3K/N0pnwvDQo/KTE0CEGyXJ7Fv1mq8z203VGy
n6Eigwy3d8fHug==
-----END CERTIFICATE-----