Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
File:                     y3yVUPThoer5UHL7G5q7JpVNJj0.mft (raw, json)
Hash identifier:          Z2WJmP6a/Ka6KO0VXdnCOAes/f0kFPYRVBoAYuyYuhk=
Subject key identifier:   C5:BF:57:74:2D:76:7B:41:33:89:19:D7:02:24:26:84:EA:07:8C:9B
Authority key identifier: CB:7C:95:50:F4:E1:A1:EA:F9:50:72:FB:1B:9A:BB:26:95:4D:26:3D
Certificate issuer:       /CN=cb7c9550f4e1a1eaf95072fb1b9abb26954d263d
Certificate serial:       019CAE354D764188791DB781A2086D67770D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
Manifest number:          0EEF
Signing time:             Mon 02 Mar 2026 11:00:54 +0000
Manifest this update:     Mon 02 Mar 2026 11:00:54 +0000
Manifest next update:     Tue 03 Mar 2026 11:00:54 +0000
Files and hashes:         1: y3yVUPThoer5UHL7G5q7JpVNJj0.crl (hash: lVymcpDL0m0neY0G5MTMus47U5fHuZzMiBpMgE9VZ3s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ae:35:4d:76:41:88:79:1d:b7:81:a2:08:6d:67:77:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb7c9550f4e1a1eaf95072fb1b9abb26954d263d
        Validity
            Not Before: Mar  2 11:00:54 2026 GMT
            Not After : Mar  3 11:00:54 2026 GMT
        Subject: CN=c5bf57742d767b41338919d702242684ea078c9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:ea:86:5d:cd:14:a2:d5:59:6a:c6:bc:5f:47:
                    7b:84:52:1b:f9:b7:81:1d:80:d3:9a:0c:1e:bb:f6:
                    ad:8f:2e:5d:f0:e3:0e:84:42:79:c8:de:3f:b9:b8:
                    00:3d:d2:f9:02:27:b5:20:e0:55:15:f2:c8:09:cd:
                    46:36:87:79:0f:ff:44:28:7b:ca:93:c9:af:e3:ae:
                    5f:f5:8b:f5:f9:e6:83:f4:b3:08:47:ed:e1:80:be:
                    83:65:78:4e:92:16:98:57:9d:cb:0e:a1:18:9b:d0:
                    eb:a7:e5:90:52:15:a9:5e:b9:57:2a:22:5d:a1:7f:
                    4f:e6:76:6e:2b:38:1b:5d:76:eb:56:21:1e:d7:47:
                    34:1b:0c:73:4b:f6:98:e2:80:71:49:3f:16:e6:b0:
                    77:35:93:06:4a:29:05:9c:f4:fa:6e:ca:97:be:79:
                    55:b9:1b:ff:ef:41:34:6d:b4:81:a9:d3:bf:32:79:
                    37:8c:f5:04:5f:e0:e9:cb:00:6f:03:9a:60:af:02:
                    f2:77:9c:38:39:e2:f0:7e:dc:2e:ee:f6:03:3e:24:
                    9c:cc:0c:f8:a2:54:d0:8f:3d:8a:47:ab:2c:ef:de:
                    e8:d0:8b:bc:29:a2:2b:38:e6:32:40:ab:b8:12:4f:
                    57:0b:6b:45:71:9a:d1:45:91:69:3e:cd:e9:8b:e2:
                    51:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:BF:57:74:2D:76:7B:41:33:89:19:D7:02:24:26:84:EA:07:8C:9B
            X509v3 Authority Key Identifier:
                keyid:CB:7C:95:50:F4:E1:A1:EA:F9:50:72:FB:1B:9A:BB:26:95:4D:26:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y3yVUPThoer5UHL7G5q7JpVNJj0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/689b19-4958-4423-85a9-9626f9f6cda2/1/y3yVUPThoer5UHL7G5q7JpVNJj0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:92:ff:b4:7c:6c:32:7e:c5:05:bf:25:c0:6c:52:8a:5d:3a:
         f6:ee:c9:e3:3c:f8:20:c9:bd:c5:79:88:64:1b:e3:5a:5b:29:
         e3:bf:f1:dd:86:a4:49:a7:6d:79:6f:89:23:b4:04:2b:e0:48:
         1e:91:53:b8:1a:e1:52:8a:5b:38:38:44:5f:3b:1a:22:57:18:
         eb:43:b0:f5:4d:7d:71:cb:25:eb:3a:01:35:e2:5d:6c:d7:10:
         8a:0f:4c:e9:7e:d4:5e:50:94:0e:37:3b:e3:aa:68:81:52:ae:
         72:80:61:27:60:8d:db:c0:cb:72:58:78:9b:37:c8:bc:30:ea:
         ba:15:49:44:8c:ef:a2:32:46:dd:61:fe:97:aa:85:c2:7c:9e:
         3c:fc:20:d8:a8:74:20:d0:0c:8a:c0:6a:44:37:9b:32:6b:35:
         d6:2f:41:68:1e:13:ba:9b:3e:49:46:47:31:f4:c8:e9:cc:7e:
         2c:f0:4b:38:df:12:fa:0f:a2:c9:3d:9a:6d:f5:ce:cf:59:27:
         a1:ae:2a:13:a0:43:fc:d9:2b:61:e1:43:c1:09:ac:5e:f4:47:
         94:67:e3:8d:d9:6b:e5:fb:e0:df:9f:8f:99:b0:d9:d0:7a:9f:
         9b:7c:3c:e9:5e:d0:49:fd:fe:f7:e4:ab:69:af:6c:b3:91:f5:
         22:b1:1e:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuNU12QYh5HbeBoghtZ3cNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiN2M5NTUwZjRlMWExZWFmOTUwNzJmYjFiOWFiYjI2OTU0
ZDI2M2QwHhcNMjYwMzAyMTEwMDU0WhcNMjYwMzAzMTEwMDU0WjAzMTEwLwYDVQQD
EyhjNWJmNTc3NDJkNzY3YjQxMzM4OTE5ZDcwMjI0MjY4NGVhMDc4YzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+qGXc0UotVZasa8X0d7hFIb+beB
HYDTmgweu/atjy5d8OMOhEJ5yN4/ubgAPdL5Aie1IOBVFfLICc1GNod5D/9EKHvK
k8mv465f9Yv1+eaD9LMIR+3hgL6DZXhOkhaYV53LDqEYm9Drp+WQUhWpXrlXKiJd
oX9P5nZuKzgbXXbrViEe10c0GwxzS/aY4oBxST8W5rB3NZMGSikFnPT6bsqXvnlV
uRv/70E0bbSBqdO/Mnk3jPUEX+DpywBvA5pgrwLyd5w4OeLwftwu7vYDPiSczAz4
olTQjz2KR6ss797o0Iu8KaIrOOYyQKu4Ek9XC2tFcZrRRZFpPs3pi+JRAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMW/V3QtdntBM4kZ1wIkJoTqB4ybMB8GA1UdIwQY
MBaAFMt8lVD04aHq+VBy+xuauyaVTSY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82ODliMTktNDk1OC00NDIzLTg1YTkt
OTYyNmY5ZjZjZGEyLzEveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS82ODliMTktNDk1OC00NDIzLTg1YTktOTYyNmY5ZjZjZGEy
LzEveTN5VlVQVGhvZXI1VUhMN0c1cTdKcFZOSmowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE5L/tHxs
Mn7FBb8lwGxSil069u7J4zz4IMm9xXmIZBvjWlsp47/x3YakSadteW+JI7QEK+BI
HpFTuBrhUopbODhEXzsaIlcY60Ow9U19ccsl6zoBNeJdbNcQig9M6X7UXlCUDjc7
46pogVKucoBhJ2CN28DLclh4mzfIvDDquhVJRIzvojJG3WH+l6qFwnyePPwg2Kh0
INAMisBqRDebMms11i9BaB4Tups+SUZHMfTI6cx+LPBLON8S+g+iyT2abfXOz1kn
oa4qE6BD/NkrYeFDwQmsXvRHlGfjjdlr5fvg35+PmbDZ0Hqfm3w86V7QSf3+9+Sr
aa9ss5H1IrEeNA==
-----END CERTIFICATE-----