Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
File:                     yQDj7qi7474R-IxoK9E4wmUH99w.mft (raw, json)
Hash identifier:          TBcd/sKNOdY6WP26DNoyuOXgvOiPEV9tPenn2yAX+oA=
Subject key identifier:   3F:CB:1E:77:C6:93:2E:8C:01:56:58:9C:14:40:30:2B:54:0F:E4:99
Authority key identifier: C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC
Certificate issuer:       /CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
Certificate serial:       019CAD597E8370CE664171AC521CA74E06F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
Manifest number:          0F2C
Signing time:             Mon 02 Mar 2026 07:00:49 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:49 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:49 +0000
Files and hashes:         1: yQDj7qi7474R-IxoK9E4wmUH99w.crl (hash: CbBOy+Gea4fGugPrXTQWSrmG/opLTmO5bk2N0L2DKUg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:7e:83:70:ce:66:41:71:ac:52:1c:a7:4e:06:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c900e3eea8bbe3be11f88c682bd138c26507f7dc
        Validity
            Not Before: Mar  2 07:00:49 2026 GMT
            Not After : Mar  3 07:00:49 2026 GMT
        Subject: CN=3fcb1e77c6932e8c0156589c1440302b540fe499
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:5d:dd:35:50:6b:66:d9:47:52:44:2b:f8:91:
                    73:10:4c:78:88:6e:0d:62:a3:00:49:d1:36:eb:2f:
                    78:f1:37:c0:c3:29:95:56:d7:16:77:50:7e:b4:95:
                    e8:cc:cf:95:46:54:a4:8a:83:63:57:c4:6f:88:42:
                    0a:62:25:2a:ac:6d:49:da:7b:f1:a8:83:1e:51:d1:
                    d9:dd:33:65:5e:5b:a1:51:c4:07:16:02:76:dc:39:
                    03:58:e5:d7:a7:5d:f5:63:e8:6a:ea:a7:7a:ba:29:
                    c8:7d:87:da:65:bd:4e:ed:70:45:d9:bc:cd:14:4c:
                    d0:13:bb:f0:f0:18:10:3f:07:b1:33:ec:1d:5e:0b:
                    07:27:ec:db:f8:e8:9d:11:51:b3:d4:8d:0a:96:6f:
                    36:4f:b8:84:f9:25:f0:6f:99:31:19:f3:83:e0:92:
                    f9:fa:7a:a3:46:66:a9:76:30:2b:29:72:cf:74:04:
                    c0:aa:bb:c8:77:bf:c2:d2:b0:c5:1d:cd:1d:67:eb:
                    7f:17:53:e2:48:18:94:6b:61:c2:58:22:17:cb:c7:
                    ce:46:7c:84:81:e3:ef:b1:0b:70:c1:40:ba:6c:2f:
                    c9:12:71:09:38:9e:e5:ac:3b:ef:d5:79:97:12:c7:
                    f0:59:14:e3:fe:17:48:03:67:78:47:6f:38:8a:d2:
                    91:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:CB:1E:77:C6:93:2E:8C:01:56:58:9C:14:40:30:2B:54:0F:E4:99
            X509v3 Authority Key Identifier:
                keyid:C9:00:E3:EE:A8:BB:E3:BE:11:F8:8C:68:2B:D1:38:C2:65:07:F7:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yQDj7qi7474R-IxoK9E4wmUH99w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1f431e-37c8-4080-9bb3-416204a02737/1/yQDj7qi7474R-IxoK9E4wmUH99w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:af:94:b9:92:a8:40:0e:40:55:be:bc:ec:0e:e8:ba:f2:7c:
         64:77:6b:fc:45:35:30:c3:77:a5:3e:6a:fe:d6:40:a4:42:10:
         3f:57:ed:90:cd:6b:2f:0c:c6:20:d7:2e:29:bb:f9:5c:60:b2:
         ed:15:94:00:22:3c:13:3e:e0:f9:e1:04:c8:bb:0f:87:3a:cf:
         36:d5:38:42:34:36:ea:27:0e:a1:0c:8e:f7:c3:dc:b7:cb:d0:
         c3:32:b2:da:9e:a3:e3:56:08:70:1f:9f:a8:24:be:3d:36:7a:
         ca:7d:6a:af:24:a7:5e:47:72:f1:69:f4:6a:68:f3:65:10:19:
         99:c5:e6:ac:4f:2d:83:4a:a3:f8:46:23:08:77:f5:4b:89:6f:
         6b:06:da:c9:ed:f7:bc:6f:59:f4:6e:8a:88:94:97:55:65:47:
         50:28:d5:16:01:79:05:df:12:a4:7d:e8:1f:10:b8:66:29:16:
         06:c4:45:ae:26:a0:3e:4d:52:52:ac:ef:a1:79:de:73:05:d6:
         a1:f7:c4:8b:d9:86:07:ad:e0:68:35:c1:59:33:14:bb:64:88:
         3c:f2:24:22:15:e1:df:e9:d5:2f:45:8c:02:46:3d:87:d8:f8:
         83:53:7e:99:7e:13:ff:e2:fa:56:7b:3e:20:af:3d:1a:fe:85:
         9a:de:e0:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWX6DcM5mQXGsUhynTgb3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MDBlM2VlYThiYmUzYmUxMWY4OGM2ODJiZDEzOGMyNjUw
N2Y3ZGMwHhcNMjYwMzAyMDcwMDQ5WhcNMjYwMzAzMDcwMDQ5WjAzMTEwLwYDVQQD
EygzZmNiMWU3N2M2OTMyZThjMDE1NjU4OWMxNDQwMzAyYjU0MGZlNDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt13dNVBrZtlHUkQr+JFzEEx4iG4N
YqMASdE26y948TfAwymVVtcWd1B+tJXozM+VRlSkioNjV8RviEIKYiUqrG1J2nvx
qIMeUdHZ3TNlXluhUcQHFgJ23DkDWOXXp131Y+hq6qd6uinIfYfaZb1O7XBF2bzN
FEzQE7vw8BgQPwexM+wdXgsHJ+zb+OidEVGz1I0Klm82T7iE+SXwb5kxGfOD4JL5
+nqjRmapdjArKXLPdATAqrvId7/C0rDFHc0dZ+t/F1PiSBiUa2HCWCIXy8fORnyE
gePvsQtwwUC6bC/JEnEJOJ7lrDvv1XmXEsfwWRTj/hdIA2d4R284itKRjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD/LHnfGky6MAVZYnBRAMCtUD+SZMB8GA1UdIwQY
MBaAFMkA4+6ou+O+EfiMaCvROMJlB/fcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMt
NDE2MjA0YTAyNzM3LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xZjQzMWUtMzdjOC00MDgwLTliYjMtNDE2MjA0YTAyNzM3
LzEveVFEajdxaTc0NzRSLUl4b0s5RTR3bVVIOTl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOq+UuZKo
QA5AVb687A7ouvJ8ZHdr/EU1MMN3pT5q/tZApEIQP1ftkM1rLwzGINcuKbv5XGCy
7RWUACI8Ez7g+eEEyLsPhzrPNtU4QjQ26icOoQyO98Pct8vQwzKy2p6j41YIcB+f
qCS+PTZ6yn1qrySnXkdy8Wn0amjzZRAZmcXmrE8tg0qj+EYjCHf1S4lvawbaye33
vG9Z9G6KiJSXVWVHUCjVFgF5Bd8SpH3oHxC4ZikWBsRFriagPk1SUqzvoXnecwXW
offEi9mGB63gaDXBWTMUu2SIPPIkIhXh3+nVL0WMAkY9h9j4g1N+mX4T/+L6Vns+
IK89Gv6Fmt7gAQ==
-----END CERTIFICATE-----