Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
File:                     DY05iX3-Ia7thQlskKRzlvyknUE.mft (raw, json)
Hash identifier:          y2tTbayXASAmHSI3KXuhdz5oHx7xS6KUxlK+GkdjZmc=
Subject key identifier:   CB:77:77:56:7C:19:53:E3:77:3F:EC:E6:ED:3B:D0:3A:7B:B6:AF:A9
Authority key identifier: 0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41
Certificate issuer:       /CN=0d8d39897dfe21aeed85096c90a47396fca49d41
Certificate serial:       019CAD59E8E4B7D94EF43F322F776FE83D8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
Manifest number:          17D5
Signing time:             Mon 02 Mar 2026 07:01:16 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:16 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:16 +0000
Files and hashes:         1: DY05iX3-Ia7thQlskKRzlvyknUE.crl (hash: +KdKy1lsIpSK6481tJ7lKvP93hGx4QuPH5iulFIoGs8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:e8:e4:b7:d9:4e:f4:3f:32:2f:77:6f:e8:3d:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d8d39897dfe21aeed85096c90a47396fca49d41
        Validity
            Not Before: Mar  2 07:01:16 2026 GMT
            Not After : Mar  3 07:01:16 2026 GMT
        Subject: CN=cb7777567c1953e3773fece6ed3bd03a7bb6afa9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:bc:51:1d:da:bf:2a:04:f4:09:83:65:47:a2:
                    f7:34:e7:e2:f9:fd:12:59:59:17:5e:5c:e9:e3:03:
                    09:4a:3e:0d:18:7e:7a:ad:74:c9:36:96:55:3a:27:
                    be:a2:97:2f:73:cf:6d:8a:fe:8c:a2:ce:e6:7b:3c:
                    7d:f7:2f:25:07:23:f3:ed:0e:d6:73:80:df:a5:60:
                    8a:21:11:76:84:7b:31:d5:a7:69:87:98:d2:2e:96:
                    e1:f0:2e:87:a0:99:53:ed:dd:95:2b:2c:58:db:98:
                    ce:9e:7e:7d:d1:d3:0e:8f:2c:d1:e5:b4:63:e7:77:
                    0b:72:da:82:1e:ba:90:39:87:89:fb:4a:4e:1e:58:
                    d8:05:5c:f7:5b:ff:93:cb:cc:79:46:d0:8e:59:a2:
                    2d:83:2a:72:57:de:ec:36:d8:0c:97:5b:9b:9c:cb:
                    68:55:b9:7e:5c:b5:f8:c2:7d:e2:96:5d:15:55:c7:
                    a2:d8:ea:4e:aa:88:92:52:ad:d1:c4:4a:66:cf:d2:
                    db:6c:af:b9:84:c1:dc:03:3a:09:61:8f:60:51:99:
                    aa:60:07:7d:42:a4:73:12:45:80:af:73:7e:a8:66:
                    0e:e9:b2:e2:ca:e7:04:48:81:52:1c:64:35:59:33:
                    41:91:84:37:53:ae:a6:5a:7f:bb:58:f5:25:50:e1:
                    7a:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:77:77:56:7C:19:53:E3:77:3F:EC:E6:ED:3B:D0:3A:7B:B6:AF:A9
            X509v3 Authority Key Identifier:
                keyid:0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:91:05:d2:8f:98:11:2f:04:3d:b5:d3:a1:44:0a:3b:d8:01:
         02:5c:d9:51:b4:6e:64:c6:4f:1f:cf:3c:80:d7:cc:49:68:be:
         b4:6c:8e:05:d6:82:ba:d2:d3:b7:2c:c9:18:78:1f:69:8f:05:
         68:e2:08:0a:fa:da:f1:01:58:d3:e9:10:0f:ab:e6:59:55:62:
         c9:78:29:3c:34:64:0f:67:0c:c4:fd:9c:f6:f0:b3:2f:8a:75:
         31:5b:2a:50:72:a3:eb:a3:46:b2:a0:c6:e8:67:6d:4d:96:68:
         04:0c:13:c8:e8:63:26:e5:3c:2f:84:4e:40:23:72:cf:2d:2a:
         39:36:4f:20:cc:cf:eb:dc:37:7f:14:b9:7e:9b:15:31:36:e2:
         1f:b3:c1:36:ed:67:a0:51:29:99:f3:4a:57:bf:0f:49:8e:1b:
         e2:18:95:73:8e:f2:e7:f0:2d:11:77:b6:52:0c:a2:e5:07:42:
         7d:5a:10:39:e8:71:5c:eb:7f:1a:6c:b2:96:ff:f6:eb:bd:3b:
         33:bf:a1:20:37:bb:75:11:bd:f5:75:1e:e5:5e:17:b8:2d:65:
         eb:09:e9:44:20:60:d8:ff:14:13:61:8e:38:9c:14:38:3d:8d:
         eb:72:a7:25:50:78:ec:e8:dd:89:0e:c8:16:72:98:5e:c6:70:
         26:fb:2e:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWejkt9lO9D8yL3dv6D2MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOGQzOTg5N2RmZTIxYWVlZDg1MDk2YzkwYTQ3Mzk2ZmNh
NDlkNDEwHhcNMjYwMzAyMDcwMTE2WhcNMjYwMzAzMDcwMTE2WjAzMTEwLwYDVQQD
EyhjYjc3Nzc1NjdjMTk1M2UzNzczZmVjZTZlZDNiZDAzYTdiYjZhZmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7bxRHdq/KgT0CYNlR6L3NOfi+f0S
WVkXXlzp4wMJSj4NGH56rXTJNpZVOie+opcvc89tiv6Mos7mezx99y8lByPz7Q7W
c4DfpWCKIRF2hHsx1adph5jSLpbh8C6HoJlT7d2VKyxY25jOnn590dMOjyzR5bRj
53cLctqCHrqQOYeJ+0pOHljYBVz3W/+Ty8x5RtCOWaItgypyV97sNtgMl1ubnMto
Vbl+XLX4wn3ill0VVcei2OpOqoiSUq3RxEpmz9LbbK+5hMHcAzoJYY9gUZmqYAd9
QqRzEkWAr3N+qGYO6bLiyucESIFSHGQ1WTNBkYQ3U66mWn+7WPUlUOF6UQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMt3d1Z8GVPjdz/s5u070Dp7tq+pMB8GA1UdIwQY
MBaAFA2NOYl9/iGu7YUJbJCkc5b8pJ1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAt
YmU4MjMxMDk4NTVlLzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAtYmU4MjMxMDk4NTVl
LzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFpEF0o+Y
ES8EPbXToUQKO9gBAlzZUbRuZMZPH888gNfMSWi+tGyOBdaCutLTtyzJGHgfaY8F
aOIICvra8QFY0+kQD6vmWVViyXgpPDRkD2cMxP2c9vCzL4p1MVsqUHKj66NGsqDG
6GdtTZZoBAwTyOhjJuU8L4ROQCNyzy0qOTZPIMzP69w3fxS5fpsVMTbiH7PBNu1n
oFEpmfNKV78PSY4b4hiVc47y5/AtEXe2Ugyi5QdCfVoQOehxXOt/Gmyylv/26707
M7+hIDe7dRG99XUe5V4XuC1l6wnpRCBg2P8UE2GOOJwUOD2N63KnJVB47OjdiQ7I
FnKYXsZwJvsuTg==
-----END CERTIFICATE-----