Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft
File:                     yEg4FrQ75KdvYGCDK-xJkvpamM4.mft (raw, json)
Hash identifier:          k64qxSg3hCXpPDfQLYdwmbZeutaRbWfTvXIC1JfTUD0=
Subject key identifier:   C3:19:72:C3:74:60:9A:38:A8:2E:46:40:77:CF:1D:21:A4:4A:89:A0
Authority key identifier: C8:48:38:16:B4:3B:E4:A7:6F:60:60:83:2B:EC:49:92:FA:5A:98:CE
Certificate issuer:       /CN=c8483816b43be4a76f6060832bec4992fa5a98ce
Certificate serial:       019CABA1E602DA7C36A1149C7E98D788FFBE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yEg4FrQ75KdvYGCDK-xJkvpamM4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft
Manifest number:          086A
Signing time:             Sun 01 Mar 2026 23:00:39 +0000
Manifest this update:     Sun 01 Mar 2026 23:00:39 +0000
Manifest next update:     Mon 02 Mar 2026 23:00:39 +0000
Files and hashes:         1: yEg4FrQ75KdvYGCDK-xJkvpamM4.crl (hash: 2nO4oGHcY2uLyADn+mS0oPZcNyEFTBVpCAPMdOCtUyo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yEg4FrQ75KdvYGCDK-xJkvpamM4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 23:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:a1:e6:02:da:7c:36:a1:14:9c:7e:98:d7:88:ff:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8483816b43be4a76f6060832bec4992fa5a98ce
        Validity
            Not Before: Mar  1 23:00:39 2026 GMT
            Not After : Mar  2 23:00:39 2026 GMT
        Subject: CN=c31972c374609a38a82e464077cf1d21a44a89a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:6c:bc:95:43:47:87:75:cf:49:6b:86:88:0e:
                    c9:22:7c:f6:d3:33:04:8a:bc:d6:8d:05:73:7c:39:
                    99:b5:f1:88:68:97:7d:15:89:bb:f2:2f:60:c8:21:
                    71:9a:f4:9b:ad:21:bd:b9:ea:85:92:58:78:50:49:
                    9e:95:f1:9e:41:60:0d:54:89:74:ce:9a:8e:b1:86:
                    59:5a:b6:df:2e:c2:fc:ed:3c:78:1a:88:f7:6c:76:
                    31:8a:b2:44:00:cc:d3:fa:32:8c:9b:ad:ab:a9:09:
                    3d:73:72:04:05:0c:47:4f:56:9e:8d:4e:02:36:b2:
                    b0:76:42:e1:ac:14:60:c1:77:ce:9b:5c:4a:40:d7:
                    29:1d:57:a5:97:64:1d:21:15:fa:a9:b4:ad:65:9c:
                    87:9c:2b:d3:4f:69:87:09:c3:59:10:0b:e8:39:61:
                    33:3e:46:d0:38:bf:7e:8f:58:fb:43:0d:32:57:c2:
                    75:93:0f:4f:06:96:8b:70:e9:28:93:14:b3:21:ef:
                    f3:22:a4:27:28:7c:61:22:a8:6c:5d:35:88:ae:72:
                    b6:70:79:10:a4:23:29:b0:fe:af:48:8d:48:75:6f:
                    d0:0a:04:0f:11:19:dc:b0:59:dd:eb:ad:69:fb:88:
                    69:6b:1b:f3:23:7f:9c:b7:db:ef:da:09:8d:f9:b1:
                    5c:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:19:72:C3:74:60:9A:38:A8:2E:46:40:77:CF:1D:21:A4:4A:89:A0
            X509v3 Authority Key Identifier:
                keyid:C8:48:38:16:B4:3B:E4:A7:6F:60:60:83:2B:EC:49:92:FA:5A:98:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yEg4FrQ75KdvYGCDK-xJkvpamM4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1d2c58-a07b-449d-84ad-2a20a608f631/1/yEg4FrQ75KdvYGCDK-xJkvpamM4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:eb:83:21:13:d4:6c:43:ec:a1:1a:15:3a:a6:fe:ed:80:12:
         35:19:2b:5a:60:42:d7:7c:6c:68:0a:ae:49:87:7e:68:28:64:
         09:14:c0:95:06:9e:d4:ec:90:51:6a:73:44:fb:8a:45:f3:98:
         cf:93:82:e9:95:b7:dd:ff:47:1d:45:91:2d:c2:5a:b4:b3:34:
         61:72:20:6f:c9:23:e5:9f:2c:ac:7d:ba:2b:61:d5:b3:41:a1:
         ea:e8:e6:c8:4d:b1:f7:57:88:0c:0a:a2:90:ed:cd:ff:62:5f:
         32:fe:e0:c5:d5:19:05:14:06:97:70:54:99:9e:c3:c0:7f:92:
         2f:7a:29:0e:1f:6f:b2:57:da:43:00:08:85:3d:84:3a:70:3d:
         cb:ba:77:3b:b4:d6:64:be:2f:e7:eb:56:75:53:8f:2f:02:8b:
         8c:c3:28:6d:b0:eb:3c:7e:1b:59:e6:98:99:46:c9:81:dd:f2:
         d4:59:da:de:e3:e8:b5:5b:1e:12:9c:cd:44:7d:49:e5:7d:3e:
         27:5a:3b:ec:4f:f6:9e:00:3c:15:30:28:3c:62:ac:58:21:6b:
         dc:7b:af:01:bf:24:ae:70:07:28:02:2a:cd:07:78:86:44:ff:
         b5:f6:ad:84:8d:f3:26:68:21:1d:25:b3:4b:52:d8:45:42:da:
         8f:20:3a:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyroeYC2nw2oRScfpjXiP++MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NDgzODE2YjQzYmU0YTc2ZjYwNjA4MzJiZWM0OTkyZmE1
YTk4Y2UwHhcNMjYwMzAxMjMwMDM5WhcNMjYwMzAyMjMwMDM5WjAzMTEwLwYDVQQD
EyhjMzE5NzJjMzc0NjA5YTM4YTgyZTQ2NDA3N2NmMWQyMWE0NGE4OWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA72y8lUNHh3XPSWuGiA7JInz20zME
irzWjQVzfDmZtfGIaJd9FYm78i9gyCFxmvSbrSG9ueqFklh4UEmelfGeQWANVIl0
zpqOsYZZWrbfLsL87Tx4Goj3bHYxirJEAMzT+jKMm62rqQk9c3IEBQxHT1aejU4C
NrKwdkLhrBRgwXfOm1xKQNcpHVell2QdIRX6qbStZZyHnCvTT2mHCcNZEAvoOWEz
PkbQOL9+j1j7Qw0yV8J1kw9PBpaLcOkokxSzIe/zIqQnKHxhIqhsXTWIrnK2cHkQ
pCMpsP6vSI1IdW/QCgQPERncsFnd661p+4hpaxvzI3+ct9vv2gmN+bFcwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMMZcsN0YJo4qC5GQHfPHSGkSomgMB8GA1UdIwQY
MBaAFMhIOBa0O+Snb2BggyvsSZL6WpjOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUVnNEZyUTc1S2R2WUdDREsteEprdnBhbU00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8xZDJjNTgtYTA3Yi00NDlkLTg0YWQt
MmEyMGE2MDhmNjMxLzEveUVnNEZyUTc1S2R2WUdDREsteEprdnBhbU00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8xZDJjNTgtYTA3Yi00NDlkLTg0YWQtMmEyMGE2MDhmNjMx
LzEveUVnNEZyUTc1S2R2WUdDREsteEprdnBhbU00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAquuDIRPU
bEPsoRoVOqb+7YASNRkrWmBC13xsaAquSYd+aChkCRTAlQae1OyQUWpzRPuKRfOY
z5OC6ZW33f9HHUWRLcJatLM0YXIgb8kj5Z8srH26K2HVs0Gh6ujmyE2x91eIDAqi
kO3N/2JfMv7gxdUZBRQGl3BUmZ7DwH+SL3opDh9vslfaQwAIhT2EOnA9y7p3O7TW
ZL4v5+tWdVOPLwKLjMMobbDrPH4bWeaYmUbJgd3y1Fna3uPotVseEpzNRH1J5X0+
J1o77E/2ngA8FTAoPGKsWCFr3HuvAb8krnAHKAIqzQd4hkT/tfathI3zJmghHSWz
S1LYRULajyA6pw==
-----END CERTIFICATE-----