Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
File:                     YDRE4ZlioZHv0vIWoSji9M_io94.mft (raw, json)
Hash identifier:          qfpqs+FSvBt/cFfW7+XdNFAKKWQf+VdSCn6vUHpAYzQ=
Subject key identifier:   35:34:63:CE:91:1F:40:10:F5:38:99:14:71:C5:69:54:E2:78:0D:2D
Authority key identifier: 60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE
Certificate issuer:       /CN=603444e19962a191efd2f216a128e2f4cfe2a3de
Certificate serial:       019CA97CB246708D0597F121344602EA7E66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
Manifest number:          085F
Signing time:             Sun 01 Mar 2026 13:00:47 +0000
Manifest this update:     Sun 01 Mar 2026 13:00:47 +0000
Manifest next update:     Mon 02 Mar 2026 13:00:47 +0000
Files and hashes:         1: YDRE4ZlioZHv0vIWoSji9M_io94.crl (hash: ScR3qI5trSsGJhWVl8BO1E2Ls8P8TDUb9i7C0NvsSjE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 13:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:7c:b2:46:70:8d:05:97:f1:21:34:46:02:ea:7e:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=603444e19962a191efd2f216a128e2f4cfe2a3de
        Validity
            Not Before: Mar  1 13:00:47 2026 GMT
            Not After : Mar  2 13:00:47 2026 GMT
        Subject: CN=353463ce911f4010f538991471c56954e2780d2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:c7:9e:8d:dc:a5:b7:dc:64:28:43:ea:8e:72:
                    9a:49:97:47:36:5f:6b:df:bc:a7:af:41:ef:67:1f:
                    a4:fa:52:47:87:ca:12:9b:4d:8a:50:81:16:12:4e:
                    5d:d9:42:d2:43:86:88:fc:e1:36:8a:54:87:98:b3:
                    d0:84:d6:bb:29:a6:42:bf:bd:74:83:f5:0a:7b:18:
                    de:80:0f:5d:b7:03:c2:b2:4b:f1:fa:28:75:64:0e:
                    85:98:ab:d0:e7:73:70:b8:b8:5f:d1:25:57:20:19:
                    89:0f:63:b0:23:ff:62:d2:37:8f:ad:a9:0c:0a:15:
                    f6:1a:23:bb:3c:fb:71:cc:50:f6:6e:59:f8:02:8e:
                    df:06:c3:07:3d:1d:27:36:9f:4b:6c:0c:b9:8a:9c:
                    be:3f:40:08:d7:67:ee:a5:cf:47:fd:ef:d1:fd:bb:
                    34:79:d1:d8:4f:b5:e1:ac:cf:c6:e8:50:2c:78:b9:
                    35:ad:f1:a8:f8:3c:d8:3f:d5:b0:d6:ab:e4:5e:5e:
                    c3:3f:3f:56:7f:37:ed:fd:ef:d4:86:82:fa:79:70:
                    8a:d1:73:31:77:4e:c7:5e:8e:3c:19:3a:7b:79:91:
                    aa:07:89:a3:72:cf:3f:a7:13:a5:64:c8:4f:4a:d5:
                    c8:30:12:a3:6e:17:2c:89:ab:f2:b3:15:88:59:a6:
                    e5:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:34:63:CE:91:1F:40:10:F5:38:99:14:71:C5:69:54:E2:78:0D:2D
            X509v3 Authority Key Identifier:
                keyid:60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:ef:ab:26:86:7c:54:f3:10:d4:bd:f7:a6:94:1d:63:7f:9b:
         03:7e:f5:03:d7:5f:49:36:ca:8b:f3:e7:0e:39:84:46:7f:44:
         1c:2b:b1:60:51:56:46:a4:61:54:b4:9e:ad:63:fa:f2:7d:61:
         00:dd:66:bf:60:46:b0:0a:c2:f9:86:1d:54:4b:a9:71:d4:d4:
         4c:83:25:aa:60:ad:d1:90:c3:19:6c:19:45:de:05:67:d6:d0:
         05:b1:e9:df:01:c5:91:ec:8c:6e:67:93:6c:c3:fe:96:46:86:
         80:38:e3:da:00:f1:11:bd:3f:2a:a7:e1:90:2b:95:db:23:13:
         0e:db:73:44:8d:3f:9e:3b:bb:0c:b2:8f:e8:80:99:58:d2:c8:
         0b:8c:0d:c9:86:b1:4f:94:41:7f:f9:55:52:34:98:ec:7d:f8:
         16:5e:d6:d5:52:2d:dd:87:bc:b4:81:96:e3:eb:30:01:27:b7:
         15:31:aa:78:39:d3:79:76:81:a9:b0:ca:24:30:a9:7b:1b:29:
         b6:30:f2:3f:30:5a:28:8c:fb:fe:94:2f:6d:cf:5a:f8:bc:bf:
         05:e1:28:ba:82:c8:6c:8f:69:a3:ba:60:bd:e3:77:b2:03:c2:
         3a:00:8f:7c:9f:96:a8:0b:22:9f:44:c6:74:47:09:09:ca:aa:
         8d:a8:88:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypfLJGcI0Fl/EhNEYC6n5mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzQ0NGUxOTk2MmExOTFlZmQyZjIxNmExMjhlMmY0Y2Zl
MmEzZGUwHhcNMjYwMzAxMTMwMDQ3WhcNMjYwMzAyMTMwMDQ3WjAzMTEwLwYDVQQD
EygzNTM0NjNjZTkxMWY0MDEwZjUzODk5MTQ3MWM1Njk1NGUyNzgwZDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjceejdylt9xkKEPqjnKaSZdHNl9r
37ynr0HvZx+k+lJHh8oSm02KUIEWEk5d2ULSQ4aI/OE2ilSHmLPQhNa7KaZCv710
g/UKexjegA9dtwPCskvx+ih1ZA6FmKvQ53NwuLhf0SVXIBmJD2OwI/9i0jePrakM
ChX2GiO7PPtxzFD2bln4Ao7fBsMHPR0nNp9LbAy5ipy+P0AI12fupc9H/e/R/bs0
edHYT7XhrM/G6FAseLk1rfGo+DzYP9Ww1qvkXl7DPz9Wfzft/e/UhoL6eXCK0XMx
d07HXo48GTp7eZGqB4mjcs8/pxOlZMhPStXIMBKjbhcsiavysxWIWablxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDU0Y86RH0AQ9TiZFHHFaVTieA0tMB8GA1UdIwQY
MBaAFGA0ROGZYqGR79LyFqEo4vTP4qPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzct
ODQ0N2UyOWMxNTI0LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzctODQ0N2UyOWMxNTI0
LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcu+rJoZ8
VPMQ1L33ppQdY3+bA371A9dfSTbKi/PnDjmERn9EHCuxYFFWRqRhVLSerWP68n1h
AN1mv2BGsArC+YYdVEupcdTUTIMlqmCt0ZDDGWwZRd4FZ9bQBbHp3wHFkeyMbmeT
bMP+lkaGgDjj2gDxEb0/KqfhkCuV2yMTDttzRI0/nju7DLKP6ICZWNLIC4wNyYax
T5RBf/lVUjSY7H34Fl7W1VIt3Ye8tIGW4+swASe3FTGqeDnTeXaBqbDKJDCpexsp
tjDyPzBaKIz7/pQvbc9a+Ly/BeEouoLIbI9po7pgveN3sgPCOgCPfJ+WqAsin0TG
dEcJCcqqjaiIpw==
-----END CERTIFICATE-----