Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
File:                     YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft (raw, json)
Hash identifier:          7yijZxxGjuQHftdIq2/qFbKGZUNjR34EJf5U76Nyn0w=
Subject key identifier:   6C:F6:10:08:DA:9C:86:E2:9E:A3:D6:7B:66:26:5E:BB:FC:CA:38:63
Authority key identifier: 60:A4:34:FD:6B:FF:8B:6F:BB:0D:52:F8:DA:42:E9:1F:8A:5A:29:2F
Certificate issuer:       /CN=60a434fd6bff8b6fbb0d52f8da42e91f8a5a292f
Certificate serial:       019CAAC6F7AFD21AB1720931C3E2BC31D96B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
Manifest number:          09DF
Signing time:             Sun 01 Mar 2026 19:01:32 +0000
Manifest this update:     Sun 01 Mar 2026 19:01:32 +0000
Manifest next update:     Mon 02 Mar 2026 19:01:32 +0000
Files and hashes:         1: YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl (hash: 2uq5kkRHqSrdWJPfEW5W+ne4sruuzQyI7IdXw98jYgw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:f7:af:d2:1a:b1:72:09:31:c3:e2:bc:31:d9:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60a434fd6bff8b6fbb0d52f8da42e91f8a5a292f
        Validity
            Not Before: Mar  1 19:01:32 2026 GMT
            Not After : Mar  2 19:01:32 2026 GMT
        Subject: CN=6cf61008da9c86e29ea3d67b66265ebbfcca3863
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:5a:b4:c9:65:00:c9:b0:16:ff:64:12:5e:88:
                    ec:bf:28:ae:6c:8b:b9:e8:3c:e3:7b:9e:7e:ac:5e:
                    a5:a5:ae:08:d0:11:92:e7:5e:de:c7:15:87:9c:0b:
                    96:be:be:f8:1e:2a:7b:0e:b7:9b:a8:37:ee:95:78:
                    a1:32:5c:9d:98:5a:f5:58:69:3d:0a:6d:c3:90:2f:
                    7a:b5:10:22:92:48:5a:a8:55:5c:21:e5:05:96:d2:
                    13:96:33:b3:75:d7:05:f8:6d:56:2d:bd:b0:43:a9:
                    8c:f1:f3:eb:e6:5a:7c:86:30:60:f7:f9:b9:75:0f:
                    8f:85:19:fa:43:e1:bd:04:2b:30:96:53:19:79:12:
                    c5:43:28:3d:aa:32:2e:b6:9f:bd:43:7b:52:59:f4:
                    b4:02:a2:75:a8:4a:e3:4d:4f:58:88:9a:02:2b:3d:
                    c7:5c:e8:c1:04:aa:d6:9d:8d:7b:2a:d3:5f:2a:02:
                    91:fa:8e:8c:0b:e7:f5:ac:68:49:33:27:92:fe:e7:
                    6e:51:d4:3b:9e:37:14:9a:c2:a4:eb:e4:c9:2c:4a:
                    57:f5:d8:8e:40:cd:6d:19:20:0c:97:1a:d2:a6:5a:
                    09:7b:42:b9:92:26:d6:b3:75:83:a9:ca:bc:73:79:
                    bb:ed:dc:47:97:f2:42:ea:0b:5b:5d:7a:a8:de:81:
                    bb:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:F6:10:08:DA:9C:86:E2:9E:A3:D6:7B:66:26:5E:BB:FC:CA:38:63
            X509v3 Authority Key Identifier:
                keyid:60:A4:34:FD:6B:FF:8B:6F:BB:0D:52:F8:DA:42:E9:1F:8A:5A:29:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YKQ0_Wv_i2-7DVL42kLpH4paKS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6801c9-dd17-4dca-8100-6a3f01d9cb50/1/YKQ0_Wv_i2-7DVL42kLpH4paKS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:6c:48:95:e3:f8:44:74:73:f4:24:c0:ca:14:6f:6f:c0:79:
         6e:8a:45:9c:cd:8e:e5:9c:ca:b9:d1:2a:08:54:d7:98:b4:f6:
         df:4d:e8:ad:72:26:b5:54:58:d5:98:ab:dc:d3:c9:ab:22:de:
         d0:8f:11:ab:a0:11:05:df:db:6d:45:4c:ab:d2:4e:da:b3:c6:
         dc:94:ec:60:25:4e:12:b6:3b:9b:3b:81:9d:fe:c1:4a:48:bd:
         9f:de:46:4d:94:63:9b:b1:a9:c3:88:cf:cc:54:24:3e:6f:00:
         e6:8c:e9:3b:be:3c:16:5c:cc:82:f1:32:61:48:39:ec:36:91:
         ad:bb:e2:6e:3c:c9:03:c0:70:07:02:ba:94:29:d5:18:e2:b5:
         e6:40:ef:8e:c0:44:56:54:af:89:33:14:ad:90:21:1e:d1:9e:
         43:81:22:d9:66:46:e9:a7:a8:cb:e5:6a:aa:b5:6c:8b:6d:02:
         18:fb:ee:61:e5:30:68:cd:86:d6:73:6e:e4:85:d9:c0:74:13:
         de:6c:93:b6:27:e5:04:8d:72:0a:6f:21:31:83:26:0f:b9:c5:
         10:36:b5:fd:03:75:ff:1c:87:8d:df:14:1d:7c:95:ea:df:d0:
         b2:0b:60:5d:55:74:d6:be:57:a0:6c:04:bd:44:64:ac:2c:cb:
         94:25:f8:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxvev0hqxcgkxw+K8MdlrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYTQzNGZkNmJmZjhiNmZiYjBkNTJmOGRhNDJlOTFmOGE1
YTI5MmYwHhcNMjYwMzAxMTkwMTMyWhcNMjYwMzAyMTkwMTMyWjAzMTEwLwYDVQQD
Eyg2Y2Y2MTAwOGRhOWM4NmUyOWVhM2Q2N2I2NjI2NWViYmZjY2EzODYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1q0yWUAybAW/2QSXojsvyiubIu5
6Dzje55+rF6lpa4I0BGS517exxWHnAuWvr74Hip7DrebqDfulXihMlydmFr1WGk9
Cm3DkC96tRAikkhaqFVcIeUFltITljOzddcF+G1WLb2wQ6mM8fPr5lp8hjBg9/m5
dQ+PhRn6Q+G9BCswllMZeRLFQyg9qjIutp+9Q3tSWfS0AqJ1qErjTU9YiJoCKz3H
XOjBBKrWnY17KtNfKgKR+o6MC+f1rGhJMyeS/uduUdQ7njcUmsKk6+TJLEpX9diO
QM1tGSAMlxrSploJe0K5kibWs3WDqcq8c3m77dxHl/JC6gtbXXqo3oG76wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGz2EAjanIbinqPWe2YmXrv8yjhjMB8GA1UdIwQY
MBaAFGCkNP1r/4tvuw1S+NpC6R+KWikvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82ODAxYzktZGQxNy00ZGNhLTgxMDAt
NmEzZjAxZDljYjUwLzEvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82ODAxYzktZGQxNy00ZGNhLTgxMDAtNmEzZjAxZDljYjUw
LzEvWUtRMF9Xdl9pMi03RFZMNDJrTHBINHBhS1M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW2xIleP4
RHRz9CTAyhRvb8B5bopFnM2O5ZzKudEqCFTXmLT2303orXImtVRY1Zir3NPJqyLe
0I8Rq6ARBd/bbUVMq9JO2rPG3JTsYCVOErY7mzuBnf7BSki9n95GTZRjm7Gpw4jP
zFQkPm8A5ozpO748FlzMgvEyYUg57DaRrbvibjzJA8BwBwK6lCnVGOK15kDvjsBE
VlSviTMUrZAhHtGeQ4Ei2WZG6aeoy+VqqrVsi20CGPvuYeUwaM2G1nNu5IXZwHQT
3myTtiflBI1yCm8hMYMmD7nFEDa1/QN1/xyHjd8UHXyV6t/QsgtgXVV01r5XoGwE
vURkrCzLlCX4Dw==
-----END CERTIFICATE-----