Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/f76a8e-1884-41bb-8113-f8d755b3d2a7/1/Yv8lPFoTQ6JWma4I51dnrya52-U.mft
File:                     Yv8lPFoTQ6JWma4I51dnrya52-U.mft (raw, json)
Hash identifier:          0mQ7keczdE0vH16EoFHI+gDXos/ld6FPdBKGOWzNyc8=
Subject key identifier:   D2:09:92:82:C8:F2:FC:45:CB:30:9B:17:3E:DD:01:BF:BD:37:C7:17
Authority key identifier: 62:FF:25:3C:5A:13:43:A2:56:99:AE:08:E7:57:67:AF:26:B9:DB:E5
Certificate issuer:       /CN=62ff253c5a1343a25699ae08e75767af26b9dbe5
Certificate serial:       019CAAC6779928E721D5BA0C436271383F32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv8lPFoTQ6JWma4I51dnrya52-U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/f76a8e-1884-41bb-8113-f8d755b3d2a7/1/Yv8lPFoTQ6JWma4I51dnrya52-U.mft
Manifest number:          17D5
Signing time:             Sun 01 Mar 2026 19:00:59 +0000
Manifest this update:     Sun 01 Mar 2026 19:00:59 +0000
Manifest next update:     Mon 02 Mar 2026 19:00:59 +0000
Files and hashes:         1: Yv8lPFoTQ6JWma4I51dnrya52-U.crl (hash: RNJj8rWnbIZESmbO/TstHIgCTPUWtCxUFY8BeOvQ2w4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/f76a8e-1884-41bb-8113-f8d755b3d2a7/1/Yv8lPFoTQ6JWma4I51dnrya52-U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/f76a8e-1884-41bb-8113-f8d755b3d2a7/1/Yv8lPFoTQ6JWma4I51dnrya52-U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Yv8lPFoTQ6JWma4I51dnrya52-U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 19:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:77:99:28:e7:21:d5:ba:0c:43:62:71:38:3f:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62ff253c5a1343a25699ae08e75767af26b9dbe5
        Validity
            Not Before: Mar  1 19:00:59 2026 GMT
            Not After : Mar  2 19:00:59 2026 GMT
        Subject: CN=d2099282c8f2fc45cb309b173edd01bfbd37c717
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:79:5c:96:cb:26:e0:f0:07:56:24:7b:33:7d:
                    70:dd:14:91:c2:6c:a8:fd:29:df:fa:0a:18:af:08:
                    d3:73:bf:fb:81:47:da:1e:41:d6:10:e4:e3:10:9e:
                    29:f8:48:fd:15:74:70:d4:c3:71:ee:15:e7:95:7b:
                    de:73:4e:88:81:69:ac:e1:ed:3a:7f:4c:8e:fc:44:
                    67:8f:53:7b:f1:ff:20:73:f2:6a:1e:7e:af:5c:54:
                    a1:3f:d1:24:99:df:8a:89:5a:e3:d7:bb:ab:e0:e5:
                    84:aa:79:d0:39:52:c7:d6:dc:0f:a9:03:1f:6b:ce:
                    a0:2e:40:56:09:b2:42:43:ff:b9:ad:45:e2:27:37:
                    ab:ae:71:e0:b2:79:d3:9e:14:ab:a3:8d:70:7d:13:
                    bd:9d:3d:24:21:4d:94:6f:ae:b4:8a:f1:23:7f:35:
                    f7:0e:a5:0b:6c:d3:9f:a1:b9:d1:c7:07:51:16:ed:
                    82:f3:d5:3a:fb:9e:34:52:78:7a:e1:83:24:7c:2d:
                    8f:fe:9c:73:55:06:56:29:2b:41:57:96:a8:3f:5b:
                    e9:8e:82:c1:b6:1a:82:8b:63:99:c1:aa:44:58:d0:
                    8b:01:42:a6:2b:c7:62:d1:73:1d:df:31:8d:da:d1:
                    3c:e4:b2:3a:d1:ef:d4:43:98:00:f9:4e:a4:0e:93:
                    13:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:09:92:82:C8:F2:FC:45:CB:30:9B:17:3E:DD:01:BF:BD:37:C7:17
            X509v3 Authority Key Identifier:
                keyid:62:FF:25:3C:5A:13:43:A2:56:99:AE:08:E7:57:67:AF:26:B9:DB:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv8lPFoTQ6JWma4I51dnrya52-U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f76a8e-1884-41bb-8113-f8d755b3d2a7/1/Yv8lPFoTQ6JWma4I51dnrya52-U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f76a8e-1884-41bb-8113-f8d755b3d2a7/1/Yv8lPFoTQ6JWma4I51dnrya52-U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:fa:c6:ae:6f:c9:98:63:b1:83:e8:12:c5:5a:22:50:8f:28:
         e0:3b:77:50:d5:b5:42:2b:89:e2:81:6b:91:e0:ba:f9:15:76:
         58:92:51:0d:33:be:e6:3c:7f:f5:ea:89:8d:47:fa:0b:6c:dd:
         98:d0:b7:ed:99:5b:47:55:25:ef:cb:73:6b:50:6f:7c:32:fa:
         5d:a6:ac:3c:f2:67:99:43:43:6e:d4:df:ed:24:1a:13:7a:dc:
         e1:ca:46:c4:ab:1a:03:df:12:66:a1:57:76:24:36:3e:80:10:
         0e:ab:2e:3e:c9:58:d4:c0:0c:d7:3c:00:93:f1:3c:e8:ac:da:
         63:e7:28:1d:bd:7b:ca:80:36:4a:48:53:63:50:89:12:17:b4:
         71:95:df:79:54:b4:58:cc:9c:e0:c8:ae:a8:fa:57:1d:32:46:
         02:28:4c:8e:9a:d9:cf:83:22:dc:d9:06:d1:9c:05:04:30:77:
         06:68:c8:3c:a2:54:19:59:68:39:f2:a9:5f:56:00:27:a5:d7:
         4e:74:34:b3:56:99:92:37:1f:72:86:20:e8:2a:89:1c:f9:d6:
         66:f1:4b:61:11:07:49:a8:11:3f:12:72:e6:43:94:c3:00:d4:
         00:90:2c:4c:da:96:ae:cc:85:19:8d:55:29:90:85:53:42:ad:
         82:fe:65:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxneZKOch1boMQ2JxOD8yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmYyNTNjNWExMzQzYTI1Njk5YWUwOGU3NTc2N2FmMjZi
OWRiZTUwHhcNMjYwMzAxMTkwMDU5WhcNMjYwMzAyMTkwMDU5WjAzMTEwLwYDVQQD
EyhkMjA5OTI4MmM4ZjJmYzQ1Y2IzMDliMTczZWRkMDFiZmJkMzdjNzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinlclssm4PAHViR7M31w3RSRwmyo
/Snf+goYrwjTc7/7gUfaHkHWEOTjEJ4p+Ej9FXRw1MNx7hXnlXvec06IgWms4e06
f0yO/ERnj1N78f8gc/JqHn6vXFShP9Ekmd+KiVrj17ur4OWEqnnQOVLH1twPqQMf
a86gLkBWCbJCQ/+5rUXiJzerrnHgsnnTnhSro41wfRO9nT0kIU2Ub660ivEjfzX3
DqULbNOfobnRxwdRFu2C89U6+540Unh64YMkfC2P/pxzVQZWKStBV5aoP1vpjoLB
thqCi2OZwapEWNCLAUKmK8di0XMd3zGN2tE85LI60e/UQ5gA+U6kDpMTVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNIJkoLI8vxFyzCbFz7dAb+9N8cXMB8GA1UdIwQY
MBaAFGL/JTxaE0OiVpmuCOdXZ68mudvlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXY4bFBGb1RRNkpXbWE0STUxZG5yeWE1Mi1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9mNzZhOGUtMTg4NC00MWJiLTgxMTMt
ZjhkNzU1YjNkMmE3LzEvWXY4bFBGb1RRNkpXbWE0STUxZG5yeWE1Mi1VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9mNzZhOGUtMTg4NC00MWJiLTgxMTMtZjhkNzU1YjNkMmE3
LzEvWXY4bFBGb1RRNkpXbWE0STUxZG5yeWE1Mi1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABPrGrm/J
mGOxg+gSxVoiUI8o4Dt3UNW1QiuJ4oFrkeC6+RV2WJJRDTO+5jx/9eqJjUf6C2zd
mNC37ZlbR1Ul78tza1BvfDL6XaasPPJnmUNDbtTf7SQaE3rc4cpGxKsaA98SZqFX
diQ2PoAQDqsuPslY1MAM1zwAk/E86KzaY+coHb17yoA2SkhTY1CJEhe0cZXfeVS0
WMyc4MiuqPpXHTJGAihMjprZz4Mi3NkG0ZwFBDB3BmjIPKJUGVloOfKpX1YAJ6XX
TnQ0s1aZkjcfcoYg6CqJHPnWZvFLYREHSagRPxJy5kOUwwDUAJAsTNqWrsyFGY1V
KZCFU0Ktgv5l/Q==
-----END CERTIFICATE-----