Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft
File:                     YDe79svKAic6peIbuIjj4exnZ98.mft (raw, json)
Hash identifier:          3yNb4TW7QCWRmdFNEjl4lwlHMdgewjX8bbbLtkZWXnk=
Subject key identifier:   75:1F:40:92:C7:FE:5D:07:18:34:6D:19:4B:15:96:8E:A6:58:A1:DB
Authority key identifier: 60:37:BB:F6:CB:CA:02:27:3A:A5:E2:1B:B8:88:E3:E1:EC:67:67:DF
Certificate issuer:       /CN=6037bbf6cbca02273aa5e21bb888e3e1ec6767df
Certificate serial:       019CAD22FEBF78E399ECE873E03B04455510
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YDe79svKAic6peIbuIjj4exnZ98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft
Manifest number:          0D68
Signing time:             Mon 02 Mar 2026 06:01:17 +0000
Manifest this update:     Mon 02 Mar 2026 06:01:17 +0000
Manifest next update:     Tue 03 Mar 2026 06:01:17 +0000
Files and hashes:         1: YDe79svKAic6peIbuIjj4exnZ98.crl (hash: Zolxzsss1OKOGXN3wzQgeeRKsuO2W0jrXDp2np+bKKM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YDe79svKAic6peIbuIjj4exnZ98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 06:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:22:fe:bf:78:e3:99:ec:e8:73:e0:3b:04:45:55:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6037bbf6cbca02273aa5e21bb888e3e1ec6767df
        Validity
            Not Before: Mar  2 06:01:17 2026 GMT
            Not After : Mar  3 06:01:17 2026 GMT
        Subject: CN=751f4092c7fe5d0718346d194b15968ea658a1db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:3c:05:4f:4e:0d:1f:01:8f:93:48:37:e6:79:
                    15:75:2e:a2:dc:76:68:8b:f7:c4:c9:88:12:12:e8:
                    35:87:b5:e4:5e:22:74:62:88:78:80:0b:1b:b9:0c:
                    e0:10:e1:84:91:94:ab:1e:86:2d:4a:de:01:dd:05:
                    38:39:ea:03:ef:fb:3f:02:68:fa:0d:4e:5c:c2:4a:
                    68:7c:68:1e:27:7f:7f:3d:48:1e:0a:73:2e:53:1d:
                    d7:18:f9:8d:43:dc:35:70:62:5e:8d:bf:68:e3:26:
                    1c:a2:10:bd:81:ad:56:dd:b5:d2:f3:32:2b:ab:91:
                    c8:2e:ba:48:c0:0d:39:4d:59:33:1f:b3:e8:bf:81:
                    fb:4b:f1:f1:37:51:2f:d6:c9:66:a3:c2:1b:26:22:
                    51:e4:90:2f:4d:1d:86:26:d1:38:c6:09:ba:77:ff:
                    c8:93:12:ea:9e:0f:a9:61:83:17:58:57:bb:bf:9b:
                    37:dc:ed:bc:dd:e3:8a:40:98:9e:da:39:e2:03:56:
                    80:4e:12:dc:9d:fa:a8:2c:b9:b7:42:ca:83:5b:57:
                    47:fc:ee:ce:18:9c:ac:db:c2:d2:37:df:22:73:6f:
                    bf:25:aa:a7:0f:8f:62:74:4f:36:b3:5f:0c:29:47:
                    a7:c3:7a:a8:32:77:ef:10:70:5a:b5:78:06:61:b3:
                    1f:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:1F:40:92:C7:FE:5D:07:18:34:6D:19:4B:15:96:8E:A6:58:A1:DB
            X509v3 Authority Key Identifier:
                keyid:60:37:BB:F6:CB:CA:02:27:3A:A5:E2:1B:B8:88:E3:E1:EC:67:67:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDe79svKAic6peIbuIjj4exnZ98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:0d:b6:f6:31:28:be:c6:10:34:04:ff:90:96:70:50:ba:e4:
         82:76:81:8b:5d:11:30:c2:85:22:3b:fd:31:a8:47:2b:e9:16:
         7e:36:d4:49:2e:6a:49:c3:0d:f8:02:c4:9d:9b:6a:6d:f5:26:
         be:2d:0c:36:85:55:62:c6:e9:03:7e:b5:d0:e0:61:00:6f:1c:
         be:6e:9f:d9:ed:59:e5:4b:b6:ed:e8:ab:39:78:ae:f8:2d:fc:
         1b:a1:42:bd:39:e4:57:69:61:51:b9:65:02:b6:7b:a6:e8:47:
         72:92:59:28:d0:93:5d:c0:80:df:75:6c:81:63:94:e6:72:12:
         23:fc:64:ad:7c:d4:09:a8:ca:76:09:2e:f0:e8:ab:4e:8d:5a:
         9c:75:f3:36:47:95:2e:84:77:5b:47:a6:4b:56:15:eb:83:c9:
         55:43:df:c4:07:05:bf:ab:53:72:c2:d7:dd:78:17:17:79:67:
         d0:c2:93:17:3f:b2:6c:4c:f9:d2:8a:fb:1b:cf:e8:9f:ae:ce:
         5e:72:06:f8:11:d2:19:ba:6b:f2:1f:72:dd:7f:5d:09:c4:ca:
         1f:4b:fb:06:b4:45:3e:71:66:e6:29:d3:c1:c7:a8:8f:c6:a2:
         ab:fb:5c:ea:4f:cf:1f:87:6c:d3:80:1f:c6:91:1c:c0:d8:18:
         c8:3d:b6:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytIv6/eOOZ7Ohz4DsERVUQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzdiYmY2Y2JjYTAyMjczYWE1ZTIxYmI4ODhlM2UxZWM2
NzY3ZGYwHhcNMjYwMzAyMDYwMTE3WhcNMjYwMzAzMDYwMTE3WjAzMTEwLwYDVQQD
Eyg3NTFmNDA5MmM3ZmU1ZDA3MTgzNDZkMTk0YjE1OTY4ZWE2NThhMWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjwFT04NHwGPk0g35nkVdS6i3HZo
i/fEyYgSEug1h7XkXiJ0Yoh4gAsbuQzgEOGEkZSrHoYtSt4B3QU4OeoD7/s/Amj6
DU5cwkpofGgeJ39/PUgeCnMuUx3XGPmNQ9w1cGJejb9o4yYcohC9ga1W3bXS8zIr
q5HILrpIwA05TVkzH7Pov4H7S/HxN1Ev1slmo8IbJiJR5JAvTR2GJtE4xgm6d//I
kxLqng+pYYMXWFe7v5s33O283eOKQJie2jniA1aAThLcnfqoLLm3QsqDW1dH/O7O
GJys28LSN98ic2+/JaqnD49idE82s18MKUenw3qoMnfvEHBatXgGYbMfsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHUfQJLH/l0HGDRtGUsVlo6mWKHbMB8GA1UdIwQY
MBaAFGA3u/bLygInOqXiG7iI4+HsZ2ffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURlNzlzdktBaWM2cGVJYnVJamo0ZXhuWjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC82NGUyMGMtOGY2MS00MzUxLTgwNzct
ZmMzYjNlMTExNjFkLzEvWURlNzlzdktBaWM2cGVJYnVJamo0ZXhuWjk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC82NGUyMGMtOGY2MS00MzUxLTgwNzctZmMzYjNlMTExNjFk
LzEvWURlNzlzdktBaWM2cGVJYnVJamo0ZXhuWjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArA229jEo
vsYQNAT/kJZwULrkgnaBi10RMMKFIjv9MahHK+kWfjbUSS5qScMN+ALEnZtqbfUm
vi0MNoVVYsbpA3610OBhAG8cvm6f2e1Z5Uu27eirOXiu+C38G6FCvTnkV2lhUbll
ArZ7puhHcpJZKNCTXcCA33VsgWOU5nISI/xkrXzUCajKdgku8OirTo1anHXzNkeV
LoR3W0emS1YV64PJVUPfxAcFv6tTcsLX3XgXF3ln0MKTFz+ybEz50or7G8/on67O
XnIG+BHSGbpr8h9y3X9dCcTKH0v7BrRFPnFm5inTwceoj8aiq/tc6k/PH4ds04Af
xpEcwNgYyD229w==
-----END CERTIFICATE-----