Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
File:                     YNJSouMVOM2lhXutCYPIvfVYsXs.mft (raw, json)
Hash identifier:          YZscDm8eamq3xlaWnmgJzOJwHzKdC2tba81hsjV3p/A=
Subject key identifier:   47:A0:2A:0B:0A:16:11:0C:39:1C:61:0E:01:99:BC:DC:6D:2F:22:FF
Authority key identifier: 60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B
Certificate issuer:       /CN=60d252a2e31538cda5857bad0983c8bdf558b17b
Certificate serial:       019CAB6B1402FF8BB1996D491A1BFD8D0D55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
Manifest number:          0B87
Signing time:             Sun 01 Mar 2026 22:00:47 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:47 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:47 +0000
Files and hashes:         1: YNJSouMVOM2lhXutCYPIvfVYsXs.crl (hash: h3tICaPASJhy0vVVJL3xhYo8pb02Wg+q/Ohjs9UIcm0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:14:02:ff:8b:b1:99:6d:49:1a:1b:fd:8d:0d:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60d252a2e31538cda5857bad0983c8bdf558b17b
        Validity
            Not Before: Mar  1 22:00:47 2026 GMT
            Not After : Mar  2 22:00:47 2026 GMT
        Subject: CN=47a02a0b0a16110c391c610e0199bcdc6d2f22ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:ae:21:f4:fa:ee:8a:f9:53:cf:e4:6b:29:ae:
                    8c:98:d5:ed:17:29:2d:01:2a:5e:e9:32:10:52:e6:
                    19:e7:ab:af:da:8b:58:d1:32:e0:e2:43:c6:9d:1b:
                    63:cb:78:0d:99:24:83:eb:17:f7:67:b2:29:25:04:
                    75:46:33:35:23:d1:73:85:70:d8:6b:fb:56:ce:70:
                    7d:33:7b:75:6e:4b:93:3b:01:21:ad:a1:af:ca:84:
                    7d:49:b1:d2:b4:be:56:c3:d5:a3:81:9c:71:74:51:
                    53:cd:d6:37:4c:9e:99:1e:bb:88:2b:aa:04:d7:db:
                    57:c3:16:ab:d2:b1:f9:04:e4:c4:fa:94:61:23:09:
                    2a:90:aa:7f:56:2a:93:88:05:09:df:43:75:84:60:
                    77:6a:e1:ad:d9:69:1f:75:cc:2c:99:91:83:a3:b1:
                    00:70:95:f6:04:96:5e:b0:61:5b:40:98:e9:2d:69:
                    58:e3:3a:e3:1d:05:7d:57:c0:35:aa:c0:3b:b3:76:
                    b4:71:b5:66:d6:44:65:f6:4e:48:4c:ee:2f:2a:2a:
                    0a:6d:27:15:9e:55:15:44:a4:3e:03:c0:2d:b4:9c:
                    9c:0e:45:f5:c9:e4:8e:77:54:88:fb:43:5a:d2:be:
                    2f:2f:c5:ec:33:2b:0e:de:70:2d:31:b5:4b:ef:7c:
                    95:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:A0:2A:0B:0A:16:11:0C:39:1C:61:0E:01:99:BC:DC:6D:2F:22:FF
            X509v3 Authority Key Identifier:
                keyid:60:D2:52:A2:E3:15:38:CD:A5:85:7B:AD:09:83:C8:BD:F5:58:B1:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNJSouMVOM2lhXutCYPIvfVYsXs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/a17ddf-9ba6-4395-aae6-566f6cf431c0/1/YNJSouMVOM2lhXutCYPIvfVYsXs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:eb:49:fb:b1:6f:7e:ef:34:db:19:25:7d:4d:75:76:e7:82:
         c4:be:73:6d:01:bd:0f:a8:22:21:bb:9f:9e:b6:d9:c2:64:43:
         2f:c1:3f:93:d5:c8:90:7b:a1:51:c9:ce:9c:5c:39:f9:87:50:
         cc:a9:b0:37:c3:f5:8e:23:aa:ac:1b:89:3c:db:6c:02:52:bc:
         de:62:37:22:5c:1e:ab:a7:df:41:bc:0d:b7:00:60:db:43:81:
         cf:8c:34:cd:53:cc:17:eb:7c:3a:6b:c0:ba:cf:30:09:43:47:
         9d:a9:c0:e2:63:21:ff:aa:9d:cf:49:b3:78:6e:40:b6:f4:e2:
         8b:cc:c1:f5:fc:67:83:2c:ee:fe:8b:ed:8d:0e:d6:6f:31:fc:
         70:a4:b0:42:f1:7b:f1:54:ab:77:3d:2e:a6:b1:76:60:01:69:
         30:2e:22:12:ff:93:37:98:f0:0a:85:28:b3:f2:46:6f:32:51:
         75:83:38:41:cf:c0:99:5d:28:4e:d9:2c:3a:7f:78:3d:79:d8:
         8a:27:33:da:65:11:6a:01:d0:1f:27:0d:df:48:b1:f2:b6:7a:
         38:ea:7b:7a:30:6d:3e:71:2a:0a:ad:f7:ad:d2:d8:fd:68:d5:
         5d:ec:ed:74:f7:fc:5f:18:39:ab:67:f7:ce:f4:0e:f5:ff:99:
         5a:4a:db:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyraxQC/4uxmW1JGhv9jQ1VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZDI1MmEyZTMxNTM4Y2RhNTg1N2JhZDA5ODNjOGJkZjU1
OGIxN2IwHhcNMjYwMzAxMjIwMDQ3WhcNMjYwMzAyMjIwMDQ3WjAzMTEwLwYDVQQD
Eyg0N2EwMmEwYjBhMTYxMTBjMzkxYzYxMGUwMTk5YmNkYzZkMmYyMmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy64h9PruivlTz+RrKa6MmNXtFykt
ASpe6TIQUuYZ56uv2otY0TLg4kPGnRtjy3gNmSSD6xf3Z7IpJQR1RjM1I9FzhXDY
a/tWznB9M3t1bkuTOwEhraGvyoR9SbHStL5Ww9WjgZxxdFFTzdY3TJ6ZHruIK6oE
19tXwxar0rH5BOTE+pRhIwkqkKp/ViqTiAUJ30N1hGB3auGt2WkfdcwsmZGDo7EA
cJX2BJZesGFbQJjpLWlY4zrjHQV9V8A1qsA7s3a0cbVm1kRl9k5ITO4vKioKbScV
nlUVRKQ+A8AttJycDkX1yeSOd1SI+0Na0r4vL8XsMysO3nAtMbVL73yVnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEegKgsKFhEMORxhDgGZvNxtLyL/MB8GA1UdIwQY
MBaAFGDSUqLjFTjNpYV7rQmDyL31WLF7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYt
NTY2ZjZjZjQzMWMwLzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9hMTdkZGYtOWJhNi00Mzk1LWFhZTYtNTY2ZjZjZjQzMWMw
LzEvWU5KU291TVZPTTJsaFh1dENZUEl2ZlZZc1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIutJ+7Fv
fu802xklfU11dueCxL5zbQG9D6giIbufnrbZwmRDL8E/k9XIkHuhUcnOnFw5+YdQ
zKmwN8P1jiOqrBuJPNtsAlK83mI3Ilweq6ffQbwNtwBg20OBz4w0zVPMF+t8OmvA
us8wCUNHnanA4mMh/6qdz0mzeG5AtvTii8zB9fxngyzu/ovtjQ7WbzH8cKSwQvF7
8VSrdz0uprF2YAFpMC4iEv+TN5jwCoUos/JGbzJRdYM4Qc/AmV0oTtksOn94PXnY
iicz2mURagHQHycN30ix8rZ6OOp7ejBtPnEqCq33rdLY/WjVXeztdPf8Xxg5q2f3
zvQO9f+ZWkrb1Q==
-----END CERTIFICATE-----