Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.mft
File:                     yjzk270E4HrOGTf4ChWvc5m4Aw4.mft (raw, json)
Hash identifier:          Ewtf7Kim0Q6ucfYfn8mLYXZFtx7laqeeEuv1zSVkCm8=
Subject key identifier:   DA:AF:B0:F0:9A:DB:0F:DF:A3:93:D0:D9:CB:26:3E:D8:28:16:CA:69
Authority key identifier: CA:3C:E4:DB:BD:04:E0:7A:CE:19:37:F8:0A:15:AF:73:99:B8:03:0E
Certificate issuer:       /CN=ca3ce4dbbd04e07ace1937f80a15af7399b8030e
Certificate serial:       019CAA8F8D144A4CD20C5D59E6F18CEED07A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yjzk270E4HrOGTf4ChWvc5m4Aw4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.mft
Manifest number:          07DC
Signing time:             Sun 01 Mar 2026 18:01:00 +0000
Manifest this update:     Sun 01 Mar 2026 18:01:00 +0000
Manifest next update:     Mon 02 Mar 2026 18:01:00 +0000
Files and hashes:         1: yjzk270E4HrOGTf4ChWvc5m4Aw4.crl (hash: GW+o/9tcsg6WCDv/aiCrx8kFxVviSib6HmL3c2mCkRM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yjzk270E4HrOGTf4ChWvc5m4Aw4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:8f:8d:14:4a:4c:d2:0c:5d:59:e6:f1:8c:ee:d0:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca3ce4dbbd04e07ace1937f80a15af7399b8030e
        Validity
            Not Before: Mar  1 18:01:00 2026 GMT
            Not After : Mar  2 18:01:00 2026 GMT
        Subject: CN=daafb0f09adb0fdfa393d0d9cb263ed82816ca69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:0b:65:cb:f3:93:b5:98:a3:0c:36:e3:78:92:
                    48:8a:3f:e5:ed:0b:ba:9f:4a:07:70:44:e3:40:40:
                    e9:b6:02:42:d5:61:06:9e:a6:25:b4:40:ba:c0:f6:
                    74:38:f3:c3:99:e3:bf:3b:df:f8:9a:9e:4c:2f:3c:
                    36:4c:9d:04:b7:d5:15:eb:a5:36:ed:4e:29:4b:32:
                    0e:ed:e7:8c:76:c2:b8:9d:ed:66:0d:75:45:6b:48:
                    5e:d1:cb:34:86:52:db:a0:2f:12:b6:bb:91:70:2a:
                    29:17:ba:d8:05:83:7c:88:d6:81:bb:58:d6:d7:d8:
                    dd:93:1e:1d:61:db:52:8c:d2:90:50:40:1e:6d:84:
                    83:20:2b:3a:09:25:59:51:58:45:9f:bf:98:d2:9e:
                    ca:2a:44:05:c6:3b:cd:11:85:54:e2:22:56:39:7c:
                    ad:05:08:93:81:50:38:6d:e5:6b:c7:70:bc:3e:03:
                    d0:4c:ec:a1:b3:05:f1:06:fe:75:d5:ad:c1:83:88:
                    50:23:be:9d:e7:fa:38:dc:d8:10:12:d9:b0:3b:51:
                    7a:ab:08:df:81:c1:af:e1:60:a6:ab:2d:27:fa:2e:
                    b5:c8:1f:47:81:63:37:b8:3d:f2:47:23:8c:7a:87:
                    0e:26:4d:e6:d9:28:e5:26:77:88:f6:27:31:76:b3:
                    92:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:AF:B0:F0:9A:DB:0F:DF:A3:93:D0:D9:CB:26:3E:D8:28:16:CA:69
            X509v3 Authority Key Identifier:
                keyid:CA:3C:E4:DB:BD:04:E0:7A:CE:19:37:F8:0A:15:AF:73:99:B8:03:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjzk270E4HrOGTf4ChWvc5m4Aw4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:25:c9:e3:d9:05:61:3c:0c:3b:29:c6:d3:b8:e8:91:4f:92:
         97:00:30:3d:02:dd:4e:37:d1:20:84:7c:64:20:6f:02:33:12:
         80:0c:76:69:c8:7a:ad:7f:48:22:46:dc:9c:00:15:47:b4:55:
         ca:65:2c:12:0e:0e:b6:c0:88:0c:2e:66:75:82:cc:1b:0b:cf:
         23:a3:1a:2a:8e:26:f4:fd:9a:fa:ee:71:aa:5b:9d:f9:a7:6a:
         07:bc:a6:ba:22:b1:82:2c:b6:ff:d9:46:62:9b:4e:69:e9:ec:
         5a:5d:59:2d:1b:69:46:dd:5b:a0:92:e4:3b:73:1e:3a:02:42:
         e7:41:50:86:2d:30:b1:be:95:55:18:80:3a:0a:27:00:97:9c:
         cf:77:f6:b7:08:bd:ba:d3:5d:98:79:88:f8:ac:93:1f:18:7b:
         e0:75:de:fa:b4:79:06:89:ba:15:2c:f7:b8:b6:d5:51:14:21:
         cb:8e:7c:09:a1:6b:d5:68:cf:9d:db:8e:85:a4:1c:90:c6:49:
         8f:6a:b5:c1:80:29:99:8f:db:a8:08:04:14:33:bb:12:ab:d8:
         f1:35:1f:7a:40:86:55:dd:d7:ea:47:55:5c:8e:37:03:bf:33:
         ed:8d:a3:0d:f2:8f:e5:7d:75:16:38:71:03:72:bd:0a:51:79:
         d1:ca:ae:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqj40USkzSDF1Z5vGM7tB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhM2NlNGRiYmQwNGUwN2FjZTE5MzdmODBhMTVhZjczOTli
ODAzMGUwHhcNMjYwMzAxMTgwMTAwWhcNMjYwMzAyMTgwMTAwWjAzMTEwLwYDVQQD
EyhkYWFmYjBmMDlhZGIwZmRmYTM5M2QwZDljYjI2M2VkODI4MTZjYTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQtly/OTtZijDDbjeJJIij/l7Qu6
n0oHcETjQEDptgJC1WEGnqYltEC6wPZ0OPPDmeO/O9/4mp5MLzw2TJ0Et9UV66U2
7U4pSzIO7eeMdsK4ne1mDXVFa0he0cs0hlLboC8StruRcCopF7rYBYN8iNaBu1jW
19jdkx4dYdtSjNKQUEAebYSDICs6CSVZUVhFn7+Y0p7KKkQFxjvNEYVU4iJWOXyt
BQiTgVA4beVrx3C8PgPQTOyhswXxBv511a3Bg4hQI76d5/o43NgQEtmwO1F6qwjf
gcGv4WCmqy0n+i61yB9HgWM3uD3yRyOMeocOJk3m2SjlJneI9icxdrOSMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNqvsPCa2w/fo5PQ2csmPtgoFsppMB8GA1UdIwQY
MBaAFMo85Nu9BOB6zhk3+AoVr3OZuAMOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWp6azI3MEU0SHJPR1RmNENoV3ZjNW00QXc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hNWQ5YTMtYzQ1NC00YjdlLTgwMGQt
NjE3Y2QzZGYzOTViLzEveWp6azI3MEU0SHJPR1RmNENoV3ZjNW00QXc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9hNWQ5YTMtYzQ1NC00YjdlLTgwMGQtNjE3Y2QzZGYzOTVi
LzEveWp6azI3MEU0SHJPR1RmNENoV3ZjNW00QXc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARyXJ49kF
YTwMOynG07jokU+SlwAwPQLdTjfRIIR8ZCBvAjMSgAx2ach6rX9IIkbcnAAVR7RV
ymUsEg4OtsCIDC5mdYLMGwvPI6MaKo4m9P2a+u5xqlud+adqB7ymuiKxgiy2/9lG
YptOaensWl1ZLRtpRt1boJLkO3MeOgJC50FQhi0wsb6VVRiAOgonAJecz3f2twi9
utNdmHmI+KyTHxh74HXe+rR5Bom6FSz3uLbVURQhy458CaFr1WjPnduOhaQckMZJ
j2q1wYApmY/bqAgEFDO7EqvY8TUfekCGVd3X6kdVXI43A78z7Y2jDfKP5X11Fjhx
A3K9ClF50cqulg==
-----END CERTIFICATE-----