Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
File:                     _ypds7oz42wW2_UmCy_idK5_siI.mft (raw, json)
Hash identifier:          KBUUTT4ZZbUDBsDSf5sZ5NU9zxnyEe70jUWjsEWkXyY=
Subject key identifier:   1A:D1:C0:34:E8:27:06:ED:48:CB:B1:50:9F:3D:FA:1D:2F:89:3B:5C
Authority key identifier: FF:2A:5D:B3:BA:33:E3:6C:16:DB:F5:26:0B:2F:E2:74:AE:7F:B2:22
Certificate issuer:       /CN=ff2a5db3ba33e36c16dbf5260b2fe274ae7fb222
Certificate serial:       019CAAC64175E569132458A4F9145F947531
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
Manifest number:          0F25
Signing time:             Sun 01 Mar 2026 19:00:45 +0000
Manifest this update:     Sun 01 Mar 2026 19:00:45 +0000
Manifest next update:     Mon 02 Mar 2026 19:00:45 +0000
Files and hashes:         1: _ypds7oz42wW2_UmCy_idK5_siI.crl (hash: jZOFZYIgdEgJdZfrL+79ZK0eE/ITTYSf0P0QODV8Ul8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:41:75:e5:69:13:24:58:a4:f9:14:5f:94:75:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff2a5db3ba33e36c16dbf5260b2fe274ae7fb222
        Validity
            Not Before: Mar  1 19:00:45 2026 GMT
            Not After : Mar  2 19:00:45 2026 GMT
        Subject: CN=1ad1c034e82706ed48cbb1509f3dfa1d2f893b5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:b2:40:57:ba:87:d3:86:ec:7c:d3:60:da:62:
                    a2:4a:21:c6:76:f4:21:61:b4:5c:9f:f1:52:c7:52:
                    51:60:f8:43:0e:c7:b6:ba:6e:9e:93:e4:84:2d:ad:
                    72:c0:25:cb:6e:10:d3:9c:50:3c:c0:3e:61:87:4b:
                    fe:e2:51:0d:aa:6a:85:e2:db:b8:a4:a7:6f:9a:63:
                    1a:ed:71:2f:f9:7d:98:c0:f3:fa:fe:48:9d:5e:67:
                    83:05:43:28:c0:68:2d:93:af:c1:0c:53:f1:1a:44:
                    87:b7:41:38:63:b4:58:f4:4e:a0:73:5d:e7:29:e9:
                    d4:a6:f0:3d:b1:a1:84:7b:15:6f:bf:c9:e6:a6:d5:
                    a5:8f:01:9a:da:62:b3:0b:76:74:38:47:55:15:3c:
                    2b:9e:15:2f:56:40:63:3e:0f:de:65:ee:e3:c0:4b:
                    13:58:e8:01:59:1f:2f:74:30:30:9b:2f:ef:4b:20:
                    88:cc:f3:1a:d6:f7:7a:d6:99:5c:a8:64:41:99:79:
                    38:ca:1f:74:66:fc:e1:f0:08:4f:50:44:ce:05:ff:
                    7c:47:b1:63:0f:4d:66:66:74:76:1f:23:06:85:cd:
                    68:89:0a:67:46:25:00:f3:b0:ca:40:e8:e2:f4:53:
                    fd:a0:50:dd:54:15:cb:d0:8f:b3:18:1f:b5:fa:3e:
                    9e:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:D1:C0:34:E8:27:06:ED:48:CB:B1:50:9F:3D:FA:1D:2F:89:3B:5C
            X509v3 Authority Key Identifier:
                keyid:FF:2A:5D:B3:BA:33:E3:6C:16:DB:F5:26:0B:2F:E2:74:AE:7F:B2:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ypds7oz42wW2_UmCy_idK5_siI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/5df710-df86-42c0-8aa2-5260cd5c24c3/1/_ypds7oz42wW2_UmCy_idK5_siI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:86:8a:09:1b:2f:0c:38:8d:b2:77:bb:37:03:2e:5c:94:82:
         2f:9e:02:00:be:dc:e7:16:42:76:66:cc:17:58:bf:d7:5a:88:
         ba:c6:02:7c:09:26:b8:10:46:9d:6b:91:53:96:cb:73:4e:3f:
         8b:a1:1b:4b:e1:e7:8c:94:c9:43:ac:4d:f8:2d:3e:20:12:21:
         f3:e5:db:3d:d4:91:56:43:7f:b1:ef:e7:1f:84:62:15:ef:4b:
         79:b8:10:01:f1:d8:c1:8a:a6:e7:5d:84:d1:b8:31:2d:2e:e8:
         21:06:e9:ab:72:a3:7d:6c:d8:51:b8:09:9e:ed:fc:43:bd:fd:
         23:20:aa:30:2b:9b:08:bd:99:a1:9b:1f:f7:08:91:5c:26:de:
         e0:5d:05:3c:16:61:54:4f:87:ce:f8:65:9d:68:34:cc:a7:3f:
         bf:b5:30:9d:81:97:9b:3a:dd:17:e1:f3:9c:49:fd:c5:a2:b0:
         c3:3f:61:a2:64:e9:b9:cc:7f:06:45:75:a2:d1:27:3d:c4:02:
         e7:cd:a1:33:c6:36:3a:0d:18:d6:4c:76:41:69:ca:2d:ca:89:
         ce:ab:73:f2:a3:e4:b2:fe:9c:a5:f7:b9:6e:d9:8e:35:b6:87:
         86:8a:c7:35:99:4d:f5:eb:cd:f2:f4:0f:67:a7:63:3c:8a:19:
         4e:8a:46:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxkF15WkTJFik+RRflHUxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMmE1ZGIzYmEzM2UzNmMxNmRiZjUyNjBiMmZlMjc0YWU3
ZmIyMjIwHhcNMjYwMzAxMTkwMDQ1WhcNMjYwMzAyMTkwMDQ1WjAzMTEwLwYDVQQD
EygxYWQxYzAzNGU4MjcwNmVkNDhjYmIxNTA5ZjNkZmExZDJmODkzYjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7JAV7qH04bsfNNg2mKiSiHGdvQh
YbRcn/FSx1JRYPhDDse2um6ek+SELa1ywCXLbhDTnFA8wD5hh0v+4lENqmqF4tu4
pKdvmmMa7XEv+X2YwPP6/kidXmeDBUMowGgtk6/BDFPxGkSHt0E4Y7RY9E6gc13n
KenUpvA9saGEexVvv8nmptWljwGa2mKzC3Z0OEdVFTwrnhUvVkBjPg/eZe7jwEsT
WOgBWR8vdDAwmy/vSyCIzPMa1vd61plcqGRBmXk4yh90Zvzh8AhPUETOBf98R7Fj
D01mZnR2HyMGhc1oiQpnRiUA87DKQOji9FP9oFDdVBXL0I+zGB+1+j6esQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBrRwDToJwbtSMuxUJ89+h0viTtcMB8GA1UdIwQY
MBaAFP8qXbO6M+NsFtv1Jgsv4nSuf7IiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC81ZGY3MTAtZGY4Ni00MmMwLThhYTIt
NTI2MGNkNWMyNGMzLzEvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC81ZGY3MTAtZGY4Ni00MmMwLThhYTItNTI2MGNkNWMyNGMz
LzEvX3lwZHM3b3o0MndXMl9VbUN5X2lkSzVfc2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnIaKCRsv
DDiNsne7NwMuXJSCL54CAL7c5xZCdmbMF1i/11qIusYCfAkmuBBGnWuRU5bLc04/
i6EbS+HnjJTJQ6xN+C0+IBIh8+XbPdSRVkN/se/nH4RiFe9LebgQAfHYwYqm512E
0bgxLS7oIQbpq3KjfWzYUbgJnu38Q739IyCqMCubCL2ZoZsf9wiRXCbe4F0FPBZh
VE+HzvhlnWg0zKc/v7UwnYGXmzrdF+HznEn9xaKwwz9homTpucx/BkV1otEnPcQC
582hM8Y2Og0Y1kx2QWnKLcqJzqtz8qPksv6cpfe5btmONbaHhorHNZlN9evN8vQP
Z6djPIoZTopGdQ==
-----END CERTIFICATE-----