Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
File:                     YA09DkcUJu84PjkRODpJg78idkQ.mft (raw, json)
Hash identifier:          xa0zSG59DB16c83LvOiG4OnVf+jb04eG87lVYn7WBz8=
Subject key identifier:   04:1A:55:B3:3B:D1:F7:7C:A1:A6:2B:37:9A:EC:61:2A:E3:89:75:A0
Authority key identifier: 60:0D:3D:0E:47:14:26:EF:38:3E:39:11:38:3A:49:83:BF:22:76:44
Certificate issuer:       /CN=600d3d0e471426ef383e3911383a4983bf227644
Certificate serial:       019CAAC68C049EA007C92862DCEC106E25C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
Manifest number:          0517
Signing time:             Sun 01 Mar 2026 19:01:04 +0000
Manifest this update:     Sun 01 Mar 2026 19:01:04 +0000
Manifest next update:     Mon 02 Mar 2026 19:01:04 +0000
Files and hashes:         1: YA09DkcUJu84PjkRODpJg78idkQ.crl (hash: 9eV29VVMErFH1lJTJOctrAmo0ZaP0OI/4X3qCjyaVbQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:8c:04:9e:a0:07:c9:28:62:dc:ec:10:6e:25:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=600d3d0e471426ef383e3911383a4983bf227644
        Validity
            Not Before: Mar  1 19:01:04 2026 GMT
            Not After : Mar  2 19:01:04 2026 GMT
        Subject: CN=041a55b33bd1f77ca1a62b379aec612ae38975a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:f3:09:a6:af:db:77:a3:e7:d8:7b:95:7b:74:
                    a0:56:29:c6:1b:75:56:22:9b:a5:93:9a:2f:0f:43:
                    18:d4:b0:37:b6:f7:1d:cf:05:c8:73:d1:7d:93:33:
                    28:94:d3:41:4c:5f:73:73:2c:b0:1a:6d:d7:2c:d6:
                    74:4f:3d:10:da:26:a0:39:93:a1:d8:b4:54:d1:36:
                    86:55:20:44:82:b3:d4:79:9e:c6:7f:f2:d9:2d:8b:
                    4d:41:d7:d4:5c:4f:09:3a:5a:fe:ab:b4:06:ee:a4:
                    a3:75:9e:ec:01:62:55:62:c8:dc:32:ef:28:cc:d1:
                    0b:eb:39:e4:1e:6b:e5:1e:f1:af:37:8e:fb:b1:e2:
                    ed:42:af:e1:9f:82:30:7b:5e:b3:7f:68:d1:e4:84:
                    6b:5f:6d:e9:32:bf:40:b3:0b:7e:0e:34:64:e3:68:
                    2b:c6:0c:cb:de:dd:e5:d7:e4:da:15:61:7d:04:9a:
                    a1:a4:7c:96:f8:c2:93:2b:10:6f:74:79:22:92:f3:
                    9a:5c:5a:ea:bc:e6:39:bf:2c:08:96:74:79:e9:eb:
                    76:aa:58:c2:e1:33:e0:15:4a:66:50:3f:ba:b4:d5:
                    84:1d:b7:55:ef:83:37:5e:8e:72:77:90:bc:61:2b:
                    e6:13:ce:5f:bd:30:3d:d1:71:30:f6:13:06:ef:69:
                    a1:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:1A:55:B3:3B:D1:F7:7C:A1:A6:2B:37:9A:EC:61:2A:E3:89:75:A0
            X509v3 Authority Key Identifier:
                keyid:60:0D:3D:0E:47:14:26:EF:38:3E:39:11:38:3A:49:83:BF:22:76:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YA09DkcUJu84PjkRODpJg78idkQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/1af51b-7b17-4980-98c7-3c2fa8aaf031/1/YA09DkcUJu84PjkRODpJg78idkQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:14:61:0b:78:a4:69:8e:d8:aa:a5:48:b6:56:91:59:97:29:
         27:d3:3e:38:70:f6:a1:79:7a:11:5a:6b:9b:50:51:b2:44:b7:
         4b:39:2a:66:3a:6c:3d:74:81:b7:0d:ef:a6:be:7a:1e:2a:f7:
         37:81:f3:48:e7:79:c3:02:01:97:98:ed:be:52:68:66:0d:d4:
         64:de:01:93:d2:4a:32:e7:fe:0e:51:b3:ab:d2:5b:ae:41:79:
         9a:bd:56:eb:4b:47:fd:b3:4c:c1:68:b3:93:29:f2:9f:16:7c:
         04:3a:c9:dd:5a:c1:31:f6:0e:fc:fe:d1:d9:fd:9b:b4:6e:e4:
         f8:8d:63:52:9d:17:70:60:3b:61:d0:48:2a:c8:2d:cf:1e:ec:
         cd:02:eb:27:9f:ca:3e:de:61:cf:75:8f:8a:54:ce:c7:c2:ef:
         1f:44:ec:65:92:cc:ca:c0:3d:b0:c4:a0:31:a9:da:b2:f7:be:
         b8:bb:c7:ca:03:f5:77:21:af:ac:0a:ca:13:9e:14:02:5d:88:
         48:c9:e9:ad:43:a0:fd:36:6b:68:8e:9a:39:bd:71:48:93:ef:
         1b:4c:05:5c:32:11:40:83:23:6e:95:79:87:28:04:6a:55:d9:
         66:06:7b:89:00:dd:60:aa:e7:3a:53:d9:95:49:f7:37:3f:0c:
         a0:ac:aa:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxowEnqAHyShi3OwQbiXGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMGQzZDBlNDcxNDI2ZWYzODNlMzkxMTM4M2E0OTgzYmYy
Mjc2NDQwHhcNMjYwMzAxMTkwMTA0WhcNMjYwMzAyMTkwMTA0WjAzMTEwLwYDVQQD
EygwNDFhNTViMzNiZDFmNzdjYTFhNjJiMzc5YWVjNjEyYWUzODk3NWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvMJpq/bd6Pn2HuVe3SgVinGG3VW
Ipulk5ovD0MY1LA3tvcdzwXIc9F9kzMolNNBTF9zcyywGm3XLNZ0Tz0Q2iagOZOh
2LRU0TaGVSBEgrPUeZ7Gf/LZLYtNQdfUXE8JOlr+q7QG7qSjdZ7sAWJVYsjcMu8o
zNEL6znkHmvlHvGvN477seLtQq/hn4Iwe16zf2jR5IRrX23pMr9Aswt+DjRk42gr
xgzL3t3l1+TaFWF9BJqhpHyW+MKTKxBvdHkikvOaXFrqvOY5vywIlnR56et2qljC
4TPgFUpmUD+6tNWEHbdV74M3Xo5yd5C8YSvmE85fvTA90XEw9hMG72mhnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAQaVbM70fd8oaYrN5rsYSrjiXWgMB8GA1UdIwQY
MBaAFGANPQ5HFCbvOD45ETg6SYO/InZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8xYWY1MWItN2IxNy00OTgwLTk4Yzct
M2MyZmE4YWFmMDMxLzEvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8xYWY1MWItN2IxNy00OTgwLTk4YzctM2MyZmE4YWFmMDMx
LzEvWUEwOURrY1VKdTg0UGprUk9EcEpnNzhpZGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADhRhC3ik
aY7YqqVItlaRWZcpJ9M+OHD2oXl6EVprm1BRskS3SzkqZjpsPXSBtw3vpr56Hir3
N4HzSOd5wwIBl5jtvlJoZg3UZN4Bk9JKMuf+DlGzq9JbrkF5mr1W60tH/bNMwWiz
kynynxZ8BDrJ3VrBMfYO/P7R2f2btG7k+I1jUp0XcGA7YdBIKsgtzx7szQLrJ5/K
Pt5hz3WPilTOx8LvH0TsZZLMysA9sMSgManasve+uLvHygP1dyGvrArKE54UAl2I
SMnprUOg/TZraI6aOb1xSJPvG0wFXDIRQIMjbpV5hygEalXZZgZ7iQDdYKrnOlPZ
lUn3Nz8MoKyqKg==
-----END CERTIFICATE-----