Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.mft
File:                     yGdv_eMX8uwbgQDS2dRKPn2PeNY.mft (raw, json)
Hash identifier:          1eDIwnMChWFg/dANuwUzoo02P92HudTNdtJTVFfV3GA=
Subject key identifier:   25:84:F6:98:C6:30:76:D5:FE:55:1F:39:E2:10:C0:AC:8C:E1:51:5F
Authority key identifier: C8:67:6F:FD:E3:17:F2:EC:1B:81:00:D2:D9:D4:4A:3E:7D:8F:78:D6
Certificate issuer:       /CN=c8676ffde317f2ec1b8100d2d9d44a3e7d8f78d6
Certificate serial:       019CAEA345F054E1A85EA93645242A1E5B74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yGdv_eMX8uwbgQDS2dRKPn2PeNY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.mft
Manifest number:          0F00
Signing time:             Mon 02 Mar 2026 13:01:01 +0000
Manifest this update:     Mon 02 Mar 2026 13:01:01 +0000
Manifest next update:     Tue 03 Mar 2026 13:01:01 +0000
Files and hashes:         1: yGdv_eMX8uwbgQDS2dRKPn2PeNY.crl (hash: AAHypOVz9lszUeaWDzC3pKWVX7Nve157mhfGC3FKEsA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yGdv_eMX8uwbgQDS2dRKPn2PeNY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 13:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ae:a3:45:f0:54:e1:a8:5e:a9:36:45:24:2a:1e:5b:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8676ffde317f2ec1b8100d2d9d44a3e7d8f78d6
        Validity
            Not Before: Mar  2 13:01:01 2026 GMT
            Not After : Mar  3 13:01:01 2026 GMT
        Subject: CN=2584f698c63076d5fe551f39e210c0ac8ce1515f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:4f:02:35:7a:1b:df:c4:50:03:4a:cf:50:c5:
                    2b:80:b3:63:fb:df:4f:25:9f:21:63:95:22:da:48:
                    c7:7f:13:5f:8c:4e:43:39:0e:58:55:62:1f:11:65:
                    ac:c2:ad:d2:49:a3:5f:8f:7a:84:49:6c:84:32:d3:
                    b8:bc:2a:36:d4:4a:a3:04:68:6f:e6:3a:f5:55:87:
                    8f:f4:94:94:51:80:a8:23:b7:41:2d:c6:6a:af:ca:
                    c7:74:41:6b:62:77:6c:39:64:af:e3:ff:89:7c:07:
                    70:d6:43:7b:0e:92:d9:73:cc:c8:f1:be:db:4c:ac:
                    84:82:a9:50:9b:54:5e:e9:1b:b5:3c:23:43:c4:36:
                    67:bb:fd:4d:af:5b:96:7a:5d:0a:ee:e1:b0:ef:54:
                    bf:6a:e0:6a:68:6d:27:b9:b5:42:0b:fe:97:69:c6:
                    9b:aa:4d:7c:2c:89:13:92:50:33:d2:12:ab:59:5c:
                    85:ba:42:3b:0c:b8:69:6c:7b:31:82:a4:bf:12:ae:
                    2f:bb:bc:76:e1:ff:03:21:34:8d:e3:fb:5f:13:c9:
                    08:0a:be:ae:9e:f7:84:19:70:ef:e2:09:cb:ac:83:
                    5e:0c:1b:dc:c6:b0:5e:6f:c6:a2:18:e8:0e:90:0f:
                    49:b0:73:82:99:d7:44:68:0d:6b:38:47:df:03:e2:
                    0c:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:84:F6:98:C6:30:76:D5:FE:55:1F:39:E2:10:C0:AC:8C:E1:51:5F
            X509v3 Authority Key Identifier:
                keyid:C8:67:6F:FD:E3:17:F2:EC:1B:81:00:D2:D9:D4:4A:3E:7D:8F:78:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGdv_eMX8uwbgQDS2dRKPn2PeNY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/49b307-fdca-4c57-afdf-709793cd0123/1/yGdv_eMX8uwbgQDS2dRKPn2PeNY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:17:56:e8:83:e6:f2:75:b5:f5:4e:c3:16:60:26:fc:18:2f:
         e9:e0:63:cf:7e:72:30:51:5a:7d:60:b1:be:db:e2:6e:1a:3b:
         47:55:6f:5a:3b:d0:f4:e0:22:8a:64:fb:84:d9:7c:b0:b9:cf:
         ac:d0:a4:ec:7b:5d:4f:b9:5a:ed:08:dd:55:83:26:46:f3:59:
         b0:71:6c:a8:be:b5:a9:96:f1:54:01:79:25:94:d9:fc:0a:a9:
         20:43:9a:bd:fb:a8:0f:2d:63:b1:b2:17:95:cd:cb:6c:fc:bb:
         a7:8b:9e:c1:bb:a2:98:5a:98:d4:9b:36:39:65:ce:87:e3:71:
         62:eb:59:2b:32:ae:0b:6e:d6:78:60:d7:27:2b:57:b1:77:a4:
         56:6b:23:84:49:82:f3:b2:86:f7:3e:27:e4:ed:23:98:b6:52:
         95:28:7d:03:ad:b3:2e:96:58:f1:d7:e6:97:ea:41:5e:97:6f:
         e1:84:96:af:15:fb:ce:21:67:ec:81:ee:83:07:7c:34:ef:52:
         fc:99:b1:4e:c1:44:e3:0a:49:d9:90:48:1c:cd:de:6d:19:db:
         c7:59:21:e6:f2:4b:5e:ae:7f:ef:34:51:e0:1f:52:7a:0d:7e:
         9b:5b:95:1f:65:77:37:45:31:6a:43:a8:72:09:11:94:41:5d:
         18:b8:6f:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuo0XwVOGoXqk2RSQqHlt0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4Njc2ZmZkZTMxN2YyZWMxYjgxMDBkMmQ5ZDQ0YTNlN2Q4
Zjc4ZDYwHhcNMjYwMzAyMTMwMTAxWhcNMjYwMzAzMTMwMTAxWjAzMTEwLwYDVQQD
EygyNTg0ZjY5OGM2MzA3NmQ1ZmU1NTFmMzllMjEwYzBhYzhjZTE1MTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA008CNXob38RQA0rPUMUrgLNj+99P
JZ8hY5Ui2kjHfxNfjE5DOQ5YVWIfEWWswq3SSaNfj3qESWyEMtO4vCo21EqjBGhv
5jr1VYeP9JSUUYCoI7dBLcZqr8rHdEFrYndsOWSv4/+JfAdw1kN7DpLZc8zI8b7b
TKyEgqlQm1Re6Ru1PCNDxDZnu/1Nr1uWel0K7uGw71S/auBqaG0nubVCC/6Xacab
qk18LIkTklAz0hKrWVyFukI7DLhpbHsxgqS/Eq4vu7x24f8DITSN4/tfE8kICr6u
nveEGXDv4gnLrINeDBvcxrBeb8aiGOgOkA9JsHOCmddEaA1rOEffA+IMAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCWE9pjGMHbV/lUfOeIQwKyM4VFfMB8GA1UdIwQY
MBaAFMhnb/3jF/LsG4EA0tnUSj59j3jWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUdkdl9lTVg4dXdiZ1FEUzJkUktQbjJQZU5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS80OWIzMDctZmRjYS00YzU3LWFmZGYt
NzA5NzkzY2QwMTIzLzEveUdkdl9lTVg4dXdiZ1FEUzJkUktQbjJQZU5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS80OWIzMDctZmRjYS00YzU3LWFmZGYtNzA5NzkzY2QwMTIz
LzEveUdkdl9lTVg4dXdiZ1FEUzJkUktQbjJQZU5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANxdW6IPm
8nW19U7DFmAm/Bgv6eBjz35yMFFafWCxvtvibho7R1VvWjvQ9OAiimT7hNl8sLnP
rNCk7HtdT7la7QjdVYMmRvNZsHFsqL61qZbxVAF5JZTZ/AqpIEOavfuoDy1jsbIX
lc3LbPy7p4uewbuimFqY1Js2OWXOh+NxYutZKzKuC27WeGDXJytXsXekVmsjhEmC
87KG9z4n5O0jmLZSlSh9A62zLpZY8dfml+pBXpdv4YSWrxX7ziFn7IHugwd8NO9S
/JmxTsFE4wpJ2ZBIHM3ebRnbx1kh5vJLXq5/7zRR4B9Seg1+m1uVH2V3N0UxakOo
cgkRlEFdGLhvaQ==
-----END CERTIFICATE-----