Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
File:                     ydD7lgitlbS_5q4unxPgAv2raA0.mft (raw, json)
Hash identifier:          xjOkTNhT5ST3/mqf5my2y+zv5VNYw0jUt/JRr5P1lXM=
Subject key identifier:   0B:CB:1B:9C:89:9B:45:BD:BE:E4:BB:01:2E:DD:18:C6:22:F4:4E:92
Authority key identifier: C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D
Certificate issuer:       /CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
Certificate serial:       019CAAFD24D5BE0C10885DBC9A7A9D893E88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
Manifest number:          06DF
Signing time:             Sun 01 Mar 2026 20:00:42 +0000
Manifest this update:     Sun 01 Mar 2026 20:00:42 +0000
Manifest next update:     Mon 02 Mar 2026 20:00:42 +0000
Files and hashes:         1: ydD7lgitlbS_5q4unxPgAv2raA0.crl (hash: 3LwVrtksy80b1BY/jpFC58AOlFTKG2geeNh1lQbbtPE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:fd:24:d5:be:0c:10:88:5d:bc:9a:7a:9d:89:3e:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d0fb9608ad95b4bfe6ae2e9f13e002fdab680d
        Validity
            Not Before: Mar  1 20:00:42 2026 GMT
            Not After : Mar  2 20:00:42 2026 GMT
        Subject: CN=0bcb1b9c899b45bdbee4bb012edd18c622f44e92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:ce:77:6c:f5:2f:27:dd:55:4f:76:8b:bf:b4:
                    6d:a0:da:4e:eb:c0:4c:64:44:39:47:fd:4f:a9:7f:
                    4a:18:98:49:bc:a0:b0:a6:48:2f:88:89:96:3f:2d:
                    14:14:3e:74:5d:97:13:f0:f0:82:a8:af:ef:3d:c5:
                    e9:b8:ab:28:44:3a:bc:d0:f7:94:97:11:9b:b6:b5:
                    95:5b:af:ef:fe:2e:44:cc:d5:5c:24:19:95:62:c4:
                    15:d9:04:a1:19:21:c7:9c:8e:2b:86:b3:c7:44:8c:
                    56:86:8d:5d:bc:5d:08:33:9f:d6:7b:e7:ba:96:ab:
                    af:d4:50:41:be:70:55:7c:fc:c8:9b:75:bf:07:d5:
                    e5:58:53:30:cc:cb:76:65:91:c3:07:0b:fa:8c:22:
                    6b:d1:50:41:9b:d0:cd:8e:97:6f:03:76:dc:3d:4c:
                    9d:b3:51:d6:9c:1a:67:a4:7d:ab:e5:99:6e:2d:3a:
                    05:79:a1:9a:06:ec:ed:c9:bd:82:1b:d5:6c:06:a1:
                    8c:c2:f8:90:79:26:89:19:b4:f4:d2:e5:3d:96:e9:
                    50:48:ee:62:5d:8c:ec:9a:c4:e1:7d:18:24:49:10:
                    9c:9a:60:9b:b9:48:e1:c6:fd:17:af:d2:31:a7:ab:
                    ee:1e:a1:ad:4a:c1:57:54:3e:bf:8d:65:1f:30:6d:
                    69:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:CB:1B:9C:89:9B:45:BD:BE:E4:BB:01:2E:DD:18:C6:22:F4:4E:92
            X509v3 Authority Key Identifier:
                keyid:C9:D0:FB:96:08:AD:95:B4:BF:E6:AE:2E:9F:13:E0:02:FD:AB:68:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydD7lgitlbS_5q4unxPgAv2raA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/868837-2de1-49b3-9af9-0534958759ac/1/ydD7lgitlbS_5q4unxPgAv2raA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:98:b9:b5:60:d3:63:26:10:d3:e2:e3:1b:83:0d:2f:68:e9:
         e4:fa:2d:b3:c2:0f:fb:60:ad:8d:57:2b:73:b8:88:40:fb:f4:
         1c:df:a1:92:f6:aa:5a:74:e5:be:15:cd:77:05:90:6f:20:c8:
         5e:aa:a4:5f:74:70:68:37:b4:b4:b9:94:b5:5e:ee:2c:a9:83:
         54:9b:1d:32:27:8c:7a:d3:37:5f:ba:e6:e9:66:94:9e:28:5b:
         27:b2:9a:8c:c1:fc:7a:d2:d3:0a:af:7f:0f:84:ec:af:72:d2:
         fd:ad:dc:3f:bb:ae:2d:8b:7c:77:f6:8f:c4:d2:5b:b5:5c:98:
         31:4b:e1:ff:d1:40:cf:47:0d:d0:9f:c9:f3:40:92:32:de:09:
         bc:c7:1c:39:9d:af:be:00:e5:c4:63:29:a3:fa:84:56:ba:a7:
         6e:64:2c:3b:ef:16:2b:c3:2a:93:c2:f5:f9:46:d4:47:88:c7:
         ce:8c:9a:10:16:11:85:4e:ee:46:7d:c0:cb:c1:cd:47:0d:c8:
         4f:53:66:2a:bb:46:07:b1:b6:c2:ee:12:62:c7:b3:3d:5a:bd:
         a7:5e:45:de:8e:44:81:e5:b1:e4:88:38:0c:db:46:3d:fc:c6:
         bd:76:ca:b3:14:ee:f1:90:9b:89:9a:63:2b:a8:cc:7d:9b:f7:
         98:ed:44:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyq/STVvgwQiF28mnqdiT6IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDBmYjk2MDhhZDk1YjRiZmU2YWUyZTlmMTNlMDAyZmRh
YjY4MGQwHhcNMjYwMzAxMjAwMDQyWhcNMjYwMzAyMjAwMDQyWjAzMTEwLwYDVQQD
EygwYmNiMWI5Yzg5OWI0NWJkYmVlNGJiMDEyZWRkMThjNjIyZjQ0ZTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv853bPUvJ91VT3aLv7RtoNpO68BM
ZEQ5R/1PqX9KGJhJvKCwpkgviImWPy0UFD50XZcT8PCCqK/vPcXpuKsoRDq80PeU
lxGbtrWVW6/v/i5EzNVcJBmVYsQV2QShGSHHnI4rhrPHRIxWho1dvF0IM5/We+e6
lquv1FBBvnBVfPzIm3W/B9XlWFMwzMt2ZZHDBwv6jCJr0VBBm9DNjpdvA3bcPUyd
s1HWnBpnpH2r5ZluLToFeaGaBuztyb2CG9VsBqGMwviQeSaJGbT00uU9lulQSO5i
XYzsmsThfRgkSRCcmmCbuUjhxv0Xr9Ixp6vuHqGtSsFXVD6/jWUfMG1pXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAvLG5yJm0W9vuS7AS7dGMYi9E6SMB8GA1UdIwQY
MBaAFMnQ+5YIrZW0v+auLp8T4AL9q2gNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjkt
MDUzNDk1ODc1OWFjLzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84Njg4MzctMmRlMS00OWIzLTlhZjktMDUzNDk1ODc1OWFj
LzEveWREN2xnaXRsYlNfNXE0dW54UGdBdjJyYUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi5i5tWDT
YyYQ0+LjG4MNL2jp5Pots8IP+2CtjVcrc7iIQPv0HN+hkvaqWnTlvhXNdwWQbyDI
XqqkX3RwaDe0tLmUtV7uLKmDVJsdMieMetM3X7rm6WaUnihbJ7KajMH8etLTCq9/
D4Tsr3LS/a3cP7uuLYt8d/aPxNJbtVyYMUvh/9FAz0cN0J/J80CSMt4JvMccOZ2v
vgDlxGMpo/qEVrqnbmQsO+8WK8Mqk8L1+UbUR4jHzoyaEBYRhU7uRn3Ay8HNRw3I
T1NmKrtGB7G2wu4SYsezPVq9p15F3o5EgeWx5Ig4DNtGPfzGvXbKsxTu8ZCbiZpj
K6jMfZv3mO1E+Q==
-----END CERTIFICATE-----