Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/39a6d4-b937-4d5f-8016-f2700864c187/1/yyaLUpOTAY1LyfxUBzAwoD2SlyE.mft
File:                     yyaLUpOTAY1LyfxUBzAwoD2SlyE.mft (raw, json)
Hash identifier:          NR1qUWp4XLVpiVBiScAHaAj+TZVZtQj2Lc3AX3XzXe0=
Subject key identifier:   B0:8C:D3:3F:D6:F7:E5:FF:81:27:C5:02:38:EF:2E:31:3F:5D:AB:24
Authority key identifier: CB:26:8B:52:93:93:01:8D:4B:C9:FC:54:07:30:30:A0:3D:92:97:21
Certificate issuer:       /CN=cb268b529393018d4bc9fc54073030a03d929721
Certificate serial:       019CACB4A52CCD05537AC38498E16F05F385
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yyaLUpOTAY1LyfxUBzAwoD2SlyE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/39a6d4-b937-4d5f-8016-f2700864c187/1/yyaLUpOTAY1LyfxUBzAwoD2SlyE.mft
Manifest number:          14DB
Signing time:             Mon 02 Mar 2026 04:00:45 +0000
Manifest this update:     Mon 02 Mar 2026 04:00:45 +0000
Manifest next update:     Tue 03 Mar 2026 04:00:45 +0000
Files and hashes:         1: yyaLUpOTAY1LyfxUBzAwoD2SlyE.crl (hash: l2ePkS85UsKL7nDjfazmpJGhxTVVg1mJYqFzwTJhyVE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/39a6d4-b937-4d5f-8016-f2700864c187/1/yyaLUpOTAY1LyfxUBzAwoD2SlyE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/39a6d4-b937-4d5f-8016-f2700864c187/1/yyaLUpOTAY1LyfxUBzAwoD2SlyE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yyaLUpOTAY1LyfxUBzAwoD2SlyE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 04:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:b4:a5:2c:cd:05:53:7a:c3:84:98:e1:6f:05:f3:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb268b529393018d4bc9fc54073030a03d929721
        Validity
            Not Before: Mar  2 04:00:45 2026 GMT
            Not After : Mar  3 04:00:45 2026 GMT
        Subject: CN=b08cd33fd6f7e5ff8127c50238ef2e313f5dab24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:0d:f4:57:04:8d:80:59:34:ad:34:a0:cf:8d:
                    09:6d:dd:4d:5e:44:a7:89:00:e2:9c:8b:c3:51:d0:
                    da:5b:d4:44:7b:ac:16:40:a8:91:90:de:44:d2:b0:
                    c0:6c:2e:fe:17:ad:43:d8:78:8f:da:0b:b7:ed:ec:
                    4b:e6:68:a0:e3:04:45:31:8d:f2:74:77:12:5c:46:
                    dd:57:bd:13:43:22:54:e0:06:63:44:cf:ae:ce:9d:
                    88:e9:30:75:2c:12:51:e5:d6:16:7f:d7:05:dc:29:
                    e3:dd:6f:bf:ee:ae:22:83:e1:ac:c3:3f:ac:aa:b7:
                    10:8b:c8:34:f7:0d:8d:cd:c3:51:23:07:ce:c9:55:
                    20:d6:59:61:a3:55:c3:e7:14:52:78:d8:41:e6:0b:
                    72:80:01:27:b0:8f:90:db:18:43:bc:1d:9d:7d:21:
                    64:2a:76:e4:13:16:aa:f4:de:b8:bd:c6:1f:8b:a4:
                    d4:e0:74:ee:85:6f:2b:76:ab:aa:70:0a:c6:da:ab:
                    85:ac:fc:c3:fe:43:95:2f:05:25:a5:ad:c1:e2:c4:
                    81:98:be:59:3a:71:09:2c:46:9c:12:33:38:d3:44:
                    93:59:68:d4:cf:76:82:d7:84:7b:c1:d4:d7:9f:82:
                    f6:68:18:7e:fb:d2:0b:64:04:2f:88:64:20:72:9c:
                    02:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:8C:D3:3F:D6:F7:E5:FF:81:27:C5:02:38:EF:2E:31:3F:5D:AB:24
            X509v3 Authority Key Identifier:
                keyid:CB:26:8B:52:93:93:01:8D:4B:C9:FC:54:07:30:30:A0:3D:92:97:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yyaLUpOTAY1LyfxUBzAwoD2SlyE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/39a6d4-b937-4d5f-8016-f2700864c187/1/yyaLUpOTAY1LyfxUBzAwoD2SlyE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/39a6d4-b937-4d5f-8016-f2700864c187/1/yyaLUpOTAY1LyfxUBzAwoD2SlyE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:e2:56:51:fe:f3:d3:1d:ae:f3:ea:94:88:93:0f:df:f9:26:
         ce:ea:9b:0c:96:4e:81:42:5a:c2:3a:06:00:3d:a4:93:f8:a7:
         c2:80:bf:23:c0:1c:a0:e1:ca:e5:97:d3:08:5f:60:98:46:ac:
         89:c2:5e:b8:55:f5:c5:a2:92:fd:87:cf:67:82:5e:81:eb:4d:
         a8:81:77:b2:e2:e2:d9:86:e4:fd:b8:6b:9a:b4:f6:bd:22:57:
         e1:6a:2e:8f:30:c9:6a:9d:da:9c:78:c2:e0:74:8a:0a:3f:3b:
         41:91:14:3f:bb:02:a0:89:d5:34:6d:cc:1b:0c:53:14:bb:ea:
         78:a9:75:af:ea:fa:12:40:41:29:02:63:d8:7f:97:2d:34:6f:
         7d:58:95:43:42:46:2f:96:8b:cc:a6:2c:5a:35:8e:f2:3d:15:
         b5:02:c0:7a:8c:e0:5e:57:19:e5:09:62:bd:b3:e3:d8:d5:40:
         b8:4d:dd:10:7d:e9:3d:45:2d:3a:24:77:e0:7d:3b:f4:55:67:
         64:53:bc:15:3c:f2:6b:46:54:b7:12:2f:57:ac:a4:b9:b1:48:
         55:7b:06:3c:2b:36:76:0a:78:e2:4f:9e:2f:f4:d7:49:4e:ae:
         3f:17:0d:95:89:54:fd:77:61:b8:52:46:bd:1c:20:6b:6c:06:
         f5:f0:ed:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZystKUszQVTesOEmOFvBfOFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMjY4YjUyOTM5MzAxOGQ0YmM5ZmM1NDA3MzAzMGEwM2Q5
Mjk3MjEwHhcNMjYwMzAyMDQwMDQ1WhcNMjYwMzAzMDQwMDQ1WjAzMTEwLwYDVQQD
EyhiMDhjZDMzZmQ2ZjdlNWZmODEyN2M1MDIzOGVmMmUzMTNmNWRhYjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyg30VwSNgFk0rTSgz40Jbd1NXkSn
iQDinIvDUdDaW9REe6wWQKiRkN5E0rDAbC7+F61D2HiP2gu37exL5mig4wRFMY3y
dHcSXEbdV70TQyJU4AZjRM+uzp2I6TB1LBJR5dYWf9cF3Cnj3W+/7q4ig+Gswz+s
qrcQi8g09w2NzcNRIwfOyVUg1llho1XD5xRSeNhB5gtygAEnsI+Q2xhDvB2dfSFk
KnbkExaq9N64vcYfi6TU4HTuhW8rdquqcArG2quFrPzD/kOVLwUlpa3B4sSBmL5Z
OnEJLEacEjM400STWWjUz3aC14R7wdTXn4L2aBh++9ILZAQviGQgcpwCPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLCM0z/W9+X/gSfFAjjvLjE/XaskMB8GA1UdIwQY
MBaAFMsmi1KTkwGNS8n8VAcwMKA9kpchMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXlhTFVwT1RBWTFMeWZ4VUJ6QXdvRDJTbHlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi8zOWE2ZDQtYjkzNy00ZDVmLTgwMTYt
ZjI3MDA4NjRjMTg3LzEveXlhTFVwT1RBWTFMeWZ4VUJ6QXdvRDJTbHlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi8zOWE2ZDQtYjkzNy00ZDVmLTgwMTYtZjI3MDA4NjRjMTg3
LzEveXlhTFVwT1RBWTFMeWZ4VUJ6QXdvRDJTbHlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAOJWUf7z
0x2u8+qUiJMP3/kmzuqbDJZOgUJawjoGAD2kk/inwoC/I8AcoOHK5ZfTCF9gmEas
icJeuFX1xaKS/YfPZ4JegetNqIF3suLi2Ybk/bhrmrT2vSJX4WoujzDJap3anHjC
4HSKCj87QZEUP7sCoInVNG3MGwxTFLvqeKl1r+r6EkBBKQJj2H+XLTRvfViVQ0JG
L5aLzKYsWjWO8j0VtQLAeozgXlcZ5QlivbPj2NVAuE3dEH3pPUUtOiR34H079FVn
ZFO8FTzya0ZUtxIvV6ykubFIVXsGPCs2dgp44k+eL/TXSU6uPxcNlYlU/XdhuFJG
vRwga2wG9fDtUg==
-----END CERTIFICATE-----