Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.mft
File:                     YE1FsSrOCsIjA-08d5S4MGpqtbA.mft (raw, json)
Hash identifier:          uI1Jq3byIb9ar8LDGCpMJSPp3Je5AAdhVJlN0MbW1s4=
Subject key identifier:   A6:CA:09:D2:E3:75:6C:07:89:C4:71:9B:A2:71:C1:2E:D0:B8:08:7C
Authority key identifier: 60:4D:45:B1:2A:CE:0A:C2:23:03:ED:3C:77:94:B8:30:6A:6A:B5:B0
Certificate issuer:       /CN=604d45b12ace0ac22303ed3c7794b8306a6ab5b0
Certificate serial:       019CAD59AD0FC3D2B40A03A1ECF26870A5EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YE1FsSrOCsIjA-08d5S4MGpqtbA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.mft
Manifest number:          17D7
Signing time:             Mon 02 Mar 2026 07:01:01 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:01 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:01 +0000
Files and hashes:         1: YE1FsSrOCsIjA-08d5S4MGpqtbA.crl (hash: sfYzrThzz9wigXZ/xcT2cUXYzPIhbE6/Fw0XLjY4NXg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YE1FsSrOCsIjA-08d5S4MGpqtbA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:ad:0f:c3:d2:b4:0a:03:a1:ec:f2:68:70:a5:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=604d45b12ace0ac22303ed3c7794b8306a6ab5b0
        Validity
            Not Before: Mar  2 07:01:01 2026 GMT
            Not After : Mar  3 07:01:01 2026 GMT
        Subject: CN=a6ca09d2e3756c0789c4719ba271c12ed0b8087c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:29:ef:a7:e9:eb:61:84:ec:fb:b1:65:33:fb:
                    fe:1d:54:38:d5:36:6c:4d:32:e7:e7:42:4c:3f:4d:
                    fc:2d:9f:f7:83:fc:db:d7:4f:ae:93:ef:41:35:a7:
                    bd:a7:14:d9:41:4f:99:55:55:62:cd:10:67:ad:a9:
                    39:8a:fd:2f:41:dc:26:fa:6c:c0:35:f2:0d:ea:e5:
                    54:29:bc:06:28:8d:e8:ad:54:21:ae:9a:76:3f:cd:
                    91:46:28:d2:98:47:93:95:28:0a:3d:07:b9:bd:92:
                    fb:0b:e6:11:cf:f9:6a:c0:36:cf:a8:fd:72:88:53:
                    cb:33:55:86:45:14:e8:70:bc:9d:2d:92:8b:55:a3:
                    1b:e8:21:5d:82:b0:b2:a4:6c:de:20:b0:e5:bf:60:
                    33:dd:e5:5a:8d:16:08:a7:4b:b4:5f:61:8e:ab:cc:
                    1f:bf:b2:db:91:f1:18:bd:03:6b:19:49:d3:b4:77:
                    21:44:61:44:81:3f:a4:2b:a4:22:1a:7e:a1:b8:38:
                    3b:55:79:ab:8a:9a:86:c5:16:39:4c:ea:03:77:2c:
                    99:81:3e:0a:83:2b:85:92:3e:fe:c3:26:24:fb:8c:
                    23:79:b0:84:e6:66:68:f6:9f:52:32:9a:e5:ba:93:
                    a1:24:de:8a:cc:ed:0d:f3:dc:7c:ce:08:1b:c6:ba:
                    7b:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:CA:09:D2:E3:75:6C:07:89:C4:71:9B:A2:71:C1:2E:D0:B8:08:7C
            X509v3 Authority Key Identifier:
                keyid:60:4D:45:B1:2A:CE:0A:C2:23:03:ED:3C:77:94:B8:30:6A:6A:B5:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YE1FsSrOCsIjA-08d5S4MGpqtbA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/ca6855-18f6-4bc0-8fab-3757f9308acc/1/YE1FsSrOCsIjA-08d5S4MGpqtbA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:76:8c:4e:12:50:67:33:9d:7f:9e:2b:fc:8d:a8:19:32:03:
         92:8f:fd:45:ca:dd:ac:1a:a3:a8:57:97:06:ec:84:93:b9:ef:
         a4:a4:b7:4e:7e:86:f7:fc:aa:d3:c9:c3:12:5a:73:dc:b1:8f:
         6f:6d:e1:47:33:45:ad:6f:61:ce:94:22:92:7d:7c:ae:95:2d:
         18:18:31:42:11:fb:97:ed:da:13:09:bc:a7:1d:e8:26:dc:f1:
         4d:d9:2f:f3:3d:f3:8f:7a:a2:9f:8b:30:9e:3c:c6:68:7d:ca:
         e9:7b:79:c7:de:0a:72:1d:eb:23:98:ab:54:4e:6d:4c:a3:94:
         43:71:37:b8:ec:ea:6f:57:bd:af:b8:5d:6e:50:e3:fe:96:bf:
         9e:ce:1d:8e:32:88:fe:29:de:97:26:b0:3f:1a:b9:c2:73:a9:
         a4:45:b2:77:f2:0b:bc:ce:f8:9a:aa:a3:11:4f:20:33:cb:b5:
         4e:a3:8e:4f:1c:56:d0:c6:92:ab:b1:a7:64:d9:b6:a6:82:60:
         a2:7a:d2:82:57:35:de:5d:47:d6:ab:5c:42:f4:8e:57:5e:8f:
         06:2f:84:55:92:8c:ec:a2:c8:fa:9c:9a:fc:b3:55:57:b2:21:
         49:da:1e:b6:61:4f:19:ef:b4:68:1e:f1:64:b4:fb:6e:40:10:
         62:2f:03:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWa0Pw9K0CgOh7PJocKXuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNGQ0NWIxMmFjZTBhYzIyMzAzZWQzYzc3OTRiODMwNmE2
YWI1YjAwHhcNMjYwMzAyMDcwMTAxWhcNMjYwMzAzMDcwMTAxWjAzMTEwLwYDVQQD
EyhhNmNhMDlkMmUzNzU2YzA3ODljNDcxOWJhMjcxYzEyZWQwYjgwODdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvynvp+nrYYTs+7FlM/v+HVQ41TZs
TTLn50JMP038LZ/3g/zb10+uk+9BNae9pxTZQU+ZVVVizRBnrak5iv0vQdwm+mzA
NfIN6uVUKbwGKI3orVQhrpp2P82RRijSmEeTlSgKPQe5vZL7C+YRz/lqwDbPqP1y
iFPLM1WGRRTocLydLZKLVaMb6CFdgrCypGzeILDlv2Az3eVajRYIp0u0X2GOq8wf
v7LbkfEYvQNrGUnTtHchRGFEgT+kK6QiGn6huDg7VXmripqGxRY5TOoDdyyZgT4K
gyuFkj7+wyYk+4wjebCE5mZo9p9SMprlupOhJN6KzO0N89x8zggbxrp7WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKbKCdLjdWwHicRxm6JxwS7QuAh8MB8GA1UdIwQY
MBaAFGBNRbEqzgrCIwPtPHeUuDBqarWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUUxRnNTck9Dc0lqQS0wOGQ1UzRNR3BxdGJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jYTY4NTUtMThmNi00YmMwLThmYWIt
Mzc1N2Y5MzA4YWNjLzEvWUUxRnNTck9Dc0lqQS0wOGQ1UzRNR3BxdGJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jYTY4NTUtMThmNi00YmMwLThmYWItMzc1N2Y5MzA4YWNj
LzEvWUUxRnNTck9Dc0lqQS0wOGQ1UzRNR3BxdGJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABHaMThJQ
ZzOdf54r/I2oGTIDko/9RcrdrBqjqFeXBuyEk7nvpKS3Tn6G9/yq08nDElpz3LGP
b23hRzNFrW9hzpQikn18rpUtGBgxQhH7l+3aEwm8px3oJtzxTdkv8z3zj3qin4sw
njzGaH3K6Xt5x94Kch3rI5irVE5tTKOUQ3E3uOzqb1e9r7hdblDj/pa/ns4djjKI
/inelyawPxq5wnOppEWyd/ILvM74mqqjEU8gM8u1TqOOTxxW0MaSq7GnZNm2poJg
onrSglc13l1H1qtcQvSOV16PBi+EVZKM7KLI+pya/LNVV7IhSdoetmFPGe+0aB7x
ZLT7bkAQYi8Dng==
-----END CERTIFICATE-----