Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft
File:                     yM7BO9bzBCDedNLDFWTa3aCOAU0.mft (raw, json)
Hash identifier:          rWr0XUx6FANSv5/E1JHta2DUDUUj4l2AtznAf/v3Huc=
Subject key identifier:   0A:D6:7E:9E:8C:2F:45:75:C8:FB:03:A7:E7:D9:DE:F4:58:5E:27:E0
Authority key identifier: C8:CE:C1:3B:D6:F3:04:20:DE:74:D2:C3:15:64:DA:DD:A0:8E:01:4D
Certificate issuer:       /CN=c8cec13bd6f30420de74d2c31564dadda08e014d
Certificate serial:       019D28F2424745F493364A6A1F1999076CDD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yM7BO9bzBCDedNLDFWTa3aCOAU0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft
Manifest number:          02B1
Signing time:             Thu 26 Mar 2026 07:00:58 +0000
Manifest this update:     Thu 26 Mar 2026 07:00:58 +0000
Manifest next update:     Fri 27 Mar 2026 07:00:58 +0000
Files and hashes:         1: yM7BO9bzBCDedNLDFWTa3aCOAU0.crl (hash: rIMPQ2C6t3SfS3lPOThFzcGi3xVLN6FvgqIGiHkMnM4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yM7BO9bzBCDedNLDFWTa3aCOAU0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:42:47:45:f4:93:36:4a:6a:1f:19:99:07:6c:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8cec13bd6f30420de74d2c31564dadda08e014d
        Validity
            Not Before: Mar 26 07:00:58 2026 GMT
            Not After : Mar 27 07:00:58 2026 GMT
        Subject: CN=0ad67e9e8c2f4575c8fb03a7e7d9def4585e27e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:d0:64:c4:35:08:a6:6e:69:3b:89:60:4c:38:
                    0b:c1:a2:d4:5d:1a:59:28:2d:6c:3f:c6:f8:58:08:
                    68:dc:aa:6c:7a:a4:40:84:3b:91:cc:48:47:85:f8:
                    c4:4a:29:17:72:64:42:42:b4:33:2f:f0:de:61:6b:
                    79:0d:64:7a:fb:b3:49:a8:c0:5d:1e:ff:aa:69:46:
                    e1:53:f6:09:d6:c7:16:b6:1d:b4:cc:08:a8:ce:40:
                    76:6a:ae:92:48:27:d2:b8:53:13:b0:de:f0:54:27:
                    37:ee:02:86:36:65:6c:20:9b:1d:e6:8e:e6:bb:c2:
                    c3:93:13:87:9f:30:d2:02:67:ea:e1:81:07:fb:a0:
                    9e:b7:0b:fd:8b:6c:4e:26:63:67:a2:31:4a:d3:fe:
                    5d:a9:32:02:bd:6e:07:fe:12:9e:7d:55:4c:8d:c0:
                    2d:7d:3c:a2:7d:2c:b8:89:e1:a4:60:fa:f1:27:41:
                    ce:27:eb:e2:91:a0:41:e5:13:5f:59:37:29:96:f9:
                    39:d7:de:78:1b:b5:41:23:9f:d8:de:24:15:7c:13:
                    9f:e9:3e:21:a8:6e:cc:b8:1d:ca:f3:ef:65:27:be:
                    81:c5:34:9b:90:fc:f5:d5:12:f0:b1:ff:40:46:b2:
                    49:86:33:87:83:8d:ad:40:1a:d6:5a:cc:3a:86:87:
                    b8:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:D6:7E:9E:8C:2F:45:75:C8:FB:03:A7:E7:D9:DE:F4:58:5E:27:E0
            X509v3 Authority Key Identifier:
                keyid:C8:CE:C1:3B:D6:F3:04:20:DE:74:D2:C3:15:64:DA:DD:A0:8E:01:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yM7BO9bzBCDedNLDFWTa3aCOAU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/85df14-a815-4691-a923-46e65c95f83a/1/yM7BO9bzBCDedNLDFWTa3aCOAU0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:cb:8d:e2:a2:0c:f9:6c:b7:f7:0c:14:11:1c:e9:d3:a4:05:
         38:e5:02:43:a0:d1:02:30:ce:8b:33:f1:56:f4:eb:7a:1d:f2:
         66:18:31:db:cc:59:c0:81:f3:9a:e9:5f:79:fc:9a:40:bf:a0:
         e4:08:7c:c7:ec:c7:96:a8:9a:d5:17:08:87:68:fa:ed:a0:64:
         17:1f:d1:ff:6c:73:b5:2a:4d:1e:d4:cc:87:f6:c7:c8:9a:81:
         a6:76:39:1e:f5:0d:84:2e:05:d8:57:dc:c5:e5:5b:59:da:dd:
         5d:56:ed:62:c6:3b:58:35:7d:4c:5f:fb:dd:05:89:1d:4a:2e:
         46:fd:21:93:63:14:a2:39:fb:5e:59:11:74:df:09:73:3c:95:
         0c:27:62:b1:a7:14:e1:80:ba:18:da:ec:77:43:ba:ab:51:5b:
         fa:34:bf:63:ac:ea:2f:ca:f0:63:4f:dc:43:88:06:b8:ef:83:
         a7:13:26:d7:4a:d5:82:89:82:d9:7a:58:11:b9:83:94:e6:0e:
         7b:bb:bf:6c:71:b3:d8:75:d6:03:93:ca:db:22:e9:af:49:f1:
         f4:9d:d4:d5:2b:a5:80:c2:e5:52:84:1e:94:dc:0e:de:ef:54:
         2b:ef:fa:33:a8:ec:7c:68:2b:87:6c:e2:a0:a4:19:bb:0e:c3:
         38:9a:32:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8kJHRfSTNkpqHxmZB2zdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4Y2VjMTNiZDZmMzA0MjBkZTc0ZDJjMzE1NjRkYWRkYTA4
ZTAxNGQwHhcNMjYwMzI2MDcwMDU4WhcNMjYwMzI3MDcwMDU4WjAzMTEwLwYDVQQD
EygwYWQ2N2U5ZThjMmY0NTc1YzhmYjAzYTdlN2Q5ZGVmNDU4NWUyN2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdBkxDUIpm5pO4lgTDgLwaLUXRpZ
KC1sP8b4WAho3KpseqRAhDuRzEhHhfjESikXcmRCQrQzL/DeYWt5DWR6+7NJqMBd
Hv+qaUbhU/YJ1scWth20zAiozkB2aq6SSCfSuFMTsN7wVCc37gKGNmVsIJsd5o7m
u8LDkxOHnzDSAmfq4YEH+6Cetwv9i2xOJmNnojFK0/5dqTICvW4H/hKefVVMjcAt
fTyifSy4ieGkYPrxJ0HOJ+vikaBB5RNfWTcplvk51954G7VBI5/Y3iQVfBOf6T4h
qG7MuB3K8+9lJ76BxTSbkPz11RLwsf9ARrJJhjOHg42tQBrWWsw6hoe4tQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFArWfp6ML0V1yPsDp+fZ3vRYXifgMB8GA1UdIwQY
MBaAFMjOwTvW8wQg3nTSwxVk2t2gjgFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU03Qk85YnpCQ0RlZE5MREZXVGEzYUNPQVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84NWRmMTQtYTgxNS00NjkxLWE5MjMt
NDZlNjVjOTVmODNhLzEveU03Qk85YnpCQ0RlZE5MREZXVGEzYUNPQVUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi84NWRmMTQtYTgxNS00NjkxLWE5MjMtNDZlNjVjOTVmODNh
LzEveU03Qk85YnpCQ0RlZE5MREZXVGEzYUNPQVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFsuN4qIM
+Wy39wwUERzp06QFOOUCQ6DRAjDOizPxVvTreh3yZhgx28xZwIHzmulfefyaQL+g
5Ah8x+zHlqia1RcIh2j67aBkFx/R/2xztSpNHtTMh/bHyJqBpnY5HvUNhC4F2Ffc
xeVbWdrdXVbtYsY7WDV9TF/73QWJHUouRv0hk2MUojn7XlkRdN8JczyVDCdisacU
4YC6GNrsd0O6q1Fb+jS/Y6zqL8rwY0/cQ4gGuO+DpxMm10rVgomC2XpYEbmDlOYO
e7u/bHGz2HXWA5PK2yLpr0nx9J3U1SulgMLlUoQelNwO3u9UK+/6M6jsfGgrh2zi
oKQZuw7DOJoy9w==
-----END CERTIFICATE-----