Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft
File:                     Us3j-fOkO7GGEIo8M9n2NVeh14w.mft (raw, json)
Hash identifier:          2kOHTowjvr8Luwn3ErnIlSn7v1EEEoAx1GQdHl7bH8k=
Subject key identifier:   75:6B:8F:CB:94:EE:D4:43:C8:57:8B:A7:35:91:EC:16:0B:25:A9:F3
Authority key identifier: 52:CD:E3:F9:F3:A4:3B:B1:86:10:8A:3C:33:D9:F6:35:57:A1:D7:8C
Certificate issuer:       /CN=52cde3f9f3a43bb186108a3c33d9f63557a1d78c
Certificate serial:       019D27039BC1B4ACFDF85296883B6439CD2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Us3j-fOkO7GGEIo8M9n2NVeh14w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft
Manifest number:          033A
Signing time:             Wed 25 Mar 2026 22:00:40 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:40 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:40 +0000
Files and hashes:         1: Us3j-fOkO7GGEIo8M9n2NVeh14w.crl (hash: pNmewzfZjTbLh48ZI+5sdiG7wLEW9CX9UnmgN97hfPw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Us3j-fOkO7GGEIo8M9n2NVeh14w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:9b:c1:b4:ac:fd:f8:52:96:88:3b:64:39:cd:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52cde3f9f3a43bb186108a3c33d9f63557a1d78c
        Validity
            Not Before: Mar 25 22:00:40 2026 GMT
            Not After : Mar 26 22:00:40 2026 GMT
        Subject: CN=756b8fcb94eed443c8578ba73591ec160b25a9f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:0b:7c:03:0f:4b:36:ac:43:38:5a:73:81:60:
                    7e:e9:6a:28:16:82:71:c1:7f:3b:8b:b0:9b:c6:b9:
                    dc:53:ab:43:81:da:01:d0:17:b3:a0:e4:e0:a2:02:
                    51:47:06:e2:64:ad:a8:c5:a5:7c:0d:7d:b0:05:02:
                    fc:b7:cc:e3:88:f7:75:78:ff:ca:7e:19:de:48:b6:
                    6b:5f:d4:df:45:3d:9c:bf:f2:a1:16:e0:16:ce:7d:
                    df:6b:eb:b1:86:77:6d:bc:9b:ae:25:d4:80:b0:85:
                    04:a5:31:20:9d:4c:f1:bb:b0:cc:b5:f8:f5:67:1b:
                    4b:aa:5b:f6:74:a0:f6:dc:7a:e0:67:8e:68:87:48:
                    9b:94:51:30:4f:86:02:2f:a7:d0:22:c2:42:1c:62:
                    8e:1f:db:bc:7b:79:2f:14:33:84:fd:39:9e:c9:a6:
                    72:e1:1b:24:83:89:17:14:aa:a5:1f:b6:a7:88:f8:
                    64:4f:4c:fe:ee:bc:cc:30:11:e5:7a:00:28:b0:7a:
                    ce:68:1c:05:8e:ab:58:4d:26:35:e0:4b:d2:d7:04:
                    d9:47:db:f8:c8:26:8c:17:d2:ab:d2:ee:ae:f7:56:
                    10:55:f8:b6:25:5e:35:ca:56:fe:93:51:cb:53:f2:
                    b3:0e:65:b1:4e:f4:33:06:ee:8d:61:2c:b1:a8:d4:
                    c7:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:6B:8F:CB:94:EE:D4:43:C8:57:8B:A7:35:91:EC:16:0B:25:A9:F3
            X509v3 Authority Key Identifier:
                keyid:52:CD:E3:F9:F3:A4:3B:B1:86:10:8A:3C:33:D9:F6:35:57:A1:D7:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us3j-fOkO7GGEIo8M9n2NVeh14w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:ac:b7:68:81:bb:26:aa:57:c9:16:bb:81:2d:14:31:e5:73:
         94:d7:2a:f6:13:64:6f:b4:f5:a6:34:b1:1e:08:e9:8a:66:ab:
         43:f8:5c:bb:9b:6b:d4:2a:d9:70:fe:ad:49:95:3b:95:b9:fc:
         0f:20:cd:a5:3c:19:e7:8d:5f:c5:50:a8:93:0f:70:6e:64:43:
         61:4e:d2:36:ec:65:44:79:83:5a:d7:68:f8:b1:f4:06:47:45:
         a4:22:99:fc:23:67:f0:58:53:33:c6:5c:a2:47:4b:1b:a0:6d:
         a7:6b:8a:c4:e8:30:d8:69:4e:61:1b:14:f4:ce:a4:0c:35:9d:
         fa:33:71:bb:26:e5:01:72:8d:c0:84:e0:19:7d:5a:38:ea:b1:
         39:c5:38:83:35:cd:91:ca:df:bd:6f:5c:c0:39:30:d6:c3:b4:
         b3:66:d7:cb:72:5b:62:20:64:96:93:fa:3d:e9:88:92:bc:5f:
         b9:43:fe:ed:e0:93:9d:08:09:cc:ac:24:eb:4f:94:20:a4:f9:
         8f:89:18:c2:e4:08:74:17:44:de:e7:e0:03:5d:39:2f:49:33:
         5a:f8:10:b4:1d:10:42:d2:d6:e5:b7:b1:28:24:e2:8d:01:d6:
         0b:51:0a:65:96:fe:fe:5b:0d:f2:64:3f:83:51:2b:cc:74:5b:
         57:08:57:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA5vBtKz9+FKWiDtkOc0uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2RlM2Y5ZjNhNDNiYjE4NjEwOGEzYzMzZDlmNjM1NTdh
MWQ3OGMwHhcNMjYwMzI1MjIwMDQwWhcNMjYwMzI2MjIwMDQwWjAzMTEwLwYDVQQD
Eyg3NTZiOGZjYjk0ZWVkNDQzYzg1NzhiYTczNTkxZWMxNjBiMjVhOWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Qt8Aw9LNqxDOFpzgWB+6WooFoJx
wX87i7CbxrncU6tDgdoB0BezoOTgogJRRwbiZK2oxaV8DX2wBQL8t8zjiPd1eP/K
fhneSLZrX9TfRT2cv/KhFuAWzn3fa+uxhndtvJuuJdSAsIUEpTEgnUzxu7DMtfj1
ZxtLqlv2dKD23HrgZ45oh0iblFEwT4YCL6fQIsJCHGKOH9u8e3kvFDOE/TmeyaZy
4Rskg4kXFKqlH7aniPhkT0z+7rzMMBHlegAosHrOaBwFjqtYTSY14EvS1wTZR9v4
yCaMF9Kr0u6u91YQVfi2JV41ylb+k1HLU/KzDmWxTvQzBu6NYSyxqNTHXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHVrj8uU7tRDyFeLpzWR7BYLJanzMB8GA1UdIwQY
MBaAFFLN4/nzpDuxhhCKPDPZ9jVXodeMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMzai1mT2tPN0dHRUlvOE05bjJOVmVoMTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy82ZGZmZDgtZTQzMy00NDFiLWJiMzct
NjA0NmMwMDQ5NmJjLzEvVXMzai1mT2tPN0dHRUlvOE05bjJOVmVoMTR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy82ZGZmZDgtZTQzMy00NDFiLWJiMzctNjA0NmMwMDQ5NmJj
LzEvVXMzai1mT2tPN0dHRUlvOE05bjJOVmVoMTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlay3aIG7
JqpXyRa7gS0UMeVzlNcq9hNkb7T1pjSxHgjpimarQ/hcu5tr1CrZcP6tSZU7lbn8
DyDNpTwZ541fxVCokw9wbmRDYU7SNuxlRHmDWtdo+LH0BkdFpCKZ/CNn8FhTM8Zc
okdLG6Btp2uKxOgw2GlOYRsU9M6kDDWd+jNxuyblAXKNwITgGX1aOOqxOcU4gzXN
kcrfvW9cwDkw1sO0s2bXy3JbYiBklpP6PemIkrxfuUP+7eCTnQgJzKwk60+UIKT5
j4kYwuQIdBdE3ufgA105L0kzWvgQtB0QQtLW5bexKCTijQHWC1EKZZb+/lsN8mQ/
g1ErzHRbVwhXHQ==
-----END CERTIFICATE-----