Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/d43c2f-ffa9-4f2b-a831-ad0b5dcf3303/1/U_ZmAbfOrAjBggeEBk5XHbmIe-s.mft
File:                     U_ZmAbfOrAjBggeEBk5XHbmIe-s.mft (raw, json)
Hash identifier:          oBj1pUj0jXT7HDsukPAEXLMxUaUrZMKck7S3YNVG+Qc=
Subject key identifier:   73:32:A6:97:0E:21:B0:AA:91:64:FD:66:AA:43:25:51:8B:22:9A:CA
Authority key identifier: 53:F6:66:01:B7:CE:AC:08:C1:82:07:84:06:4E:57:1D:B9:88:7B:EB
Certificate issuer:       /CN=53f66601b7ceac08c1820784064e571db9887beb
Certificate serial:       019D27E02994075587954697F00CFE15E910
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U_ZmAbfOrAjBggeEBk5XHbmIe-s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/d43c2f-ffa9-4f2b-a831-ad0b5dcf3303/1/U_ZmAbfOrAjBggeEBk5XHbmIe-s.mft
Manifest number:          01AF
Signing time:             Thu 26 Mar 2026 02:01:35 +0000
Manifest this update:     Thu 26 Mar 2026 02:01:35 +0000
Manifest next update:     Fri 27 Mar 2026 02:01:35 +0000
Files and hashes:         1: U_ZmAbfOrAjBggeEBk5XHbmIe-s.crl (hash: mqV1yJJu7G6WanOk08dNw6tkwi/GeqQwMOcnB1Dll+I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/d43c2f-ffa9-4f2b-a831-ad0b5dcf3303/1/U_ZmAbfOrAjBggeEBk5XHbmIe-s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/d43c2f-ffa9-4f2b-a831-ad0b5dcf3303/1/U_ZmAbfOrAjBggeEBk5XHbmIe-s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U_ZmAbfOrAjBggeEBk5XHbmIe-s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 02:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:e0:29:94:07:55:87:95:46:97:f0:0c:fe:15:e9:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53f66601b7ceac08c1820784064e571db9887beb
        Validity
            Not Before: Mar 26 02:01:35 2026 GMT
            Not After : Mar 27 02:01:35 2026 GMT
        Subject: CN=7332a6970e21b0aa9164fd66aa4325518b229aca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:d3:d3:5a:53:c2:aa:42:a5:b1:54:eb:15:2d:
                    4d:4b:0b:6c:f8:bd:7b:15:f0:72:5a:11:85:1f:0c:
                    42:79:ae:1b:9b:73:d5:10:3c:c0:ee:3c:de:50:7d:
                    6c:bf:f0:69:8c:97:9f:dc:79:b5:f7:ca:dd:32:11:
                    6c:8c:69:21:f0:a5:41:a2:0b:2b:6a:16:f4:10:9b:
                    b1:2b:f4:aa:68:ee:6e:64:8d:4a:d8:48:1d:8f:9e:
                    62:bb:43:15:a0:52:3f:1b:e2:8e:67:30:c0:c5:36:
                    b1:fb:09:e1:fe:38:a6:c4:1d:87:50:dd:63:04:59:
                    78:96:2e:f5:fc:8e:cd:bc:6d:66:31:18:dd:09:ee:
                    15:a6:0a:22:fc:0a:a6:8d:b9:cb:df:42:bf:fc:a0:
                    01:13:ff:54:fc:8c:9c:3f:fa:49:ab:f8:5d:4f:9e:
                    f1:7b:04:ae:c2:0e:a5:10:2f:73:c3:8f:3a:d6:e7:
                    a5:e8:26:62:d4:36:ca:da:a9:f6:d7:ac:d3:59:6d:
                    70:8d:8f:71:a7:a6:fa:ff:41:6b:72:3b:2b:ca:01:
                    ce:2b:d7:9d:93:ae:e6:ca:a8:87:9c:4a:ad:cd:d9:
                    35:94:11:94:27:c3:ff:89:01:1b:f2:ef:87:e9:a8:
                    aa:a6:2f:c1:f6:c6:38:34:a1:ed:bf:2b:ae:c6:45:
                    10:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:32:A6:97:0E:21:B0:AA:91:64:FD:66:AA:43:25:51:8B:22:9A:CA
            X509v3 Authority Key Identifier:
                keyid:53:F6:66:01:B7:CE:AC:08:C1:82:07:84:06:4E:57:1D:B9:88:7B:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_ZmAbfOrAjBggeEBk5XHbmIe-s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/d43c2f-ffa9-4f2b-a831-ad0b5dcf3303/1/U_ZmAbfOrAjBggeEBk5XHbmIe-s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/d43c2f-ffa9-4f2b-a831-ad0b5dcf3303/1/U_ZmAbfOrAjBggeEBk5XHbmIe-s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:c5:93:eb:89:49:b1:25:3f:11:15:d7:43:bd:0d:e5:2c:04:
         6e:27:02:78:94:09:8c:83:90:92:06:88:53:30:dc:1a:ce:2e:
         7b:f2:09:8a:27:14:cc:f2:5f:38:6f:c5:d8:bb:d9:1f:06:4f:
         3a:bf:72:e6:38:2c:b1:ea:22:b9:3d:29:dd:64:64:78:67:47:
         b8:eb:bf:ef:25:9c:c8:35:1c:bb:eb:fd:6c:00:3e:8d:51:af:
         50:2c:39:60:f9:1a:a9:b7:de:a1:c1:68:9d:a1:77:7c:0c:b6:
         bb:5e:33:6e:ad:25:75:d9:3f:d6:26:e8:85:ea:b2:38:a1:65:
         c4:a5:3e:84:78:8f:b8:97:1d:36:fa:76:3d:6b:5a:3c:e2:33:
         ec:8e:90:6d:b6:02:2d:ff:90:f7:e5:9f:13:49:a8:6d:bc:cf:
         ce:2e:ed:b3:33:25:82:f9:59:4c:9c:c7:75:f1:b1:0c:49:30:
         b9:7a:c8:c3:5e:89:f3:c1:49:6d:08:c7:25:a3:a6:fd:45:d2:
         8b:00:6a:90:b7:c5:13:8b:8a:d3:67:da:a8:71:ad:b9:c6:f4:
         63:e6:17:d0:5a:2f:01:06:93:87:7c:b0:b3:a8:d4:5b:70:8e:
         40:e7:1b:d9:8d:c8:f0:e5:46:18:4a:be:d6:93:0f:d9:73:d6:
         cc:72:fe:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n4CmUB1WHlUaX8Az+FekQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZjY2NjAxYjdjZWFjMDhjMTgyMDc4NDA2NGU1NzFkYjk4
ODdiZWIwHhcNMjYwMzI2MDIwMTM1WhcNMjYwMzI3MDIwMTM1WjAzMTEwLwYDVQQD
Eyg3MzMyYTY5NzBlMjFiMGFhOTE2NGZkNjZhYTQzMjU1MThiMjI5YWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNPTWlPCqkKlsVTrFS1NSwts+L17
FfByWhGFHwxCea4bm3PVEDzA7jzeUH1sv/BpjJef3Hm198rdMhFsjGkh8KVBogsr
ahb0EJuxK/SqaO5uZI1K2Egdj55iu0MVoFI/G+KOZzDAxTax+wnh/jimxB2HUN1j
BFl4li71/I7NvG1mMRjdCe4Vpgoi/AqmjbnL30K//KABE/9U/IycP/pJq/hdT57x
ewSuwg6lEC9zw4861uel6CZi1DbK2qn216zTWW1wjY9xp6b6/0FrcjsrygHOK9ed
k67myqiHnEqtzdk1lBGUJ8P/iQEb8u+H6aiqpi/B9sY4NKHtvyuuxkUQuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHMyppcOIbCqkWT9ZqpDJVGLIprKMB8GA1UdIwQY
MBaAFFP2ZgG3zqwIwYIHhAZOVx25iHvrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVV9abUFiZk9yQWpCZ2dlRUJrNVhIYm1JZS1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9kNDNjMmYtZmZhOS00ZjJiLWE4MzEt
YWQwYjVkY2YzMzAzLzEvVV9abUFiZk9yQWpCZ2dlRUJrNVhIYm1JZS1zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9kNDNjMmYtZmZhOS00ZjJiLWE4MzEtYWQwYjVkY2YzMzAz
LzEvVV9abUFiZk9yQWpCZ2dlRUJrNVhIYm1JZS1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk8WT64lJ
sSU/ERXXQ70N5SwEbicCeJQJjIOQkgaIUzDcGs4ue/IJiicUzPJfOG/F2LvZHwZP
Or9y5jgsseoiuT0p3WRkeGdHuOu/7yWcyDUcu+v9bAA+jVGvUCw5YPkaqbfeocFo
naF3fAy2u14zbq0lddk/1iboheqyOKFlxKU+hHiPuJcdNvp2PWtaPOIz7I6QbbYC
Lf+Q9+WfE0mobbzPzi7tszMlgvlZTJzHdfGxDEkwuXrIw16J88FJbQjHJaOm/UXS
iwBqkLfFE4uK02faqHGtucb0Y+YX0FovAQaTh3yws6jUW3COQOcb2Y3I8OVGGEq+
1pMP2XPWzHL+9Q==
-----END CERTIFICATE-----