Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft
File:                     uU8woHaUohE5ZIclom6zTOSha6s.mft (raw, json)
Hash identifier:          offcX3y3chvR6GCqCn2LUdJurgrRNcZvVMQlnlFIU3o=
Subject key identifier:   1C:E1:6D:70:ED:53:74:22:34:66:16:27:19:85:F8:AF:03:24:61:10
Authority key identifier: B9:4F:30:A0:76:94:A2:11:39:64:87:25:A2:6E:B3:4C:E4:A1:6B:AB
Certificate issuer:       /CN=b94f30a07694a21139648725a26eb34ce4a16bab
Certificate serial:       019D2B853EAE24B69AF06110BB4FEF05A097
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uU8woHaUohE5ZIclom6zTOSha6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft
Manifest number:          051C
Signing time:             Thu 26 Mar 2026 19:00:45 +0000
Manifest this update:     Thu 26 Mar 2026 19:00:45 +0000
Manifest next update:     Fri 27 Mar 2026 19:00:45 +0000
Files and hashes:         1: uU8woHaUohE5ZIclom6zTOSha6s.crl (hash: iUaK2iQT/5t/WPgpuBYCou+dhgcBgH/4ZfaRijkkVbw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uU8woHaUohE5ZIclom6zTOSha6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 16:32:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2b:85:3e:ae:24:b6:9a:f0:61:10:bb:4f:ef:05:a0:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b94f30a07694a21139648725a26eb34ce4a16bab
        Validity
            Not Before: Mar 26 19:00:45 2026 GMT
            Not After : Mar 27 19:00:45 2026 GMT
        Subject: CN=1ce16d70ed537422346616271985f8af03246110
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:c9:24:8f:45:06:31:f5:84:b9:e1:a4:c9:03:
                    9c:6b:63:8d:51:1c:d4:5b:e4:41:36:2e:28:85:6b:
                    4e:f3:53:56:d0:0c:f8:84:61:31:89:0a:bb:5e:4f:
                    ce:61:a3:53:d2:0f:9d:b6:df:a7:2e:82:20:ce:57:
                    c1:79:40:36:db:d4:1a:c8:a0:75:cc:93:66:fe:7a:
                    79:54:88:b8:6b:b5:dd:37:3e:e1:cc:37:d9:23:28:
                    da:e0:26:64:60:24:0b:e8:24:05:71:5a:d1:b7:15:
                    c3:f1:79:5f:57:4e:78:2c:8d:08:fd:a7:3f:2d:45:
                    e5:0f:46:f0:c4:b7:4d:ba:d4:cb:0c:fb:26:67:9c:
                    72:52:bd:33:17:25:b4:d8:6a:e1:8b:74:85:17:44:
                    06:92:82:4f:c8:9c:9f:bc:98:8f:e6:22:af:5e:61:
                    18:e8:21:b5:16:f1:16:cb:48:7e:31:90:32:1d:5a:
                    31:6e:50:fc:06:ec:1c:ad:95:60:1c:8f:bd:74:a7:
                    71:a0:2e:d6:96:ed:76:86:83:de:35:1f:59:67:71:
                    10:9f:92:79:09:99:15:ce:3d:a7:f5:91:ca:93:b3:
                    3a:bb:99:d0:b4:04:53:a3:b2:17:50:b0:25:95:f4:
                    62:44:ab:a7:b7:d0:37:65:51:ca:a6:b7:ce:d9:28:
                    f5:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:E1:6D:70:ED:53:74:22:34:66:16:27:19:85:F8:AF:03:24:61:10
            X509v3 Authority Key Identifier:
                keyid:B9:4F:30:A0:76:94:A2:11:39:64:87:25:A2:6E:B3:4C:E4:A1:6B:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uU8woHaUohE5ZIclom6zTOSha6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:ac:a5:b0:a1:0b:93:8f:e2:0f:3e:5e:29:15:2e:8c:e9:ca:
         d0:b8:6f:ee:29:24:e4:7f:81:8d:81:39:ae:a6:dc:6c:7b:27:
         1a:91:3f:19:ab:46:e7:9f:a3:74:c2:fc:af:64:f7:4e:ca:c4:
         6d:bd:3c:85:be:5a:57:78:70:02:bf:1e:30:7a:b7:3b:6c:19:
         3a:dd:d6:bd:4b:c4:58:a2:a7:33:57:2e:6e:37:cc:dc:07:b4:
         14:c5:d2:88:35:4b:64:3f:72:c0:c6:42:b7:cc:6a:e7:7d:84:
         ba:5c:49:94:f6:ef:0b:36:ad:70:90:70:e3:55:6e:dd:74:9e:
         68:46:be:9c:f7:99:69:35:08:01:94:b8:1e:7d:d2:50:b9:f3:
         ba:01:1e:3a:8f:f4:50:ae:1a:2e:88:e4:7e:90:d7:3e:4b:6f:
         5b:9e:07:ef:a8:9f:58:b9:11:18:29:54:69:b2:be:b9:b1:9c:
         61:53:8d:a0:20:96:dc:35:c2:b5:06:f2:aa:ee:35:c0:54:f4:
         14:3e:79:f1:b2:47:11:b5:9e:61:d7:52:04:f1:3f:1b:32:a2:
         cc:11:57:ef:7b:47:eb:7d:62:8e:03:73:a6:8c:a6:7f:fb:ae:
         d8:12:6d:24:52:68:6f:8b:d2:98:94:fe:7d:a5:da:51:9d:ab:
         0a:d2:86:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0rhT6uJLaa8GEQu0/vBaCXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NGYzMGEwNzY5NGEyMTEzOTY0ODcyNWEyNmViMzRjZTRh
MTZiYWIwHhcNMjYwMzI2MTkwMDQ1WhcNMjYwMzI3MTkwMDQ1WjAzMTEwLwYDVQQD
EygxY2UxNmQ3MGVkNTM3NDIyMzQ2NjE2MjcxOTg1ZjhhZjAzMjQ2MTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiskkj0UGMfWEueGkyQOca2ONURzU
W+RBNi4ohWtO81NW0Az4hGExiQq7Xk/OYaNT0g+dtt+nLoIgzlfBeUA229QayKB1
zJNm/np5VIi4a7XdNz7hzDfZIyja4CZkYCQL6CQFcVrRtxXD8XlfV054LI0I/ac/
LUXlD0bwxLdNutTLDPsmZ5xyUr0zFyW02Grhi3SFF0QGkoJPyJyfvJiP5iKvXmEY
6CG1FvEWy0h+MZAyHVoxblD8BuwcrZVgHI+9dKdxoC7Wlu12hoPeNR9ZZ3EQn5J5
CZkVzj2n9ZHKk7M6u5nQtARTo7IXULAllfRiRKunt9A3ZVHKprfO2Sj1LwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBzhbXDtU3QiNGYWJxmF+K8DJGEQMB8GA1UdIwQY
MBaAFLlPMKB2lKIROWSHJaJus0zkoWurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVU4d29IYVVvaEU1WkljbG9tNnpUT1NoYTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9mNzZjMjEtOTljMy00ZjlhLThiNDIt
NzdhMzgzNWQ0ZmJiLzEvdVU4d29IYVVvaEU1WkljbG9tNnpUT1NoYTZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9mNzZjMjEtOTljMy00ZjlhLThiNDItNzdhMzgzNWQ0ZmJi
LzEvdVU4d29IYVVvaEU1WkljbG9tNnpUT1NoYTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqaylsKEL
k4/iDz5eKRUujOnK0Lhv7ikk5H+BjYE5rqbcbHsnGpE/GatG55+jdML8r2T3TsrE
bb08hb5aV3hwAr8eMHq3O2wZOt3WvUvEWKKnM1cubjfM3Ae0FMXSiDVLZD9ywMZC
t8xq532EulxJlPbvCzatcJBw41Vu3XSeaEa+nPeZaTUIAZS4Hn3SULnzugEeOo/0
UK4aLojkfpDXPktvW54H76ifWLkRGClUabK+ubGcYVONoCCW3DXCtQbyqu41wFT0
FD558bJHEbWeYddSBPE/GzKizBFX73tH631ijgNzpoymf/uu2BJtJFJob4vSmJT+
faXaUZ2rCtKG1Q==
-----END CERTIFICATE-----