Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
File:                     aUSJSM9NjazkdxjA9yWe3usJPns.mft (raw, json)
Hash identifier:          cf9QQqeyemFTdgl3uWiufbxv2F6lmf0T5iRKKz+KbuQ=
Subject key identifier:   BA:87:86:26:71:37:3A:84:CB:33:B5:9F:28:67:3B:18:82:84:DC:83
Authority key identifier: 69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B
Certificate issuer:       /CN=69448948cf4d8dace47718c0f7259edeeb093e7b
Certificate serial:       019D284E0F08B4887DBB2AFA82900E5AA9EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
Manifest number:          1884
Signing time:             Thu 26 Mar 2026 04:01:36 +0000
Manifest this update:     Thu 26 Mar 2026 04:01:36 +0000
Manifest next update:     Fri 27 Mar 2026 04:01:36 +0000
Files and hashes:         1: aUSJSM9NjazkdxjA9yWe3usJPns.crl (hash: F8d9KxsomJao3xHw4pkisCKsoA/kAxByIy8w7DPzfRg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4e:0f:08:b4:88:7d:bb:2a:fa:82:90:0e:5a:a9:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69448948cf4d8dace47718c0f7259edeeb093e7b
        Validity
            Not Before: Mar 26 04:01:36 2026 GMT
            Not After : Mar 27 04:01:36 2026 GMT
        Subject: CN=ba87862671373a84cb33b59f28673b188284dc83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:b2:f2:ed:69:e2:1d:34:7a:12:fa:b1:46:28:
                    00:01:a7:24:bf:37:a8:0f:63:c3:bb:48:57:d4:a7:
                    a4:e9:9f:79:75:27:1a:80:73:93:b0:ec:2b:f6:aa:
                    bb:62:cf:b0:2a:ea:ce:de:ae:82:0f:1c:60:20:63:
                    92:4b:b6:6a:91:c7:57:90:7e:04:0f:8e:ae:e2:d9:
                    65:ed:ad:e7:1c:ca:57:d9:99:9b:9c:b4:44:56:69:
                    ae:58:20:9c:63:d1:a2:f8:ed:b3:cd:87:b5:6f:df:
                    22:56:d9:c4:d9:49:c5:42:1e:73:f4:1a:84:1b:9d:
                    33:80:87:9f:fd:d4:d3:f6:34:df:87:1b:f1:ea:13:
                    47:09:f9:23:40:06:1e:6a:e3:0b:47:33:75:6b:53:
                    7d:d7:a6:29:0b:d9:9f:6e:86:f6:66:84:28:ea:de:
                    db:61:d2:0b:f4:0c:a4:f4:03:f0:40:d7:74:69:72:
                    62:f8:13:e4:80:ab:9f:97:b1:76:52:32:2f:5c:9f:
                    35:65:5d:da:e9:01:1a:fc:54:75:db:2f:fc:ea:4b:
                    7f:99:57:fc:80:88:f7:6b:57:89:52:c1:97:fa:19:
                    bb:cd:9b:f1:fc:da:f7:44:5d:d7:3c:02:f6:c3:e0:
                    ae:8d:13:f2:0c:aa:20:7e:40:ef:ef:c9:08:4d:2c:
                    ce:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:87:86:26:71:37:3A:84:CB:33:B5:9F:28:67:3B:18:82:84:DC:83
            X509v3 Authority Key Identifier:
                keyid:69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:3b:89:c4:0e:12:34:03:24:c0:88:fa:ee:77:8f:08:58:00:
         9c:c4:b0:6c:82:b1:50:22:77:b6:44:95:19:7f:b3:aa:cf:56:
         7e:66:d4:1d:7c:64:81:89:49:32:31:ce:a8:1a:31:b3:32:fa:
         75:0b:2a:04:e2:be:e0:44:a1:d6:10:39:53:fc:1c:2c:bb:f7:
         ec:cb:a4:ab:14:b8:00:c3:31:2d:0c:43:c7:d6:6a:9b:eb:c1:
         d8:63:a4:9e:16:98:95:08:ab:c1:c1:8e:20:e1:be:88:58:d9:
         d8:5e:3a:91:c2:04:f6:39:7e:22:5e:d3:09:b9:89:f1:ef:33:
         49:8b:9d:70:23:49:93:4e:03:20:21:16:a8:77:b3:37:91:4f:
         79:78:bc:e6:87:1a:4b:e2:e5:1d:39:f2:58:10:6a:88:0b:b6:
         5a:5b:b3:71:03:a9:bd:36:b0:44:34:0c:ee:a7:d7:dd:44:2f:
         53:25:02:62:6a:6c:f0:b0:bc:9b:0a:dc:4a:b6:66:4b:20:1a:
         46:c1:9b:e5:a7:d8:a3:45:5e:09:2e:25:2d:0c:26:10:a7:00:
         18:d8:a4:4f:8c:4e:a5:b7:88:0d:13:ac:4e:ae:48:81:5e:c5:
         72:93:61:37:dd:1e:f6:ab:6f:1a:f1:52:76:b5:ba:62:7c:81:
         5b:af:a2:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTg8ItIh9uyr6gpAOWqnqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NDQ4OTQ4Y2Y0ZDhkYWNlNDc3MThjMGY3MjU5ZWRlZWIw
OTNlN2IwHhcNMjYwMzI2MDQwMTM2WhcNMjYwMzI3MDQwMTM2WjAzMTEwLwYDVQQD
EyhiYTg3ODYyNjcxMzczYTg0Y2IzM2I1OWYyODY3M2IxODgyODRkYzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrLy7WniHTR6EvqxRigAAackvzeo
D2PDu0hX1Kek6Z95dScagHOTsOwr9qq7Ys+wKurO3q6CDxxgIGOSS7ZqkcdXkH4E
D46u4tll7a3nHMpX2ZmbnLREVmmuWCCcY9Gi+O2zzYe1b98iVtnE2UnFQh5z9BqE
G50zgIef/dTT9jTfhxvx6hNHCfkjQAYeauMLRzN1a1N916YpC9mfbob2ZoQo6t7b
YdIL9Ayk9APwQNd0aXJi+BPkgKufl7F2UjIvXJ81ZV3a6QEa/FR12y/86kt/mVf8
gIj3a1eJUsGX+hm7zZvx/Nr3RF3XPAL2w+CujRPyDKogfkDv78kITSzOKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLqHhiZxNzqEyzO1nyhnOxiChNyDMB8GA1UdIwQY
MBaAFGlEiUjPTY2s5HcYwPclnt7rCT57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYt
NGIxMzdhNGRiYzZlLzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYtNGIxMzdhNGRiYzZl
LzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVTuJxA4S
NAMkwIj67nePCFgAnMSwbIKxUCJ3tkSVGX+zqs9WfmbUHXxkgYlJMjHOqBoxszL6
dQsqBOK+4ESh1hA5U/wcLLv37MukqxS4AMMxLQxDx9Zqm+vB2GOknhaYlQirwcGO
IOG+iFjZ2F46kcIE9jl+Il7TCbmJ8e8zSYudcCNJk04DICEWqHezN5FPeXi85oca
S+LlHTnyWBBqiAu2WluzcQOpvTawRDQM7qfX3UQvUyUCYmps8LC8mwrcSrZmSyAa
RsGb5afYo0VeCS4lLQwmEKcAGNikT4xOpbeIDROsTq5IgV7FcpNhN90e9qtvGvFS
drW6YnyBW6+iWA==
-----END CERTIFICATE-----