Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft
File:                     tU0YlEyigIUFOR3pf6nWsrxhiZo.mft (raw, json)
Hash identifier:          ZKChqvlN4FrQ9Mffv/iFCU2A0ZLwPwbnm8nmMFRDTyc=
Subject key identifier:   6C:C5:5E:35:8B:19:CD:D5:F5:03:5B:7A:EE:D7:1C:06:A5:7D:C3:64
Authority key identifier: B5:4D:18:94:4C:A2:80:85:05:39:1D:E9:7F:A9:D6:B2:BC:61:89:9A
Certificate issuer:       /CN=b54d18944ca2808505391de97fa9d6b2bc61899a
Certificate serial:       019D2704CA86161B96A9B8C42A9AF2A5F5D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tU0YlEyigIUFOR3pf6nWsrxhiZo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft
Manifest number:          1323
Signing time:             Wed 25 Mar 2026 22:01:58 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:58 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:58 +0000
Files and hashes:         1: tU0YlEyigIUFOR3pf6nWsrxhiZo.crl (hash: I4AaSh7I01gOpvFERvVAKpRbJquxIb573p8iA1VshaQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tU0YlEyigIUFOR3pf6nWsrxhiZo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:ca:86:16:1b:96:a9:b8:c4:2a:9a:f2:a5:f5:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b54d18944ca2808505391de97fa9d6b2bc61899a
        Validity
            Not Before: Mar 25 22:01:58 2026 GMT
            Not After : Mar 26 22:01:58 2026 GMT
        Subject: CN=6cc55e358b19cdd5f5035b7aeed71c06a57dc364
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:f7:10:cb:f4:43:ff:32:97:be:a2:aa:06:20:
                    e2:4d:3f:36:71:46:97:ec:04:7f:2b:23:e2:1e:ed:
                    ca:3b:b8:b5:38:3a:bf:8f:1c:3a:3b:a9:f5:e5:5f:
                    ee:27:6c:cc:9e:1b:04:0f:d7:43:6c:4b:47:18:73:
                    5b:0b:58:da:1a:94:5b:b7:28:b3:1b:32:03:ab:25:
                    55:9f:6f:d9:f8:43:eb:25:6c:4e:d1:a7:0a:da:4d:
                    61:6c:94:b5:e4:f6:6c:a4:33:73:bb:2a:09:3c:f7:
                    9e:ec:15:ce:96:bc:f8:b5:d9:73:ea:3d:6e:73:a5:
                    90:69:c2:37:97:ab:e3:dd:a1:7f:67:ea:67:a4:54:
                    cc:52:83:e9:fb:ec:8a:0f:0d:51:8b:c7:d1:72:32:
                    48:be:84:06:bd:1e:e8:8e:c7:ed:5d:29:40:2a:67:
                    8b:ee:f9:c8:b5:a9:57:e3:e0:9b:50:91:9b:25:f3:
                    b3:3c:9a:85:07:7c:92:3d:fb:0a:77:aa:9f:1b:23:
                    c6:c0:f1:92:3c:3e:e1:28:25:81:58:62:10:00:18:
                    65:11:c7:0d:f8:cf:af:16:41:00:34:70:1c:67:e2:
                    29:f6:dd:3e:90:63:d4:5c:bc:10:c8:c5:31:09:f5:
                    80:db:a0:29:61:d2:cb:88:ae:17:29:90:15:68:99:
                    41:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:C5:5E:35:8B:19:CD:D5:F5:03:5B:7A:EE:D7:1C:06:A5:7D:C3:64
            X509v3 Authority Key Identifier:
                keyid:B5:4D:18:94:4C:A2:80:85:05:39:1D:E9:7F:A9:D6:B2:BC:61:89:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tU0YlEyigIUFOR3pf6nWsrxhiZo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:33:0c:93:9b:c5:4d:0f:0f:e8:c3:c1:91:7a:7d:5b:e7:84:
         ef:04:4c:c0:d2:45:aa:81:b3:c8:f6:bc:7e:6f:ea:47:03:c9:
         65:a3:00:e9:82:39:e3:ea:18:f6:44:16:8b:f6:ab:db:da:b0:
         7f:b9:d4:6e:43:a6:20:71:ed:30:a9:75:be:59:86:e8:9e:3b:
         a1:03:56:b9:24:4e:2e:af:cf:97:e5:00:d2:ad:b1:12:df:ef:
         c5:98:20:1b:ae:0f:64:93:62:8a:8f:06:ac:ff:83:7f:21:05:
         a5:40:81:85:2e:7e:fa:2f:47:55:de:68:f9:1a:a8:e3:d0:ee:
         c2:49:72:77:7c:a4:a7:a1:f6:cd:bc:ec:68:22:cf:65:30:88:
         f8:61:9a:88:46:16:c7:2d:98:e3:32:dc:8f:48:ba:18:73:d4:
         2f:14:28:65:43:46:6d:fd:9a:a1:70:9c:a1:a1:50:c9:3b:03:
         d8:c0:4e:d1:b0:62:0d:a4:6e:e5:c5:39:3e:63:9a:27:6d:62:
         c2:64:6f:40:fb:51:58:0f:b6:2e:09:3d:a8:3d:a8:5b:d5:64:
         3a:d2:06:45:31:85:ec:1b:3a:f6:7f:70:97:28:67:23:65:63:
         32:3f:b8:ee:ee:a4:6f:ee:ce:6e:d3:16:5e:50:81:20:93:86:
         19:ee:70:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBMqGFhuWqbjEKprypfXXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NGQxODk0NGNhMjgwODUwNTM5MWRlOTdmYTlkNmIyYmM2
MTg5OWEwHhcNMjYwMzI1MjIwMTU4WhcNMjYwMzI2MjIwMTU4WjAzMTEwLwYDVQQD
Eyg2Y2M1NWUzNThiMTljZGQ1ZjUwMzViN2FlZWQ3MWMwNmE1N2RjMzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvcQy/RD/zKXvqKqBiDiTT82cUaX
7AR/KyPiHu3KO7i1ODq/jxw6O6n15V/uJ2zMnhsED9dDbEtHGHNbC1jaGpRbtyiz
GzIDqyVVn2/Z+EPrJWxO0acK2k1hbJS15PZspDNzuyoJPPee7BXOlrz4tdlz6j1u
c6WQacI3l6vj3aF/Z+pnpFTMUoPp++yKDw1Ri8fRcjJIvoQGvR7ojsftXSlAKmeL
7vnItalX4+CbUJGbJfOzPJqFB3ySPfsKd6qfGyPGwPGSPD7hKCWBWGIQABhlEccN
+M+vFkEANHAcZ+Ip9t0+kGPUXLwQyMUxCfWA26ApYdLLiK4XKZAVaJlBYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGzFXjWLGc3V9QNbeu7XHAalfcNkMB8GA1UdIwQY
MBaAFLVNGJRMooCFBTkd6X+p1rK8YYmaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFUwWWxFeWlnSVVGT1IzcGY2bldzcnhoaVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xYzI5ODQtZmQ4My00MWJhLWIxZGMt
ZjY4M2I5NjgxZDYxLzEvdFUwWWxFeWlnSVVGT1IzcGY2bldzcnhoaVpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xYzI5ODQtZmQ4My00MWJhLWIxZGMtZjY4M2I5NjgxZDYx
LzEvdFUwWWxFeWlnSVVGT1IzcGY2bldzcnhoaVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjDMMk5vF
TQ8P6MPBkXp9W+eE7wRMwNJFqoGzyPa8fm/qRwPJZaMA6YI54+oY9kQWi/ar29qw
f7nUbkOmIHHtMKl1vlmG6J47oQNWuSROLq/Pl+UA0q2xEt/vxZggG64PZJNiio8G
rP+DfyEFpUCBhS5++i9HVd5o+Rqo49Duwklyd3ykp6H2zbzsaCLPZTCI+GGaiEYW
xy2Y4zLcj0i6GHPULxQoZUNGbf2aoXCcoaFQyTsD2MBO0bBiDaRu5cU5PmOaJ21i
wmRvQPtRWA+2Lgk9qD2oW9VkOtIGRTGF7Bs69n9wlyhnI2VjMj+47u6kb+7ObtMW
XlCBIJOGGe5w/g==
-----END CERTIFICATE-----