Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
File:                     U53I-Drwei_XEh53wBzCg8ZRoIc.mft (raw, json)
Hash identifier:          vLv39+BRu0sM8kpnTjUpNtZvhXmKFBcGr0KramVtywc=
Subject key identifier:   34:90:2C:EA:00:EB:B8:A8:83:87:E1:D6:34:5E:1B:DB:63:C4:38:F0
Authority key identifier: 53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87
Certificate issuer:       /CN=539dc8f83af07a2fd7121e77c01cc283c651a087
Certificate serial:       019D273A9FCD23A1CF7065A40FC573B8C2B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
Manifest number:          1886
Signing time:             Wed 25 Mar 2026 23:00:46 +0000
Manifest this update:     Wed 25 Mar 2026 23:00:46 +0000
Manifest next update:     Thu 26 Mar 2026 23:00:46 +0000
Files and hashes:         1: U53I-Drwei_XEh53wBzCg8ZRoIc.crl (hash: 4VC9DPF7jsU9Dtw0VCZ3SvwhYFKGBXz7WlKGh7xbWPI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 23:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:3a:9f:cd:23:a1:cf:70:65:a4:0f:c5:73:b8:c2:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=539dc8f83af07a2fd7121e77c01cc283c651a087
        Validity
            Not Before: Mar 25 23:00:46 2026 GMT
            Not After : Mar 26 23:00:46 2026 GMT
        Subject: CN=34902cea00ebb8a88387e1d6345e1bdb63c438f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:a2:a3:18:8c:f6:1f:27:01:86:db:04:2e:8d:
                    2e:48:4d:64:5c:16:88:45:2a:2f:f5:cd:f5:02:72:
                    0f:c8:b3:0e:ac:9e:8f:84:7f:54:28:41:5b:1d:47:
                    59:db:5a:39:10:43:6b:fc:ca:d5:98:b8:2b:70:06:
                    f4:04:e6:58:4a:d8:6a:18:2e:d3:0c:5a:8c:ed:36:
                    b6:a5:a3:8b:d2:19:a9:c0:09:02:79:ae:bc:ed:b6:
                    98:8e:d1:00:37:2d:39:80:40:5a:6e:6f:10:b9:b4:
                    6d:91:a7:47:ff:8e:41:e6:51:7d:67:4c:2e:8d:10:
                    35:2b:ad:0e:02:8f:f3:c7:85:0c:3d:a0:50:2d:30:
                    dc:a4:7d:bd:1d:7f:c1:4a:24:24:e0:35:38:b0:3a:
                    e0:fb:1f:d6:51:94:c7:e8:51:49:c3:45:2b:39:ae:
                    76:f3:af:6d:9a:3d:46:11:82:ac:1b:38:17:0c:b5:
                    2a:e7:58:32:65:b3:78:be:d9:10:1a:fe:8d:a3:58:
                    28:34:6b:94:bb:bb:5d:1b:3b:67:67:7d:5a:3b:74:
                    de:24:a1:d6:69:14:a3:5d:d8:bc:86:d7:bc:a2:88:
                    40:5a:59:cc:82:a4:6c:d4:41:fd:48:00:dd:a8:c6:
                    9c:4c:58:6c:57:12:32:5a:90:01:98:8b:16:4a:6f:
                    bc:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:90:2C:EA:00:EB:B8:A8:83:87:E1:D6:34:5E:1B:DB:63:C4:38:F0
            X509v3 Authority Key Identifier:
                keyid:53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:ef:34:84:52:99:73:88:db:da:66:59:fb:a6:f0:fa:68:85:
         6a:60:59:bb:90:4e:9d:99:d7:1d:9e:42:65:13:18:75:19:ef:
         e0:74:ff:09:d4:96:49:66:a9:7f:eb:79:8f:b6:12:21:2b:9a:
         03:16:cb:22:4f:2f:ee:2c:61:92:a8:8d:a8:60:78:fc:70:77:
         3d:2d:c1:d1:a5:57:1b:36:49:87:46:e6:bc:bf:31:f3:85:4a:
         ec:3a:5b:bf:9b:5d:b0:e2:f5:cb:02:83:ea:3c:e7:07:fe:39:
         f4:6a:34:84:3d:a9:c7:a7:78:d0:4e:fd:14:5e:2d:ed:a4:ed:
         c9:d0:62:a0:da:af:45:b2:67:3f:43:51:6f:33:41:ac:38:cc:
         05:9f:72:cb:f7:97:6e:4e:29:9d:e7:7b:70:69:bc:96:76:48:
         86:c3:88:e3:52:83:ce:70:86:98:ba:b6:82:af:5c:f8:5b:17:
         4d:9d:16:93:6c:e1:9e:76:98:89:eb:ef:5a:1f:82:e6:ac:b7:
         7e:80:43:12:a1:7c:7f:0a:3f:22:89:fa:24:61:09:c2:14:fc:
         1c:ee:95:f1:46:5f:49:b4:6f:88:f2:a7:16:02:a7:fd:bc:a1:
         33:73:27:0a:5e:a9:4f:1c:e4:1f:e4:7c:ae:13:98:38:1e:48:
         e2:da:9a:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOp/NI6HPcGWkD8VzuMKzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOWRjOGY4M2FmMDdhMmZkNzEyMWU3N2MwMWNjMjgzYzY1
MWEwODcwHhcNMjYwMzI1MjMwMDQ2WhcNMjYwMzI2MjMwMDQ2WjAzMTEwLwYDVQQD
EygzNDkwMmNlYTAwZWJiOGE4ODM4N2UxZDYzNDVlMWJkYjYzYzQzOGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6KjGIz2HycBhtsELo0uSE1kXBaI
RSov9c31AnIPyLMOrJ6PhH9UKEFbHUdZ21o5EENr/MrVmLgrcAb0BOZYSthqGC7T
DFqM7Ta2paOL0hmpwAkCea687baYjtEANy05gEBabm8QubRtkadH/45B5lF9Z0wu
jRA1K60OAo/zx4UMPaBQLTDcpH29HX/BSiQk4DU4sDrg+x/WUZTH6FFJw0UrOa52
869tmj1GEYKsGzgXDLUq51gyZbN4vtkQGv6No1goNGuUu7tdGztnZ31aO3TeJKHW
aRSjXdi8hte8oohAWlnMgqRs1EH9SADdqMacTFhsVxIyWpABmIsWSm+8xwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDSQLOoA67iog4fh1jReG9tjxDjwMB8GA1UdIwQY
MBaAFFOdyPg68Hov1xIed8AcwoPGUaCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQt
NjI3NmIxNzhlZmRmLzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQtNjI3NmIxNzhlZmRm
LzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbu80hFKZ
c4jb2mZZ+6bw+miFamBZu5BOnZnXHZ5CZRMYdRnv4HT/CdSWSWapf+t5j7YSISua
AxbLIk8v7ixhkqiNqGB4/HB3PS3B0aVXGzZJh0bmvL8x84VK7Dpbv5tdsOL1ywKD
6jznB/459Go0hD2px6d40E79FF4t7aTtydBioNqvRbJnP0NRbzNBrDjMBZ9yy/eX
bk4pned7cGm8lnZIhsOI41KDznCGmLq2gq9c+FsXTZ0Wk2zhnnaYievvWh+C5qy3
foBDEqF8fwo/Ion6JGEJwhT8HO6V8UZfSbRviPKnFgKn/byhM3MnCl6pTxzkH+R8
rhOYOB5I4tqa0A==
-----END CERTIFICATE-----