Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
File:                     CUsU8URwOb33-d7l-ik4XB3OlZ0.mft (raw, json)
Hash identifier:          2WajvyoNAxtrx69rcqn73w8MgHJWBEupLsJi+w+d880=
Subject key identifier:   B6:AC:30:2F:B1:BB:A8:04:F5:C0:EB:0D:25:62:8B:F0:6C:30:4B:9D
Authority key identifier: 09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D
Certificate issuer:       /CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
Certificate serial:       019D28F2C4C77A6A00BE6687FDBAC6FEBE20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
Manifest number:          1816
Signing time:             Thu 26 Mar 2026 07:01:31 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:31 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:31 +0000
Files and hashes:         1: CUsU8URwOb33-d7l-ik4XB3OlZ0.crl (hash: GzuCTB+AjaB9TbKLS18sSx15ivINg5Qt2pbDJmXCgOo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:c4:c7:7a:6a:00:be:66:87:fd:ba:c6:fe:be:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
        Validity
            Not Before: Mar 26 07:01:31 2026 GMT
            Not After : Mar 27 07:01:31 2026 GMT
        Subject: CN=b6ac302fb1bba804f5c0eb0d25628bf06c304b9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:39:c2:cb:de:ed:91:49:fa:0d:a3:1b:ec:1b:
                    90:2d:b1:83:18:22:cb:81:86:a3:22:be:96:da:54:
                    fa:4f:cb:1d:47:22:05:14:2b:90:9e:e2:f6:0c:49:
                    c6:88:0e:fa:5d:9c:50:25:19:da:e6:5e:55:86:39:
                    e3:b9:d4:51:d4:7c:16:60:13:1b:b5:cd:c9:12:0e:
                    9f:24:ac:4a:e7:70:9f:5d:1b:82:87:69:3f:95:c3:
                    3b:0b:5a:9c:27:8c:47:6f:ea:20:09:0f:1a:4b:d9:
                    3b:3a:50:f2:24:a8:3e:59:66:5a:0c:ea:b3:78:54:
                    38:48:03:3e:da:cc:07:79:70:1b:1d:4e:5e:87:77:
                    5e:0f:94:dd:74:e5:91:11:18:5f:9a:6d:f7:0d:54:
                    1b:92:a1:14:94:f5:d9:b2:c2:9a:c0:9b:0e:ec:1b:
                    ac:a9:a9:70:66:bb:96:26:ed:61:e1:da:17:08:4e:
                    f5:8f:35:a3:67:31:86:38:63:38:33:2e:5c:aa:df:
                    90:9f:9d:89:b3:46:be:6e:b7:34:3f:a7:0e:aa:39:
                    c7:06:4f:ce:bf:fd:a5:39:52:c9:3d:8f:15:10:45:
                    f5:8a:a2:ba:43:a1:8d:5e:76:8e:a1:4c:23:10:e3:
                    9d:0e:18:9d:0e:b8:83:9d:f0:2f:03:b9:0e:48:8c:
                    46:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:AC:30:2F:B1:BB:A8:04:F5:C0:EB:0D:25:62:8B:F0:6C:30:4B:9D
            X509v3 Authority Key Identifier:
                keyid:09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c8:16:6f:03:ed:a0:cc:f8:39:69:f6:34:6d:88:a1:35:38:9a:
         9d:ca:16:31:28:99:b1:8c:d4:89:68:bf:a2:80:05:97:af:86:
         d8:87:4b:5e:28:87:ed:cb:65:64:66:b0:42:21:63:15:d5:73:
         74:d1:9a:47:2c:28:67:67:e3:d2:25:51:39:0d:3b:d5:9e:4e:
         74:0c:64:25:93:f8:56:d3:fe:ff:f4:58:44:02:5e:3d:b2:37:
         8d:4f:66:55:01:5d:35:5f:73:9a:1d:05:b5:c6:1e:ed:6e:db:
         47:4e:ed:b1:6b:8b:f4:bb:15:1c:ad:13:42:e4:54:79:49:f4:
         f6:26:95:47:b0:8b:43:48:e0:69:91:1e:51:69:bd:0e:8b:11:
         88:72:92:b0:bd:2c:e7:a1:68:67:03:f2:5c:16:54:9b:88:44:
         54:8f:d0:ef:06:ad:33:23:d7:e6:5b:51:fd:3e:15:6a:f0:3e:
         76:86:bc:3b:f9:ef:91:df:02:d5:b5:ff:4a:21:d9:9e:ec:b7:
         da:cd:50:bd:f8:2e:fc:5c:85:1d:bb:5f:32:44:dc:4e:4b:72:
         fa:5b:e1:ad:9b:98:64:b9:95:44:64:fc:94:33:73:31:a4:76:
         65:5e:d2:3f:40:16:c6:fc:36:11:fd:52:f9:aa:9c:7e:d8:94:
         71:d5:f1:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8sTHemoAvmaH/brG/r4gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NGIxNGYxNDQ3MDM5YmRmN2Y5ZGVlNWZhMjkzODVjMWRj
ZTk1OWQwHhcNMjYwMzI2MDcwMTMxWhcNMjYwMzI3MDcwMTMxWjAzMTEwLwYDVQQD
EyhiNmFjMzAyZmIxYmJhODA0ZjVjMGViMGQyNTYyOGJmMDZjMzA0YjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDnCy97tkUn6DaMb7BuQLbGDGCLL
gYajIr6W2lT6T8sdRyIFFCuQnuL2DEnGiA76XZxQJRna5l5VhjnjudRR1HwWYBMb
tc3JEg6fJKxK53CfXRuCh2k/lcM7C1qcJ4xHb+ogCQ8aS9k7OlDyJKg+WWZaDOqz
eFQ4SAM+2swHeXAbHU5eh3deD5TddOWRERhfmm33DVQbkqEUlPXZssKawJsO7Bus
qalwZruWJu1h4doXCE71jzWjZzGGOGM4My5cqt+Qn52Js0a+brc0P6cOqjnHBk/O
v/2lOVLJPY8VEEX1iqK6Q6GNXnaOoUwjEOOdDhidDriDnfAvA7kOSIxGrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLasMC+xu6gE9cDrDSVii/BsMEudMB8GA1UdIwQY
MBaAFAlLFPFEcDm99/ne5fopOFwdzpWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2Ut
NTBiNjRjYmQwZmUxLzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2UtNTBiNjRjYmQwZmUx
LzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyBZvA+2g
zPg5afY0bYihNTiancoWMSiZsYzUiWi/ooAFl6+G2IdLXiiH7ctlZGawQiFjFdVz
dNGaRywoZ2fj0iVROQ071Z5OdAxkJZP4VtP+//RYRAJePbI3jU9mVQFdNV9zmh0F
tcYe7W7bR07tsWuL9LsVHK0TQuRUeUn09iaVR7CLQ0jgaZEeUWm9DosRiHKSsL0s
56FoZwPyXBZUm4hEVI/Q7watMyPX5ltR/T4VavA+doa8O/nvkd8C1bX/SiHZnuy3
2s1Qvfgu/FyFHbtfMkTcTkty+lvhrZuYZLmVRGT8lDNzMaR2ZV7SP0AWxvw2Ef1S
+aqcftiUcdXxvQ==
-----END CERTIFICATE-----