Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft
File:                     U9L19sohYsiL85oPnekm9CPlMQQ.mft (raw, json)
Hash identifier:          LSL28fOPyJv22IW78LvUZlmkp9dDrxODB3ZpM/DKR+c=
Subject key identifier:   04:73:CF:FA:5B:3E:37:70:5A:3B:66:76:05:BD:F8:58:28:F8:A9:6D
Authority key identifier: 53:D2:F5:F6:CA:21:62:C8:8B:F3:9A:0F:9D:E9:26:F4:23:E5:31:04
Certificate issuer:       /CN=53d2f5f6ca2162c88bf39a0f9de926f423e53104
Certificate serial:       019D28F2674B2DE5ACE752DE103C7A5743BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U9L19sohYsiL85oPnekm9CPlMQQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft
Manifest number:          11EE
Signing time:             Thu 26 Mar 2026 07:01:07 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:07 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:07 +0000
Files and hashes:         1: U9L19sohYsiL85oPnekm9CPlMQQ.crl (hash: gxoyhGNUoJ+Uhg+P/K6aYysxq0+CLATTdRfxEn1fbH4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U9L19sohYsiL85oPnekm9CPlMQQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:67:4b:2d:e5:ac:e7:52:de:10:3c:7a:57:43:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53d2f5f6ca2162c88bf39a0f9de926f423e53104
        Validity
            Not Before: Mar 26 07:01:07 2026 GMT
            Not After : Mar 27 07:01:07 2026 GMT
        Subject: CN=0473cffa5b3e37705a3b667605bdf85828f8a96d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:42:a9:7e:59:be:90:0a:90:3c:21:4e:1e:84:
                    71:fb:1f:8c:5e:bf:2e:7b:35:78:96:6b:92:cd:59:
                    04:ca:06:e9:47:ff:12:f9:d1:d0:22:87:92:96:23:
                    8a:f8:76:09:a7:92:cd:82:99:f7:3c:77:10:66:19:
                    26:b3:bf:c3:4d:0f:45:19:51:40:8b:55:5a:81:9c:
                    57:ed:10:5c:0f:31:90:39:d9:33:14:1a:d9:d9:c5:
                    98:fd:24:61:82:ea:10:a4:73:c0:e2:8a:e4:fa:89:
                    28:da:38:09:38:ef:49:1f:7a:d9:13:2f:34:f5:c0:
                    68:56:35:73:92:2f:e8:1a:a1:21:fc:77:69:54:19:
                    47:aa:f2:27:1f:ab:0f:67:69:43:2d:95:62:c3:f1:
                    22:86:ef:be:d5:db:81:11:63:f9:1f:43:b4:48:b7:
                    db:9a:f7:77:7e:df:94:ff:f6:86:ff:c1:d7:48:c2:
                    c0:22:47:cd:dd:13:91:7d:10:83:4d:bf:23:48:61:
                    22:5e:ec:ea:ef:d9:c1:b2:66:b4:41:ba:5a:a1:1a:
                    e6:60:d4:82:ed:d0:c8:2d:c9:21:59:c7:f4:c0:56:
                    53:bf:c1:80:f9:48:d0:3e:ad:42:00:81:d9:71:f7:
                    7e:aa:cd:2c:7c:5f:99:d9:82:ce:f3:e0:b9:c1:76:
                    11:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:73:CF:FA:5B:3E:37:70:5A:3B:66:76:05:BD:F8:58:28:F8:A9:6D
            X509v3 Authority Key Identifier:
                keyid:53:D2:F5:F6:CA:21:62:C8:8B:F3:9A:0F:9D:E9:26:F4:23:E5:31:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U9L19sohYsiL85oPnekm9CPlMQQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a5ca0b-9425-4c1e-8ef6-a6fcad19aef2/1/U9L19sohYsiL85oPnekm9CPlMQQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:65:45:16:c4:ce:44:91:45:d4:75:62:fa:e2:8d:ce:b8:f4:
         81:12:97:77:8f:41:74:25:cc:ff:87:54:2a:f7:1c:a8:92:e6:
         b7:dc:eb:1b:9e:ae:21:df:34:46:34:b6:18:51:cd:5a:39:02:
         43:65:b9:19:c0:b9:55:e5:e5:fe:2b:3c:81:bd:f7:de:e7:ca:
         a7:7b:bc:3e:ae:43:19:dc:8a:45:7b:13:68:b6:af:82:be:13:
         b3:dc:7f:85:a0:0e:54:70:0d:e6:40:26:49:fc:24:67:b8:57:
         82:23:ff:c0:4e:75:14:ee:32:d7:ca:78:91:48:e4:50:6b:48:
         ec:d5:70:6b:fb:3c:75:f1:e9:01:5d:2d:3b:72:ab:d6:5b:c9:
         46:a3:dc:49:f4:7d:91:8f:b4:09:dc:44:52:92:53:d5:b9:df:
         fb:43:14:a4:bd:00:96:48:a0:fc:03:e7:75:ea:40:57:68:47:
         64:1d:55:d8:52:8e:40:7f:7f:76:6a:93:a2:50:e5:5e:7e:b8:
         8e:33:10:6d:3f:eb:79:c0:08:af:53:ca:c8:32:b9:60:3e:a5:
         fa:7a:06:70:4d:2b:9f:72:99:88:86:2b:40:fe:79:cc:a8:6e:
         b0:8e:7b:e7:7e:da:53:0b:6d:24:53:f6:6d:b6:68:cb:1d:a2:
         81:96:db:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8mdLLeWs51LeEDx6V0O7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZDJmNWY2Y2EyMTYyYzg4YmYzOWEwZjlkZTkyNmY0MjNl
NTMxMDQwHhcNMjYwMzI2MDcwMTA3WhcNMjYwMzI3MDcwMTA3WjAzMTEwLwYDVQQD
EygwNDczY2ZmYTViM2UzNzcwNWEzYjY2NzYwNWJkZjg1ODI4ZjhhOTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kKpflm+kAqQPCFOHoRx+x+MXr8u
ezV4lmuSzVkEygbpR/8S+dHQIoeSliOK+HYJp5LNgpn3PHcQZhkms7/DTQ9FGVFA
i1VagZxX7RBcDzGQOdkzFBrZ2cWY/SRhguoQpHPA4ork+oko2jgJOO9JH3rZEy80
9cBoVjVzki/oGqEh/HdpVBlHqvInH6sPZ2lDLZViw/Eihu++1duBEWP5H0O0SLfb
mvd3ft+U//aG/8HXSMLAIkfN3RORfRCDTb8jSGEiXuzq79nBsma0QbpaoRrmYNSC
7dDILckhWcf0wFZTv8GA+UjQPq1CAIHZcfd+qs0sfF+Z2YLO8+C5wXYRHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFARzz/pbPjdwWjtmdgW9+Fgo+KltMB8GA1UdIwQY
MBaAFFPS9fbKIWLIi/OaD53pJvQj5TEEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTlMMTlzb2hZc2lMODVvUG5la205Q1BsTVFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hNWNhMGItOTQyNS00YzFlLThlZjYt
YTZmY2FkMTlhZWYyLzEvVTlMMTlzb2hZc2lMODVvUG5la205Q1BsTVFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9hNWNhMGItOTQyNS00YzFlLThlZjYtYTZmY2FkMTlhZWYy
LzEvVTlMMTlzb2hZc2lMODVvUG5la205Q1BsTVFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIWVFFsTO
RJFF1HVi+uKNzrj0gRKXd49BdCXM/4dUKvccqJLmt9zrG56uId80RjS2GFHNWjkC
Q2W5GcC5VeXl/is8gb333ufKp3u8Pq5DGdyKRXsTaLavgr4Ts9x/haAOVHAN5kAm
SfwkZ7hXgiP/wE51FO4y18p4kUjkUGtI7NVwa/s8dfHpAV0tO3Kr1lvJRqPcSfR9
kY+0CdxEUpJT1bnf+0MUpL0Alkig/APndepAV2hHZB1V2FKOQH9/dmqTolDlXn64
jjMQbT/recAIr1PKyDK5YD6l+noGcE0rn3KZiIYrQP55zKhusI57537aUwttJFP2
bbZoyx2igZbb4A==
-----END CERTIFICATE-----