Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft
File:                     uVZnsVy6fKp0FSdIRHOE--A7iTo.mft (raw, json)
Hash identifier:          EBi5TWEjOKIVNlKKIxdmDDcKY8CWUnQHAXocFHQWOvY=
Subject key identifier:   57:B8:07:9E:44:9F:16:35:FE:ED:46:09:BF:5E:AC:23:A7:E7:4F:5D
Authority key identifier: B9:56:67:B1:5C:BA:7C:AA:74:15:27:48:44:73:84:FB:E0:3B:89:3A
Certificate issuer:       /CN=b95667b15cba7caa74152748447384fbe03b893a
Certificate serial:       019D28F20F47BC47C843CB48A7A679AF131C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uVZnsVy6fKp0FSdIRHOE--A7iTo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft
Manifest number:          0B38
Signing time:             Thu 26 Mar 2026 07:00:45 +0000
Manifest this update:     Thu 26 Mar 2026 07:00:45 +0000
Manifest next update:     Fri 27 Mar 2026 07:00:45 +0000
Files and hashes:         1: uVZnsVy6fKp0FSdIRHOE--A7iTo.crl (hash: dEXyOQ65mGdCuTnE3xiIVERnqbDeypPKEo9c/BwyJnI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uVZnsVy6fKp0FSdIRHOE--A7iTo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:0f:47:bc:47:c8:43:cb:48:a7:a6:79:af:13:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b95667b15cba7caa74152748447384fbe03b893a
        Validity
            Not Before: Mar 26 07:00:45 2026 GMT
            Not After : Mar 27 07:00:45 2026 GMT
        Subject: CN=57b8079e449f1635feed4609bf5eac23a7e74f5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:b3:b1:7b:e7:be:15:94:bd:20:26:18:6f:da:
                    f7:bd:d5:ec:75:17:30:4c:7b:7d:c1:f6:39:59:9c:
                    33:c8:90:84:8b:64:62:63:6f:ed:93:a9:05:8f:1f:
                    d9:9c:33:9b:f6:0c:5d:0c:76:6b:f9:c2:3d:6d:b9:
                    da:b7:9d:5f:27:8c:a5:e1:65:91:3d:ef:34:c8:dc:
                    d2:d6:10:c1:12:94:ae:9c:a4:9a:72:26:e9:ad:ba:
                    68:e8:70:66:64:aa:18:27:03:e8:1c:16:5d:ab:93:
                    1c:fa:a8:98:33:98:76:8d:0b:07:47:27:04:3d:c7:
                    76:15:57:79:82:16:c1:0f:f9:a5:ff:17:24:79:f8:
                    66:82:b8:cb:8e:c1:69:f2:49:28:dc:58:93:34:b8:
                    c8:7d:be:98:a3:2f:7f:c1:a1:79:f7:05:d7:7d:21:
                    88:bb:7b:21:4b:1f:7a:51:3f:e6:e5:62:a8:1d:9a:
                    5b:50:fb:9c:44:b5:aa:93:3c:0b:f2:3b:6f:46:6a:
                    b1:c3:43:9f:0b:ac:99:67:23:f0:bf:42:e6:c1:b8:
                    0b:94:30:08:7c:fd:d2:11:2e:14:6d:83:73:f9:8d:
                    31:1d:ea:ee:07:f5:0e:8a:18:18:6d:bc:6d:0f:83:
                    d1:98:f8:40:a2:05:3f:8c:ba:6f:08:26:47:a9:ad:
                    22:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:B8:07:9E:44:9F:16:35:FE:ED:46:09:BF:5E:AC:23:A7:E7:4F:5D
            X509v3 Authority Key Identifier:
                keyid:B9:56:67:B1:5C:BA:7C:AA:74:15:27:48:44:73:84:FB:E0:3B:89:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uVZnsVy6fKp0FSdIRHOE--A7iTo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:f0:dc:9a:6d:c7:5c:da:97:06:eb:8e:2d:30:83:c4:0b:d0:
         68:e4:ad:31:05:29:42:01:fa:56:ab:af:6a:50:39:c1:3f:51:
         35:9d:65:ad:6b:13:46:47:8f:32:6b:f8:27:55:38:20:59:e3:
         25:d5:dc:eb:d0:19:1b:71:34:61:0d:2c:d8:8c:07:69:82:e2:
         49:40:1d:a9:3b:e3:c8:38:76:40:28:96:f5:bd:1d:99:bd:e5:
         58:6c:27:fd:cf:a4:fc:ee:c2:0c:31:c7:63:08:90:52:a3:c0:
         3c:13:ab:44:b2:f4:d4:6f:04:3d:cf:02:3d:10:bc:09:5a:0b:
         87:e9:c7:0e:14:7a:fb:cd:03:1d:07:b4:18:bf:d2:7e:09:24:
         78:dc:b9:db:7c:d5:21:6d:be:8e:a7:05:2d:1e:40:ae:ab:bb:
         87:fd:12:0f:c2:5c:5d:1b:a8:6f:2e:43:11:16:24:fd:a8:4a:
         84:30:52:35:e4:44:4c:4c:d7:c6:9f:2f:d8:da:29:79:4b:23:
         94:e7:1d:2c:fb:40:26:15:b5:da:d9:00:38:18:9c:31:81:73:
         92:7e:c3:b6:4e:30:cd:7e:e7:51:05:48:6d:ba:15:8e:6d:e0:
         b6:37:9c:71:5f:6d:1f:1b:1a:34:f6:38:3b:72:68:d2:30:43:
         05:1d:75:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8g9HvEfIQ8tIp6Z5rxMcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NTY2N2IxNWNiYTdjYWE3NDE1Mjc0ODQ0NzM4NGZiZTAz
Yjg5M2EwHhcNMjYwMzI2MDcwMDQ1WhcNMjYwMzI3MDcwMDQ1WjAzMTEwLwYDVQQD
Eyg1N2I4MDc5ZTQ0OWYxNjM1ZmVlZDQ2MDliZjVlYWMyM2E3ZTc0ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrOxe+e+FZS9ICYYb9r3vdXsdRcw
THt9wfY5WZwzyJCEi2RiY2/tk6kFjx/ZnDOb9gxdDHZr+cI9bbnat51fJ4yl4WWR
Pe80yNzS1hDBEpSunKSacibprbpo6HBmZKoYJwPoHBZdq5Mc+qiYM5h2jQsHRycE
Pcd2FVd5ghbBD/ml/xckefhmgrjLjsFp8kko3FiTNLjIfb6Yoy9/waF59wXXfSGI
u3shSx96UT/m5WKoHZpbUPucRLWqkzwL8jtvRmqxw0OfC6yZZyPwv0LmwbgLlDAI
fP3SES4UbYNz+Y0xHeruB/UOihgYbbxtD4PRmPhAogU/jLpvCCZHqa0iYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFe4B55EnxY1/u1GCb9erCOn509dMB8GA1UdIwQY
MBaAFLlWZ7FcunyqdBUnSERzhPvgO4k6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVZabnNWeTZmS3AwRlNkSVJIT0UtLUE3aVRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC81NDBjMDMtYmE4My00OTcxLTg5ODEt
NzQ0ZGNkMDE0ZmE0LzEvdVZabnNWeTZmS3AwRlNkSVJIT0UtLUE3aVRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC81NDBjMDMtYmE4My00OTcxLTg5ODEtNzQ0ZGNkMDE0ZmE0
LzEvdVZabnNWeTZmS3AwRlNkSVJIT0UtLUE3aVRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl/Dcmm3H
XNqXBuuOLTCDxAvQaOStMQUpQgH6VquvalA5wT9RNZ1lrWsTRkePMmv4J1U4IFnj
JdXc69AZG3E0YQ0s2IwHaYLiSUAdqTvjyDh2QCiW9b0dmb3lWGwn/c+k/O7CDDHH
YwiQUqPAPBOrRLL01G8EPc8CPRC8CVoLh+nHDhR6+80DHQe0GL/SfgkkeNy523zV
IW2+jqcFLR5Arqu7h/0SD8JcXRuoby5DERYk/ahKhDBSNeRETEzXxp8v2NopeUsj
lOcdLPtAJhW12tkAOBicMYFzkn7Dtk4wzX7nUQVIbboVjm3gtjeccV9tHxsaNPY4
O3Jo0jBDBR11nQ==
-----END CERTIFICATE-----