Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b93b66-af35-49d1-bd78-7ff8443d9c21/1/uXhT3Vdz8qawcYefW567Dm9Ofao.mft
File:                     uXhT3Vdz8qawcYefW567Dm9Ofao.mft (raw, json)
Hash identifier:          fcV5/Dke8igFejJxe3MYVhiwoiYFvGEqPYd276ly2Kk=
Subject key identifier:   AA:B8:73:43:24:F4:0A:1F:50:3B:CC:B5:85:03:32:D9:7D:8D:1F:D4
Authority key identifier: B9:78:53:DD:57:73:F2:A6:B0:71:87:9F:5B:9E:BB:0E:6F:4E:7D:AA
Certificate issuer:       /CN=b97853dd5773f2a6b071879f5b9ebb0e6f4e7daa
Certificate serial:       019D2772D8CE34503159151A702850633132
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uXhT3Vdz8qawcYefW567Dm9Ofao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/b93b66-af35-49d1-bd78-7ff8443d9c21/1/uXhT3Vdz8qawcYefW567Dm9Ofao.mft
Manifest number:          1818
Signing time:             Thu 26 Mar 2026 00:02:11 +0000
Manifest this update:     Thu 26 Mar 2026 00:02:11 +0000
Manifest next update:     Fri 27 Mar 2026 00:02:11 +0000
Files and hashes:         1: uXhT3Vdz8qawcYefW567Dm9Ofao.crl (hash: Uq0VCpa3viNQu0Las+uJyFLL8HExU/R9gR+iaGFgSfM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/b93b66-af35-49d1-bd78-7ff8443d9c21/1/uXhT3Vdz8qawcYefW567Dm9Ofao.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/b93b66-af35-49d1-bd78-7ff8443d9c21/1/uXhT3Vdz8qawcYefW567Dm9Ofao.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uXhT3Vdz8qawcYefW567Dm9Ofao.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:d8:ce:34:50:31:59:15:1a:70:28:50:63:31:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b97853dd5773f2a6b071879f5b9ebb0e6f4e7daa
        Validity
            Not Before: Mar 26 00:02:11 2026 GMT
            Not After : Mar 27 00:02:11 2026 GMT
        Subject: CN=aab8734324f40a1f503bccb5850332d97d8d1fd4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:95:0a:79:1a:f4:d3:87:e0:43:70:ca:df:ef:
                    1f:6f:5f:e7:d1:0c:d6:0a:6c:8e:72:1d:59:0e:da:
                    d3:b7:1a:0f:61:4d:d4:9e:16:be:bb:30:67:00:9d:
                    80:ce:0e:65:6a:12:82:32:b8:d9:cb:9e:a6:8c:8d:
                    a0:5c:2d:cf:73:8a:4a:b4:fd:b0:c3:20:79:45:50:
                    2d:05:bd:ce:43:66:8a:45:f7:07:9f:fd:2d:56:92:
                    7c:09:aa:92:9c:f8:82:09:9c:d4:d8:a8:56:46:d0:
                    fd:77:8c:eb:18:66:a6:01:d4:21:e2:24:69:46:61:
                    cd:9e:89:e1:e8:48:ec:e5:8c:a2:ae:a0:d0:76:74:
                    50:9b:7c:3d:35:38:c5:66:97:66:b0:18:a2:70:a2:
                    e9:d9:35:d7:54:63:1e:95:13:fd:e3:8e:d2:55:39:
                    f7:70:0a:6b:1e:f0:46:30:ed:05:8d:06:81:d8:de:
                    25:cc:74:ec:e1:c0:17:aa:d2:a6:64:b5:b7:ec:57:
                    9c:28:71:d9:3e:a1:c9:82:91:2d:88:34:04:78:5f:
                    bb:36:41:19:53:ae:8f:f9:59:a5:4d:27:14:f5:03:
                    f4:90:7a:cc:d9:0c:43:e1:22:fd:91:52:25:d3:df:
                    59:7d:83:ce:f0:02:95:77:b4:54:57:71:56:cc:9b:
                    73:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:B8:73:43:24:F4:0A:1F:50:3B:CC:B5:85:03:32:D9:7D:8D:1F:D4
            X509v3 Authority Key Identifier:
                keyid:B9:78:53:DD:57:73:F2:A6:B0:71:87:9F:5B:9E:BB:0E:6F:4E:7D:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXhT3Vdz8qawcYefW567Dm9Ofao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b93b66-af35-49d1-bd78-7ff8443d9c21/1/uXhT3Vdz8qawcYefW567Dm9Ofao.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b93b66-af35-49d1-bd78-7ff8443d9c21/1/uXhT3Vdz8qawcYefW567Dm9Ofao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:13:37:1c:25:de:6b:b3:70:b8:99:fa:cd:b1:f2:eb:3f:fe:
         21:5c:85:d4:f7:c0:62:4b:31:35:04:11:37:f9:bf:30:ab:ec:
         b4:1c:70:57:1a:02:ea:a4:17:3c:1e:d0:ca:67:63:a6:83:69:
         6c:cb:8a:59:78:d6:23:4d:4b:6b:b0:dd:84:64:6a:37:18:cc:
         77:96:ba:8c:c7:94:b3:69:70:d7:89:f0:98:de:ee:c6:fb:5a:
         e1:fd:00:c2:52:ca:89:04:53:66:33:8f:6f:24:42:32:58:44:
         83:ef:c2:94:6d:26:7a:b2:fc:7a:a6:fd:27:77:74:cf:da:c9:
         69:b8:ea:a1:e8:88:e8:19:6e:a4:65:05:89:d8:23:6d:82:be:
         e1:79:a1:55:51:ba:84:44:2a:63:17:35:9f:68:d4:00:c6:3e:
         db:b8:53:71:bb:44:55:a2:5a:5a:3e:68:cc:c4:95:6b:ef:86:
         28:bd:85:64:2c:d9:9f:ad:0d:3b:50:2f:59:84:19:01:e8:6e:
         47:3a:ab:8b:4c:9f:f2:d7:cd:ee:a1:4c:c1:02:c1:8a:21:0c:
         fd:9c:4d:6f:56:49:fe:bb:72:33:a9:20:47:76:e2:6c:cf:e1:
         21:63:61:91:b2:15:36:ba:5e:66:3b:58:b0:c9:38:91:2d:a9:
         0b:d1:fb:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nctjONFAxWRUacChQYzEyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5Nzg1M2RkNTc3M2YyYTZiMDcxODc5ZjViOWViYjBlNmY0
ZTdkYWEwHhcNMjYwMzI2MDAwMjExWhcNMjYwMzI3MDAwMjExWjAzMTEwLwYDVQQD
EyhhYWI4NzM0MzI0ZjQwYTFmNTAzYmNjYjU4NTAzMzJkOTdkOGQxZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupUKeRr004fgQ3DK3+8fb1/n0QzW
CmyOch1ZDtrTtxoPYU3Unha+uzBnAJ2Azg5lahKCMrjZy56mjI2gXC3Pc4pKtP2w
wyB5RVAtBb3OQ2aKRfcHn/0tVpJ8CaqSnPiCCZzU2KhWRtD9d4zrGGamAdQh4iRp
RmHNnonh6Ejs5YyirqDQdnRQm3w9NTjFZpdmsBiicKLp2TXXVGMelRP9447SVTn3
cAprHvBGMO0FjQaB2N4lzHTs4cAXqtKmZLW37FecKHHZPqHJgpEtiDQEeF+7NkEZ
U66P+VmlTScU9QP0kHrM2QxD4SL9kVIl099ZfYPO8AKVd7RUV3FWzJtzKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKq4c0Mk9AofUDvMtYUDMtl9jR/UMB8GA1UdIwQY
MBaAFLl4U91Xc/KmsHGHn1ueuw5vTn2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVhoVDNWZHo4cWF3Y1llZlc1NjdEbTlPZmFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iOTNiNjYtYWYzNS00OWQxLWJkNzgt
N2ZmODQ0M2Q5YzIxLzEvdVhoVDNWZHo4cWF3Y1llZlc1NjdEbTlPZmFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iOTNiNjYtYWYzNS00OWQxLWJkNzgtN2ZmODQ0M2Q5YzIx
LzEvdVhoVDNWZHo4cWF3Y1llZlc1NjdEbTlPZmFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAURM3HCXe
a7NwuJn6zbHy6z/+IVyF1PfAYksxNQQRN/m/MKvstBxwVxoC6qQXPB7QymdjpoNp
bMuKWXjWI01La7DdhGRqNxjMd5a6jMeUs2lw14nwmN7uxvta4f0AwlLKiQRTZjOP
byRCMlhEg+/ClG0merL8eqb9J3d0z9rJabjqoeiI6BlupGUFidgjbYK+4XmhVVG6
hEQqYxc1n2jUAMY+27hTcbtEVaJaWj5ozMSVa++GKL2FZCzZn60NO1AvWYQZAehu
Rzqri0yf8tfN7qFMwQLBiiEM/ZxNb1ZJ/rtyM6kgR3bibM/hIWNhkbIVNrpeZjtY
sMk4kS2pC9H7eg==
-----END CERTIFICATE-----