Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft
File:                     U1zc9HjqgOsXXEwwd-efy3DF0jA.mft (raw, json)
Hash identifier:          r/yyt+NblCs+hmzBJhkUceTyi6WM74AH3ADIVeXUTqE=
Subject key identifier:   A9:0D:B4:88:F7:62:65:C1:64:43:59:E3:C5:37:C4:C4:0D:65:EF:67
Authority key identifier: 53:5C:DC:F4:78:EA:80:EB:17:5C:4C:30:77:E7:9F:CB:70:C5:D2:30
Certificate issuer:       /CN=535cdcf478ea80eb175c4c3077e79fcb70c5d230
Certificate serial:       019D28F258490EA82F164B49C6D70FBF4DC6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft
Manifest number:          0CDE
Signing time:             Thu 26 Mar 2026 07:01:03 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:03 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:03 +0000
Files and hashes:         1: U1zc9HjqgOsXXEwwd-efy3DF0jA.crl (hash: II0pk1boUdg7qTtwpOK2PyM5+YLZIKsq5s/TbfmIBMo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:58:49:0e:a8:2f:16:4b:49:c6:d7:0f:bf:4d:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=535cdcf478ea80eb175c4c3077e79fcb70c5d230
        Validity
            Not Before: Mar 26 07:01:03 2026 GMT
            Not After : Mar 27 07:01:03 2026 GMT
        Subject: CN=a90db488f76265c1644359e3c537c4c40d65ef67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:46:80:52:60:2b:e0:7a:45:8c:44:cf:ff:f0:
                    32:6f:64:e6:cf:25:26:5a:4f:3e:79:b8:3c:3b:ff:
                    92:ef:35:5d:f8:3f:75:5e:c7:a8:61:28:b2:94:ff:
                    ed:d1:55:cc:bc:66:55:ed:fc:ca:53:32:a2:5f:ba:
                    f7:dd:e7:b1:85:4c:7e:f5:2a:d1:78:d4:63:9c:f3:
                    91:f0:04:69:f8:5e:9c:07:53:5c:2b:c7:b8:91:f0:
                    92:50:d8:e2:3a:37:0d:2a:42:45:4c:a7:8c:78:1e:
                    cb:92:0d:26:36:8c:3a:15:5c:fd:0d:d1:76:02:ca:
                    5d:82:da:a3:76:24:ce:67:4d:43:83:7d:63:ff:9e:
                    bf:c8:18:5c:71:a6:cd:f1:ba:bb:56:32:e8:32:2c:
                    a9:14:cf:1d:26:6c:68:5b:70:6f:46:e3:f4:99:9f:
                    b1:98:33:64:ad:32:64:05:da:db:c8:bd:27:33:68:
                    1c:92:6f:04:15:b6:fe:63:64:60:3c:cd:65:08:2c:
                    c3:92:fa:80:18:73:94:f2:43:ed:5a:71:e7:e3:0a:
                    ba:2e:20:75:21:86:32:28:d1:1a:a5:93:15:3d:94:
                    37:7b:91:60:21:ca:f5:9a:b0:92:75:fe:88:c1:6f:
                    83:f4:82:f9:fc:66:0e:72:ad:d4:92:a3:85:7a:df:
                    36:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:0D:B4:88:F7:62:65:C1:64:43:59:E3:C5:37:C4:C4:0D:65:EF:67
            X509v3 Authority Key Identifier:
                keyid:53:5C:DC:F4:78:EA:80:EB:17:5C:4C:30:77:E7:9F:CB:70:C5:D2:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:bc:7e:06:43:bf:ea:96:66:c7:e8:b9:6c:70:16:78:ec:6c:
         32:e4:a2:b1:24:81:c2:24:8c:06:cd:85:15:33:a7:68:d3:ec:
         eb:d8:df:6e:e3:17:8b:ed:0b:8a:88:62:ba:2a:d8:55:13:a4:
         21:c4:b0:36:e5:4d:10:86:5c:91:29:98:bb:0f:7b:6b:16:56:
         b0:16:05:54:23:98:00:11:a7:33:d4:04:6f:b2:f6:88:ec:50:
         39:f4:e3:54:fc:54:06:37:9f:ec:36:06:8f:6e:9c:b3:6a:b4:
         68:b9:37:fc:e7:d2:88:d4:d2:55:d9:0b:18:9a:1d:aa:69:a2:
         a6:0d:72:5a:bc:03:eb:c4:71:47:d6:25:46:17:d5:ba:6c:64:
         0f:45:50:01:df:a7:5a:ac:3f:68:52:e8:1b:dc:e1:5d:bc:a4:
         23:bc:ec:f6:29:ff:72:37:4b:0f:2f:17:96:45:a3:24:f2:e1:
         4f:77:28:fa:4d:38:2e:a3:1e:2e:3a:cb:45:65:80:7f:3f:b7:
         95:3f:74:77:65:42:43:96:f4:bb:21:1f:1d:5a:30:e8:1e:4c:
         2c:09:a3:ac:b0:2a:9d:dc:a7:98:90:f2:ee:b8:8b:97:f4:71:
         af:07:09:da:69:90:1f:b0:09:de:80:e3:26:b3:96:bd:8e:fa:
         57:89:8f:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8lhJDqgvFktJxtcPv03GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNWNkY2Y0NzhlYTgwZWIxNzVjNGMzMDc3ZTc5ZmNiNzBj
NWQyMzAwHhcNMjYwMzI2MDcwMTAzWhcNMjYwMzI3MDcwMTAzWjAzMTEwLwYDVQQD
EyhhOTBkYjQ4OGY3NjI2NWMxNjQ0MzU5ZTNjNTM3YzRjNDBkNjVlZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0aAUmAr4HpFjETP//Ayb2TmzyUm
Wk8+ebg8O/+S7zVd+D91XseoYSiylP/t0VXMvGZV7fzKUzKiX7r33eexhUx+9SrR
eNRjnPOR8ARp+F6cB1NcK8e4kfCSUNjiOjcNKkJFTKeMeB7Lkg0mNow6FVz9DdF2
AspdgtqjdiTOZ01Dg31j/56/yBhccabN8bq7VjLoMiypFM8dJmxoW3BvRuP0mZ+x
mDNkrTJkBdrbyL0nM2gckm8EFbb+Y2RgPM1lCCzDkvqAGHOU8kPtWnHn4wq6LiB1
IYYyKNEapZMVPZQ3e5FgIcr1mrCSdf6IwW+D9IL5/GYOcq3UkqOFet82DQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKkNtIj3YmXBZENZ48U3xMQNZe9nMB8GA1UdIwQY
MBaAFFNc3PR46oDrF1xMMHfnn8twxdIwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9hMjNjNzctZjRhZC00MGJhLWI4NTAt
OTg5ZjUzYjJjYWUwLzEvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9hMjNjNzctZjRhZC00MGJhLWI4NTAtOTg5ZjUzYjJjYWUw
LzEvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB7x+BkO/
6pZmx+i5bHAWeOxsMuSisSSBwiSMBs2FFTOnaNPs69jfbuMXi+0LiohiuirYVROk
IcSwNuVNEIZckSmYuw97axZWsBYFVCOYABGnM9QEb7L2iOxQOfTjVPxUBjef7DYG
j26cs2q0aLk3/OfSiNTSVdkLGJodqmmipg1yWrwD68RxR9YlRhfVumxkD0VQAd+n
Wqw/aFLoG9zhXbykI7zs9in/cjdLDy8XlkWjJPLhT3co+k04LqMeLjrLRWWAfz+3
lT90d2VCQ5b0uyEfHVow6B5MLAmjrLAqndynmJDy7riLl/RxrwcJ2mmQH7AJ3oDj
JrOWvY76V4mPDw==
-----END CERTIFICATE-----