Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft
File:                     uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft (raw, json)
Hash identifier:          isJ6pHeChBhFGcTS+dzjoZKIf/4qphPZqypkRmw4rQQ=
Subject key identifier:   B2:35:DE:93:29:33:09:B0:58:4E:28:95:A4:5B:0E:96:C1:B9:95:C0
Authority key identifier: BA:AF:6C:08:BC:A3:08:C1:C7:8B:0E:ED:8E:F3:0B:4A:04:68:11:8E
Certificate issuer:       /CN=baaf6c08bca308c1c78b0eed8ef30b4a0468118e
Certificate serial:       019D281669D67AD9B08C9A2E26D76DD84AE4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft
Manifest number:          0808
Signing time:             Thu 26 Mar 2026 03:00:50 +0000
Manifest this update:     Thu 26 Mar 2026 03:00:50 +0000
Manifest next update:     Fri 27 Mar 2026 03:00:50 +0000
Files and hashes:         1: uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl (hash: Mnpe+RSGAeTBexft7M4oOHhPQGYUN/kSGYLCA4KQ6Qk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:16:69:d6:7a:d9:b0:8c:9a:2e:26:d7:6d:d8:4a:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=baaf6c08bca308c1c78b0eed8ef30b4a0468118e
        Validity
            Not Before: Mar 26 03:00:50 2026 GMT
            Not After : Mar 27 03:00:50 2026 GMT
        Subject: CN=b235de93293309b0584e2895a45b0e96c1b995c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:81:5e:a4:76:dc:00:fc:9a:03:aa:ec:b8:d6:
                    8d:91:f0:b5:43:25:aa:cb:43:91:07:24:57:fc:5e:
                    0f:b0:60:8e:43:2a:06:8f:a2:c1:48:a2:9d:ff:08:
                    b2:64:13:f1:26:a6:1f:f0:e2:a0:a8:69:df:0b:c5:
                    f5:65:8b:2d:00:82:73:3c:14:ae:20:00:8e:01:cf:
                    ac:8e:2b:56:4f:36:15:fe:a6:9a:17:45:05:18:db:
                    b6:2c:fd:e3:5f:05:cc:ee:12:e9:97:ca:45:97:05:
                    f0:c8:29:0f:9d:9a:75:b3:52:9a:78:7a:65:4f:e8:
                    81:12:10:da:27:d2:33:04:69:c3:97:89:f6:2d:aa:
                    b4:05:96:ea:44:eb:2e:25:f1:d5:ac:ea:85:ae:3a:
                    41:ea:74:c4:ec:67:57:73:34:12:f9:c2:a9:8c:ad:
                    65:30:b0:67:38:5e:6d:a5:db:c2:7c:9c:81:3b:7b:
                    d7:ab:d2:12:9c:ae:7e:00:98:e6:aa:53:44:fa:03:
                    40:02:2c:24:c9:d7:b5:8d:62:a6:68:16:a1:ad:b3:
                    b5:94:ab:53:9b:20:37:f7:5e:18:3f:b1:c2:11:e0:
                    5b:f4:67:2a:51:61:2b:51:39:16:8b:a8:17:65:64:
                    61:1c:19:22:24:e9:28:a1:ea:b3:62:4f:7c:32:b3:
                    5b:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:35:DE:93:29:33:09:B0:58:4E:28:95:A4:5B:0E:96:C1:B9:95:C0
            X509v3 Authority Key Identifier:
                keyid:BA:AF:6C:08:BC:A3:08:C1:C7:8B:0E:ED:8E:F3:0B:4A:04:68:11:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:50:17:3e:66:7b:f0:c1:a6:be:3d:d3:bf:fc:2e:eb:ba:ac:
         1d:06:df:01:da:0a:49:f1:ac:d3:1c:04:ad:da:fa:d8:23:c3:
         14:fa:4d:ec:56:7c:ae:e4:37:a2:da:95:dc:59:a2:56:33:73:
         2e:4b:53:ac:1f:58:19:a0:35:b7:fd:e7:e5:85:81:8a:33:c5:
         4c:1d:d5:86:e8:62:29:f1:00:a7:9c:fd:37:d2:1d:8b:44:fa:
         f6:bd:e2:f3:29:6f:14:0d:c2:2b:6a:fc:99:06:a0:1b:7d:22:
         9a:8b:91:2d:e8:18:2f:21:52:67:2a:d8:81:8d:d2:00:07:4f:
         b4:ea:11:b8:3d:38:bc:06:02:df:b7:20:8d:b1:e5:2f:52:5a:
         e0:e0:67:aa:83:23:88:2e:32:81:d0:cc:de:b2:18:c2:69:1c:
         36:7b:34:38:cd:70:5e:27:95:6c:5c:0e:d6:85:be:7f:38:24:
         3d:30:2e:67:88:b9:1a:43:6d:37:87:1f:a0:7c:24:9b:aa:b3:
         f6:22:97:8f:a7:ee:12:05:2c:83:9c:4b:cf:23:12:74:44:c2:
         21:63:43:ed:ae:6d:7d:86:c3:5a:21:a8:9f:26:39:37:e9:c3:
         61:7a:e8:3a:27:a4:6e:0f:f2:87:07:e3:83:02:fc:9f:46:3e:
         cc:17:f8:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFmnWetmwjJouJtdt2ErkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWY2YzA4YmNhMzA4YzFjNzhiMGVlZDhlZjMwYjRhMDQ2
ODExOGUwHhcNMjYwMzI2MDMwMDUwWhcNMjYwMzI3MDMwMDUwWjAzMTEwLwYDVQQD
EyhiMjM1ZGU5MzI5MzMwOWIwNTg0ZTI4OTVhNDViMGU5NmMxYjk5NWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIFepHbcAPyaA6rsuNaNkfC1QyWq
y0ORByRX/F4PsGCOQyoGj6LBSKKd/wiyZBPxJqYf8OKgqGnfC8X1ZYstAIJzPBSu
IACOAc+sjitWTzYV/qaaF0UFGNu2LP3jXwXM7hLpl8pFlwXwyCkPnZp1s1KaeHpl
T+iBEhDaJ9IzBGnDl4n2Laq0BZbqROsuJfHVrOqFrjpB6nTE7GdXczQS+cKpjK1l
MLBnOF5tpdvCfJyBO3vXq9ISnK5+AJjmqlNE+gNAAiwkyde1jWKmaBahrbO1lKtT
myA3914YP7HCEeBb9GcqUWErUTkWi6gXZWRhHBkiJOkooeqzYk98MrNbdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLI13pMpMwmwWE4olaRbDpbBuZXAMB8GA1UdIwQY
MBaAFLqvbAi8owjBx4sO7Y7zC0oEaBGOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80YWE1NzAtNTVmZS00Yjk0LWJjNTkt
YjQ5OTNiMjMyZTZjLzEvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80YWE1NzAtNTVmZS00Yjk0LWJjNTktYjQ5OTNiMjMyZTZj
LzEvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO1AXPmZ7
8MGmvj3Tv/wu67qsHQbfAdoKSfGs0xwErdr62CPDFPpN7FZ8ruQ3otqV3FmiVjNz
LktTrB9YGaA1t/3n5YWBijPFTB3VhuhiKfEAp5z9N9Idi0T69r3i8ylvFA3CK2r8
mQagG30imouRLegYLyFSZyrYgY3SAAdPtOoRuD04vAYC37cgjbHlL1Ja4OBnqoMj
iC4ygdDM3rIYwmkcNns0OM1wXieVbFwO1oW+fzgkPTAuZ4i5GkNtN4cfoHwkm6qz
9iKXj6fuEgUsg5xLzyMSdETCIWND7a5tfYbDWiGonyY5N+nDYXroOiekbg/yhwfj
gwL8n0Y+zBf4WQ==
-----END CERTIFICATE-----