Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.mft
File:                     pU3VdP7HLUOUwlU2uoUyydOPQLo.mft (raw, json)
Hash identifier:          1h79CDsegOK95d9R9fWH6NniVFbAm54UoGLBtPB2bsg=
Subject key identifier:   01:A2:88:5C:24:2B:3B:95:18:24:70:B1:21:5F:65:CA:68:3D:75:99
Authority key identifier: A5:4D:D5:74:FE:C7:2D:43:94:C2:55:36:BA:85:32:C9:D3:8F:40:BA
Certificate issuer:       /CN=a54dd574fec72d4394c25536ba8532c9d38f40ba
Certificate serial:       019D28F2EEC405BB6D144C4C8E28446E621E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pU3VdP7HLUOUwlU2uoUyydOPQLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.mft
Manifest number:          0B9C
Signing time:             Thu 26 Mar 2026 07:01:42 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:42 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:42 +0000
Files and hashes:         1: pU3VdP7HLUOUwlU2uoUyydOPQLo.crl (hash: mpb+/8TD5qZKo5raBuF75hq7q7umhOvcm14KHEY1ZOs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pU3VdP7HLUOUwlU2uoUyydOPQLo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:ee:c4:05:bb:6d:14:4c:4c:8e:28:44:6e:62:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a54dd574fec72d4394c25536ba8532c9d38f40ba
        Validity
            Not Before: Mar 26 07:01:42 2026 GMT
            Not After : Mar 27 07:01:42 2026 GMT
        Subject: CN=01a2885c242b3b95182470b1215f65ca683d7599
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:c9:36:06:11:0c:b3:a3:d0:5f:57:6f:07:b8:
                    b1:dd:65:2f:21:a4:ef:bd:97:3c:6b:0a:1d:b5:2e:
                    48:a2:f3:c8:b9:25:96:a1:90:0b:91:b7:6f:4d:a8:
                    0c:36:a5:15:dc:a6:77:c5:19:38:44:0d:fe:c2:5a:
                    d6:5f:9e:e5:8f:ac:88:a7:8c:99:43:3b:de:50:13:
                    2c:af:8b:eb:b9:4d:bc:4a:66:47:5b:5e:cb:f4:0f:
                    67:20:f0:0c:31:c0:f2:a0:81:78:4f:e0:08:b3:49:
                    fd:94:98:cc:f4:70:6d:7d:7b:86:c9:9f:c5:74:9c:
                    1a:1e:c4:d4:90:5c:7d:73:f6:72:18:03:6d:a2:c1:
                    1d:30:f7:96:03:7c:25:32:ce:48:6e:92:30:57:bf:
                    4b:ef:15:18:9d:ab:01:85:83:d3:eb:6c:60:5b:25:
                    b5:28:eb:f3:99:59:8f:b1:14:cf:5e:0d:b4:4a:fe:
                    bb:e8:35:fb:65:90:27:a2:41:64:d3:09:92:1e:0d:
                    2b:d3:65:6c:34:91:21:6b:5b:0c:55:67:d3:51:a9:
                    3f:67:06:c5:f9:81:c5:40:ce:89:c4:50:bf:1d:7c:
                    12:9b:6f:1c:25:d6:d7:1f:38:3f:0a:bd:15:e0:be:
                    2d:8a:80:de:f6:0d:e9:cb:a1:ab:d0:00:35:64:d8:
                    a2:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:A2:88:5C:24:2B:3B:95:18:24:70:B1:21:5F:65:CA:68:3D:75:99
            X509v3 Authority Key Identifier:
                keyid:A5:4D:D5:74:FE:C7:2D:43:94:C2:55:36:BA:85:32:C9:D3:8F:40:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pU3VdP7HLUOUwlU2uoUyydOPQLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:8f:83:01:6a:96:c9:52:f9:5a:4d:9c:45:b8:f7:8f:b1:af:
         61:57:01:96:1c:69:4f:23:a2:64:ce:10:c1:81:b6:cf:57:4a:
         77:bb:6d:5c:fc:c3:5b:6a:11:1c:08:5b:7b:56:28:83:9f:d2:
         8e:77:ed:91:e7:13:f8:86:02:f3:8d:4a:6a:c4:6a:35:8a:3f:
         2e:c1:ac:da:1f:5d:b7:4d:2f:11:3f:61:ae:aa:b6:5f:0a:ba:
         5e:1d:65:25:ec:8d:c6:f1:2b:a6:f5:5c:56:5c:5c:f8:ec:d9:
         66:8a:41:28:e7:12:f8:0b:3a:b0:10:bf:af:81:dc:09:76:a4:
         1c:d6:41:e7:df:d9:a0:ac:f0:25:9f:3e:17:91:53:04:6f:b3:
         b7:95:1c:6e:b0:ba:ef:67:67:f2:40:e0:4e:81:25:8c:7b:51:
         f6:81:d9:3a:8a:8e:b5:7a:39:db:25:18:60:93:fd:07:ee:d5:
         81:5a:ce:0e:f6:d2:d1:88:6e:86:ee:2f:fb:b1:85:56:72:69:
         53:48:c0:4d:e6:be:f5:25:5e:b0:ef:bc:98:1a:2b:ff:80:5a:
         64:07:ab:0f:54:23:c9:97:fe:bb:be:fb:07:23:6b:1f:d8:ea:
         94:79:f7:b0:b4:9a:dc:70:3e:47:44:f7:35:e6:25:0f:f2:8b:
         ed:8b:fd:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8u7EBbttFExMjihEbmIeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NGRkNTc0ZmVjNzJkNDM5NGMyNTUzNmJhODUzMmM5ZDM4
ZjQwYmEwHhcNMjYwMzI2MDcwMTQyWhcNMjYwMzI3MDcwMTQyWjAzMTEwLwYDVQQD
EygwMWEyODg1YzI0MmIzYjk1MTgyNDcwYjEyMTVmNjVjYTY4M2Q3NTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlck2BhEMs6PQX1dvB7ix3WUvIaTv
vZc8awodtS5IovPIuSWWoZALkbdvTagMNqUV3KZ3xRk4RA3+wlrWX57lj6yIp4yZ
QzveUBMsr4vruU28SmZHW17L9A9nIPAMMcDyoIF4T+AIs0n9lJjM9HBtfXuGyZ/F
dJwaHsTUkFx9c/ZyGANtosEdMPeWA3wlMs5IbpIwV79L7xUYnasBhYPT62xgWyW1
KOvzmVmPsRTPXg20Sv676DX7ZZAnokFk0wmSHg0r02VsNJEha1sMVWfTUak/ZwbF
+YHFQM6JxFC/HXwSm28cJdbXHzg/Cr0V4L4tioDe9g3py6Gr0AA1ZNii4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAGiiFwkKzuVGCRwsSFfZcpoPXWZMB8GA1UdIwQY
MBaAFKVN1XT+xy1DlMJVNrqFMsnTj0C6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFUzVmRQN0hMVU9Vd2xVMnVvVXl5ZE9QUUxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS82OTM0YjUtOTZjMC00NzZkLWJmNTQt
MjM3ZjY1YjY0MzI3LzEvcFUzVmRQN0hMVU9Vd2xVMnVvVXl5ZE9QUUxvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS82OTM0YjUtOTZjMC00NzZkLWJmNTQtMjM3ZjY1YjY0MzI3
LzEvcFUzVmRQN0hMVU9Vd2xVMnVvVXl5ZE9QUUxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfo+DAWqW
yVL5Wk2cRbj3j7GvYVcBlhxpTyOiZM4QwYG2z1dKd7ttXPzDW2oRHAhbe1Yog5/S
jnftkecT+IYC841KasRqNYo/LsGs2h9dt00vET9hrqq2Xwq6Xh1lJeyNxvErpvVc
Vlxc+OzZZopBKOcS+As6sBC/r4HcCXakHNZB59/ZoKzwJZ8+F5FTBG+zt5UcbrC6
72dn8kDgToEljHtR9oHZOoqOtXo52yUYYJP9B+7VgVrODvbS0Yhuhu4v+7GFVnJp
U0jATea+9SVesO+8mBor/4BaZAerD1QjyZf+u777ByNrH9jqlHn3sLSa3HA+R0T3
NeYlD/KL7Yv9Zw==
-----END CERTIFICATE-----