Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
File:                     USd7w4wS4ELt31bX519QVjxL0ic.mft (raw, json)
Hash identifier:          dr7Kjif/0/KvQP9mHzMv7qKJNHxzUGC/JGrbTlZ3j3g=
Subject key identifier:   4D:EE:78:9C:4D:FA:D9:D6:F5:EB:32:AF:EA:2D:78:AC:4F:73:75:56
Authority key identifier: 51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27
Certificate issuer:       /CN=51277bc38c12e042eddf56d7e75f50563c4bd227
Certificate serial:       019D27040A927FAA57ABD8031A7482C1BAC1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
Manifest number:          1882
Signing time:             Wed 25 Mar 2026 22:01:09 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:09 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:09 +0000
Files and hashes:         1: USd7w4wS4ELt31bX519QVjxL0ic.crl (hash: WcecGdPMzs34KwWz68hJndTzjCHxY9+RI3foF247XRw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:0a:92:7f:aa:57:ab:d8:03:1a:74:82:c1:ba:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51277bc38c12e042eddf56d7e75f50563c4bd227
        Validity
            Not Before: Mar 25 22:01:09 2026 GMT
            Not After : Mar 26 22:01:09 2026 GMT
        Subject: CN=4dee789c4dfad9d6f5eb32afea2d78ac4f737556
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:06:c6:6d:7f:57:97:ff:51:f4:2a:f8:53:37:
                    e7:ed:44:a1:93:32:c6:e1:c9:76:30:82:17:26:bc:
                    ac:12:94:23:74:6e:76:d2:cc:58:a3:fb:23:f8:0f:
                    1d:03:64:9a:ea:4e:db:ab:be:c1:92:f7:df:71:58:
                    ec:2c:0e:42:69:8b:a7:ca:d9:b9:18:41:8f:ca:af:
                    bb:74:e5:3a:50:4b:8e:98:a7:47:66:8e:0a:bb:5d:
                    52:35:70:e4:f7:a2:01:c2:28:5c:b1:7e:01:dc:21:
                    28:e4:de:2c:c3:39:0c:d3:3e:9a:88:31:d3:72:34:
                    4b:ff:01:da:d1:d9:f7:30:f8:fa:e1:57:3b:cf:77:
                    e6:b7:71:34:04:3c:0f:65:1c:10:33:b0:f3:66:e0:
                    c2:f3:8d:f0:5e:07:56:b7:ed:83:c4:d9:20:f0:a0:
                    37:27:30:bb:6d:96:ce:1d:c6:cf:e7:fc:5b:0c:9a:
                    93:bb:b8:d1:77:ea:4e:35:c3:84:ad:44:10:f6:cf:
                    34:f2:03:72:be:a1:04:99:4d:10:2f:90:82:35:89:
                    49:5a:56:ab:12:b6:10:62:65:98:4e:87:39:70:e9:
                    33:c7:b6:da:46:d7:3c:76:3e:fa:c8:a2:a3:b0:c2:
                    b5:20:2e:8e:10:1a:b8:8c:68:5d:f7:93:18:bd:8d:
                    d4:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:EE:78:9C:4D:FA:D9:D6:F5:EB:32:AF:EA:2D:78:AC:4F:73:75:56
            X509v3 Authority Key Identifier:
                keyid:51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:d2:31:83:5f:25:e5:0d:5f:7e:51:21:c5:d6:d1:04:c9:4b:
         77:2c:24:e5:f3:cf:e3:16:f9:c1:bb:4b:e8:7a:55:c4:36:27:
         39:67:72:41:35:20:59:f8:46:c1:1a:61:4e:30:77:6a:8d:bb:
         6b:50:20:74:22:1f:82:64:5d:cf:c7:6f:69:e1:f8:bd:52:1d:
         8b:95:9a:c3:42:9c:74:38:c0:65:85:53:9e:a6:41:9f:f0:95:
         a9:fa:89:51:5d:59:13:f5:b1:00:4c:49:c8:9f:45:2b:1b:dc:
         5e:9e:5f:f3:13:02:2d:d4:ca:a8:8b:40:bf:7f:ea:d1:d9:21:
         3e:d9:d9:9d:7d:6d:ef:c0:3e:5f:dd:f6:1b:81:cd:de:89:44:
         6f:bc:ed:ad:ef:8d:5a:24:27:cf:c2:c3:45:40:b7:78:00:27:
         56:f0:e9:24:d5:d1:a4:0f:1c:73:b1:dd:28:d9:ce:41:02:f7:
         21:35:6e:0a:1c:d7:7d:68:94:cb:a8:fd:91:18:aa:54:6e:a1:
         a4:27:79:cd:3a:c9:60:6e:89:21:de:e5:eb:14:90:09:19:88:
         10:12:36:06:07:de:16:15:1d:63:fd:dd:74:b2:dc:32:9e:53:
         d2:99:d4:fc:63:49:53:4a:04:8d:43:4d:99:39:b0:dd:cf:d4:
         f7:1a:85:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBAqSf6pXq9gDGnSCwbrBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjc3YmMzOGMxMmUwNDJlZGRmNTZkN2U3NWY1MDU2M2M0
YmQyMjcwHhcNMjYwMzI1MjIwMTA5WhcNMjYwMzI2MjIwMTA5WjAzMTEwLwYDVQQD
Eyg0ZGVlNzg5YzRkZmFkOWQ2ZjVlYjMyYWZlYTJkNzhhYzRmNzM3NTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1AbGbX9Xl/9R9Cr4Uzfn7UShkzLG
4cl2MIIXJrysEpQjdG520sxYo/sj+A8dA2Sa6k7bq77BkvffcVjsLA5CaYunytm5
GEGPyq+7dOU6UEuOmKdHZo4Ku11SNXDk96IBwihcsX4B3CEo5N4swzkM0z6aiDHT
cjRL/wHa0dn3MPj64Vc7z3fmt3E0BDwPZRwQM7DzZuDC843wXgdWt+2DxNkg8KA3
JzC7bZbOHcbP5/xbDJqTu7jRd+pONcOErUQQ9s808gNyvqEEmU0QL5CCNYlJWlar
ErYQYmWYToc5cOkzx7baRtc8dj76yKKjsMK1IC6OEBq4jGhd95MYvY3UUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE3ueJxN+tnW9esyr+oteKxPc3VWMB8GA1UdIwQY
MBaAFFEne8OMEuBC7d9W1+dfUFY8S9InMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjkt
NTJjMTk3NThmYTE1LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjktNTJjMTk3NThmYTE1
LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEdIxg18l
5Q1fflEhxdbRBMlLdywk5fPP4xb5wbtL6HpVxDYnOWdyQTUgWfhGwRphTjB3ao27
a1AgdCIfgmRdz8dvaeH4vVIdi5Waw0KcdDjAZYVTnqZBn/CVqfqJUV1ZE/WxAExJ
yJ9FKxvcXp5f8xMCLdTKqItAv3/q0dkhPtnZnX1t78A+X932G4HN3olEb7ztre+N
WiQnz8LDRUC3eAAnVvDpJNXRpA8cc7HdKNnOQQL3ITVuChzXfWiUy6j9kRiqVG6h
pCd5zTrJYG6JId7l6xSQCRmIEBI2BgfeFhUdY/3ddLLcMp5T0pnU/GNJU0oEjUNN
mTmw3c/U9xqFtg==
-----END CERTIFICATE-----