Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
File:                     U3YJ5EhhINufF7bT10v4VfJxV18.mft (raw, json)
Hash identifier:          u0YHhruJyRwEYGzGFFvl1vCZuSvFHWWL18SE+BOK0oo=
Subject key identifier:   87:6B:A5:06:E3:E3:05:6C:05:9E:27:79:BC:ED:D1:96:94:1F:E9:1B
Authority key identifier: 53:76:09:E4:48:61:20:DB:9F:17:B6:D3:D7:4B:F8:55:F2:71:57:5F
Certificate issuer:       /CN=537609e4486120db9f17b6d3d74bf855f271575f
Certificate serial:       019D329B0F6EF4820CEDE2948262B487D501
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
Manifest number:          0F0A
Signing time:             Sat 28 Mar 2026 04:01:55 +0000
Manifest this update:     Sat 28 Mar 2026 04:01:55 +0000
Manifest next update:     Sun 29 Mar 2026 04:01:55 +0000
Files and hashes:         1: U3YJ5EhhINufF7bT10v4VfJxV18.crl (hash: oHCLonuFczUNl14TuYOHzXHwH0cDZ3y6QUEZYRdcn0g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 00:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:32:9b:0f:6e:f4:82:0c:ed:e2:94:82:62:b4:87:d5:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=537609e4486120db9f17b6d3d74bf855f271575f
        Validity
            Not Before: Mar 28 04:01:55 2026 GMT
            Not After : Mar 29 04:01:55 2026 GMT
        Subject: CN=876ba506e3e3056c059e2779bcedd196941fe91b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:aa:f1:50:9c:6d:1b:47:10:ac:cd:c3:99:9f:
                    81:d2:e5:d8:7a:7a:e6:63:03:66:cd:a5:c8:1e:21:
                    26:64:91:b1:c3:e1:27:d9:d7:39:2e:a7:63:42:1d:
                    ae:3c:5a:98:bf:98:ed:33:38:ac:58:e1:6b:46:58:
                    d2:1b:bf:71:37:58:b9:d1:33:ed:db:fa:be:f0:ce:
                    99:4f:1a:29:d5:e5:ee:61:53:c0:20:7f:5b:c6:61:
                    cc:95:2f:ac:28:e3:af:96:43:1f:0a:c1:66:4e:54:
                    79:3d:b9:2e:3a:d6:bb:73:21:1f:4d:c8:fe:e9:30:
                    99:c1:ab:60:1a:47:3c:f3:64:34:24:c0:67:9b:a4:
                    44:dd:d0:4e:f7:79:0e:9b:7a:e9:40:a3:a1:96:a6:
                    e6:81:b2:23:b6:fd:1e:31:5b:18:bd:d9:8c:60:4d:
                    7d:4e:97:00:56:19:1e:ee:b3:d4:08:48:23:bb:23:
                    b2:a2:d4:33:29:68:8e:44:fb:58:f8:41:9f:45:ca:
                    02:48:ba:2a:36:bc:b3:94:a9:85:cd:00:8c:b2:51:
                    c6:42:d7:58:da:4c:d7:03:a9:74:1f:b2:df:6f:5a:
                    f4:a2:52:b9:4d:c5:16:56:76:f9:47:7d:a8:bc:af:
                    38:71:4f:a5:0a:c1:08:da:6b:f6:9f:e8:c8:02:e9:
                    95:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:6B:A5:06:E3:E3:05:6C:05:9E:27:79:BC:ED:D1:96:94:1F:E9:1B
            X509v3 Authority Key Identifier:
                keyid:53:76:09:E4:48:61:20:DB:9F:17:B6:D3:D7:4B:F8:55:F2:71:57:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:7a:76:06:f5:fd:76:a2:3f:82:ce:7d:45:61:0c:c0:8e:29:
         bf:16:f6:61:59:2e:1e:e6:88:17:69:48:ea:9b:91:89:e2:bb:
         e1:cb:8c:e7:a6:47:fe:a1:5a:74:1a:c2:b2:31:96:29:7c:97:
         87:76:94:ab:d6:71:f6:06:10:f7:b2:b2:a2:64:19:ee:cc:af:
         96:b5:9c:69:39:9d:9a:d4:20:af:32:b7:bf:ba:2d:90:04:f6:
         3b:14:c6:9c:3f:a5:76:30:50:68:38:44:54:42:af:c4:a6:8d:
         c6:7c:9e:76:99:10:64:30:be:72:b9:e1:41:3d:95:57:e4:12:
         f0:89:ab:d9:f4:d3:28:ec:07:4c:18:97:95:e5:48:a7:6d:26:
         37:d0:56:ab:72:f4:cf:1f:a6:45:a9:48:fd:84:8b:2c:21:bb:
         c1:9f:64:80:65:8f:ba:a9:b4:54:e3:1f:19:8f:7e:d2:01:dd:
         55:08:f2:62:87:d9:b7:3f:8d:65:17:65:6c:5b:05:5c:d2:7c:
         49:33:0d:b3:44:48:c0:50:7d:21:a3:70:a9:95:65:56:d4:93:
         80:10:fe:14:d8:d7:a2:a6:7e:1c:2d:34:36:35:1c:16:db:52:
         e1:3c:dc:a4:8b:dd:ff:9f:21:4c:4e:1c:6c:15:31:ac:e6:99:
         26:62:e5:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ymw9u9IIM7eKUgmK0h9UBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNzYwOWU0NDg2MTIwZGI5ZjE3YjZkM2Q3NGJmODU1ZjI3
MTU3NWYwHhcNMjYwMzI4MDQwMTU1WhcNMjYwMzI5MDQwMTU1WjAzMTEwLwYDVQQD
Eyg4NzZiYTUwNmUzZTMwNTZjMDU5ZTI3NzliY2VkZDE5Njk0MWZlOTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3arxUJxtG0cQrM3DmZ+B0uXYenrm
YwNmzaXIHiEmZJGxw+En2dc5LqdjQh2uPFqYv5jtMzisWOFrRljSG79xN1i50TPt
2/q+8M6ZTxop1eXuYVPAIH9bxmHMlS+sKOOvlkMfCsFmTlR5PbkuOta7cyEfTcj+
6TCZwatgGkc882Q0JMBnm6RE3dBO93kOm3rpQKOhlqbmgbIjtv0eMVsYvdmMYE19
TpcAVhke7rPUCEgjuyOyotQzKWiORPtY+EGfRcoCSLoqNryzlKmFzQCMslHGQtdY
2kzXA6l0H7Lfb1r0olK5TcUWVnb5R32ovK84cU+lCsEI2mv2n+jIAumVZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIdrpQbj4wVsBZ4nebzt0ZaUH+kbMB8GA1UdIwQY
MBaAFFN2CeRIYSDbnxe209dL+FXycVdfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wNWRiODAtMWJhZi00MzdhLWE0OGYt
ZDRkNDRiZDkxYWZlLzEvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8wNWRiODAtMWJhZi00MzdhLWE0OGYtZDRkNDRiZDkxYWZl
LzEvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAenp2BvX9
dqI/gs59RWEMwI4pvxb2YVkuHuaIF2lI6puRieK74cuM56ZH/qFadBrCsjGWKXyX
h3aUq9Zx9gYQ97KyomQZ7syvlrWcaTmdmtQgrzK3v7otkAT2OxTGnD+ldjBQaDhE
VEKvxKaNxnyedpkQZDC+crnhQT2VV+QS8Imr2fTTKOwHTBiXleVIp20mN9BWq3L0
zx+mRalI/YSLLCG7wZ9kgGWPuqm0VOMfGY9+0gHdVQjyYofZtz+NZRdlbFsFXNJ8
STMNs0RIwFB9IaNwqZVlVtSTgBD+FNjXoqZ+HC00NjUcFttS4TzcpIvd/58hTE4c
bBUxrOaZJmLlow==
-----END CERTIFICATE-----