Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft
File:                     uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft (raw, json)
Hash identifier:          l8sINHagred1COFFNbC+fjQyDFBkAPHDRtMpvqG9JZE=
Subject key identifier:   79:9F:AA:D0:9D:7E:45:E9:CC:87:5B:34:2F:BB:2C:D3:5C:2B:F8:61
Authority key identifier: B8:8F:F8:6C:47:17:E0:E3:66:F2:90:CD:0D:62:8A:FC:46:A3:8F:0D
Certificate issuer:       /CN=b88ff86c4717e0e366f290cd0d628afc46a38f0d
Certificate serial:       019D2AE018CDFA97A153A5E75F818B61DA52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uI_4bEcX4ONm8pDNDWKK_Eajjw0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft
Manifest number:          11EE
Signing time:             Thu 26 Mar 2026 16:00:22 +0000
Manifest this update:     Thu 26 Mar 2026 16:00:22 +0000
Manifest next update:     Fri 27 Mar 2026 16:00:22 +0000
Files and hashes:         1: uI_4bEcX4ONm8pDNDWKK_Eajjw0.crl (hash: dibz6SpMSMGYlvajsYaqIRQsyhKbQcv16vPTGzi4EnA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uI_4bEcX4ONm8pDNDWKK_Eajjw0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 16:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:18:cd:fa:97:a1:53:a5:e7:5f:81:8b:61:da:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b88ff86c4717e0e366f290cd0d628afc46a38f0d
        Validity
            Not Before: Mar 26 16:00:22 2026 GMT
            Not After : Mar 27 16:00:22 2026 GMT
        Subject: CN=799faad09d7e45e9cc875b342fbb2cd35c2bf861
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:dd:69:92:1a:9b:50:0a:95:4c:c5:da:67:3a:
                    29:7f:93:cb:51:46:d8:f8:2f:64:b8:55:db:03:50:
                    6e:0a:ea:2c:bd:60:d2:e2:f2:78:5b:3a:43:65:75:
                    53:49:65:c1:e9:32:e7:71:ba:04:ab:46:33:69:6e:
                    ff:65:e2:22:43:31:87:e0:6e:b3:c2:40:b3:85:66:
                    20:3d:e0:61:a5:17:55:28:a3:4c:61:4d:a4:f9:94:
                    e9:50:24:19:10:e0:ae:f2:aa:93:81:12:b8:d8:ab:
                    3f:00:87:cd:c1:86:36:27:17:56:0d:2e:5d:97:b4:
                    76:eb:4d:88:15:59:85:5b:0d:3b:b7:b6:ad:98:c0:
                    8c:fb:ef:10:8e:51:ad:6a:33:60:6d:a8:67:fd:b8:
                    fb:7d:29:36:d9:82:2c:72:e6:64:ad:99:4b:f1:fe:
                    70:a8:9b:28:d9:0d:ca:4c:da:9a:82:52:15:f9:d6:
                    bf:9a:3c:8b:f8:c8:70:1c:18:d4:9a:a4:b8:5d:61:
                    f0:50:d6:43:98:4a:48:3a:7e:d8:a0:75:41:ed:d4:
                    7d:9b:67:fd:c1:b5:4d:dd:59:c5:9b:13:63:07:11:
                    c3:7a:88:3d:c0:a9:b7:b0:19:67:bb:c5:4e:db:de:
                    3d:3d:42:8f:f3:f6:73:fa:61:86:a0:92:ab:f1:5d:
                    34:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:9F:AA:D0:9D:7E:45:E9:CC:87:5B:34:2F:BB:2C:D3:5C:2B:F8:61
            X509v3 Authority Key Identifier:
                keyid:B8:8F:F8:6C:47:17:E0:E3:66:F2:90:CD:0D:62:8A:FC:46:A3:8F:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uI_4bEcX4ONm8pDNDWKK_Eajjw0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:d6:de:f3:f6:82:67:c9:6a:52:99:e2:12:34:7f:33:fe:42:
         1c:0f:b2:73:ce:06:9a:92:c6:cf:f7:b2:7c:3f:1f:49:2c:d2:
         0b:7e:3c:0c:bb:89:3d:1c:15:c1:53:29:3c:58:51:f8:f8:b5:
         2a:d3:c0:df:9f:07:cd:17:bb:8e:f8:92:4d:9f:bf:15:55:b0:
         b5:1a:5d:55:21:29:20:c9:50:78:6e:5b:ce:bc:f9:09:69:11:
         77:1e:89:e1:61:8f:2a:b1:da:00:7f:ca:26:69:a7:24:ec:25:
         f3:c4:f7:34:eb:e8:e2:dd:ef:ad:48:81:bd:57:12:b5:c3:9e:
         19:d9:19:0b:b7:1b:b9:d5:d7:32:99:e8:4a:bd:d3:58:9f:87:
         8e:ec:44:24:f7:92:2c:0c:0b:ac:0b:48:39:7f:6b:51:13:9c:
         aa:71:bc:71:34:67:c1:e8:74:7f:1a:f5:70:07:30:7f:9b:fa:
         9e:47:2a:e0:11:d9:9f:f4:72:c7:e8:12:c8:73:74:72:ac:e1:
         eb:ac:69:ef:f3:75:e7:a6:62:73:fc:b3:06:07:b4:c8:8a:04:
         e6:26:07:a2:00:0e:15:a6:9c:62:8e:80:1f:04:66:d7:65:0a:
         4b:68:c5:d3:08:26:1a:6a:c5:f1:82:52:2e:f6:ed:74:d4:7b:
         1c:45:29:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4BjN+pehU6XnX4GLYdpSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4OGZmODZjNDcxN2UwZTM2NmYyOTBjZDBkNjI4YWZjNDZh
MzhmMGQwHhcNMjYwMzI2MTYwMDIyWhcNMjYwMzI3MTYwMDIyWjAzMTEwLwYDVQQD
Eyg3OTlmYWFkMDlkN2U0NWU5Y2M4NzViMzQyZmJiMmNkMzVjMmJmODYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAut1pkhqbUAqVTMXaZzopf5PLUUbY
+C9kuFXbA1BuCuosvWDS4vJ4WzpDZXVTSWXB6TLncboEq0YzaW7/ZeIiQzGH4G6z
wkCzhWYgPeBhpRdVKKNMYU2k+ZTpUCQZEOCu8qqTgRK42Ks/AIfNwYY2JxdWDS5d
l7R2602IFVmFWw07t7atmMCM++8QjlGtajNgbahn/bj7fSk22YIscuZkrZlL8f5w
qJso2Q3KTNqaglIV+da/mjyL+MhwHBjUmqS4XWHwUNZDmEpIOn7YoHVB7dR9m2f9
wbVN3VnFmxNjBxHDeog9wKm3sBlnu8VO2949PUKP8/Zz+mGGoJKr8V00nQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHmfqtCdfkXpzIdbNC+7LNNcK/hhMB8GA1UdIwQY
MBaAFLiP+GxHF+DjZvKQzQ1iivxGo48NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUlfNGJFY1g0T05tOHBETkRXS0tfRWFqancwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZTcxNTQtYzNhYS00NWI2LThmYjAt
MTkxZDUzNGM5N2I5LzEvdUlfNGJFY1g0T05tOHBETkRXS0tfRWFqancwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZTcxNTQtYzNhYS00NWI2LThmYjAtMTkxZDUzNGM5N2I5
LzEvdUlfNGJFY1g0T05tOHBETkRXS0tfRWFqancwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN9be8/aC
Z8lqUpniEjR/M/5CHA+yc84GmpLGz/eyfD8fSSzSC348DLuJPRwVwVMpPFhR+Pi1
KtPA358HzRe7jviSTZ+/FVWwtRpdVSEpIMlQeG5bzrz5CWkRdx6J4WGPKrHaAH/K
JmmnJOwl88T3NOvo4t3vrUiBvVcStcOeGdkZC7cbudXXMpnoSr3TWJ+HjuxEJPeS
LAwLrAtIOX9rUROcqnG8cTRnweh0fxr1cAcwf5v6nkcq4BHZn/Ryx+gSyHN0cqzh
66xp7/N156Zic/yzBge0yIoE5iYHogAOFaacYo6AHwRm12UKS2jF0wgmGmrF8YJS
LvbtdNR7HEUpfg==
-----END CERTIFICATE-----