Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
File:                     U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft (raw, json)
Hash identifier:          PQ4asl30sRr842ieiLcBxqsNstLWsnDqUFUrmmizSdk=
Subject key identifier:   D4:CB:F1:25:E7:F7:9B:F6:C1:DB:9A:A5:1D:F2:15:2E:B1:3F:24:9B
Authority key identifier: 53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E
Certificate issuer:       /CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
Certificate serial:       019D2704174F61D56CC991ED6D4F042FAC6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
Manifest number:          1883
Signing time:             Wed 25 Mar 2026 22:01:12 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:12 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:12 +0000
Files and hashes:         1: U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl (hash: xfnVE4Yn4cB/C0BLtrwH13esw5eHAZ4NLC2iWtvvXWs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:17:4f:61:d5:6c:c9:91:ed:6d:4f:04:2f:ac:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
        Validity
            Not Before: Mar 25 22:01:12 2026 GMT
            Not After : Mar 26 22:01:12 2026 GMT
        Subject: CN=d4cbf125e7f79bf6c1db9aa51df2152eb13f249b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:67:1e:67:87:be:ff:cd:da:7e:be:4a:7f:f3:
                    d9:95:35:c5:c9:e7:2c:66:cd:88:43:75:22:bb:4a:
                    9f:b8:05:e7:b1:30:c9:2c:50:21:5c:01:8a:a0:e6:
                    66:2b:7d:94:0c:c7:60:81:c8:3b:62:55:2a:db:e7:
                    8a:f2:2e:54:8b:60:97:24:32:c8:fa:43:98:30:01:
                    72:58:7e:0d:af:8a:12:f5:8d:36:31:c3:18:ab:f1:
                    09:36:fd:a2:b1:2a:5b:79:24:b4:67:c9:f2:67:e5:
                    11:35:6e:b9:6c:a2:6a:58:82:09:83:8d:8d:01:84:
                    45:6f:e9:12:3f:a0:8b:71:58:cb:ce:2a:40:cc:79:
                    64:6c:c7:ef:d6:3d:66:34:55:02:4a:41:94:48:35:
                    59:14:74:a2:ea:68:9c:d8:21:f2:cf:f7:bf:db:c8:
                    75:be:8e:6e:39:6d:51:01:98:ef:0f:d3:65:f5:58:
                    75:89:3e:96:83:57:48:83:7a:91:34:52:fc:aa:13:
                    ac:04:e3:3e:01:e8:97:c8:42:13:c8:8d:6f:b9:e2:
                    0d:d2:8e:84:1b:68:84:d6:92:0f:6f:ca:de:b8:29:
                    c7:d4:c0:87:14:04:7f:39:fb:b5:cc:57:81:92:a9:
                    cb:7e:aa:11:16:51:71:c2:60:06:3b:be:25:e3:f7:
                    5f:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:CB:F1:25:E7:F7:9B:F6:C1:DB:9A:A5:1D:F2:15:2E:B1:3F:24:9B
            X509v3 Authority Key Identifier:
                keyid:53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:3a:1c:b0:d6:bb:6b:70:ee:7d:d3:33:91:eb:59:44:99:d8:
         c8:dd:51:6e:d1:40:0b:57:a8:0c:21:5e:f2:d2:86:94:01:91:
         81:49:1f:fd:a6:88:a1:34:0d:6d:5e:4f:69:ab:54:a3:dc:42:
         1d:bb:36:c9:7c:09:0f:6d:50:18:3c:95:91:c4:8a:e5:51:e4:
         80:de:83:0d:cc:1f:60:91:86:92:2b:ce:6f:ae:4b:88:c2:f7:
         b5:84:6c:d9:00:89:0a:98:56:59:89:5f:0a:19:ca:3f:45:85:
         d3:7c:36:69:54:f2:2b:be:60:1b:29:9d:48:2c:cb:78:aa:e4:
         c6:f1:87:02:14:7f:ff:40:fc:f4:4c:6b:11:90:87:45:ab:f2:
         56:f7:de:b0:e5:74:18:71:4e:46:b8:dc:cd:15:9c:32:b5:e4:
         2f:70:c6:a2:03:a1:42:a2:e8:0d:d1:4f:03:1c:d4:7b:34:18:
         a0:bd:78:6a:ec:a2:17:e8:42:96:3e:2d:b0:0a:00:ec:a2:14:
         57:73:a3:46:69:89:10:01:d1:df:70:3e:98:34:55:0c:90:4d:
         8c:03:d7:ad:d3:8e:d1:90:40:71:98:57:eb:99:9e:ff:1c:02:
         b1:e0:41:ae:4c:bc:5a:21:1f:fa:47:ee:cc:d8:73:57:ed:1f:
         99:6e:86:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBBdPYdVsyZHtbU8EL6xsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOGIwNjJjYjU0MjZmMDBlNjUzNzNlZWY0ZTRjZDhhMWMy
N2Y2OGUwHhcNMjYwMzI1MjIwMTEyWhcNMjYwMzI2MjIwMTEyWjAzMTEwLwYDVQQD
EyhkNGNiZjEyNWU3Zjc5YmY2YzFkYjlhYTUxZGYyMTUyZWIxM2YyNDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmceZ4e+/83afr5Kf/PZlTXFyecs
Zs2IQ3Uiu0qfuAXnsTDJLFAhXAGKoOZmK32UDMdggcg7YlUq2+eK8i5Ui2CXJDLI
+kOYMAFyWH4Nr4oS9Y02McMYq/EJNv2isSpbeSS0Z8nyZ+URNW65bKJqWIIJg42N
AYRFb+kSP6CLcVjLzipAzHlkbMfv1j1mNFUCSkGUSDVZFHSi6mic2CHyz/e/28h1
vo5uOW1RAZjvD9Nl9Vh1iT6Wg1dIg3qRNFL8qhOsBOM+AeiXyEITyI1vueIN0o6E
G2iE1pIPb8reuCnH1MCHFAR/Ofu1zFeBkqnLfqoRFlFxwmAGO74l4/dfKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNTL8SXn95v2wduapR3yFS6xPySbMB8GA1UdIwQY
MBaAFFOLBiy1Qm8A5lNz7vTkzYocJ/aOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUt
MjBjOGFiOTI2OTZmLzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUtMjBjOGFiOTI2OTZm
LzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOTocsNa7
a3DufdMzketZRJnYyN1RbtFAC1eoDCFe8tKGlAGRgUkf/aaIoTQNbV5PaatUo9xC
Hbs2yXwJD21QGDyVkcSK5VHkgN6DDcwfYJGGkivOb65LiML3tYRs2QCJCphWWYlf
ChnKP0WF03w2aVTyK75gGymdSCzLeKrkxvGHAhR//0D89ExrEZCHRavyVvfesOV0
GHFORrjczRWcMrXkL3DGogOhQqLoDdFPAxzUezQYoL14auyiF+hClj4tsAoA7KIU
V3OjRmmJEAHR33A+mDRVDJBNjAPXrdOO0ZBAcZhX65me/xwCseBBrky8WiEf+kfu
zNhzV+0fmW6GTQ==
-----END CERTIFICATE-----